={0x0, 0x0, 0x0}, 0x40000000) 22:14:54 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000200)={0xa}, 0x40) 22:14:54 executing program 3: bpf$BPF_TASK_FD_QUERY(0x7, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) 22:14:54 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000003100)={&(0x7f0000003880)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{}, {}]}]}}, &(0x7f0000003040)=""/184, 0x36, 0xb8, 0x1}, 0x20) 22:14:54 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_drop_memb(r0, 0x107, 0x2, 0x0, 0x3b) 22:14:54 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000680)=@nat={'nat\x00', 0x1b, 0x5, 0x498, 0x0, 0x0, 0xffffffff, 0x0, 0x190, 0x400, 0x400, 0xffffffff, 0x400, 0x400, 0x5, 0x0, {[{{@uncond, 0x0, 0x158, 0x190, 0x0, {}, [@common=@unspec=@string={{0xc0, 'string\x00'}, {0x0, 0x0, 'fsm\x00', "6b65bf13c7417feb82c4a37627f2832de9bd997de2c5d53bdad55c5350f32ff1f1a470d7bdc65aad0dca8fb5ffa6634015eca838d730268681855c5206fa3b5530fdd5185dfc7f6a16c907a028cc1bbb85b0fc2d5632335eab686e326785002aa3bb410682b02eb81bb8bf4276ea5d73969b623d876c43c42f129c5fb5529156"}}, @common=@ttl={{0x28, 'ttl\x00'}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @loopback, @icmp_id, @icmp_id}}}}, {{@ip={@loopback, @rand_addr, 0x0, 0x0, 'syz_tun\x00', 'ipvlan1\x00'}, 0x0, 0xb8, 0xf0, 0x0, {}, [@common=@ttl={{0x28, 'ttl\x00'}}, @common=@socket0={{0x20, 'socket\x00'}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @multicast2, @rand_addr, @icmp_id, @icmp_id}}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'wlan0\x00', 'erspan0\x00', {}, {}, 0x0, 0x0, 0x20}, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@inet=@length={{0x28, 'length\x00'}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @rand_addr, @multicast1, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xb0}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "4b0b1e151182b00eed9ccde7aaf80ff274a613dd99cf5b63cf8fd482c2e2"}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x4f8) 22:14:54 executing program 2: sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x7, 0x12, 0x0}, 0x44) 22:14:54 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth0_macvtap\x00', &(0x7f0000000000)=@ethtool_ringparam={0x10}}) 22:14:55 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x9, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 22:14:55 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = gettid() r2 = gettid() sendmsg$unix(r0, &(0x7f0000000640)={&(0x7f0000000380)=@abs, 0x6e, 0x0, 0x0, &(0x7f0000000600)=[@cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {r2}}}], 0x40}, 0x0) 22:14:55 executing program 5: r0 = socket$netlink(0x10, 0x3, 0xa) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000300)=0x1, 0x4) 22:14:55 executing program 0: r0 = epoll_create1(0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r1) 22:14:55 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa960263cd82f59a5, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) 22:14:55 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x0) 22:14:55 executing program 3: r0 = epoll_create1(0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, 0x0) 22:14:55 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000080)=0x400001b, 0x4) 22:14:55 executing program 5: r0 = gettid() bpf$BPF_TASK_FD_QUERY(0x9, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) 22:14:56 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) connect(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80) 22:14:56 executing program 0: setitimer(0x0, &(0x7f0000000500)={{0x0, 0xcd4d}, {0x0, 0x8}}, 0x0) 22:14:56 executing program 1: r0 = socket$inet6(0x18, 0x1, 0x0) getsockname$inet6(r0, 0x0, &(0x7f0000000040)) 22:14:56 executing program 3: socketpair(0x1, 0x1, 0x1, &(0x7f00000000c0)) 22:14:56 executing program 4: r0 = socket$unix(0x1, 0x2, 0x0) getsockname(r0, 0x0, &(0x7f0000000080)) 22:14:56 executing program 5: r0 = socket$inet6(0x18, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x8, 0x0, 0x0) 22:14:56 executing program 0: r0 = socket$inet6(0x18, 0x3, 0x0) getsockname$inet6(r0, 0x0, &(0x7f0000000080)) 22:14:56 executing program 2: select(0x40, &(0x7f0000000080)={0x2}, &(0x7f0000000100)={0x7}, 0x0, 0x0) 22:14:57 executing program 1: symlink(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00') readlinkat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) 22:14:57 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) fcntl$lock(r0, 0x6, &(0x7f00000001c0)) 22:14:57 executing program 4: r0 = socket$inet6(0x18, 0x3, 0x0) read(r0, &(0x7f0000000040)=""/129, 0x81) 22:14:57 executing program 5: r0 = socket$inet6(0x18, 0x3, 0x0) sendmsg(r0, &(0x7f0000000500)={&(0x7f0000000000)=@in, 0xc, 0x0, 0x0, 0x0, 0x370}, 0x9f7482e6448b6913) 22:14:57 executing program 0: symlink(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00') readlinkat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=""/185, 0xb9) 22:14:57 executing program 2: symlink(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00') mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 22:14:57 executing program 1: r0 = socket$inet6(0x18, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0x18}, 0xc) 22:14:57 executing program 3: r0 = socket$inet6(0x18, 0x3, 0x0) setsockopt$sock_timeval(r0, 0xffff, 0x1005, &(0x7f0000000000), 0x10) 22:14:58 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) fchown(r0, 0x0, 0x0) 22:14:58 executing program 5: r0 = socket$inet6(0x18, 0x3, 0x0) r1 = dup(r0) sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x1}, 0xc) 22:14:58 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:14:58 executing program 2: r0 = syz_open_pts(0xffffffffffffffff, 0x0) poll(&(0x7f0000000240)=[{r0}], 0x1, 0x0) 22:14:58 executing program 1: setitimer(0x0, &(0x7f0000000500)={{0x0, 0xcd4d}, {0x3}}, 0x0) 22:14:58 executing program 3: r0 = socket$unix(0x1, 0x1, 0x0) sendmsg$unix(r0, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)=[@cred, @rights, @cred, @rights, @cred, @cred, @cred, @cred], 0xe8}, 0xf) 22:14:58 executing program 4: r0 = socket$inet6(0x18, 0x1, 0x0) read(r0, 0x0, 0x0) 22:14:58 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{0x0}], 0x1}, 0x0) 22:14:59 executing program 0: r0 = socket$inet6(0x18, 0x1, 0x0) poll(&(0x7f0000000100)=[{r0, 0x80}], 0x1, 0x2) 22:14:59 executing program 2: 22:14:59 executing program 3: 22:14:59 executing program 1: 22:14:59 executing program 4: 22:14:59 executing program 5: 22:14:59 executing program 0: 22:14:59 executing program 2: 22:14:59 executing program 1: 22:15:00 executing program 3: 22:15:00 executing program 4: 22:15:00 executing program 5: 22:15:00 executing program 0: 22:15:00 executing program 1: 22:15:00 executing program 2: 22:15:00 executing program 3: 22:15:00 executing program 4: 22:15:01 executing program 5: 22:15:01 executing program 0: 22:15:01 executing program 2: 22:15:01 executing program 4: 22:15:01 executing program 1: 22:15:01 executing program 3: 22:15:01 executing program 5: 22:15:01 executing program 0: 22:15:01 executing program 2: 22:15:01 executing program 4: 22:15:01 executing program 3: 22:15:02 executing program 1: 22:15:02 executing program 5: 22:15:02 executing program 0: 22:15:02 executing program 2: 22:15:02 executing program 4: 22:15:02 executing program 3: 22:15:02 executing program 1: 22:15:03 executing program 0: 22:15:03 executing program 2: 22:15:03 executing program 4: 22:15:03 executing program 5: 22:15:03 executing program 3: 22:15:03 executing program 1: 22:15:03 executing program 2: 22:15:03 executing program 0: 22:15:03 executing program 5: 22:15:03 executing program 4: 22:15:04 executing program 3: 22:15:04 executing program 1: 22:15:04 executing program 2: 22:15:04 executing program 5: 22:15:04 executing program 0: 22:15:04 executing program 4: 22:15:04 executing program 3: 22:15:04 executing program 2: 22:15:05 executing program 1: 22:15:05 executing program 5: 22:15:05 executing program 0: 22:15:05 executing program 4: 22:15:05 executing program 3: 22:15:05 executing program 1: 22:15:05 executing program 2: 22:15:05 executing program 0: 22:15:05 executing program 5: select(0xffffffffffffffb5, &(0x7f0000000080), 0x0, 0x0, 0x0) 22:15:05 executing program 3: pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) read(r0, 0x0, 0x0) 22:15:06 executing program 4: r0 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_timeval(r0, 0xffff, 0x1006, &(0x7f0000000000)={0xfffffffffffffbe8}, 0x10) 22:15:06 executing program 2: r0 = socket(0x18, 0x1, 0x0) setsockopt$sock_int(r0, 0xffff, 0x200, 0x0, 0x2b) 22:15:06 executing program 1: select(0x0, 0x0, 0x0, 0x0, 0x0) execve(0x0, 0x0, 0x0) 22:15:06 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) shutdown(r0, 0x2) 22:15:06 executing program 5: mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4) 22:15:06 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x2010, r0, 0x0) 22:15:06 executing program 4: select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0xfffffffffffffffc}) 22:15:06 executing program 1: mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0) 22:15:06 executing program 0: r0 = socket(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0xffff, 0x10, &(0x7f0000000000), 0x4) 22:15:06 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 22:15:07 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 22:15:07 executing program 4: open$dir(&(0x7f0000000000)='./file0\x00', 0x3cbe2aff793fe686, 0x0) 22:15:07 executing program 3: r0 = socket(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0xffff, 0x20, &(0x7f0000000040), 0x4) 22:15:07 executing program 1: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x1010, 0xffffffffffffffff, 0x0) 22:15:07 executing program 0: r0 = socket(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0xffff, 0x800, &(0x7f0000000040), 0x4) 22:15:07 executing program 2: mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6, 0x10, 0xffffffffffffffff, 0x0) 22:15:07 executing program 5: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x20, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x20, 0x0) 22:15:08 executing program 3: r0 = socket(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0xffff, 0x10, &(0x7f0000000000)=0xffff, 0x4) 22:15:08 executing program 4: r0 = socket$unix(0x1, 0x2, 0x0) shutdown(r0, 0x1) 22:15:08 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) munmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000) 22:15:08 executing program 0: socketpair(0x1, 0x1, 0x1, &(0x7f00000003c0)) 22:15:08 executing program 2: mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xf0f67ad7c34cbc5e, 0x10, 0xffffffffffffffff, 0x0) 22:15:08 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x9, 0x209e20, 0x2, 0x1}, 0x3c) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000000), &(0x7f0000000140)=""/130}, 0x18) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r0, &(0x7f0000000080), 0x0}, 0x20) 22:15:08 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(r0, &(0x7f000000c280)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @remote}}}], 0x20}, 0x0) recvmsg(r0, &(0x7f0000007500)={&(0x7f0000006f80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, 0x0, 0x0, 0xffffffffffffffff}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x2, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000], r1}, 0x40) 22:15:08 executing program 4: r0 = socket$kcm(0x29, 0x2, 0x0) r1 = socket$kcm(0x29, 0x2, 0x0) sendmsg$kcm(r1, 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNGETVNETHDRSZ(r2, 0x800454d7, &(0x7f00000000c0)) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000000)={r1}) r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000100), 0x8) ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x101) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x2, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x12000, 0x0) ioctl$TUNGETDEVNETNS(r5, 0x54e3, 0x0) 22:15:08 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000240)={0x9, 0xfffc0000, 0x974, 0x1, 0x52, 0x1}, 0x40) 22:15:08 executing program 2: r0 = gettid() r1 = socket$kcm(0x29, 0x2, 0x0) recvmsg$kcm(r1, &(0x7f0000002340)={0x0, 0x0, 0x0}, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) 22:15:09 executing program 0: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="8e", 0x1}], 0x1}, 0x0) 22:15:09 executing program 5: r0 = perf_event_open$cgroup(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, r0, 0x0) 22:15:09 executing program 4: perf_event_open$cgroup(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8808, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 22:15:09 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x8, 0x1, &(0x7f0000000000)=@raw=[@generic], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) 22:15:09 executing program 0: r0 = perf_event_open$cgroup(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, 0x0) 22:15:09 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x0, 0x0, 0x80000001}, 0x40) 22:15:10 executing program 4: perf_event_open(&(0x7f0000000080)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 22:15:10 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000013c0)={&(0x7f0000001280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0xd}, {}]}]}}, &(0x7f00000012c0)=""/224, 0x36, 0xe0, 0x1}, 0x20) 22:15:10 executing program 3: socketpair(0x18, 0x0, 0x400, &(0x7f0000000040)) 22:15:10 executing program 1: r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, 0x0) 22:15:10 executing program 2: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x9, 0x209e20, 0x2, 0x1}, 0x3c) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000000), &(0x7f0000000140)=""/130}, 0x18) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/66}, 0x20) 22:15:10 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{0xe}]}]}}, &(0x7f0000000500)=""/206, 0x2e, 0xce, 0x1}, 0x20) 22:15:10 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4}}]}}, &(0x7f0000000800)=""/210, 0x32, 0xd2, 0x2}, 0x20) 22:15:10 executing program 4: socket$kcm(0x29, 0x0, 0x0) socketpair(0xa, 0x6, 0x0, &(0x7f0000000000)) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0) bpf$ITER_CREATE(0x21, 0x0, 0x0) 22:15:10 executing program 1: perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x5, 0x6, 0x3ff, 0x7, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x40) 22:15:11 executing program 3: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000780)={0xffffffffffffffff}) sendmsg$sock(r0, &(0x7f0000001d40)={0x0, 0x0, 0x0}, 0x0) 22:15:11 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000014040)={0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x1ff}, 0x40) 22:15:11 executing program 2: socketpair(0x2, 0x3, 0x0, &(0x7f0000000100)) 22:15:11 executing program 0: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x4) 22:15:11 executing program 1: perf_event_open$cgroup(&(0x7f0000001b80)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x200000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 22:15:11 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000013c0)={&(0x7f0000001280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{}, {}, {0x2}]}]}}, &(0x7f00000012c0)=""/224, 0x3e, 0xe0, 0x1}, 0x20) 22:15:11 executing program 3: socketpair(0x21, 0x0, 0x0, &(0x7f00000000c0)) 22:15:11 executing program 5: perf_event_open(&(0x7f0000000080)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:15:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001500)={0xffffffffffffffff}) sendmsg$sock(r0, &(0x7f0000001700)={&(0x7f0000001540)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, 0x0}, 0x0) 22:15:12 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000013c0)={&(0x7f0000001280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{}, {}, {0x2, 0x4}]}]}}, &(0x7f00000012c0)=""/224, 0x3e, 0xe0, 0x1}, 0x20) 22:15:12 executing program 3: 22:15:12 executing program 5: 22:15:12 executing program 2: 22:15:12 executing program 4: 22:15:12 executing program 1: 22:15:13 executing program 3: 22:15:13 executing program 0: 22:15:13 executing program 4: 22:15:13 executing program 5: 22:15:13 executing program 2: 22:15:13 executing program 1: 22:15:14 executing program 3: 22:15:14 executing program 0: 22:15:14 executing program 5: 22:15:14 executing program 2: 22:15:14 executing program 4: 22:15:14 executing program 1: 22:15:14 executing program 3: 22:15:14 executing program 2: 22:15:14 executing program 5: 22:15:14 executing program 0: 22:15:14 executing program 4: 22:15:14 executing program 1: 22:15:15 executing program 3: 22:15:15 executing program 2: 22:15:15 executing program 5: 22:15:15 executing program 0: 22:15:15 executing program 4: 22:15:15 executing program 1: 22:15:15 executing program 3: 22:15:16 executing program 2: 22:15:16 executing program 5: 22:15:16 executing program 4: 22:15:16 executing program 0: 22:15:16 executing program 1: 22:15:16 executing program 3: 22:15:16 executing program 5: 22:15:16 executing program 4: 22:15:16 executing program 0: 22:15:16 executing program 2: 22:15:16 executing program 1: 22:15:17 executing program 3: 22:15:17 executing program 2: 22:15:17 executing program 5: 22:15:17 executing program 4: 22:15:17 executing program 0: 22:15:17 executing program 1: 22:15:17 executing program 3: 22:15:17 executing program 2: 22:15:17 executing program 5: 22:15:18 executing program 0: 22:15:18 executing program 4: 22:15:18 executing program 1: 22:15:18 executing program 3: 22:15:18 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0) 22:15:18 executing program 2: perf_event_open(&(0x7f0000000340)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21900, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1010, 0x617}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x0) 22:15:18 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000017c0)={&(0x7f0000001640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x4}}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x4}]}]}}, &(0x7f00000016c0)=""/234, 0x46, 0xea, 0x1}, 0x20) 22:15:18 executing program 1: perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44610, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 22:15:18 executing program 0: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, 0x0, 0x0) 22:15:18 executing program 3: 22:15:19 executing program 2: perf_event_open(&(0x7f0000001740)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22822, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:15:19 executing program 5: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/uts\x00') ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) 22:15:19 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@restrict]}}, &(0x7f0000000380)=""/4096, 0x26, 0x1000, 0x1}, 0x20) 22:15:19 executing program 1: unlink(&(0x7f0000000040)='./file1\x00') socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000d00)={&(0x7f0000000100)=@l2={0x1f, 0x84, @fixed={[], 0x10}, 0x1, 0x1}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000180)}, {&(0x7f00000001c0)="068a50d01a7b161eb36fca04fa3b9ee982584916f470ba8db6a03b508bd3274adab9d911baf4b831543cd397a433680b76c84c8a2e9ab7501fe189d3896fafcdf4a15433d0b9a194465d1000f9d8ed2b5fc9721ea32439fdb7a693007284c9deca2bd4b92e665f866e52eadc15c3fa373559624d46f26fa624cd185dd2e789f630eb7ff4019a1dc955e932ff73d2fe6f9cd88380c7697e31c88b528b54b7a40c88d7796852e1bb1d5f77fe2591ed5f01fd3345800144fb67b0a8690de44d341a0f5370b11b89ec1f9066830fce0be3bfbe7a9aa70af8ed37b9ba81fad3d13752737bbc6386c4afa2634d0a85ed", 0xed}, {&(0x7f00000002c0)="0c5699e772d2dc7aa7dbe9e4381bc63a6b8870571e3f0f6bcb79cab9ec2313271478fec8dbf406a7b2b310c6b8a3fd231d85a2754a2707867ec819f8b97a8e4d41066f1598819b2a4b07f0089a7c78f8874c73b9", 0x54}, {&(0x7f0000000340)="8c00672ea085002428cdd86fbdd3e21debb09e07fdd134c721984a04d72beb27e9021449816277670ff0f0a30c812692f5be9a3fc6926bc8b11662c25789ff33986201042dca6f841707ad930e181fae2b406c463b43ede3", 0x58}, {&(0x7f00000003c0)="79ac66b87fc7beebac5c7890bb575ef264e79ffd6db4c00ad9d5458e494fd0713deb660b69e2c74bd96b2d25c135f8b47eb30f", 0x33}, {&(0x7f0000000400)="1278e2e3c0ae94056880c187e8b4cfe7b3835afeffe5e431b4071ca03434925210a22dc92ac311514ee68aa01aab008a8c823a3d43856309eccd3b0164d36e33ae2ad92c562edb6deb8911d317dc5fb63390f2a742056844e914dc26d394baeadd540fe7e2fe45b24fa6c65f349f54d5eb1a27c8a0b83cfc9c6e6f274c07c9379a72c77cae2ced2ab21da98a39e900d05a7ba301396f1e4a79e260f847e579de893d64d55589c142c8c9025e013957e6329232e4fafb763f7a63edf1f240505279ecd48e9d793c79b95be164c7bab3f489516c3f13311943c413521cd09fb6376d", 0xe1}, {&(0x7f0000000500)="e0426e868233ac934eff84db06aae6ef9840c67fa933bf83ded5b28dafe0a9", 0x1f}, {&(0x7f0000000540)="1cf12078a8804e2c085cca457856b5bf1d31ddec0189f067e69873050eafb6a4f16c092e706e82f052f1ca0fc8beb78ac40e8593678ce51612b132f6901e8a77a0725d5d7e568a50f2fe99313aa83739ee9ae785311bcb05131871b58ac6797958dbc0a57863eb82371e38e7dafc3fc4525208e88e3831101afcb1d5ff5fe467f3a7840cc58d665b7394b0642bb4a0c15302a2b0e6847e3f91b2846a415ba537923bcf1c58ab1f4f6cf8a7a2351e4fe4d7034837df9adf", 0xb7}], 0x8, &(0x7f0000000680)=[{0x100, 0x10f, 0x1, "1cd4c14acd50b9a88c5a8ec2a10a512919b446e4a56393914f3e74db53b18dc8ea7d08f889b84bb7d34e9747515f7626402db9e0f443764671795a61f1dde26c8a4982116e158eb40e731bd7cf239fb486c19ffc5848c81080bb4399b9bf6456986741702ea4841f61873f72fc505e6e15106cefa412fca3e40d4d01d9947fc27ecd984ff8dafc0c62bd444cac9926db108e95913104767b14fa56cc3e561aa90d1acf9becc69bccb48aab5eab0de3dc46ad987dd548c065b104c05016a0389289a9e4329ba77feb1242e54771df75bf0d2a60d48e21bf8a9082e27b2e3e8cb384fd61ddf6c442771283610d7b7b"}, {0xa8, 0x1, 0x31af6785, "9626a90e96143933724fbc15eb3b859d6e906cfb1568dc8b8168c281253a867cec5428fab3529d46b5ffdf369288ad9225cd94eec1326381d712f6af8c29d8588a19287884426610c726d5a82b6b75d1a16c40cf5e7d89d263e8016342acec5850897e80184d7b53f0e19a355093ed5ddd7dd2b6736907f7a79cf66f3f42c9aef87e840b01630ff0cbabbce2937d4e138083c73f45"}, {0x88, 0x10a, 0x8, "603ecd11cf5c5eba9eedfc49eed2caba74fd1c421b32fd82b5345fccaa7b6a2e9dcab53b534bc89dea6f9f578824688e845f9b34a01e6fbff7e3ce9d0f0a9dba86b9ce3df416987b52d22752f932c8bbd01516c4becf500275f6677acc3d8cfdbae93b21c8102eae78f8733127b3c9dc6fe79e0e38"}, {0x48, 0x7, 0x200, "c5fcda7e8e050e7f31922ff83a6a209238bf3fcef5e9ec9ae082cf797eb52bcedc0daf5cd250081363dfcab2b5496f758cde69d02d"}, {0xa0, 0x116, 0x1, "bdd16e8e62a2b298355e3221b78472e973c46e400e6b45bd347b6190b0f253cabdd68a1a0d6fa4c538ba44043342f12e5ceddf40f063ef5288c86d12606b5cc819d48c4583dd819790fb5b13e7b50cc9aa166473336172db83736db05ab87f2e32bbdc2aee29235164b7b841fc6b433c9671696819df5db36db7beb7d1e0da00cd4ee9661fe0a94d82ac29ac5749"}, {0xb0, 0x115, 0x0, "ebef3c91342e56e9eaa8c7cc186775a8ac83c0b8d9e22c731af310203197e12bfbc0fbaf1038fe5b161358bab3aa5ce9505270dfbd5d7018412b180a42890ce10e88f43bb17da4f4463bbb1ea12c18dbbbbd19c6353f43ea71a3d506e0e71c4d97521a6ecb34abfa294df93c2870c57fab4abfe59eb7c9444d5ae28b9c65ead3a5e82096bb05712056930da35a06f098fd38a2a6a2dff3962f143436e829"}, {0x48, 0x3a, 0x35a3ade2, "324ed0129ad1fb62cf9f74062cdcce025e9ae50c4f4bf481ea5c5c977341f00618e6448a6b144c5128be70fb6ad5a97334"}, {0xd0, 0x110, 0x9, "e484eaece01ea30f11019b5f8b8693b542af283431b006ac3d4a17a9a0387532aefd91166a4cf1cf5b54204e083caf988587b55d0220632f13921b221741fd4bbaf87a8e44c05007a122df8e99be1ad5b8e1d0e195aeca42d73b2279c3d8f0262be85742ddc811d90f5604ef6e07ef09a2ae2f77dde7b25bc653b3304aede808205a5942e43e27b041a1c7773f2a41044e726e40956fb1ec89cfca7c8cd3d37dc61ecbe9e79a1c967c029e228bb74d3e31602488f68ff4e772"}, {0xa0, 0x10d, 0x7, "e6843ffb8de7697dc2747860a9773a8fad078ed66e9869bded8cf08c70e2958f7e809a94f9182d06cf676a5e21cad782ac36c34d62a51a1b07a01be694fa1677454e386de0f977dcc6dee7aac49924754ddc33a66b7d246207bc549f6742883306b6c94101075031cdb56ae28b962231f38945cf653c0bafd8ce376e6a75b075df8153841be8548f866554"}, {0xd0, 0x8d, 0x7ac, "26108801aea1b0c5fe9296249c5ed8f44b75fc8f455d5a0749136c0a2d195c23136a7a747c2053ab019c768777289c1a62cb28f440cb9a3cdb40aa3aea43ebbff137d62b71a6fda504f6d9d4085c42846c1c432a23a8d0a22f813eec96165b2da41b91c76b5c48243a83ec8da9245bd3c533ccd677545619e228a28c43b9d0bd3d771a1be685679e004e9c8a6ddc7e785ee525063db3e65fdebdc2a97f0f7cc40f4aae2d77400caa05a3e5b2fb817b8319d1a6802a03b8064e1f"}], 0x650}, 0x20000081) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz0\x00', 0x1ff) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) 22:15:19 executing program 4: socketpair(0x18, 0x0, 0x8, &(0x7f00000002c0)) 22:15:19 executing program 3: r0 = perf_event_open(&(0x7f0000001740)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x2) syz_open_procfs$namespace(0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff) 22:15:19 executing program 2: perf_event_open(&(0x7f0000001740)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/user\x00') 22:15:19 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f000000a540)={0x0, 0x0, 0x0, &(0x7f0000001040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:15:19 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f00000000c0)=@raw=[@map, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}], &(0x7f0000000140)='GPL\x00', 0x3, 0xc6, &(0x7f0000000180)=""/198, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:15:20 executing program 4: bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0}, 0x10) 22:15:20 executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f0000000800)='/dev/net/tun\x00', 0x0, 0x0) 22:15:20 executing program 3: perf_event_open(&(0x7f00000000c0)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xc}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:15:20 executing program 2: r0 = socket$kcm(0x29, 0x2, 0x0) recvmsg(r0, &(0x7f0000025000)={&(0x7f0000024d80)=@xdp, 0x80, 0x0}, 0x0) 22:15:20 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000006180)={0x18, 0x3, &(0x7f0000002c00)=@framed, &(0x7f0000002c80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000006100), 0x8, 0x10, 0x0}, 0x78) 22:15:20 executing program 4: socketpair(0x0, 0x0, 0x0, &(0x7f0000003580)) 22:15:20 executing program 1: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000980)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f00000007c0)="b6", &(0x7f00000008c0)="c6"}, 0x48) 22:15:20 executing program 0: bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000600), 0x10) 22:15:21 executing program 3: mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000006380)='syz0\x00', 0x1ff) 22:15:21 executing program 5: bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000380)={@cgroup, 0xffffffffffffffff, 0x7}, 0x10) 22:15:21 executing program 1: r0 = getpid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000f00)={r0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) 22:15:21 executing program 0: bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) mkdir(&(0x7f00000015c0)='./file0\x00', 0x0) 22:15:21 executing program 4: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000000e00)={&(0x7f0000000100)=@name, 0x10, 0x0}, 0x0) 22:15:21 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x4, &(0x7f0000000680)=@framed={{}, [@ldst={0x0, 0x0, 0x1}]}, &(0x7f00000006c0)='syzkaller\x00', 0x3, 0x1000, &(0x7f0000001440)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:15:21 executing program 2: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000008e00)=@bpf_ext={0x1c, 0xb, &(0x7f0000000400)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, 0x1}, @map, @exit, @map_val={0x18, 0x0, 0x2, 0x0, 0x1}, @alu]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000008d80), 0x8, 0x10, &(0x7f0000008dc0), 0x10}, 0x2a) 22:15:22 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000080)) 22:15:22 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000005c0)=[{0x0}], 0x1, &(0x7f0000000600)="3309f4fa11a7e363875b560c831347fa4370a1bb8038df9a83d9f41fc7244a4966796d46e1", 0x25}, 0x0) 22:15:22 executing program 0: perf_event_open(&(0x7f0000001740)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:15:22 executing program 4: perf_event_open$cgroup(&(0x7f0000001380)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x81}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 22:15:22 executing program 3: socketpair(0x11, 0x2, 0x0, &(0x7f0000001540)) 22:15:22 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x3, &(0x7f0000000680)=@framed={{0x63}}, &(0x7f00000006c0)='syzkaller\x00', 0x3, 0x1000, &(0x7f0000001440)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:15:22 executing program 2: setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) 22:15:22 executing program 5: bpf$LINK_DETACH(0x22, &(0x7f00000001c0), 0x4) 22:15:22 executing program 0: bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={@map=0x1, 0xffffffffffffffff, 0x17}, 0x14) 22:15:23 executing program 4: socketpair(0x22, 0x0, 0x0, &(0x7f0000003580)) 22:15:23 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x3, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x8}}, &(0x7f00000006c0)='syzkaller\x00', 0x3, 0x1000, &(0x7f0000001440)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:15:23 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f00000000c0)=@raw=[@exit, @btf_id, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}], &(0x7f0000000140)='GPL\x00', 0x3, 0xc6, &(0x7f0000000180)=""/198, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:15:23 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000017c0)={&(0x7f0000001640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, &(0x7f00000016c0)=""/234, 0x26, 0xea, 0x1}, 0x20) 22:15:23 executing program 5: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) mkdir(&(0x7f00000015c0)='./file0\x00', 0xa4) 22:15:23 executing program 0: bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000b40), 0x4) 22:15:23 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000017c0)={&(0x7f0000001640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x4}]}]}}, &(0x7f00000016c0)=""/234, 0x2e, 0xea, 0x1}, 0x20) 22:15:23 executing program 4: bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)="27e16c720b306f23627e940bda792647bf4ed78cfbcb4be18738c339e79e9c8c235cd5e692d093ce107a5a075257bbec631b704c2db394f871e5d04030c5f9937a66e67fe3c65bd958c835cf82bccf7312f9eb37706aac1802c996ee7e48edbb8ac46c5339372a0664d6dc5c0a910e7e8df1a9971df4574db66876d33576536455c1335ee001569fb1f2d164a6c7e40f57", 0x0}, 0x38) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'veth0_to_hsr\x00'}) 22:15:23 executing program 1: bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) 22:15:24 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x40) 22:15:24 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x4, &(0x7f0000000680)=@framed={{}, [@ldst]}, &(0x7f00000006c0)='syzkaller\x00', 0x3, 0x1000, &(0x7f0000001440)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:15:24 executing program 0: perf_event_open(&(0x7f00000016c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73636d92add87e57, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 22:15:24 executing program 3: socketpair(0x2, 0x2, 0x1, &(0x7f0000001540)) 22:15:24 executing program 4: socketpair(0xa, 0x0, 0xfffffffd, &(0x7f00000032c0)) 22:15:24 executing program 1: socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000500)) 22:15:24 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000280)=@framed, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) 22:15:24 executing program 5: socketpair(0x25, 0x5, 0x0, &(0x7f0000001540)) 22:15:24 executing program 0: perf_event_open(&(0x7f0000001740)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:15:25 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000006180)={0x0, 0x3, &(0x7f0000002c00)=@framed, &(0x7f0000002c80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:15:25 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x3, &(0x7f0000000680)=@framed={{0x21}}, &(0x7f00000006c0)='syzkaller\x00', 0x3, 0x1000, &(0x7f0000001440)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:15:25 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x3, &(0x7f0000000680)=@framed={{0x61}}, &(0x7f00000006c0)='syzkaller\x00', 0x3, 0x1000, &(0x7f0000001440)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:15:25 executing program 2: socketpair(0x23, 0x2, 0x0, &(0x7f0000001540)) 22:15:25 executing program 0: r0 = perf_event_open(&(0x7f0000001740)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff) 22:15:25 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@var]}}, &(0x7f00000000c0)=""/205, 0x2a, 0xcd, 0x1}, 0x20) 22:15:25 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)="3309f4fa11a7e363875b560c831347fa4370a1bb8038df9a83d9f41fc7244a4966796d46e1", 0x25}, 0x0) 22:15:25 executing program 2: bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0xc0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x6}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x3}, &(0x7f00000000c0)=0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001380)=r0, 0x4) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, &(0x7f0000002580)) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000006180)={0x18, 0x5, &(0x7f0000002c00)=@framed={{}, [@initr0]}, &(0x7f0000002c80)='GPL\x00', 0x1ff, 0xa2, &(0x7f0000002cc0)=""/162, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000006100)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000006140)={0x0, 0x0, 0x0, 0x80000001}, 0x10}, 0x78) 22:15:25 executing program 4: socketpair(0xa, 0x0, 0x0, &(0x7f00000032c0)) 22:15:26 executing program 1: socketpair(0x18, 0x0, 0x2, &(0x7f0000001540)) 22:15:26 executing program 0: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000000e00)={&(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10, 0x0}, 0x0) 22:15:26 executing program 3: r0 = socket$kcm(0x29, 0x2, 0x0) recvmsg(r0, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x140) 22:15:26 executing program 5: syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') 22:15:26 executing program 1: perf_event_open(&(0x7f0000000340)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21900, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1010, 0x617}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x0) 22:15:26 executing program 2: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10) 22:15:26 executing program 4: unlink(0x0) 22:15:27 executing program 3: write(0xffffffffffffff9c, &(0x7f00000003c0), 0x0) 22:15:27 executing program 0: link(&(0x7f00000000c0)='./file0\x00', 0xfffffffffffffffe) 22:15:27 executing program 5: readlink(&(0x7f0000000240)='./file0\x00', 0xfffffffffffffffe, 0x0) 22:15:27 executing program 1: link(&(0x7f0000000ac0)='./file0\x00', 0xfffffffffffffffe) 22:15:27 executing program 2: syz_open_dev$evdev(&(0x7f00000006c0)='/dev/input/event#\x00', 0x0, 0x0) 22:15:27 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x8) 22:15:27 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x8) 22:15:27 executing program 5: readlink(&(0x7f0000000040)='./file0\x00', 0xfffffffffffffffe, 0x0) 22:15:27 executing program 0: mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x10191, 0xffffffffffffffff, 0x0) 22:15:28 executing program 4: mkdir(&(0x7f0000000600)='./file0/file0\x00', 0xe) 22:15:28 executing program 2: rename(&(0x7f0000000040)='./file0\x00', 0xfffffffffffffffe) 22:15:28 executing program 1: 22:15:28 executing program 0: 22:15:28 executing program 3: 22:15:28 executing program 5: 22:15:28 executing program 4: 22:15:28 executing program 1: 22:15:28 executing program 2: 22:15:29 executing program 0: 22:15:29 executing program 5: 22:15:29 executing program 3: 22:15:29 executing program 4: 22:15:29 executing program 1: 22:15:29 executing program 2: 22:15:29 executing program 0: 22:15:29 executing program 5: 22:15:29 executing program 3: 22:15:29 executing program 4: 22:15:30 executing program 1: 22:15:30 executing program 2: 22:15:30 executing program 0: 22:15:30 executing program 5: 22:15:30 executing program 3: 22:15:30 executing program 4: 22:15:30 executing program 1: 22:15:30 executing program 2: 22:15:30 executing program 0: 22:15:30 executing program 5: 22:15:31 executing program 3: 22:15:31 executing program 4: 22:15:31 executing program 1: 22:15:31 executing program 2: 22:15:31 executing program 0: 22:15:31 executing program 5: 22:15:31 executing program 3: 22:15:31 executing program 1: 22:15:31 executing program 4: 22:15:31 executing program 2: 22:15:32 executing program 0: 22:15:32 executing program 5: 22:15:32 executing program 3: 22:15:32 executing program 1: 22:15:32 executing program 1: 22:15:33 executing program 2: 22:15:33 executing program 4: 22:15:33 executing program 3: 22:15:33 executing program 0: 22:15:33 executing program 5: 22:15:33 executing program 1: 22:15:33 executing program 2: 22:15:33 executing program 4: 22:15:33 executing program 3: 22:15:33 executing program 0: 22:15:33 executing program 5: 22:15:34 executing program 1: 22:15:34 executing program 4: 22:15:34 executing program 2: 22:15:34 executing program 0: 22:15:34 executing program 3: 22:15:34 executing program 5: 22:15:34 executing program 1: 22:15:34 executing program 4: 22:15:35 executing program 2: 22:15:35 executing program 5: 22:15:35 executing program 0: 22:15:35 executing program 3: 22:15:35 executing program 1: 22:15:35 executing program 4: 22:15:35 executing program 5: 22:15:35 executing program 2: 22:15:35 executing program 3: 22:15:35 executing program 0: 22:15:35 executing program 1: 22:15:36 executing program 4: 22:15:36 executing program 5: 22:15:36 executing program 3: 22:15:36 executing program 2: 22:15:36 executing program 0: 22:15:36 executing program 1: 22:15:37 executing program 4: 22:15:37 executing program 5: 22:15:37 executing program 3: 22:15:37 executing program 0: 22:15:37 executing program 2: 22:15:37 executing program 1: 22:15:37 executing program 4: 22:15:37 executing program 5: 22:15:37 executing program 3: 22:15:37 executing program 0: 22:15:38 executing program 2: 22:15:38 executing program 1: 22:15:38 executing program 3: mlock(&(0x7f00007ff000/0x800000)=nil, 0x800000) 22:15:38 executing program 4: r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000000)={0x1, 0x0, [0x0]}) 22:15:38 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/seq\x00', 0x80) 22:15:38 executing program 5: syz_emit_ethernet(0x56, &(0x7f0000000040)={@local, @random="00899400", @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f4077f", 0x1c, 0x6, 0x0, @rand_addr=' \x01\x00', @local, {[@dstopts], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 22:15:38 executing program 2: r0 = socket(0x1, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r0, 0x89f5, &(0x7f0000000080)={'sit0\x00', 0x0}) 22:15:38 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) io_setup(0x4, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f0000000940)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2}]) 22:15:39 executing program 4: r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x131, 0x131, 0x2, [@union={0x0, 0x6, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}, {}]}, @datasec={0x0, 0x3, 0x0, 0xf, 0x1, [{}, {}, {}], "cc"}, @func_proto, @typedef, @union={0x0, 0x5, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}]}, @enum={0x0, 0x8, 0x0, 0x6, 0x4, [{}, {}, {}, {}, {}, {}, {}, {}]}]}}, 0x0, 0x14e}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x33) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 22:15:39 executing program 5: syz_emit_ethernet(0x56, &(0x7f0000000040)={@local, @random="00899400", @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f4077f", 0x1c, 0x6, 0x0, @rand_addr=' \x01\x00', @local, {[@dstopts], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 22:15:39 executing program 0: syz_emit_ethernet(0x36, &(0x7f00000002c0)={@link_local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @loopback, @multicast1}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 22:15:39 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, 0x0, 0xfffffffffffffe69) creat(0x0, 0x0) io_setup(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) creat(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) open$dir(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0x81, 0x4) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000a80)=ANY=[], 0x8) setsockopt$inet6_int(r1, 0x29, 0x8, &(0x7f0000000100)=0x1, 0x4) mmap(&(0x7f0000ff7000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) prctl$PR_GET_KEEPCAPS(0x7) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, 0x0) fdatasync(0xffffffffffffffff) ftruncate(r2, 0x7fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) 22:15:39 executing program 1: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$sock_ifreq(r0, 0x8921, &(0x7f00000000c0)={'bond_slave_1\x00', @ifru_ivalue}) 22:15:40 executing program 5: syz_emit_ethernet(0x56, &(0x7f0000000040)={@local, @random="00899400", @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f4077f", 0x1c, 0x6, 0x0, @rand_addr=' \x01\x00', @local, {[@dstopts], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 22:15:40 executing program 3: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4, 0x10, r0, 0x0) 22:15:40 executing program 4: mlock(&(0x7f00007ff000/0x800000)=nil, 0x800000) socket(0xf, 0x80000, 0x0) [ 1075.330125][T21547] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 22:15:40 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$sock_ifreq(r0, 0x894a, &(0x7f0000000080)={'bond_slave_1\x00', @ifru_ivalue}) [ 1075.681611][ T31] audit: type=1800 audit(1604096140.721:22): pid=21547 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="sda1" ino=16367 res=0 errno=0 22:15:40 executing program 1: r0 = socket(0xa, 0x3, 0x8) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, 0x0, 0x0) 22:15:41 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, 0x0, 0xfffffffffffffe69) creat(0x0, 0x0) io_setup(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) creat(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) open$dir(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0x81, 0x4) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000a80)=ANY=[], 0x8) setsockopt$inet6_int(r1, 0x29, 0x8, &(0x7f0000000100)=0x1, 0x4) mmap(&(0x7f0000ff7000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) prctl$PR_GET_KEEPCAPS(0x7) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, 0x0) fdatasync(0xffffffffffffffff) ftruncate(r2, 0x7fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) 22:15:41 executing program 3: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000000)={'bond_slave_1\x00', @ifru_ivalue}) 22:15:41 executing program 0: syz_emit_ethernet(0x2e, &(0x7f0000000040)={@local, @empty, @val={@void}, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @random="77b92695dc05", @local, @broadcast, @empty}}}}, 0x0) 22:15:41 executing program 5: syz_emit_ethernet(0x56, &(0x7f0000000040)={@local, @random="00899400", @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f4077f", 0x1c, 0x6, 0x0, @rand_addr=' \x01\x00', @local, {[@dstopts], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 22:15:41 executing program 1: r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0) [ 1076.611069][T21569] bond_slave_1: mtu less than device minimum 22:15:41 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$sock_ifreq(r0, 0x8924, &(0x7f00000000c0)={'bond_slave_1\x00', @ifru_ivalue}) 22:15:42 executing program 3: syz_open_dev$evdev(&(0x7f0000000200)='/dev/input/event#\x00', 0x3, 0x4041) 22:15:42 executing program 4: syz_emit_ethernet(0x88, &(0x7f0000000240)={@local, @random="00899400", @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "8d9a23", 0x4e, 0x2f, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @initdev={0xfe, 0x88, [], 0x0, 0x0}, {[@hopopts], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x0, [0x0]}, {}, {}, {0x8, 0x88be, 0x1, {{}, 0x1, {0x4a9}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x8, 0x3}}}}}}}}}, 0x0) 22:15:42 executing program 5: syz_emit_ethernet(0x0, 0x0, 0x0) 22:15:42 executing program 1: syz_emit_ethernet(0x8e, &(0x7f00000000c0)={@link_local, @random="00899400", @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "b1e6d2", 0x54, 0x2f, 0x0, @private2, @mcast2, {[@dstopts={0x0, 0x1, [], [@generic={0x0, 0x6, "ec3f9d213803"}]}]}}}}}, 0x0) 22:15:42 executing program 4: r0 = socket(0xa, 0x3, 0x8) bind$bt_rfcomm(r0, 0x0, 0x0) 22:15:42 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 22:15:43 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, 0x0, 0xfffffffffffffe69) creat(0x0, 0x0) io_setup(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) creat(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) open$dir(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0x81, 0x4) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000a80)=ANY=[], 0x8) setsockopt$inet6_int(r1, 0x29, 0x8, &(0x7f0000000100)=0x1, 0x4) mmap(&(0x7f0000ff7000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) prctl$PR_GET_KEEPCAPS(0x7) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, 0x0) fdatasync(0xffffffffffffffff) ftruncate(r2, 0x7fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) 22:15:43 executing program 5: syz_emit_ethernet(0x0, 0x0, 0x0) 22:15:43 executing program 3: r0 = socket(0x11, 0xa, 0x0) connect$bt_rfcomm(r0, 0x0, 0x0) 22:15:43 executing program 1: 22:15:43 executing program 0: 22:15:43 executing program 5: syz_emit_ethernet(0x0, 0x0, 0x0) 22:15:43 executing program 4: 22:15:43 executing program 3: 22:15:43 executing program 1: 22:15:44 executing program 5: syz_emit_ethernet(0x4e, &(0x7f0000000040)={@local, @random="00899400", @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f4077f", 0x14, 0x6, 0x0, @rand_addr=' \x01\x00', @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 22:15:44 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, 0x0, 0xfffffffffffffe69) creat(0x0, 0x0) io_setup(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) creat(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) open$dir(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0x81, 0x4) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000a80)=ANY=[], 0x8) setsockopt$inet6_int(r1, 0x29, 0x8, &(0x7f0000000100)=0x1, 0x4) mmap(&(0x7f0000ff7000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) prctl$PR_GET_KEEPCAPS(0x7) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, 0x0) fdatasync(0xffffffffffffffff) ftruncate(r2, 0x7fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) 22:15:44 executing program 0: 22:15:44 executing program 4: 22:15:44 executing program 3: 22:15:44 executing program 1: 22:15:44 executing program 5: syz_emit_ethernet(0x4e, &(0x7f0000000040)={@local, @random="00899400", @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f4077f", 0x14, 0x6, 0x0, @rand_addr=' \x01\x00', @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 22:15:44 executing program 0: 22:15:44 executing program 4: 22:15:44 executing program 3: 22:15:45 executing program 1: 22:15:45 executing program 2: 22:15:45 executing program 0: 22:15:45 executing program 4: 22:15:45 executing program 5: syz_emit_ethernet(0x4e, &(0x7f0000000040)={@local, @random="00899400", @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f4077f", 0x14, 0x6, 0x0, @rand_addr=' \x01\x00', @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 22:15:45 executing program 3: 22:15:45 executing program 1: 22:15:46 executing program 2: 22:15:46 executing program 0: 22:15:46 executing program 4: 22:15:46 executing program 5: 22:15:46 executing program 3: 22:15:46 executing program 1: 22:15:46 executing program 2: 22:15:46 executing program 0: 22:15:46 executing program 5: 22:15:46 executing program 4: 22:15:46 executing program 3: 22:15:47 executing program 1: 22:15:47 executing program 2: 22:15:47 executing program 0: 22:15:47 executing program 5: 22:15:47 executing program 4: 22:15:47 executing program 3: 22:15:47 executing program 1: 22:15:47 executing program 2: 22:15:48 executing program 0: 22:15:48 executing program 4: 22:15:48 executing program 5: 22:15:48 executing program 3: 22:15:48 executing program 1: 22:15:48 executing program 0: 22:15:48 executing program 2: 22:15:48 executing program 4: 22:15:48 executing program 5: 22:15:48 executing program 3: 22:15:48 executing program 1: 22:15:49 executing program 0: 22:15:49 executing program 2: 22:15:49 executing program 4: 22:15:49 executing program 5: 22:15:49 executing program 1: 22:15:49 executing program 3: 22:15:49 executing program 0: r0 = syz_open_dev$sndmidi(&(0x7f0000000340)='/dev/snd/midiC#D#\x00', 0x2, 0x2) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000480)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20) 22:15:49 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:15:49 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dlm_plock\x00', 0x201, 0x0) 22:15:50 executing program 5: keyctl$get_persistent(0x16, 0xee01, 0xfffffffffffffffb) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0) recvfrom$rxrpc(0xffffffffffffffff, &(0x7f00000000c0)=""/8, 0x8, 0x41, 0x0, 0x0) r0 = openat$char_raw_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/raw/rawctl\x00', 0x400, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000001c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f00000003c0)={r1, 0x0, "79d8a51cc1e46603691a4feee9d287425feda644d6f319632a2c2c939d744636cc1312b7e20d9e021fe75fe0421cc4c6c4cbd7c2d2cd84188157a040b1da37fb3478c8853eaa044bb1c9f3139f43d7dc187efd43d77b5aa451c706c0f8196a7e3e503ddedb58b472da48ac9ea52089da8ed9dfa15e7ffda8425f453e31247a0326507265b6faf1e581e8917a6f12f6473622f27c0b0e5aa3feef88bd4951d443930d05ea09c0a98e5693f56e5973cadac35b9789a1b341b41b0a29ddb85b5b0722f24e5ee77afa33bd392a86364588a1024149e6f0a778d101b7c2b28cdcc3bd28db355681b953b93715a21bdae7f8847fb107d9ce31eec2ff961d59f2ac57bf", "930e135b8e31b691509beb5f5c6748cd8752d9cabd8025bc4e79c6761dc995662924682ce946e255a098e99b657b822e98f8896014614bd7a5d473721e24bf8d5af3cc9abfee0ebcff45de9bea2726ffdfe580a335f0f0e17fd306527174acfa6b63b1490e6e2a4331681705e7490fec0a61425220cf82f290cafa7eb21cd6a2819fa1b305a46c018640c6277aa94368884eb91053ba8dacffd96df0a99df8c9c7f9f861026712fa706dca372af53c5d38700c7ed7226fac2a4e07e27d4b9725f417163c5ad28b5e2e0a96dfcbde5ae0115e91b27ad71e5ffe29fdbf8acfa69dad020ea5bbf9f1a8181e2c26e9117d528e517460e29fc0afa683c70cf1778e6cae876c061eca14610cf5a86dd9e52f3f5a984a9bd4eb36c3eee650189282e9236480c0a961f973876de482fe62e047a38481269600d2d27237717d575173efe26ad6c617c09e7ed9b3620b257ec7e0fc839a53d37acecc5bca42546515c3cd42c1c34b840d503fdeca515b48b25e1af1d05e7d15743b9bbde0a6ae4dd2fa5bc7cf18004572082f6234ac8fc0437ef499754e24b9355c45adb36178c25cf272c8a6335304c21daea14c43b04a08279b3ba142549cb2c96dd3f38ad848767a331a3890257e5820cf0d514ad7e170572a39837414be7eb918c98f52849a051c50bf970c4f7733626999cf102045f5acc223a8bc5db1a4ab82aff269f26fb9f616685c4ffa03b676942e091a4da2cf4c0f170e62c9212128f3f1196751af90cb348e27d4927d590e15bdf9336ff11bd4cbcf140cf892ab18bc261449a840263e159e253ed5dfcd1575ed4c1f6902d7027ac9b09bc4881756bbd8cc60b9cb50377a740a97f5e10531601cf6b6a2b1cc5d9155959a8e0905330c8e5891c8781247c54415398b665c57913c56c94113c95528f3bf587814a6bedfd436a81fade4020c4e8c41e9e3a8431945f292fc62ea83f251ad27d789f5b2fe2d74529622beb522069e528c630bdd0d9f3b0b90bf9286673d7b7be3464edb125fd74bc98afe47f9acd825271a63ebbb9e09567aff444884d90e501ca332c10f69723d00c9e2ed76891da01d5f19b7a6f31dbca11d65f6534ed968cdd2252522bf7c11fccbee6771032f249e23f4ad8621fbaf461d8deaac46ecb9860c55786e13e6f7f3f9c0c17179d222b1b48c9dc1d54440709152a490a3ef9a9fb77e8ec51c70142b5b79656e29511da2e2522bb7c7ce74ce93b07f76d40c5532c9cc3cf44e0346cf3533b681f6d55644ef0379ba7972db8f2a5859eb4ac53ccf8b392ec9c8add3219286b93793c9857039b22598933742cd9d75c4fe8fe8e01564b2759ee38746f71126b7c6b315f9abe4d93590c97fcf9a4881d9a6f3651c67009ea79aee45e95962baed4d36557cc0564e7d3d470c660c0c09f2e06ffafddf5c77a8986eff8218d7f2b6112b0c6255dec1e0625bac238709f07d2917cc713dd029878a997ef505179798108cdffee726f2f532740a54f26d2219a0f57844e31ddd0c761674804a4c39deaa43523c30b96ebf113d24063ce8a583e419352fd456600e4cb33f37b02988680decf3ea9d562d13bccf36beb7fba8897d7d8b1b3fc40a451cd12e1f245e5fe40e9da89fd38cd8e2f9ed827238ea09ff859502cee8ef08c09fcec31b1cb6686ef811899a1c9da1ae1b16e717d5f8940183e82e8d0d888f6dfd65f3f10d1ed4ef380926dec21a951291959a29f8c36fb80d5b4da403b117e6c3e95b4748ac90471dbb2cf083c3572fe3f0b787fc22b7e3e00c8fce9067152e5274f02b14f10e15416db0e4e0879f90ed8a00fbe4025ae407bf52e3eb4b90bf0ed7ad424545be1284c86a58d449ad3626c5a50eb4979dffd68c07c345360105540ac0d3dff1b41cc5791a9f5e460898aa806cee7f8e95beb7b8946ee0627b7d28837a25cf1ed61c0d01ba538fed0d06026970e054161fdcb7e655c0bcc27c50d339e03289a5621a8daca1293f337191671881753db2490c2bfa562eac280446f6e0e5756bf9ab7b7958b8b483758dc995e40f33ac6e5af912e7ab28529b2b66cb8c2a13734f5e032bd405d07060b34735cbd9c184be9e4bc3455e59a88e56896195dc695e2b79f0aee2b29294072ad26036c4eb72a1067c91e3f7fc7cbcf221f791c4d91983dbef76aa920007438cadc189b7bdc889b50da5294dc64892fd3e7475d1f70d0bb921971db8fec8c58021898da7478bc61f6406e9e4d25872f047246caefe716f85eb352b08c71a94b43f4c6170cce0e9e3948cbf76f9fcd6eea007aa0284c67144a6e9c31bea4da143ded8d4a6012ec09b0033d972f823b87497a0805f76f8ecae306897e53de7afb8afc4de8ed29facbe030f05f184471c40e7a7db98cbc27690f34f7d3787e81be716831ae6215e117c9095ae888c0be384d97cd41cbf5d35d667e505d2487f80afe835014ae20e1bd8db80b6ef45957aa6d01864ebfe20e4a3ace96ce431e680715077e3071454682bff86b1b19a819cc7caa12351e0a1da0ffe8d1b7e149a1e6b0d37dfa899d1ae855ed7a438a08897b18a12b57ac5dc9d79ee16cc080fe0dda58fd30e9fc9bb7cc3c67ce5c1bcafe0ab440be5d5f0f31c0d3c2032da6795b0a1d438dcf3ab21285266f8c5f9992f2fc206b43c8c85bdeffe24023da357819c67dc2b08a6e78621564c653ca70636de6151b58617ec47edd31fc89d314641d0ef9b5d458e140e96eb84bc6f5b2a73e8b40cb985b26ec354c9847c29a450ca4fb5eb6813ca1759573547ace4ec17e96399109afe3fb640352d8a924f01177a19ea8643ecb571d57c118e4e3bc58e0bfbd182221633d4877135658822e02f78060c0de899da28b069f0cea7409a915aebc667305c59730d00e3a4583e6634100e655daeb056fe4ffcd421e63844d0afc685369a61f21be92fb2b033dd75a8003cdee656ec77ff837ae93c347426b09e37670624af78fdf5356d72a92e7755c3dab30c7acfd04792f9999f1f182e572488d19965fdb60c2ffc18c8108ac601dcbbdd84906bfa550e73fca44e5003ecea7fdadb51fdffb3f34042ed6a1e3b70cbb700eadf5dcda3b26751d909ac6f8ab9311814070b43ff83938121b0c53775be2728016d29519257a7e95544f323a126b9f0bc956a9891899efe1e0bc7cf39b92c4172e541006e77db356163044725d0eeb08a07a263ad5d84ad79253378ad3dc3aa9561b0e8d3804674446a79a6274bb9eeb3e981659c9f405d404bdec782ac42014a82177eb7858a907953e0cb721894e8e132cb70b3332664ba27b881c3505eaebb37e5430137c10b336623220a23a70df74b41eb98e42727d2a819a60d311087dfea2cc4cc662034f3245ac9f9f18ba4542fcbb07122a2f826ba9d2cc8758f9608790d9787bbb45bef6d492b4e988e46f03a0b30d7f388621371575fe4c98f0eaeeaf0c6bb30b607bfd32cdbea5177fb0bcfb44dc1bfc0a3720ce414053b5b0551f1fab76428d5f97ae7a95e66a5812edc3dfaaf0f8256cceb93e84aa53d8d961cc43c521eb2dfeb635bb2ce05181a7ef7f8fc2d485b4bfbfdff954b89f6c0890dcf96b7714349096ae8815eec95f2d0631b141fac284acaf16e0fc9717700a456c6b498bef4d488092538f6b1e545529c48c1cdbeedb31422c855f8458b021a2ccee73c453044b4b2f5ed468cbe21e1d0d16bb9cb736c27945547529b112fb5f691256a9b01d5f5ce1343aa01f8f777b73b44a0d2cc4ac48d328b8fd90857e8530486c9006ef6c4de5ffe6edb8efac6306a6c2980b76d648fcce3f12b8b77759cdcb10bb451dcc596889708fe1b3196325e62eebcf09d29b1ee4b819ec4048375dba0fbe0bb5860c38a3b3b388d0df56b4ea706e661409e0904adaa3b228205bf47384fbe837efa1b3b96d434241869e81ac4ef455ff4cd5582962399bc18055d54c59fe0afad2505aa6e2005bb0ed4911912953a04c56bb92f20f61d13bef33e8d6da7765311a00fe492b0f02b68bd39c15e45225df3f393d0f471afdd27b737dd4830459a22147827107ac8343c8c21cf31959acadebedae56e9a844f69b74281b93f3a12e8b1910efb6f9e54ffe29e77f6c209dc5e1541addac55643fa41f9cebafb255d5dc3186dfdfda76ef1381a1e743afc26d2b0eb96e0c2bf393db5fd15ae6d6142c3a0cbb2eeed14d3996ec0ddc749efdb78ae6daf2ea4390ea310815f232f55dc25904e0cb845732a6958b3418b111d82b37f1a60b603b0c823166e78e52fc29abc300b5230fc43ca687240ca780f4346e5926c729b7b9ec432c753d8e17f1ffc67b3a1815d817411b723d511a2865fa0521f31e9bf745c60c060c68bd077be10fd3f52638e869b9e429a31383c7d29cc20fd33f72e37ee7ec1858276137df70248574f469ef989ca5b1eaf340a908b909520140e739a7089be495bb786a2d8e4d448a75b445a30771fccd356a0666784ddd920a1d76de79ff855a95210b5b7de65683b79a38bab9b96968abb9c78e9d8727f8c6d664388a9881d07025bba6b41db84a6d8dd6c81e11b0e8669ce7ae1cd6957f513058afe44888fffe648634bc5d147c2b1592f9d31865b4cc5fff5fc9fa1b2c3d99b914dca12bc5d390b8b80134691df19ce9192ab8e5481daa266e72fff4cfcee445c88ba3f044ff1d62c611f0b7c1a037b9a96cf5b6525b6c79d70bd2519a2ec03fc4679952dff750d8241b80015a96c25f70269552cae6d92b7d9ffae0744000ecaa81ea401e26a88fa00a8c73b38cacb635c07e7aa9f466558ddeccf9ed9e66a38b5a2cfb97374d4ea3f38b59bcb832e78557f5d4f636e4dc1a69e4f8d78c752616eee6a5d5a40fe17ba7925ecbeb252c898505c321608983212aad1f8392feb5369d352ce73d2ebe1120bedeaa79de72e77c436aaec3897f58549ffb56a147262bcea985e9040a9098cc97ffb65f182a3defd272606f6a85240aadb12f49c77af739773802906c124525963b920c0d642003f032ddad17408b252c43127c0dc8dcbd0608c692f4803a8aacfcbfeebdc592f212800e2173bc508dace792b48a8b4a83ae0dcc448e51c7a954d73255a317726afd2486f8a872b04f4381b765f70d5bf257fc4a4949d5452962fba5a74fc51941191e4cb5b7acb40e63a34aed4456a278ece3a8280c6855445a071203667df4a6dc6a4ca15fb338b9158e7848af78ad816df24da34e60cd1a4dea2f1074eeeffb0899b9696bd27e4da7658e3edea40465ad5dfa829868f345b01203fd828751ec5f101027e627772a82c02f81a3758b8350e916273db70d95992a611ae6fa2d9dcb76cb431a6118d6aa3a09c3d5e6a42d753d07917ab5f30a512168c9728234a092dfd3bc67eaafdc5d9ef2786035eec885d0b2f358cdf498dd66a0a042d"}) ioctl$RAW_CHAR_CTRL_SETBIND(r0, 0xac00, &(0x7f0000000180)={0x0, 0x7, 0x0}) 22:15:50 executing program 1: r0 = msgget(0x3, 0x619) msgctl$IPC_RMID(r0, 0x0) 22:15:50 executing program 3: setresuid(0xee00, 0xee01, 0xee01) delete_module(0x0, 0x0) 22:15:50 executing program 4: openat$full(0xffffffffffffff9c, &(0x7f0000000a40)='/dev/full\x00', 0x0, 0x0) [ 1085.383405][ T2977] Bluetooth: hci1: command 0x0406 tx timeout 22:15:50 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:15:50 executing program 0: r0 = syz_open_dev$sndmidi(&(0x7f0000000340)='/dev/snd/midiC#D#\x00', 0x0, 0x0) read$midi(r0, 0x0, 0x0) 22:15:50 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f00000003c0)={0x8, 0x120, 0xfa00, {0x0, {0x0, 0x0, "724879f23df73b81033c4ae1a0e4a98ab2096821d4805e0743a32a0ce9d59a237aaaeb55ecbec63afdfa207f7c3c2d1db34ac5e1c3751e512b61243a2895cad1180ae0a2cd3e299ae18e7df085771e6b5abbfc4b2081707c9a08971d38cd56872ab7dd3e9a1ad86ddd22a0dfb709a8200da66518973674846ba97926593ab34274d4f4210501ce6693b5b4bc81cadd7f7298620fc2a53dd7b9e40fc54e3509445d08650e69c9510347ae14163ca4db450babce8c290a40f89dde375eb40cc521fc894c93672ac05a6a55fc6f49fc91dc037fca8de6bec8c8535d4248a07f5aed87ce729ebea1156f3fbd4bb3dc46c21d0bba100c8c3841adc81a1e7a01bda31f"}, r1}}, 0x128) 22:15:50 executing program 1: setresuid(0xee00, 0xee01, 0xee01) socket(0x25, 0x0, 0x0) 22:15:50 executing program 3: socketpair$tipc(0x1e, 0x5, 0x0, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000001440)='l2tp\x00') 22:15:51 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, @in={0x2, 0x0, @empty}], 0x20) 22:15:51 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:15:51 executing program 0: pselect6(0x40, &(0x7f0000000000), &(0x7f0000000040)={0x1e7f}, 0x0, 0x0, 0x0) 22:15:51 executing program 5: r0 = socket(0x22, 0x2, 0x1) setsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x1, 0x0, 0x0) 22:15:51 executing program 1: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f00000000c0)='id_legacy\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)="01", 0x1, r0) 22:15:51 executing program 3: socket(0x26, 0x80005, 0x2a) 22:15:51 executing program 4: socketpair(0x0, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040)={0x0, 0xc000, 0x8001, 0x0, 0x2, 0x2}, &(0x7f0000000080)=0x14) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0xfff, 0xffff], 0x2, 0x800, 0x0, 0xffffffffffffffff}) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0xcea3) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x141101, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r2, 0x330f, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) ioctl$BTRFS_IOC_START_SYNC(r3, 0x80089418, &(0x7f0000001240)) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000001200)='NLBL_CALIPSO\x00') ioctl$PPPIOCGFLAGS(r2, 0x8004745a, &(0x7f0000000100)) 22:15:51 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:15:51 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000180)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f00000001c0)=0x10) 22:15:52 executing program 1: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000180)={0x13, 0x10, 0xfa00, {&(0x7f0000000240), r1, 0x2}}, 0x18) 22:15:52 executing program 5: r0 = syz_open_dev$sndmidi(&(0x7f0000000340)='/dev/snd/midiC#D#\x00', 0x0, 0x2) write$midi(r0, &(0x7f0000000080)="e7", 0x1) 22:15:52 executing program 3: setresuid(0x0, 0x0, 0x0) r0 = socket(0x25, 0x1, 0x0) sendmsg$unix(r0, &(0x7f0000000240)={&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x88}, 0x0) 22:15:52 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:15:52 executing program 5: fcntl$getown(0xffffffffffffffff, 0x9) openat$full(0xffffffffffffff9c, 0x0, 0x2000, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000001440)='l2tp\x00') 22:15:53 executing program 1: write$snapshot(0xffffffffffffffff, 0x0, 0x0) 22:15:53 executing program 4: syz_init_net_socket$rose(0xb, 0x5, 0x0) syz_init_net_socket$rose(0xb, 0x5, 0x0) syz_init_net_socket$rose(0xb, 0x5, 0x0) 22:15:53 executing program 3: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f00000000c0)='id_legacy\x00', 0x0, 0x0, 0x0, r0) 22:15:53 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:15:53 executing program 0: add_key(&(0x7f00000001c0)='dns_resolver\x00', 0x0, &(0x7f0000000240)='Rx', 0x2, 0xfffffffffffffffd) 22:15:53 executing program 5: openat$full(0xffffffffffffff9c, 0x0, 0x703100, 0x0) 22:15:53 executing program 1: capget(&(0x7f0000000900)={0x20071026, 0xffffffffffffffff}, 0x0) 22:15:53 executing program 4: openat$full(0xffffffffffffff9c, &(0x7f0000000b40)='/dev/full\x00', 0x6000, 0x0) 22:15:54 executing program 3: add_key(&(0x7f0000000080)='encrypted\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000000)="68129f3e3401ce7540f8d7e50204f6ec055d08b247c0dad34d2a58417a1526664eb37da40797385b33c609", 0x2b, 0xfffffffffffffffc) 22:15:54 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) [ 1089.069497][T21770] capability: warning: `syz-executor.1' uses deprecated v2 capabilities in a way that may be insecure 22:15:54 executing program 0: keyctl$set_reqkey_keyring(0xe, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) 22:15:54 executing program 5: r0 = openat$char_raw_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/raw/rawctl\x00', 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0) 22:15:54 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}}, &(0x7f0000000300)=0x90) 22:15:54 executing program 4: setresuid(0xee00, 0xee01, 0xee01) socket(0xf, 0x0, 0x0) [ 1089.802836][T21785] encrypted_key: master key parameter '' is invalid [ 1089.840219][T21785] encrypted_key: master key parameter '' is invalid 22:15:55 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)) sendmmsg$unix(r0, &(0x7f0000002940)=[{0x0, 0x0, 0x0}], 0x1, 0x0) 22:15:55 executing program 4: r0 = socket(0x2, 0x1, 0x0) sendto$unix(r0, 0x0, 0x0, 0x20000000, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e) 22:15:55 executing program 0: r0 = socket(0x11, 0x2, 0x0) sendmsg$unix(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 22:15:55 executing program 2: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r0, 0x1, 0x1, 0x90}}, 0x20) 22:15:55 executing program 5: accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) 22:15:55 executing program 3: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x0) 22:15:55 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000002dc0)={0x0, 0x0, &(0x7f0000002d80)={0x0, 0x54}}, 0x1) 22:15:55 executing program 0: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)) 22:15:55 executing program 4: bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file1\x00'}, 0x10) 22:15:55 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={0x0, 0x1e20}}, 0x0) 22:15:55 executing program 2: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r0, 0x1, 0x1, 0x90}}, 0x20) 22:15:55 executing program 3: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x880001, 0x0) 22:15:56 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f00000000c0), 0x4) 22:15:56 executing program 0: socket$inet_sctp(0x2, 0xb, 0x84) 22:15:56 executing program 4: pipe2$9p(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RXATTRWALK(r0, &(0x7f0000000400)={0xf}, 0xf) 22:15:56 executing program 5: capget(&(0x7f0000000080)={0x20080522, 0xffffffffffffffff}, 0x0) 22:15:56 executing program 2: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r0, 0x1, 0x1, 0x90}}, 0x20) 22:15:57 executing program 1: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) creat(0x0, 0x0) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00009, 0x0, 0x0, 0x0, 0x10000000002) 22:15:57 executing program 4: syz_emit_ethernet(0xe6, &(0x7f00000007c0)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaa4481"], 0x0) 22:15:57 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, 0x0, 0x0, 0x0) 22:15:57 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:15:57 executing program 0: r0 = syz_open_dev$binderN(&(0x7f0000000080)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) [ 1092.490304][T21830] mmap: syz-executor.1 (21830) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. 22:15:57 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000002280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)=[{0x10}], 0x10}, 0x0) [ 1092.819862][T21838] binder: 21835:21838 ioctl c0306201 0 returned -14 22:15:58 executing program 5: r0 = socket(0x28, 0x2, 0x0) bind$isdn(r0, 0x0, 0x0) 22:15:58 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:15:58 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, &(0x7f00000026c0)=[{&(0x7f0000000240)=@in={0x2, 0x0, @remote}, 0x10, &(0x7f0000001440)=[{0x0}, {0x0}], 0x2}], 0x1, 0x0) 22:15:58 executing program 0: r0 = socket$rxrpc(0x21, 0x2, 0x2) bind$rxrpc(r0, &(0x7f0000001440)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x24) 22:15:58 executing program 3: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x9000) 22:15:58 executing program 5: syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/net\x00') syz_init_net_socket$nl_rdma(0xffffffffffffffff, 0x3, 0x14) 22:16:00 executing program 1: socket(0x25, 0x5, 0x0) 22:16:00 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:16:00 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @rand_addr=0x64010101}]}, &(0x7f0000000080)=0x10) sendmmsg$inet_sctp(r0, &(0x7f00000011c0)=[{0x0, 0x0, 0x0}], 0x1, 0x0) 22:16:00 executing program 4: setresuid(0xee01, 0xee00, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000300)={0x0, 0x30}}, 0x0) 22:16:00 executing program 3: r0 = socket(0x18, 0x0, 0x1) recvfrom$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:16:00 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000080)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @empty}, r1}}, 0x30) 22:16:00 executing program 3: r0 = socket(0x2, 0x1, 0x0) connect$unix(r0, 0x0, 0x0) 22:16:00 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:16:00 executing program 5: r0 = socket(0x10, 0x3, 0x0) getsockname$unix(r0, 0x0, &(0x7f0000000080)) 22:16:00 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000440)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000480)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"5140982b9053fc95034058bd1fd86eab"}}}}, 0x90) 22:16:01 executing program 1: r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xce, 0xce, 0x2, [@enum={0x0, 0x2, 0x0, 0x6, 0x4, [{}, {}]}, @fwd, @datasec={0x0, 0x7, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}, {}], "f5"}, @enum={0x0, 0x4, 0x0, 0x6, 0x4, [{}, {}, {}, {}]}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], '\b'}, @union]}}, 0x0, 0xea}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x33) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 22:16:01 executing program 5: syz_emit_ethernet(0xfc0, &(0x7f0000001640)={@broadcast, @link_local, @val, {@mpls_mc={0x8848, {[], @ipv6=@icmpv6={0x0, 0x6, "da9c9c", 0xf82, 0x3a, 0x0, @dev, @local, {[@srh={0x0, 0xe, 0x4, 0x7, 0x0, 0x0, 0x0, [@private1, @local, @empty, @empty, @mcast2, @mcast2, @local]}, @dstopts={0x0, 0x8, [], [@hao={0xc9, 0x10, @local}, @enc_lim, @ra, @jumbo, @ra, @calipso={0x7, 0x18, {0x0, 0x4, 0x0, 0x0, [0x0, 0x0]}}, @jumbo]}, @srh={0x0, 0xa, 0x4, 0x5, 0x0, 0x0, 0x0, [@local, @loopback, @empty, @private0, @dev]}, @hopopts={0x0, 0x14c, [], [@generic={0x0, 0xa5f, "d8c764f0d58e668672b49343fa629a1b087a8a492005a4d9e0d097bde3b6a1adddd6604e4f5a69633800fbda09e01bf05ce46add8fe084d0a50b1b5b1ba459beb73937b0f6ba169c7856c93e180983e7428321f7829544fe055cbb3fff85074d3d090a34642589333bdd0a55badae4984ebc5d394810c24e5d39661912da45a8e2a9c373e7e7e2d7e45f9de08e4681290b57cbd600a0ea4bbcf748519a9e8c52f982d4cec3435213a99257cf53bf3e47feb8b9f64c46b537694ff00004a547c7e24bb8f956fb50c77a6b939ab188141e1ae98e352b7089eacf5629ff5513e9795737e4a387b8c9bd6c63d33b8e43c3453d49e622f5955cfd138c5976bc1ccb1fb2e40ea1564ad500b353e4d34c2564167209f9da395b8d7dfaeef89fe0e64fc78809fea998814997e5de8840b19d805fb0b4d9b737d56ee6fffe6bc42baa11228c7d937d616bf5934d1e9371389121451083c3ba286b136ba7a5e7ebce5b34f67bdfb6d2e2cc3780fbc862bc4c8dcb5da563426c9b7236231e9c5d3d6c332d6c07f30c1f4296afc2e729b8859a77280f0e8a835f10bb1f34759b5717b75aa8fd024955b57a9634feeb56cec9e62272724dccfcb712b503d49baddbddd6fbdc5d5d28f69ee9421ad0df02678b07806bfee6e9a74d527c1b3bdac84223b1d0864bab864524be544d92a59ff4277b19fb79e8a27563be748bb8f6da2c9e2618c3ec54d3b2985ff3b5bd31f6febc03914bfac7d0de594872563fdde41bc2b186885dd27db0fcf6f53dcabcd98923e3ffd8e6c958800d5dbe44d0566d9bc029e993099660e3a05c53078a70f6ab057278cffe16318daec59382500bf5e1a1090390f90c747398498ff2851f3ae9e14e69773d710628d7d886a5175093864573ee3ba93406b291c604d56f231977661e87238a5072d09bffc66755cd0285d42af336e048463a7a1a2758978a3eda70213b42eb812340d84abf94395ba795ce4eee6fb07b570161dd9ce83eb1a50396b7ba932a19ba613eafac91780a461c7a664c294da7aa5d8f353453ff9a77a9d16a33f992a2775c46c5a8a00989eef08ec5076bf5fbbc7039a61187344b4eaa7f5d645fc2a50dc9ffde152a1e0d22f703624a582d467fca34559839d0aa707ecd4bc6a5a24660b2dc6c7fdf0d20e5d8de37cc792f1eadfc08c6277bb13429a92a04ed2ed1537d82d836b9511b17c96c68213d9781e225d3e3f89b9336a4efc82ec66d1a0302064eacf4d60ded7417dac9c89e30ff4670afc158211e8bf6d9d337e2f44deb5d0dbde96634ead56e8edda2102faab007e3ef3206f55ab5736173be664b3946630c0163e52d92ff3c712aa9cc5632bdca37f522a4823f9002bd63e25b1a4c1513bdc49cd314bf06da0ee370c9e5279b1d25d9a3d55f6e78a2c2cbb6f28f5b38d72b096e4a5469c89bf18f602c1231fcdbf82cd7dcf9a68b6058b7d7b13879b9c1f87383efaae523e1272b807b39c1bcea9bacb242f8e50a2175aefe83cd483f17eecd1cb071d31399ed94309dd21151298c857030b91285ac150c53f7324561d19311bb7c52e0718c61c7cf42c7d983a40515e2ccec768312168670f96d385f51c17e1b564fda711ac0b27ab54fcaec81b30245a232a1c9c6fd3bbec9a084fa57c77e0d7f9df274f99299fd2176fde34b41ae1a3d6ebf5acb1993501adf2dc1e29492b5c6894565aa55027dc1f64546bbd7a54bf2d8b2b23a255379124393a3c3f20ecda9499a90238802d7d096c3811bc54f8aa0a883e320517401f7ed6f770deec0d86a3cb43c7b2797f6aa286fa47e12a52396a2ebf4077562b19c6efdb21f1bd0769670330132f62606c520e8f511c359511fd8e896c8e4bde23b0e63da774cd95c5fd370ef503ef0144aad1bf0e9757d025104706e8b43befe649764b4c885d34a19d0c29b739ca4d25b6328411d42cdb8cc04862bbf36e02534a2897f916d05f3f8f60b84a50919e9ba529a7fdf1bf5d4b48f2085e1998dfd415af2114c338f6ec4813fc1ae9edc728a42cfa3a853cf4535fb4e269da2bc9dea50475060ce1ae5d38e8ad6243881b58db26010e6b5788b505ac0ea557383c9eadcfa484c0a839a21ffc527ca14ef1b174342da1473b467eec7d5906af7c0e5cb1d81208fd8afb5bf8b7ef172fef48530a29d775bfd21c7cec4f1289eefe5fd42e46fd3b080758b5029a22765321f2e07ce2cc7ea143d75f8d60135bf96d881201236fcb3d55f2d65dfdfc2a5ab5487c862a9810050f0aebbcd4c12b21cf4e2a3a5e5f21cf3e3c856bbcd0c601ba4eb1096933facf45caf44c05b23f32a73550bd51cea3991c5bc62b1276852ebb65c5ff55e741a3d2047ecde002df953079db70392b26dac38a64587a3b97375ca2ad052ab1b9ed1a4bf28d707ebd7bbf2d3a5d0a4a137b90e4c97156dda876572ff65c4d3eb5676b1e6d149119cedaaa87a22c611b2d165d1ceda2bcbdbaa07ee3819b5c87bfc4e4f26ccc3c98c2405d3b8bb9c3e99a292813404e03cce2203f4e15cc901cd623df2ed247ee5490b064e0e655e64800beeb2e750132a9c7da16ca7f4872a2baa55cb686403dbdd4db9ac32719b72f0baf9e2e7bf926724bec16da918e39451c2025f00d6e8c2ff141aad4c7437dab76fc0295beb700ac73a49129f0b134a6304c2167a6b42afd582c2cc40590d49b25b7d6bf32077c28d1919313976f3ca2dad93e3e5944a48ef4d10cdf16ac3d0d5c0f49a7f1b5cce516be968524ad2f37b27eaae8aaab6f62ffd32742ec2340773a0711cbd90eb727a887b8e4d36cd12c2e30472da501e402d10688ba7a1ef4365595b69aaddddceb7a5069462cdbd45f0cec639855efab0ad7437052f930bc715af8cbd14a80b85772a00785dfa8b40e6ec72d8b6305207da71dfa1de32a419629c7c23c67cae5509828cbbdcc1c56f4a368479034110fd7f10006b5783efd076352eefed682a2aa5f23cd5c475b37686636e60d0af9423d11b7ea739c69904232a72b81e8b54da35fe089fdeef12ae36b49087f720dd98a9b61f4754837ae6fae47a4d67a30e691508a1f0d30e86d533c799f263c921ad8123f19b514cacf07e020cc148c5740dee9ba29796541444d026b1a3564d676f806d60cc0bf82fc4106f0bb3054578c2564aa11d84c55574b368fd20607eeb0e66a5fbd1992253b74c53a9c1d58c77879318c7c4ea9c00635ea37aa25588de0ac80bada34b655f70b29d076d7f0d01b424223f62d5823e2665e7544ce5ebaff75c331dd41e2e9e2d77a0fbbe6fcb9e2d8e40e4de07a306906fd84d62f5108e4a42b42a07dea2d37840b00852532e0deba887ff38840c4c6accc58554bcb031b64fabc5f49061b44d1819e5a364b1eb6246d40f600302c86766611d5fdd9d709ee53b4c17043d5393ba246678d80b4a7a154b22c73bdcada69050afe2b26b7eebb7ceb4d4616f81768f2ca980b1f630466b43919bb335e0feb381620c97318873220849ef0ccd2ecbb4914f0c8ec6582fa9ca7f00d71e4293c9d285851e47f54e451816e177920e07cf31d3f040d740792780d635478ded8064df368f561fd567d4a3e6b92fad6dd624523df9beb2562f76b273ffed1d59db979d4c9118350430b156966d240a89b2c6d60311dcd15e297fd7c16a0beb4061107c13d50e8e0ccb3df6cb8b7ff6e76be9ca42f73fd2de45f048488dd49ce7c44607e98eb14edfba60df8d2ecb8fd3621a588299fcc735a9e14f2423ef1ca19a"}]}], @ndisc_rs={0x85, 0x0, 0x0, [], [{0x0, 0x10, "1ca5085edb5350ed4908a252e969e17f66b25e61525943902fcf748bd222abf29b217022d9604054df23e5494facb998d8daec454405c8b264c82d1ff9ca51c83c342a1a86a7b9be5b8c854559cf468e641ccad920d325f30896e976bb481b4682fdbc46970c74d6cf41f8ff5ff47992de40b91e5f097417804433bddc28184ae11778"}, {0x0, 0x13, "c7b85037774ed4f678cce5cda0e0aad5e866e193c311dd0418f213a90327395c9ea276d6ff8231ec2f8ecc47fa83e393793f8210568a696296f2d65aa131c04626e56c5781ee5978a3bbe35a3740a871f5b23bdc3a8bd25639451b91b1f097a960bffb869a427b178e14c5d025b106e82a1dd893979031be896213d797b3ebc6183af634e68ce4d2cd93839f9e7f1f18826fdc96ddc28eccbe141e44"}, {0x0, 0x6, "e14a7acedb6928b481dae2ef9d70e1fd80c9145b23a36fdd01857314a4b6d973c3a8b381da0521c9ca74972a0f99f377cfd9"}, {0x0, 0xc, "9121d7c4ebf48493ccec471a2ccb620381efa73a39b9355509aa61e0354b61dcfc6beb8f7803ce0631aec925c7564cf08dacfaa3b326c9225f1f1d038219f86bb1c79ba5d607aa6cabafc315f8a096fc4e46a0ec939afef0a627c8776f93c7dd"}, {0x0, 0x10, "7abf945263f0866726099496ab7766725864ba1af6662ee1b8380abe03df483fab48822348470a406c0fdb528e5451b8c0fcdab6c34684295ab521fd4ab54ad6fe60e7d39d93e87dc7f4ac58b1f9f1cfd8246586ab710700c5a9f9fe45ccb6b9c33b24e7b23cbc370f58f03cfa647c139dc12a91279a4e8c9d395b920443b512f3"}, {0x0, 0x10, "4e94940bfdf92cee73311e92b23b379e7f0e7fa51ec58573183b466038ba5084c20d79b3ea6568f3ba691066ef9739b54d3c85dce130fb195d9f7ea5b664f9b90f38a62102349ef44031edfffb009262fc8067763466b9fe40ac0e7c2e65ab679fe3d28b85ec8fae6cf12127f4ca0a97f65cdd945abb76bcd493fd509aa05a"}, {0x0, 0x1, "a9a0cbe0b4389cbd6bae"}, {0x0, 0x1f, "96c4132e2ba99b3168cb5ca7ae9e05aa9fadb431a58ddb4535264b223280b8df79c8b0ef5a36d2d938f432b4b826fd1c812e49c41680703d5e07f57e709d4f4d89713f17b4457ce77504eaaabca803303eed3dac6cfe185f728493f67d2ae9a22d920dddd39847c5d3a2b2dda0630a80440a2cdf2fcb12037f4d6809b1a86ba2b0e4f207ae2852783f20096b13911e449de49df68718dc3dfa491d42d62cbda6b55cec2bed4a5ae1be73a3de01bd5fbed1ce6cfb5b2047b911879d28ec3a2b9417d954ceb4f596b37dda9883c54bdc0e5e7652f1b77be84c4c745a7fff75f36349d7843300bd0e6e0ef6d6f9f9decd3b95f430f12a9ca7b17bd5a6b7"}, {0x0, 0x4, "a499e6e6e765e233041e8e6c33fd9f49ebdc508ac8b934ebe455126065a15076b5"}]}}}}}}}, 0x0) 22:16:01 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000001380)='/dev/dlm_plock\x00', 0xa0140, 0x0) 22:16:01 executing program 3: r0 = socket(0x22, 0x2, 0x1) setsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x1, &(0x7f0000000040)=0xfffffffc, 0x4) 22:16:01 executing program 0: r0 = epoll_create1(0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)) 22:16:01 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:16:01 executing program 1: r0 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='h', 0x1, 0xfffffffffffffffc) keyctl$clear(0x7, r0) 22:16:01 executing program 5: r0 = socket(0x11, 0x2, 0x0) ioctl$sock_rose_SIOCADDRT(r0, 0x890b, &(0x7f0000000180)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x0, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={'nr', 0x0}, 0x0, [@default, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @default]}) 22:16:01 executing program 4: r0 = socket(0x2, 0x5, 0x0) connect$unix(r0, 0x0, 0x0) 22:16:02 executing program 3: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x63d, 0x40400) read$midi(r0, 0x0, 0x0) 22:16:02 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:16:02 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000500)={0x0, 0x1c, &(0x7f00000004c0)=[@in6={0xa, 0x0, 0x0, @remote}]}, &(0x7f0000000540)=0x10) 22:16:02 executing program 5: r0 = eventfd2(0x0, 0x801) read$eventfd(r0, &(0x7f0000000180), 0x8) 22:16:02 executing program 1: r0 = socket$tipc(0x1e, 0x5, 0x0) getsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, 0x0, 0x0) 22:16:02 executing program 4: openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) 22:16:02 executing program 3: r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x155, 0x155, 0xb, [@union={0x0, 0x6, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}, {}]}, @fwd, @datasec={0x0, 0x7, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}, {}], "f5"}, @datasec={0x0, 0x9, 0x0, 0xf, 0x3, [{0x0, 0xffff}, {}, {}, {}, {}, {0x3, 0x2}, {0x1}, {0x0, 0x101}, {}], "c2b3ff"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], "a3"}, @union]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x0, 0x17b}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x33) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 22:16:02 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:16:02 executing program 0: r0 = socket(0x28, 0x2, 0x0) getsockname$unix(r0, 0x0, &(0x7f0000000080)) 22:16:03 executing program 5: socketpair(0x10, 0x2, 0xa61, 0x0) 22:16:03 executing program 1: socket(0x2, 0x6, 0x0) 22:16:03 executing program 4: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) 22:16:03 executing program 3: r0 = socket(0x18, 0x0, 0x0) recvfrom$unix(r0, 0x0, 0x0, 0x40, 0x0, 0x0) 22:16:03 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:16:03 executing program 0: pipe2$9p(&(0x7f00000003c0), 0x0) 22:16:03 executing program 5: r0 = syz_open_dev$binderN(&(0x7f0000000080)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001100)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0}) 22:16:03 executing program 1: setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff) setresuid(0xee01, 0xee00, 0xee00) 22:16:04 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x0, 0x4) 22:16:04 executing program 3: r0 = socket(0x28, 0x2, 0x0) connect$pptp(r0, &(0x7f0000000180)={0x18, 0x2, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1e) [ 1099.285653][T21958] binder: 21955:21958 ioctl c0306201 20001100 returned -14 22:16:04 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, 0x0, 0x0) 22:16:04 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:16:04 executing program 1: r0 = socket(0x2, 0x1, 0x0) connect$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) 22:16:04 executing program 5: syz_emit_ethernet(0xe81, &(0x7f0000001640)={@broadcast, @link_local, @val, {@mpls_mc={0x8848, {[], @ipv6=@icmpv6={0x0, 0x6, "da9c9c", 0xe43, 0x3a, 0x0, @dev, @local, {[@srh={0x0, 0xe, 0x4, 0x7, 0x0, 0x0, 0x0, [@private1, @local, @empty, @empty, @mcast2, @mcast2, @local]}, @dstopts={0x0, 0x8, [], [@hao={0xc9, 0x10, @local}, @enc_lim, @ra, @jumbo, @ra, @calipso={0x7, 0x18, {0x0, 0x4, 0x0, 0x0, [0x0, 0x0]}}, @jumbo]}, @srh={0x0, 0xa, 0x4, 0x5, 0x0, 0x0, 0x0, [@local, @loopback, @empty, @private0, @dev]}, @hopopts={0x0, 0x124, [], [@generic={0x0, 0x91f, "d8c764f0d58e668672b49343fa629a1b087a8a492005a4d9e0d097bde3b6a1adddd6604e4f5a69633800fbda09e01bf05ce46add8fe084d0a50b1b5b1ba459beb73937b0f6ba169c7856c93e180983e7428321f7829544fe055cbb3fff85074d3d090a34642589333bdd0a55badae4984ebc5d394810c24e5d39661912da45a8e2a9c373e7e7e2d7e45f9de08e4681290b57cbd600a0ea4bbcf748519a9e8c52f982d4cec3435213a99257cf53bf3e47feb8b9f64c46b537694ff00004a547c7e24bb8f956fb50c77a6b939ab188141e1ae98e352b7089eacf5629ff5513e9795737e4a387b8c9bd6c63d33b8e43c3453d49e622f5955cfd138c5976bc1ccb1fb2e40ea1564ad500b353e4d34c2564167209f9da395b8d7dfaeef89fe0e64fc78809fea998814997e5de8840b19d805fb0b4d9b737d56ee6fffe6bc42baa11228c7d937d616bf5934d1e9371389121451083c3ba286b136ba7a5e7ebce5b34f67bdfb6d2e2cc3780fbc862bc4c8dcb5da563426c9b7236231e9c5d3d6c332d6c07f30c1f4296afc2e729b8859a77280f0e8a835f10bb1f34759b5717b75aa8fd024955b57a9634feeb56cec9e62272724dccfcb712b503d49baddbddd6fbdc5d5d28f69ee9421ad0df02678b07806bfee6e9a74d527c1b3bdac84223b1d0864bab864524be544d92a59ff4277b19fb79e8a27563be748bb8f6da2c9e2618c3ec54d3b2985ff3b5bd31f6febc03914bfac7d0de594872563fdde41bc2b186885dd27db0fcf6f53dcabcd98923e3ffd8e6c958800d5dbe44d0566d9bc029e993099660e3a05c53078a70f6ab057278cffe16318daec59382500bf5e1a1090390f90c747398498ff2851f3ae9e14e69773d710628d7d886a5175093864573ee3ba93406b291c604d56f231977661e87238a5072d09bffc66755cd0285d42af336e048463a7a1a2758978a3eda70213b42eb812340d84abf94395ba795ce4eee6fb07b570161dd9ce83eb1a50396b7ba932a19ba613eafac91780a461c7a664c294da7aa5d8f353453ff9a77a9d16a33f992a2775c46c5a8a00989eef08ec5076bf5fbbc7039a61187344b4eaa7f5d645fc2a50dc9ffde152a1e0d22f703624a582d467fca34559839d0aa707ecd4bc6a5a24660b2dc6c7fdf0d20e5d8de37cc792f1eadfc08c6277bb13429a92a04ed2ed1537d82d836b9511b17c96c68213d9781e225d3e3f89b9336a4efc82ec66d1a0302064eacf4d60ded7417dac9c89e30ff4670afc158211e8bf6d9d337e2f44deb5d0dbde96634ead56e8edda2102faab007e3ef3206f55ab5736173be664b3946630c0163e52d92ff3c712aa9cc5632bdca37f522a4823f9002bd63e25b1a4c1513bdc49cd314bf06da0ee370c9e5279b1d25d9a3d55f6e78a2c2cbb6f28f5b38d72b096e4a5469c89bf18f602c1231fcdbf82cd7dcf9a68b6058b7d7b13879b9c1f87383efaae523e1272b807b39c1bcea9bacb242f8e50a2175aefe83cd483f17eecd1cb071d31399ed94309dd21151298c857030b91285ac150c53f7324561d19311bb7c52e0718c61c7cf42c7d983a40515e2ccec768312168670f96d385f51c17e1b564fda711ac0b27ab54fcaec81b30245a232a1c9c6fd3bbec9a084fa57c77e0d7f9df274f99299fd2176fde34b41ae1a3d6ebf5acb1993501adf2dc1e29492b5c6894565aa55027dc1f64546bbd7a54bf2d8b2b23a255379124393a3c3f20ecda9499a90238802d7d096c3811bc54f8aa0a883e320517401f7ed6f770deec0d86a3cb43c7b2797f6aa286fa47e12a52396a2ebf4077562b19c6efdb21f1bd0769670330132f62606c520e8f511c359511fd8e896c8e4bde23b0e63da774cd95c5fd370ef503ef0144aad1bf0e9757d025104706e8b43befe649764b4c885d34a19d0c29b739ca4d25b6328411d42cdb8cc04862bbf36e02534a2897f916d05f3f8f60b84a50919e9ba529a7fdf1bf5d4b48f2085e1998dfd415af2114c338f6ec4813fc1ae9edc728a42cfa3a853cf4535fb4e269da2bc9dea50475060ce1ae5d38e8ad6243881b58db26010e6b5788b505ac0ea557383c9eadcfa484c0a839a21ffc527ca14ef1b174342da1473b467eec7d5906af7c0e5cb1d81208fd8afb5bf8b7ef172fef48530a29d775bfd21c7cec4f1289eefe5fd42e46fd3b080758b5029a22765321f2e07ce2cc7ea143d75f8d60135bf96d881201236fcb3d55f2d65dfdfc2a5ab5487c862a9810050f0aebbcd4c12b21cf4e2a3a5e5f21cf3e3c856bbcd0c601ba4eb1096933facf45caf44c05b23f32a73550bd51cea3991c5bc62b1276852ebb65c5ff55e741a3d2047ecde002df953079db70392b26dac38a64587a3b97375ca2ad052ab1b9ed1a4bf28d707ebd7bbf2d3a5d0a4a137b90e4c97156dda876572ff65c4d3eb5676b1e6d149119cedaaa87a22c611b2d165d1ceda2bcbdbaa07ee3819b5c87bfc4e4f26ccc3c98c2405d3b8bb9c3e99a292813404e03cce2203f4e15cc901cd623df2ed247ee5490b064e0e655e64800beeb2e750132a9c7da16ca7f4872a2baa55cb686403dbdd4db9ac32719b72f0baf9e2e7bf926724bec16da918e39451c2025f00d6e8c2ff141aad4c7437dab76fc0295beb700ac73a49129f0b134a6304c2167a6b42afd582c2cc40590d49b25b7d6bf32077c28d1919313976f3ca2dad93e3e5944a48ef4d10cdf16ac3d0d5c0f49a7f1b5cce516be968524ad2f37b27eaae8aaab6f62ffd32742ec2340773a0711cbd90eb727a887b8e4d36cd12c2e30472da501e402d10688ba7a1ef4365595b69aaddddceb7a5069462cdbd45f0cec639855efab0ad7437052f930bc715af8cbd14a80b85772a00785dfa8b40e6ec72d8b6305207da71dfa1de32a419629c7c23c67cae5509828cbbdcc1c56f4a368479034110fd7f10006b5783efd076352eefed682a2aa5f23cd5c475b37686636e60d0af9423d11b7ea739c69904232a72b81e8b54da35fe089fdeef12ae36b49087f720dd98a9b61f4754837ae6fae47a4d67a30e691508a1f0d30e86d533c799f263c921ad8123f19b514cacf07e020cc148c5740dee9ba29796541444d026b1a3564d676f806d60cc0bf82fc4106f0bb3054578c2564aa11d84c55574b368fd20607eeb0e66a5fbd1992253b74c53a9c1d58c77879318c7c4ea9c00635ea37aa25588de0ac80bada34b655f70b29d076d7f0d01b424223f62d5823e2665e7544ce5ebaff75c331dd41e2e9e2d77a0fbbe6fcb9e2d8e40e4de07a30690"}]}], @ndisc_rs={0x85, 0x0, 0x0, [], [{0x0, 0x10, "1ca5085edb5350ed4908a252e969e17f66b25e61525943902fcf748bd222abf29b217022d9604054df23e5494facb998d8daec454405c8b264c82d1ff9ca51c83c342a1a86a7b9be5b8c854559cf468e641ccad920d325f30896e976bb481b4682fdbc46970c74d6cf41f8ff5ff47992de40b91e5f097417804433bddc28184ae11778"}, {0x0, 0x13, "c7b85037774ed4f678cce5cda0e0aad5e866e193c311dd0418f213a90327395c9ea276d6ff8231ec2f8ecc47fa83e393793f8210568a696296f2d65aa131c04626e56c5781ee5978a3bbe35a3740a871f5b23bdc3a8bd25639451b91b1f097a960bffb869a427b178e14c5d025b106e82a1dd893979031be896213d797b3ebc6183af634e68ce4d2cd93839f9e7f1f18826fdc96ddc28eccbe141e44"}, {0x0, 0x6, "e14a7acedb6928b481dae2ef9d70e1fd80c9145b23a36fdd01857314a4b6d973c3a8b381da0521c9ca74972a0f99f377cfd9"}, {0x0, 0xc, "9121d7c4ebf48493ccec471a2ccb620381efa73a39b9355509aa61e0354b61dcfc6beb8f7803ce0631aec925c7564cf08dacfaa3b326c9225f1f1d038219f86bb1c79ba5d607aa6cabafc315f8a096fc4e46a0ec939afef0a627c8776f93c7dd"}, {0x0, 0x10, "7abf945263f0866726099496ab7766725864ba1af6662ee1b8380abe03df483fab48822348470a406c0fdb528e5451b8c0fcdab6c34684295ab521fd4ab54ad6fe60e7d39d93e87dc7f4ac58b1f9f1cfd8246586ab710700c5a9f9fe45ccb6b9c33b24e7b23cbc370f58f03cfa647c139dc12a91279a4e8c9d395b920443b512f3"}, {0x0, 0x10, "4e94940bfdf92cee73311e92b23b379e7f0e7fa51ec58573183b466038ba5084c20d79b3ea6568f3ba691066ef9739b54d3c85dce130fb195d9f7ea5b664f9b90f38a62102349ef44031edfffb009262fc8067763466b9fe40ac0e7c2e65ab679fe3d28b85ec8fae6cf12127f4ca0a97f65cdd945abb76bcd493fd509aa05a"}, {0x0, 0x1, "a9a0cbe0b4389cbd6bae"}, {0x0, 0x1f, "96c4132e2ba99b3168cb5ca7ae9e05aa9fadb431a58ddb4535264b223280b8df79c8b0ef5a36d2d938f432b4b826fd1c812e49c41680703d5e07f57e709d4f4d89713f17b4457ce77504eaaabca803303eed3dac6cfe185f728493f67d2ae9a22d920dddd39847c5d3a2b2dda0630a80440a2cdf2fcb12037f4d6809b1a86ba2b0e4f207ae2852783f20096b13911e449de49df68718dc3dfa491d42d62cbda6b55cec2bed4a5ae1be73a3de01bd5fbed1ce6cfb5b2047b911879d28ec3a2b9417d954ceb4f596b37dda9883c54bdc0e5e7652f1b77be84c4c745a7fff75f36349d7843300bd0e6e0ef6d6f9f9decd3b95f430f12a9ca7b17bd5a6b7"}, {0x0, 0x4, "a499e6e6e765e233041e8e6c33fd9f49ebdc508ac8b934ebe455126065a15076b55e"}]}}}}}}}, 0x0) 22:16:04 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)=@ipmr_newroute={0x1c, 0x18, 0x1}, 0x1c}}, 0x0) 22:16:04 executing program 3: r0 = epoll_create1(0x0) epoll_pwait(r0, &(0x7f0000000200)=[{}], 0x1, 0x7fffffff, 0x0, 0x0) 22:16:05 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) 22:16:05 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:16:05 executing program 1: setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff) setresuid(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 22:16:05 executing program 4: r0 = socket(0x2, 0x2, 0x0) sendmsg$FOU_CMD_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x24}}, 0x40001) 22:16:05 executing program 5: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x450682, 0x0) 22:16:05 executing program 0: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) 22:16:05 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:16:05 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) bind$rose(r0, &(0x7f0000000100)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, 0xffffffff, [@default, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast]}, 0x40) 22:16:06 executing program 5: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, r0+60000000}, &(0x7f0000000180)={&(0x7f0000000140), 0x8}) 22:16:06 executing program 4: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x0, 0x0) read$midi(r0, 0x0, 0xfffffffffffffc79) 22:16:06 executing program 3: r0 = socket(0xa, 0x3, 0x7) setsockopt$PNPIPE_ENCAP(r0, 0x113, 0x1, 0x0, 0x0) 22:16:06 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vim2m\x00', 0x2, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000001c0)={0x0}) 22:16:06 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:16:06 executing program 1: socket(0x11, 0x2, 0x0) socketpair(0x2, 0xa, 0x0, 0x0) 22:16:06 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, &(0x7f00000011c0)=[{0x0, 0x0, &(0x7f0000000740)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0, 0xffffffffffffffee}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0, 0xffffffffffffff83}], 0x1, 0x0) 22:16:07 executing program 3: r0 = syz_open_dev$sndmidi(&(0x7f0000000340)='/dev/snd/midiC#D#\x00', 0x0, 0x2) write$midi(r0, 0x0, 0x0) 22:16:07 executing program 0: getsockopt$inet_sctp_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x2240, 0x0) recvfrom$rxrpc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 22:16:07 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000001600)) ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f0000000100)) 22:16:07 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:16:07 executing program 1: add_key(&(0x7f0000000040)='rxrpc_s\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffc) 22:16:07 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000001600), &(0x7f0000001640)=0x8) 22:16:07 executing program 3: syz_emit_ethernet(0xe81, &(0x7f0000001640)={@broadcast, @link_local, @val, {@mpls_mc={0x8848, {[], @ipv6=@icmpv6={0x0, 0x6, "da9c9c", 0xe43, 0x3a, 0x0, @dev, @local, {[@srh={0x0, 0xe, 0x4, 0x7, 0x0, 0x0, 0x0, [@private1, @local, @empty, @empty, @mcast2, @mcast2, @local]}, @dstopts={0x0, 0x8, [], [@hao={0xc9, 0x10, @local}, @enc_lim, @ra, @jumbo, @ra, @calipso={0x7, 0x18, {0x0, 0x4, 0x0, 0x0, [0x0, 0x0]}}, @jumbo]}, @srh={0x0, 0xa, 0x4, 0x5, 0x0, 0x0, 0x0, [@local, @loopback, @empty, @private0, @dev]}, @hopopts={0x0, 0x125, [], [@generic={0x0, 0x927, "d8c764f0d58e668672b49343fa629a1b087a8a492005a4d9e0d097bde3b6a1adddd6604e4f5a69633800fbda09e01bf05ce46add8fe084d0a50b1b5b1ba459beb73937b0f6ba169c7856c93e180983e7428321f7829544fe055cbb3fff85074d3d090a34642589333bdd0a55badae4984ebc5d394810c24e5d39661912da45a8e2a9c373e7e7e2d7e45f9de08e4681290b57cbd600a0ea4bbcf748519a9e8c52f982d4cec3435213a99257cf53bf3e47feb8b9f64c46b537694ff00004a547c7e24bb8f956fb50c77a6b939ab188141e1ae98e352b7089eacf5629ff5513e9795737e4a387b8c9bd6c63d33b8e43c3453d49e622f5955cfd138c5976bc1ccb1fb2e40ea1564ad500b353e4d34c2564167209f9da395b8d7dfaeef89fe0e64fc78809fea998814997e5de8840b19d805fb0b4d9b737d56ee6fffe6bc42baa11228c7d937d616bf5934d1e9371389121451083c3ba286b136ba7a5e7ebce5b34f67bdfb6d2e2cc3780fbc862bc4c8dcb5da563426c9b7236231e9c5d3d6c332d6c07f30c1f4296afc2e729b8859a77280f0e8a835f10bb1f34759b5717b75aa8fd024955b57a9634feeb56cec9e62272724dccfcb712b503d49baddbddd6fbdc5d5d28f69ee9421ad0df02678b07806bfee6e9a74d527c1b3bdac84223b1d0864bab864524be544d92a59ff4277b19fb79e8a27563be748bb8f6da2c9e2618c3ec54d3b2985ff3b5bd31f6febc03914bfac7d0de594872563fdde41bc2b186885dd27db0fcf6f53dcabcd98923e3ffd8e6c958800d5dbe44d0566d9bc029e993099660e3a05c53078a70f6ab057278cffe16318daec59382500bf5e1a1090390f90c747398498ff2851f3ae9e14e69773d710628d7d886a5175093864573ee3ba93406b291c604d56f231977661e87238a5072d09bffc66755cd0285d42af336e048463a7a1a2758978a3eda70213b42eb812340d84abf94395ba795ce4eee6fb07b570161dd9ce83eb1a50396b7ba932a19ba613eafac91780a461c7a664c294da7aa5d8f353453ff9a77a9d16a33f992a2775c46c5a8a00989eef08ec5076bf5fbbc7039a61187344b4eaa7f5d645fc2a50dc9ffde152a1e0d22f703624a582d467fca34559839d0aa707ecd4bc6a5a24660b2dc6c7fdf0d20e5d8de37cc792f1eadfc08c6277bb13429a92a04ed2ed1537d82d836b9511b17c96c68213d9781e225d3e3f89b9336a4efc82ec66d1a0302064eacf4d60ded7417dac9c89e30ff4670afc158211e8bf6d9d337e2f44deb5d0dbde96634ead56e8edda2102faab007e3ef3206f55ab5736173be664b3946630c0163e52d92ff3c712aa9cc5632bdca37f522a4823f9002bd63e25b1a4c1513bdc49cd314bf06da0ee370c9e5279b1d25d9a3d55f6e78a2c2cbb6f28f5b38d72b096e4a5469c89bf18f602c1231fcdbf82cd7dcf9a68b6058b7d7b13879b9c1f87383efaae523e1272b807b39c1bcea9bacb242f8e50a2175aefe83cd483f17eecd1cb071d31399ed94309dd21151298c857030b91285ac150c53f7324561d19311bb7c52e0718c61c7cf42c7d983a40515e2ccec768312168670f96d385f51c17e1b564fda711ac0b27ab54fcaec81b30245a232a1c9c6fd3bbec9a084fa57c77e0d7f9df274f99299fd2176fde34b41ae1a3d6ebf5acb1993501adf2dc1e29492b5c6894565aa55027dc1f64546bbd7a54bf2d8b2b23a255379124393a3c3f20ecda9499a90238802d7d096c3811bc54f8aa0a883e320517401f7ed6f770deec0d86a3cb43c7b2797f6aa286fa47e12a52396a2ebf4077562b19c6efdb21f1bd0769670330132f62606c520e8f511c359511fd8e896c8e4bde23b0e63da774cd95c5fd370ef503ef0144aad1bf0e9757d025104706e8b43befe649764b4c885d34a19d0c29b739ca4d25b6328411d42cdb8cc04862bbf36e02534a2897f916d05f3f8f60b84a50919e9ba529a7fdf1bf5d4b48f2085e1998dfd415af2114c338f6ec4813fc1ae9edc728a42cfa3a853cf4535fb4e269da2bc9dea50475060ce1ae5d38e8ad6243881b58db26010e6b5788b505ac0ea557383c9eadcfa484c0a839a21ffc527ca14ef1b174342da1473b467eec7d5906af7c0e5cb1d81208fd8afb5bf8b7ef172fef48530a29d775bfd21c7cec4f1289eefe5fd42e46fd3b080758b5029a22765321f2e07ce2cc7ea143d75f8d60135bf96d881201236fcb3d55f2d65dfdfc2a5ab5487c862a9810050f0aebbcd4c12b21cf4e2a3a5e5f21cf3e3c856bbcd0c601ba4eb1096933facf45caf44c05b23f32a73550bd51cea3991c5bc62b1276852ebb65c5ff55e741a3d2047ecde002df953079db70392b26dac38a64587a3b97375ca2ad052ab1b9ed1a4bf28d707ebd7bbf2d3a5d0a4a137b90e4c97156dda876572ff65c4d3eb5676b1e6d149119cedaaa87a22c611b2d165d1ceda2bcbdbaa07ee3819b5c87bfc4e4f26ccc3c98c2405d3b8bb9c3e99a292813404e03cce2203f4e15cc901cd623df2ed247ee5490b064e0e655e64800beeb2e750132a9c7da16ca7f4872a2baa55cb686403dbdd4db9ac32719b72f0baf9e2e7bf926724bec16da918e39451c2025f00d6e8c2ff141aad4c7437dab76fc0295beb700ac73a49129f0b134a6304c2167a6b42afd582c2cc40590d49b25b7d6bf32077c28d1919313976f3ca2dad93e3e5944a48ef4d10cdf16ac3d0d5c0f49a7f1b5cce516be968524ad2f37b27eaae8aaab6f62ffd32742ec2340773a0711cbd90eb727a887b8e4d36cd12c2e30472da501e402d10688ba7a1ef4365595b69aaddddceb7a5069462cdbd45f0cec639855efab0ad7437052f930bc715af8cbd14a80b85772a00785dfa8b40e6ec72d8b6305207da71dfa1de32a419629c7c23c67cae5509828cbbdcc1c56f4a368479034110fd7f10006b5783efd076352eefed682a2aa5f23cd5c475b37686636e60d0af9423d11b7ea739c69904232a72b81e8b54da35fe089fdeef12ae36b49087f720dd98a9b61f4754837ae6fae47a4d67a30e691508a1f0d30e86d533c799f263c921ad8123f19b514cacf07e020cc148c5740dee9ba29796541444d026b1a3564d676f806d60cc0bf82fc4106f0bb3054578c2564aa11d84c55574b368fd20607eeb0e66a5fbd1992253b74c53a9c1d58c77879318c7c4ea9c00635ea37aa25588de0ac80bada34b655f70b29d076d7f0d01b424223f62d5823e2665e7544ce5ebaff75c331dd41e2e9e2d77a0fbbe6fcb9e2d8e40e4de07a306906fd84d62f5108e4a"}]}], @ndisc_rs={0x85, 0x0, 0x0, [], [{0x0, 0x10, "1ca5085edb5350ed4908a252e969e17f66b25e61525943902fcf748bd222abf29b217022d9604054df23e5494facb998d8daec454405c8b264c82d1ff9ca51c83c342a1a86a7b9be5b8c854559cf468e641ccad920d325f30896e976bb481b4682fdbc46970c74d6cf41f8ff5ff47992de40b91e5f097417804433bddc28184ae117"}, {0x0, 0x13, "c7b85037774ed4f678cce5cda0e0aad5e866e193c311dd0418f213a90327395c9ea276d6ff8231ec2f8ecc47fa83e393793f8210568a696296f2d65aa131c04626e56c5781ee5978a3bbe35a3740a871f5b23bdc3a8bd25639451b91b1f097a960bffb869a427b178e14c5d025b106e82a1dd893979031be896213d797b3ebc6183af634e68ce4d2cd93839f9e7f1f18826fdc96ddc28eccbe141e44"}, {0x0, 0x6, "e14a7acedb6928b481dae2ef9d70e1fd80c9145b23a36fdd01857314a4b6d973c3a8b381da0521c9ca74972a0f99f377cfd9"}, {0x0, 0xc, "9121d7c4ebf48493ccec471a2ccb620381efa73a39b9355509aa61e0354b61dcfc6beb8f7803ce0631aec925c7564cf08dacfaa3b326c9225f1f1d038219f86bb1c79ba5d607aa6cabafc315f8a096fc4e46a0ec939afef0a627c8776f93c7dd"}, {0x0, 0x10, "7abf945263f0866726099496ab7766725864ba1af6662ee1b8380abe03df483fab48822348470a406c0fdb528e5451b8c0fcdab6c34684295ab521fd4ab54ad6fe60e7d39d93e87dc7f4ac58b1f9f1cfd8246586ab710700c5a9f9fe45ccb6b9c33b24e7b23cbc370f58f03cfa647c139dc12a91279a4e8c9d395b920443b512f3"}, {0x0, 0x10, "4e94940bfdf92cee73311e92b23b379e7f0e7fa51ec58573183b466038ba5084c20d79b3ea6568f3ba691066ef9739b54d3c85dce130fb195d9f7ea5b664f9b90f38a62102349ef44031edfffb009262fc8067763466b9fe40ac0e7c2e65ab679fe3d28b85ec8fae6cf12127f4ca0a97f65cdd945abb76bcd493fd509aa05a"}, {0x0, 0x1, "a9a0cbe0b4389cbd6bae"}, {0x0, 0x1f, "96c4132e2ba99b3168cb5ca7ae9e05aa9fadb431a58ddb4535264b223280b8df79c8b0ef5a36d2d938f432b4b826fd1c812e49c41680703d5e07f57e709d4f4d89713f17b4457ce77504eaaabca803303eed3dac6cfe185f728493f67d2ae9a22d920dddd39847c5d3a2b2dda0630a80440a2cdf2fcb12037f4d6809b1a86ba2b0e4f207ae2852783f20096b13911e449de49df68718dc3dfa491d42d62cbda6b55cec2bed4a5ae1be73a3de01bd5fbed1ce6cfb5b2047b911879d28ec3a2b9417d954ceb4f596b37dda9883c54bdc0e5e7652f1b77be84c4c745a7fff75f36349d7843300bd0e6e0ef6d6f9f9decd3b95f430f12a9ca7b17bd5a6b7"}, {0x0, 0x3, "a499e6e6e765e233041e8e6c33fd9f49ebdc508ac8b934ebe45512"}]}}}}}}}, 0x0) 22:16:07 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000015c0)=@assoc_value, &(0x7f0000001600)=0x8) 22:16:07 executing program 5: add_key$keyring(&(0x7f0000000080)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) 22:16:08 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:16:08 executing program 1: r0 = socket(0x28, 0x1, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000001980)={&(0x7f0000000540), 0xc, &(0x7f0000001940)={0x0}}, 0x0) 22:16:08 executing program 4: waitid(0x1, 0x0, 0x0, 0x3, 0x0) 22:16:08 executing program 3: syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x2, 0x40001) 22:16:08 executing program 0: add_key(&(0x7f0000001180)='encrypted\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffc) 22:16:08 executing program 5: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x2240, 0x0) 22:16:08 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:16:08 executing program 1: r0 = syz_open_dev$sndmidi(&(0x7f0000000340)='/dev/snd/midiC#D#\x00', 0x0, 0x2) write$midi(r0, 0x0, 0xfffffffffffffde2) 22:16:08 executing program 4: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = gettid() r3 = getpgrp(0x0) kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r0, &(0x7f0000000000)={r1}) 22:16:08 executing program 0: r0 = socket(0x23, 0x2, 0x0) ioctl$IMHOLD_L1(r0, 0x80044948, 0x0) 22:16:09 executing program 3: r0 = socket(0x11, 0x2, 0x0) getpeername$unix(r0, 0x0, 0x0) 22:16:09 executing program 5: r0 = socket(0x25, 0x1, 0x0) sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 22:16:09 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:16:09 executing program 1: r0 = gettid() ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, 0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x11a, 0x11a, 0x7, [@enum={0x0, 0x2, 0x0, 0x6, 0x4, [{}, {}]}, @fwd, @volatile={0xc}, @const, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], '\b'}, @union={0x0, 0x0, 0x0, 0x5, 0x0, 0xfffffffb}, @datasec={0x8, 0x3, 0x0, 0xf, 0x1, [{}, {}, {0x2, 0x0, 0x4}], 'Z'}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x64, 0x0, 0x0, 0x1}, @ptr, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x4}}, @array, @typedef={0x7}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}, @restrict]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x0, 0x13b}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x33) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 22:16:09 executing program 0: r0 = syz_open_dev$binderN(&(0x7f0000000080)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001100)={0x34, 0x0, &(0x7f0000001140)=ANY=[], 0x0, 0x0, 0x0}) 22:16:09 executing program 4: socket$caif_seqpacket(0x25, 0x5, 0x802) 22:16:09 executing program 3: add_key(&(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffb) 22:16:09 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:16:10 executing program 5: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000000000)=0x8, 0x4) [ 1104.961788][T22073] binder: 22069:22073 unknown command 0 [ 1104.967646][T22073] binder: 22069:22073 ioctl c0306201 20001100 returned -22 22:16:10 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @private=0xa010100}]}, &(0x7f0000000100)=0x10) 22:16:10 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000040), &(0x7f0000000080)=0x4) 22:16:10 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, 0x0, &(0x7f00000002c0)) 22:16:10 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f00000000c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @loopback}, r1}}, 0x30) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000001c0)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @private2}, {0xa, 0x0, 0x0, @private1}, r1}}, 0x48) 22:16:10 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], r1, 0x1, 0x1, 0x90}}, 0x20) 22:16:10 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, 0x0) 22:16:11 executing program 4: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x70002009}) 22:16:11 executing program 0: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$link(0x8, r0, r0) 22:16:11 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240), 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, 0x0, 0x0) 22:16:11 executing program 5: socketpair(0x18, 0x0, 0x7, 0x0) 22:16:11 executing program 3: r0 = socket(0x2, 0x1, 0x0) connect$unix(r0, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) 22:16:11 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=@bridge_getneigh={0x20, 0x1e, 0x1}, 0x20}}, 0x0) 22:16:11 executing program 4: r0 = socket(0x2, 0x6, 0x0) sendmmsg$unix(r0, &(0x7f0000002b80)=[{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000a40)="9fcfc98e4be2dd09e2926bc17aacdc5daa26dea99bc3aed1cf20b2b9b667b31623714654eb0ac201d77cfc5741e259a9d59ccbf6cf362cc1fb2234572551182fac45c41ac791f0fdc91b46c9eb5a8a44d5067a6ca9afa539268956f152a661ddaaa562acf8ee730721d923144f5c538ade2316b8ecd32f69f9b3ae8133cebd90d2ee060617491e3bb27d2a24bad14f2ead0958c3ffa0c9f40917257931854782c036d75e8a7a5d11227a7f14659e6e3f89f100e2e91d4bff7565a7806f71e86bbc8fb86e8d332ddaf2908d298362944a7cbf42e85c96ccd18390a39927771e598e32a554849e467312fe4dd1a7e47098167920dcfabd18871497c76d65cd30af2de33c5b4c79715c5b59bdce919efbc417ff776b9fb0903a93dcad0a1a1a4ecd47a86e6be2d38de91d1bf9b3be26c269bd3512af07c4d8d9b43d9a86782f718602709ef2071e269ef4adae7df7a3d93de17a4d5aa040b706c28ec456db8ab81fe8f521c16d181448f1917dfb047bd549241e5b6e48f904ad6f163915a26bd0ed86e7b39e311f097999facd9395ec6b6242c8a8e4584d555d985b736181c99cb116f6d35a35bbbf4f209c82852fc5c14f4255ec1449e350f81ed68970f73992e76330a2fe3121c50055ed74063c1c63d2c939738048c1b945dc2e5d25373e4d10000da5e66779bdc1c8fea7f923beca6bdeb58ba0352721dd591e5503a7f0cb590251a9b0722863f468ceab86a14a6f6059b208e5c48991a258", 0x219}], 0x1, &(0x7f0000002dc0)=ANY=[], 0x68}], 0x1, 0x0) 22:16:11 executing program 0: r0 = socket(0x11, 0x2, 0x0) accept4$phonet_pipe(r0, 0x0, 0x0, 0x0) 22:16:11 executing program 5: syz_emit_ethernet(0x4a, &(0x7f0000000080)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "3c58e3", 0x14, 0x6, 0x0, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 22:16:12 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240), 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, 0x0, 0x0) [ 1106.994322][T22117] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 22:16:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{&(0x7f0000000540)=@nfc_llcp, 0x80, &(0x7f0000000640)=[{&(0x7f00000005c0)=""/40, 0x28}, {&(0x7f0000000600)=""/42, 0x2a}], 0x2, &(0x7f0000000680)=""/125, 0x7d}, 0x4}, {{&(0x7f0000000ec0)=@ipx, 0x80, &(0x7f0000001380)=[{&(0x7f0000000fc0)=""/189, 0xbd}, {&(0x7f0000001100)=""/131, 0x83}, {&(0x7f00000011c0)=""/242, 0xf2}, {&(0x7f00000012c0)=""/144, 0x90}], 0x4}, 0xfffffff7}, {{&(0x7f0000001400)=@ipx, 0x80, &(0x7f0000000700)=[{&(0x7f0000001480)=""/4096, 0x1000}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f0000002600)=[{0x0}, {&(0x7f0000002580)=""/69, 0x45}], 0x2, &(0x7f0000002640)=""/44, 0x2c}, 0x4}], 0x4, 0x1, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) ioctl$BLKREPORTZONE(r2, 0xc0101282, &(0x7f00000002c0)={0xfff, 0x8, 0x0, [{0x6, 0x8, 0x7f, 0x6, 0x1, 0x0, 0x1}, {0x80000000, 0x8001, 0xbe3, 0xdc, 0x5, 0xef, 0x5}, {0x9, 0xdf, 0x400000ce, 0xfe, 0x2, 0x5, 0x48}, {0x1000000000d22f, 0x7, 0xfffe, 0xe1, 0x1, 0xf7, 0x80}, {0xfffffffffffffff7, 0x7f, 0x8001, 0x6, 0x0, 0x7, 0x5}, {0x84, 0x9, 0x7, 0x3, 0x9, 0x3}, {0x341ba352, 0x1, 0x800, 0xa7, 0x6, 0x3, 0x2}, {0x10001, 0x80000001, 0x4, 0x8, 0x0, 0xca, 0xfc}]}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0xfffffffc, 0x6}, 0x0) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x7}, 0x1c) sendmmsg$inet(r4, &(0x7f00000010c0)=[{{&(0x7f00000000c0)={0x2, 0x4e21, @initdev}, 0x10, 0x0, 0x0, &(0x7f0000002880)=ANY=[@ANYBLOB="1800000000000000ff06004a60ebef2c47fe3b04dc8cb2acd37913b1f73ab71d6dc45954a82057877482992d4182e0000002fec513d12adb64fe868b17ee10d2d603892ae97f2c182307050491e76079b7e99a6e319aad462f9691ba629a777fb5d0a0583b7ec4e36f08d215c2de6770338786a729bee41e9ec39b4bc291b928ef9f1b12e68f74ab829bfab4877b07f8132d75f25cfa60b42e5eafe40debd93f5c8843542ce87ccd81b56a7ae49a9d9c05298e5425267d128ce11df000d9fa45e8a8dcbd98d41df16b4ebd66464d1e7f66e11a5463afc56cffa277233a378e5cbdf9d18aa6f823a0eee8e60f2627681200021afcffab6b0700000000000000a91f3d22e65fa0c1c1598d101b737b6dd68457b0b100000000000000e7aab97628569897d804986838614b32e2eb83b4cd080277abb58728246701000000a3c2b217d76be42e595d751d8dde26cecba021e627df1e13015900953b245c3db57fd510dff19516e6456c9560e298785fe0f90e01c5c5722ea99cfcd862f8000000000000b7f90b24204ee593370bf6b8e1d4140d1b59bd62765e1c604f179b56c1cab48aed63a39b2229f372759187f6113b17a1a679fea2c9a8f3dc9b0687ced9d170914d7c08ea8a3ffc1b4dc2394b3dc3bfe86452f044183729dd5f4bd2f3884ae1b03a4f3fe33baa630c44982ebd6d1a0036e8231e1e5b2d63d4d30be7a17333424475adeafa2a6ca643ed1be45c869a8b4b69098fd7ad2f8d8b50b1eb282db29052c8463c09d239ee2aa3a97a170f7f3afa435df3b9b5d1be8527b9acdc7dea2c4f5969bae4d8115fb6a7bc72e15045dd1d4654ba4bfffffffffffffffb36cae40f0a25955257cac2fbae73e3b066a59b27df5fb6e122534b2cc6c8c298eafff148aefd6cc9b2e9943ffb3414d8713f19009cd2d1c37f68137392f85fd6d5791a8a3c2ac7c6e02662b86b577ceef4dcece7141aa0ff4e0a6dac6b7be3983a7de4c5d2b6a0124ab2cb83d197059dff5229a6a8ed66ad4ab6fe55a0319ab26e804bf14d636e292912f1d52cffad48cc180c8b082a78496675fb70e50d5184e704d5195a3a487c76145ffde841c0153a5ddb433969d359a99965f6cbfb7a7916d6b2297fb602e59143a2b2a40bdfb795986feec7021bc1361ad120c45b0f6d561a56fc3bcd51533245ef2905c6fb46ae068575457fe13804b3514b9903b76a1890c0b7f8713c67850fa93536299396de36eb4d5dff234c0fdb4329eb7a412b072b91b220d300002eac42dd451616bc236e86b741facf767cdb379289fb398fafb2ce8337f254c2214ce0ed6b8295e73f103c4155a050fd8df6d31d039c98e6a18d2e92fb414df2782c99a79ee56b3e0133c92605895bd2e12deaf7923c7a2e04d534e024fa6f0113fa784062203100000000000000000000000000000000000000000000004d7d29f25802d7f69e0047ddc4bac1e5abf7762f3181131d9d3f41ed1d01693ee0ec025fe0c99253b2fc61155cbbaf22a4b4ee42e4a78aba55e234bd1f7908229371e1821ab83367443c93d7a8e6c0df2c966a3c3e7ae025a84c1830a0c2ba31c6de62873d0578ec0861ab839f36441c8b09885bd5104632b3ad7de4945b6dc9f51a12f77f9019c38f112d4771a1d06ee1ece6f975fb3a7aa4d84090948955685f7e864bed7417f9256cbf742e546588efa4b169a414116ecd4baab5efe145f5b41632a9d3004b01158fea35dd5629e9022585d68a16c7535ef11e211e01d1ef0c8604ad8c12a281df04bf13a465e4ceae0bfba098f3cfd5d5518cbf2742881f89e60a3a77c2a97d94512154f392933daf2cd0da58a8ac06e63ef72cd90ec2eb5737002b26db96d1d53d4b500d9409f68635764369e76dcea08c4fe7c28f529ea340da6351c50db6146d7126feb18600000000000000000000000000deddd47e8e154c0e7ee38b293c7352b48bf324cee466a4070cb37711fd21e197257212ed4b3eca34d62d79a5a9255c7012ddee40ea0a540c95a61f06bd0648532c2e8827305b99d7e2810392000e7a7d428693cebd2b9ff0753d4045fb89b122b55f555f20a45aac09e871e6b82c235ffdda7b67405b5b150e024af343c1cf52ecae3573cb5765cd7d9f1157716eebeed011cfc21b521b39d8b34e23f51c4fd86f4dd7c059d0c0140f04fb19e0b0693a768fcdccc9dd65dfcbb278eb23fb485f1b2b4c005e84d31f82555bcbc36ff29d4ad0d2a048145151215507f687385244d219630b5df9a2c1776998d5ab09be31863cfb9c0d031d11f70f865cdb4d85399a4c615d622f7eb83c3bb17f56dd2753bc2dd657a0e7838e22414475b10ce81ff57f20295cb80757faf97be5bd6b219e17b72f76fbd6af206aa729a9288e9b7de4a330511f03000000829d738c9acb41afcd271e27959de20eb1308f00000000000000000000000000f07cdb430c2a07fec2eb0b6883af4bbe91caf24297437d767a94ee4eefca78824c4c262a2e9a812bca6aa3d4610368abc7b87f29cd3700f1bcbacdb057fa77d3b53dbd000000000000000000000000000000003eb728f2e5bf30fc115bff70800bde6c31af9f3c8f87f7923c6178c9276c87e3adc786a6309bd13f5358cbb6f91f5c232635600d3aeae248ab1172ce1530a925844f75d8e79bbeea026f14a56411abfcdbf199cf4b59d0bde26cec59d0b61d5fc76951258f1b4e5fe0baac624c079548a18f949bdb131e6349b1e2fe976fd58e9bd2c5d10763bb04ea7ec05a193dee6ed28d6c7a7ffb448e5a0b497c311c9d3970fa83536e2210ac1e04081734bb29f17d046602925619be2011b025092331cc929c52fb63e2ad34be5c466ce9aaa7fa7c6baec4e9be55442488b4"], 0x18}}], 0x1b1, 0x0) socket$inet(0x2, 0x0, 0x0) [ 1107.077880][T22120] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 22:16:12 executing program 4: setresuid(0xffffffffffffffff, 0xee00, 0xee01) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getpgrp(0xffffffffffffffff) r1 = getpgrp(0xffffffffffffffff) sendmsg$unix(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee00}}}], 0x20}, 0x0) 22:16:12 executing program 0: r0 = socket(0x22, 0x2, 0x1) bind$unix(r0, 0x0, 0x0) 22:16:12 executing program 1: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$search(0xa, r0, &(0x7f0000000140)='big_key\x00', &(0x7f0000000180)={'syz', 0x3}, r0) 22:16:12 executing program 5: r0 = socket(0x28, 0x2, 0x0) sendto$rose(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:16:12 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240), 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, 0x0, 0x0) [ 1107.646832][T22132] Unknown ioctl 43780 22:16:13 executing program 3: add_key(&(0x7f0000000000)='rxrpc\x00', 0x0, &(0x7f00000000c0)='h', 0x1, 0xfffffffffffffffc) 22:16:13 executing program 4: r0 = socket(0x23, 0x2, 0x0) sendto$rose(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:16:13 executing program 0: syz_open_dev$dri(&(0x7f0000001440)='/dev/dri/card#\x00', 0x0, 0x0) 22:16:13 executing program 1: setresuid(0xee00, 0x0, 0xffffffffffffffff) setresuid(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 22:16:13 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={0x0, r1}}, 0x20) 22:16:13 executing program 5: shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/146) 22:16:13 executing program 3: r0 = socket$rxrpc(0x21, 0x2, 0x2) bind$rxrpc(r0, &(0x7f0000001440)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e24, @private=0xec}}, 0x24) 22:16:13 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000001800)=[{0x0, 0x0, &(0x7f0000000740)=[{0x0}, {0x0}, {0x0, 0xfffffffffffffd97}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0, 0xffffff4b}, {&(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @empty}, 0x0, &(0x7f00000005c0), 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0000000000000000840000000700000000000000000000000000000000000000840000000600000080000000000000000000000000000000840000000200000002000402fcffffff03000000", @ANYRES32=0x0, @ANYBLOB="000000000000000084000000010000000900ffff0400000000000000900800000000000009899c0000000100", @ANYRES32=0x0, @ANYBLOB="00000000000000008400000007000000ac1414160000000000000000000000008400000001000000ffff09000a02000006000000517a0000ffffff7f07000000ff070000", @ANYRES32=0x0], 0x0, 0x8851}], 0x1, 0x0) 22:16:13 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000100)=0x10) 22:16:13 executing program 1: setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff) lookup_dcookie(0x0, 0x0, 0x0) 22:16:14 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={0x0, r1}}, 0x20) 22:16:14 executing program 5: r0 = socket(0x11, 0x2, 0x0) sendto$rose(r0, 0x0, 0x0, 0x0, &(0x7f00000010c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x40) 22:16:14 executing program 4: r0 = socket(0x2, 0xa, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={0x0}}, 0x0) 22:16:14 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000000c0)={0x3, 0xa}) 22:16:14 executing program 1: openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x389581, 0x0) 22:16:14 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={0x0, r1}}, 0x20) 22:16:14 executing program 5: r0 = socket(0x18, 0x0, 0x2) bind$unix(r0, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) 22:16:14 executing program 4: socketpair(0x22, 0x0, 0x7fff, 0x0) 22:16:15 executing program 3: r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xda, 0xda, 0x9, [@union={0x0, 0x6, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}, {}]}, @fwd, @datasec={0x0, 0x7, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}, {}], "f5"}, @const, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], "a3"}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x0, 0xfd}, 0x20) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x33) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 22:16:15 executing program 0: setresuid(0x0, 0xee00, 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@cred={{0x1c}}], 0x20}, 0x0) 22:16:15 executing program 1: socketpair(0x22, 0x0, 0x0, 0x0) 22:16:15 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000002940)=[{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}], 0x2, 0x0) 22:16:15 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}], r1, 0x1, 0x1, 0x48}}, 0x20) 22:16:15 executing program 4: syz_emit_ethernet(0x32, &(0x7f00000003c0)={@random="be557e6f2eee", @link_local, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @multicast2, @multicast1}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "38dc76", 0x0, "5b571a"}}}}}}, 0x0) 22:16:15 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{&(0x7f0000000540)=@nfc_llcp, 0x80, &(0x7f0000000640)=[{0x0}, {&(0x7f0000000600)=""/42, 0x2a}], 0x2, &(0x7f0000000680)=""/125, 0x7d}, 0x4}, {{0x0, 0x0, 0x0}, 0x4}], 0x2, 0x1, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0xfffffffc, 0x6}, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x7}, 0x1c) sendmmsg$inet(r3, &(0x7f00000010c0)=[{{&(0x7f00000000c0)={0x2, 0x4e21, @initdev}, 0x10, 0x0, 0x0, &(0x7f0000002880)=ANY=[@ANYBLOB="1800000000000000ff06004a60ebef2c47fe3b04dc8cb2acd37913b1f73ab71d6dc45954a82057877482992d4182e0000002fec513d12adb64fe868b17ee10d2d603892ae97f2c182307050491e76079b7e99a6e319aad462f9691ba629a777fb5d0a0583b7ec4e36f08d215c2de6770338786a729bee41e9ec39b4bc291b928ef9f1b12e68f74ab829bfab4877b07f8132d75f25cfa60b42e5eafe40debd93f5c8843542ce87ccd81b56a7ae49a9d9c05298e5425267d128ce11df000d9fa45e8a8dcbd98d41df16b4ebd66464d1e7f66e11a5463afc56cffa277233a378e5cbdf9d18aa6f823a0eee8e60f2627681200021afcffab6b0700000000000000a91f3d22e65fa0c1c1598d101b737b6dd68457b0b100000000000000e7aab97628569897d804986838614b32e2eb83b4cd080277abb58728246701000000a3c2b217d76be42e595d751d8dde26cecba021e627df1e13015900953b245c3db57fd510dff19516e6456c9560e298785fe0f90e01c5c5722ea99cfcd862f8000000000000b7f90b24204ee593370bf6b8e1d4140d1b59bd62765e1c604f179b56c1cab48aed63a39b2229f372759187f6113b17a1a679fea2c9a8f3dc9b0687ced9d170914d7c08ea8a3ffc1b4dc2394b3dc3bfe86452f044183729dd5f4bd2f3884ae1b03a4f3fe33baa630c44982ebd6d1a0036e8231e1e5b2d63d4d30be7a17333424475adeafa2a6ca643ed1be45c869a8b4b69098fd7ad2f8d8b50b1eb282db29052c8463c09d239ee2aa3a97a170f7f3afa435df3b9b5d1be8527b9acdc7dea2c4f5969bae4d8115fb6a7bc72e15045dd1d4654ba4bfffffffffffffffb36cae40f0a25955257cac2fbae73e3b066a59b27df5fb6e122534b2cc6c8c298eafff148aefd6cc9b2e9943ffb3414d8713f19009cd2d1c37f68137392f85fd6d5791a8a3c2ac7c6e02662b86b577ceef4dcece7141aa0ff4e0a6dac6b7be3983a7de4c5d2b6a0124ab2cb83d197059dff5229a6a8ed66ad4ab6fe55a0319ab26e804bf14d636e292912f1d52cffad48cc180c8b082a78496675fb70e50d5184e704d5195a3a487c76145ffde841c0153a5ddb433969d359a99965f6cbfb7a7916d6b2297fb602e59143a2b2a40bdfb795986feec7021bc1361ad120c45b0f6d561a56fc3bcd51533245ef2905c6fb46ae068575457fe13804b3514b9903b76a1890c0b7f8713c67850fa93536299396de36eb4d5dff234c0fdb4329eb7a412b072b91b220d300002eac42dd451616bc236e86b741facf767cdb379289fb398fafb2ce8337f254c2214ce0ed6b8295e73f103c4155a050fd8df6d31d039c98e6a18d2e92fb414df2782c99a79ee56b3e0133c92605895bd2e12deaf7923c7a2e04d534e024fa6f0113fa784062203100000000000000000000000000000000000000000000004d7d29f25802d7f69e0047ddc4bac1e5abf7762f3181131d9d3f41ed1d01693ee0ec025fe0c99253b2fc61155cbbaf22a4b4ee42e4a78aba55e234bd1f7908229371e1821ab83367443c93d7a8e6c0df2c966a3c3e7ae025a84c1830a0c2ba31c6de62873d0578ec0861ab839f36441c8b09885bd5104632b3ad7de4945b6dc9f51a12f77f9019c38f112d4771a1d06ee1ece6f975fb3a7aa4d84090948955685f7e864bed7417f9256cbf742e546588efa4b169a414116ecd4baab5efe145f5b41632a9d3004b01158fea35dd5629e9022585d68a16c7535ef11e211e01d1ef0c8604ad8c12a281df04bf13a465e4ceae0bfba098f3cfd5d5518cbf2742881f89e60a3a77c2a97d94512154f392933daf2cd0da58a8ac06e63ef72cd90ec2eb5737002b26db96d1d53d4b500d9409f68635764369e76dcea08c4fe7c28f529ea340da6351c50db6146d7126feb18600000000000000000000000000deddd47e8e154c0e7ee38b293c7352b48bf324cee466a4070cb37711fd21e197257212ed4b3eca34d62d79a5a9255c7012ddee40ea0a540c95a61f06bd0648532c2e8827305b99d7e2810392000e7a7d428693cebd2b9ff0753d4045fb89b122b55f555f20a45aac09e871e6b82c235ffdda7b67405b5b150e024af343c1cf52ecae3573cb5765cd7d9f1157716eebeed011cfc21b521b39d8b34e23f51c4fd86f4dd7c059d0c0140f04fb19e0b0693a768fcdccc9dd65dfcbb278eb23fb485f1b2b4c005e84d31f82555bcbc36ff29d4ad0d2a048145151215507f687385244d219630b5df9a2c1776998d5ab09be31863cfb9c0d031d11f70f865cdb4d85399a4c615d622f7eb83c3bb17f56dd2753bc2dd657a0e7838e22414475b10ce81ff57f20295cb80757faf97be5bd6b219e17b72f76fbd6af206aa729a9288e9b7de4a330511f03000000829d738c9acb41afcd271e27959de20eb1308f00000000000000000000000000f07cdb430c2a07fec2eb0b6883af4bbe91caf24297437d767a94ee4eefca78824c4c262a2e9a812bca6aa3d4610368abc7b87f29cd3700f1bcbacdb057fa77d3b53dbd000000000000000000000000000000003eb728f2e5bf30fc115bff70800bde6c31af9f3c8f87f7923c6178c9276c87e3adc786a6309bd13f5358cbb6f91f5c232635600d3aeae248ab1172ce1530a925844f75d8e79bbeea026f14a56411abfcdbf199cf4b59d0bde26cec59d0b61d5fc76951258f1b4e5fe0baac624c079548a18f949bdb131e6349b1e2fe976fd58e9bd2c5d10763bb04ea7ec05a193dee6ed28d6c7a7ffb448e5a0b497c311c9d3970fa83536e2210ac1e04081734bb29f17d046602925619be2011b025092331cc929c52fb63e2ad34be5c466ce9aaa7fa7c6baec4e9be55442488b4"], 0x18}}], 0x1b1, 0x0) socket$inet(0x2, 0x0, 0x0) 22:16:15 executing program 1: add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000500)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff8) 22:16:15 executing program 0: syz_emit_ethernet(0x46, &(0x7f0000001640)={@broadcast, @link_local, @val, {@mpls_mc={0x8848, {[], @ipv6=@icmpv6={0x0, 0x6, "da9c9c", 0x8, 0x3a, 0x0, @dev, @local, {[], @ndisc_rs}}}}}}, 0x0) 22:16:16 executing program 5: r0 = openat$char_raw_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/raw/rawctl\x00', 0x0, 0x0) ioctl$RAW_CHAR_CTRL_SETBIND(r0, 0xac00, 0x0) 22:16:16 executing program 4: r0 = socket(0x2, 0x3, 0x6) sendto$rose(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:16:16 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}], r1, 0x1, 0x1, 0x48}}, 0x20) 22:16:16 executing program 1: r0 = epoll_create1(0x0) write$RDMA_USER_CM_CMD_BIND_IP(r0, 0x0, 0x0) 22:16:16 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000002280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)=[{0x28, 0x0, 0x0, "b4b0f423a466ab5c380817e57c60ce1a53"}], 0x28}, 0x0) 22:16:16 executing program 0: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) read$midi(r0, 0x0, 0x0) 22:16:16 executing program 5: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, 0x0, &(0x7f0000000040)) 22:16:16 executing program 4: syz_mount_image$f2fs(&(0x7f0000000080)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040008000000000180000001f0100000200000002000000020000000100000018000000000200000002000000060000000a0000000e000000100000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000000)={[{@jqfmt_vfsold='jqfmt=vfsold'}, {@nolazytime='nolazytime'}]}) 22:16:16 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}], r1, 0x1, 0x1, 0x48}}, 0x20) 22:16:17 executing program 1: r0 = perf_event_open(&(0x7f0000000180)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) read$FUSE(r0, &(0x7f0000006780)={0x2020}, 0x2020) 22:16:17 executing program 3: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self\x00', 0x220000, 0x0) 22:16:17 executing program 5: setresuid(0xee00, 0xee01, 0xee01) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) 22:16:17 executing program 0: r0 = socket$l2tp6(0xa, 0x2, 0x73) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000300)) 22:16:17 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}], r1, 0x1, 0x1, 0x48}}, 0x20) [ 1112.932879][T22252] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 1112.941124][T22252] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock 22:16:18 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}], r1, 0x1, 0x1, 0x48}}, 0x20) [ 1113.031326][T22252] F2FS-fs (loop4): Fix alignment : done, start(4096) end(147456) block(12288) [ 1113.042871][T22252] attempt to access beyond end of device [ 1113.048786][T22252] loop4: rw=12288, want=4104, limit=20 [ 1113.054574][T22252] attempt to access beyond end of device [ 1113.060293][T22252] loop4: rw=12288, want=8200, limit=20 [ 1113.066014][T22252] F2FS-fs (loop4): Failed to get valid F2FS checkpoint 22:16:18 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000180)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "d8211fc0"}, 0x0, 0x0, @userptr}) 22:16:18 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000340)={0x1, 0x8, 0x209e20, 0x8000000001}, 0x2c) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000040), 0x8) 22:16:18 executing program 3: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0) 22:16:18 executing program 0: openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mISDNtimer\x00', 0x1, 0x0) [ 1113.387995][T22252] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 1113.396191][T22252] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1113.574130][T22252] F2FS-fs (loop4): Fix alignment : done, start(4096) end(147456) block(12288) [ 1113.585274][T22252] attempt to access beyond end of device [ 1113.591002][T22252] loop4: rw=12288, want=4104, limit=20 [ 1113.597003][T22252] attempt to access beyond end of device [ 1113.602717][T22252] loop4: rw=12288, want=8200, limit=20 [ 1113.608440][T22252] F2FS-fs (loop4): Failed to get valid F2FS checkpoint 22:16:19 executing program 4: setresuid(0xee01, 0xee00, 0xffffffffffffffff) setresuid(0xee01, 0xee00, 0xee00) 22:16:19 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}], r1, 0x1, 0x1, 0x48}}, 0x20) 22:16:19 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, 0x0, &(0x7f0000000040)) 22:16:19 executing program 0: r0 = socket(0x2, 0x1, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000280)={&(0x7f0000000180), 0x10, &(0x7f0000000240)={&(0x7f00000001c0)={0x0, 0x0, 0x0, {0x0, 0x2710}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "4eb2c7aa21b7d04c713b9afd241820a2231bf389c1be821c3a5de01c9b6c8681e3bd18a5c8dc228deabfb3bc9131c3ca8b201c32d3978321a8d8dd5125a35814"}}, 0x80}}, 0x24000040) 22:16:19 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000000)={0x14, 0x88, 0xfa00, {r1, 0x10, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2e}}}}, 0x90) 22:16:19 executing program 1: r0 = socket(0x2, 0x2, 0x0) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={0x0}}, 0x8001) 22:16:19 executing program 3: socketpair(0x3, 0x0, 0xfffc, 0x0) 22:16:19 executing program 0: 22:16:19 executing program 5: r0 = socket(0x25, 0x1, 0x0) sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x22008001) 22:16:19 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240), 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:16:19 executing program 1: r0 = socket(0x11, 0x2, 0x0) sendto$rose(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x0, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0xffffffffffffffc5) 22:16:20 executing program 4: r0 = socket(0x11, 0x2, 0x0) ioctl$sock_rose_SIOCADDRT(r0, 0x890b, 0x0) 22:16:20 executing program 3: r0 = socket(0x22, 0x2, 0x4) sendto$rose(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:16:20 executing program 0: sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x6e2398baa578d983, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000001340)=ANY=[@ANYRES16=0x0, @ANYBLOB="000126bd7000ffdbdf250e00000008000300", @ANYRES32=0x0, @ANYBLOB="6c0491005fbb2acdff3e354758c06259e70f7f4b55a99578fb43836565236b393728fa1bdb81a5780a1a1e24d4693fa0e6094231b095a8296db7f64faa5a8e8cdf4e21e42bb21c8ac9f1710f11516a7710d3f9d7a59d08431931d1a1b4cafeb39f591071e43b9c9d9a59d2697e5b644dd409328d1b52c6c2eb552ec054213f2c1d025d32db1aba7c4a1345e17825f0c56d97c1d5ccfb9bade0bec4308cbe041b0444304333c05eb57f33be61fb12e56db9d2f9283924a88df9a0cc24c5b433994ae204a918d720eb11e34b449789d25011ae08fd6018644c2c8d6e991ad6786250801d63cf47744abcac462b19ede0ab9fc194898e8733444ca9f534c1fdd2f26d90e1e00765b8f27a76b6e8679d42e0517a7e523cb9bc2a54a7bc2df4ceb8de95182667ed02de9d1c2053758fd854a9e98d3e39068f618e1da3505a57c7a2b4b5ecdb4234e1806f08f739adf98e96914f4d2c9756db5a95ad234b4834add4295ffe2facdaaa07745e5369f54d1f3a3b24d98931cc4bbb758e2c952748f3fe54cae5bf29a1ca7262cc2e013179c8376f0de050df2539cc62f3262a0949f3fba2ac601a17ca43ccca539ddad35f6a73e89f9ab4972cb8e29843eea1340b3c7fe483e9d253d6623f85ed237c08359ad0abbd46c4c2bf6d2b087efa7d44bd8a1340508438f1ebf6e7319a390a92784ba55d1239519cdfe70482d44827e28509f99fdcf94b5d0c3404aa2706f232e11553c3d41d802d88032aa9dfa65971b9871dd89917aae84cb45cb08b5671b552bdc95299b517bcd797ed0a506c35466c550f506d51c08933cd3107c6174fee078bd382eafa2ab0392893329b0071d09986b5e06090428c5281a859d3e26ba4089606bb38df4a85556f2302b7e2b9ce19b95971631ef564b372c4c690ad5169908794e55e0d166fbf49f4df1ac27dac8c085516bd2fc47b9141c4965464363b5bb36a0c76a538c0b4d387e6fc253f8f9d5e1d1341af0c99d2c8567df115571f8f708a53edb677eda59c242bda1be4d02974c7eeae1a799fdc7ae9751cc4dbf66aad5080d8125a05ed87a3c7ef5f6a97507d67aaa2427d845c3e9c83b693a922f46a76b272d6218482b5c2fd4af42ab7e714ae9ea5d8c79805a9ee3b8d2beaf0fb8bd72e87a2140b01b000893dfaf08b8bcb2019d2b718e6034be2aab797974e344c00ae1202db4e1167127eb1bc4c10ebda7e4013ccdb3215f21a0da852e8d86ddb66065adee37f460eabfd008f105f73c1759bd45f463787340d3f220a5748a76d6243ffa158fbf31401e169e007a930333c4ad2394f4b503fb8fdd75370773b229aa464eac71b57ebd671b9a0ac6be92fdcca0aa552126abb47e639651b8cafd79942edcbe1d9e48d3ee4aa873da0138ec55539ade019b818fff059dc4d5d9960e3d5cefefa9ed8a9dddd9c46ce24e96550fce1f3292449ba51f764ca33c901c465074556daa93d3fd6e07157c7b55f744ffa9c4529f8e6c23baf21c6fc5f52b7c06ce4699b870630b16d360a6fa87b0ecb28b3c094ff02e8e19ac2488d68d7312932532353f8cd07ceb6f2de791c572eecdda85d5fe88315123984a3ef2dcb01800001a202c3a15f8ab3001d05c72f34a2bf37547244631d3c130f51eb1b1ecf743f5eab5851c39db6bed095bf2b8cc8251cc7f8b9ce0f3503b62645fce98973e47154fd482309fdf002fa35a776199c0045aa532545b402efeb15a9542ba8818ebeffc8f23434460949fd60e22f954ba854ce91fbf0ce28a77323624f1d9f62adf719b3d689d966ee77a105937a8cdf9c3f3241d28229d75471c6a219b3ddf8d0a04e1ca35a250301b67f8c18a20026d319a66f87f0a5ce321100d956cb8fa43a0dc68287266d2005048a844a9c016e87cde15eb3cae1e29d46135c2daf5bd642d4dd432a252cff0d247b29259ef2be2d37b93ba23211c9e0342bfd3144fed02e3d56e5c669d21f6ab11ff6f543a6860f9e65d1d2700e3cf3daa3ce8445c9bae9b344c9f2202fff7b8df21aa6e62091e564f75d3e010026220006ff3bdba1a84d499eb9de23aa4c8abdae98a4210164f2455cb29a6dde1baacf6d040601070600030026643f0051c572982bd43ab078664f33698ae5eb3f01ea902eebe794fc46f219633087b7ef756e81fce221dfcd42150036ea3fa6c7709763320f3cd89d149c2ef6e1a24b4520224f7be5ef0d4afcdc115161e2d7c77ea4ddc2c8a4d9f635232a0ead8e0340c100d5002a000406ff01040004008c1034066811d56f60fe2e32589252051428bd0608021100000003010eddaa643e1888a61c6988801b99641562a1485b5ee77f51b87ec7a2f58986dcab8f0e5b271ced79395ce2d9926079e309c945a649c61483767da8da24b78b3742463b0e51506fa817912d4cb4fefbc98301e64bd2bd60621e17a2405b44c9c9d0979daeac583f7fcce86c7613f2bec2a7a22e767d8e7f0a623f019231580fa25007309198dfaeaf1d7cf2ca1fff58f408e90ddb7f60110e15972a0e3fb06d6a8a4a412ae0dd26bab8f6ff1e000000004b05910079acd541c55368784baa147892d6ac58d391efc23bba51e2c63472c71fb63dae23d58dc4c3346e9d395b9d997ac2b8b9ba6193c91a249d9214dd24e67bb1c9980ab1bdb2add7dee8cc955b2fd71014f6d9666242d7cc49b4c3d6ca30c88aec9189ba41ae440f27b5b8d4d40747746a288f8ae4b196b64ff6e04b6f4c467eaf780c4612e2bde0e2f277f7314b5417053981ec9598c84037918d69817e577145b79c446b158e382212b0ac5bd5e1aabe0e93d0039ac6a3d018b7e6043dba5c4a7a3d7939499e08c40d1f613b5d7c85c5d8c3084c2ea3076003f7239e6c54eb750eac42ae1bd36b40eecbb2dbe3c0b7bb85928d5ae4fc530383c35e2cda5fb669db6a97b7daf2e900a7e0623f65959de7379ef21324742fdd4e638aabff08c1c194edcfd8e2db9febd899b5aae0491b985f8df017a2c5fa1fad4401cc35fdacd2f59258762ff8100540dd59fe4736f697b8a555ae9ac4ff38c0bf9313ff0c9ad9b9d0d09b856de67ad8b7039877f675bd1b501c6c75438b7df4ae1741d03e7a881bea5e782a70438c514e50f57965a81ed6b17558e8521dde97eef304607eadaa583f9615060c3b2f3018930cdf6bdcd684cf24ea877f17b93eab15c1be762a051cf61222bc198e46c5a23dc3afcdc8b872962af373a581e1566e99444426c12c0e9fd78bc3ab4be185bb835ae0b290fac75f1beac5ad00b7f5ecc77b5ee5a7028e43f2ef78fc9f935ec78c28fd72fd651533a91784c35e5f149a9f25e707c31464c51dfd756476c10fa6732cfc0738525a739b7ff55ece690ad7f2aab2ca57f717c09fff2c3aef095f5eb16b56803ed7b2d2b8122e26f72e06bbd056705932e310657a9673ed2d77836bd40ca6d5b9f2ad4ac092d640bec8410d2acbb82e3423e0f1dde030aab228b6504cb1bc92f733427d7e28924e0dd5a02f7337702b2f4029886f2805bf3005aa2c4a22db7093a484bea2d8edd356f0f207e2c4d569576d603e10d32e97a7cd7113801c0832e05294a6dac3b87369842610128a0a2e7c41c5b8a90db0538873584e9fe5985c2cfbaefb34705403e3dc6fef3d01b251f847960bca3179fecf1368a1479c5d08a3b5955e468db61cccb84a45cbcae25abc77a28f6df3b58c876c7f75d5fca16dcd9cd76c124ba07dc57ab93344df81e87d47fe9d22b752619ebc34bdb2d66b6985dc89a51a84fc803d72ccbe8b8cca0de919414a8a930517269f0e69fb35eb0e40698203789f0ba3cb7bdb0e17d31567974edf7d22a26d752c9662f7b70b14d4c693b1d00880a52bca606cb71c81ae6964ecc59bf3ae20a2544eb3fa2dba6d67c2e7e57e3609ec04f7f1c43e40492f75494c7454592845d34d2ea7f69f59ba4a2672be7cab8616ba149b7c8854505a82bafc3df21e0534fbffbbd377068bf0b24c53f33a11915fce321f624c53ff634507843a44113b7c8f3313f503fc1c6d8e277c16bbf552b091b70ebe7d620512880dc0aba88102a64462925b88097b98ab122f0ecc82e099366ddeda19ba1a236399dc3baff8d5f7ec5f4b353c8d249111e244a71a88e764531994a9fb3911bb126c141f7c9493809b139c3a59e688fec772fe4ceb610e5663773b39ae8ee23caf23a52f9f00ee048164da224e3b14db4eb9f2c27afc18013cdf376e54a16ad56bccde5351d035ba953429be1e237301ec4017bf7eae22d417d15b0983509e139f4ad34d5f14aaf71a7c7b5d984ae61fe968f69734e63068049c8e3bd2c15887ee6d06639c5cdc30c8e3cbebc83a11e251b6fd7abc1ab15442d1a0ea46ae76b61ff275db626216518fd3dc4cac6f2e70f6ea8b42dc1dfe0fd27f251bd7c7d186c4fc87bb278e24e9585e28213e9a6b38f3daa167866c397510c888a36d1313a915edd7e8b8d9333421aac600d8000e8004000100cd000200cf3b723d40768a587850714c01e534668135f09897195fc7027266094aaf4d545ee10623c8e2bb3f158ebade179bdecff7b10faa30500a4bfa1141eba16ccafb1e0d662dbcfc5896b88fe4324f79a0f814f4212b0cd45b4855836ed5ccb5f70700e749aaee81ea0582614912b339fbb6e0c404b93bad5409cdd6c6ff1f4dc2965889746c5f4eb7374774bad754a6959afe85f3ddd62c4e811fd76c1c0207fb285083084ae87a463d7c986d6a3a53a890849a18001bde7907d7f4126c4f1b4880981b8cf59fa4ba425e000000a203910031821bac37ba0467aea4defef3dbb1768ff4edf2f01894868ba03575cb9bffa9f803c5f668e012f949380166410c12807a61997ed4998de9ab9cdc0ceebed2378eabce9e066f3346c4fd939d4225ff98f6ab1f261f73aaf369b08f12e0afe7eb81bb73f4ea4de1109b774e08bdaa106b29ce93e9e687a90a17e38dcb15315a9b8bbfcede9d3dd217cb96a29234a1102e32e71e406f68d218025667c9944259cdd2a9b5f3e9526dc3586916b136ef8e53e7f5ead0fa386cd6b503a1b29db8a6c58948ae08a9f9c270d2d89085cc0953275db342f82dd570a7a2d7973b24e76fa67b4cd5ba5dfdfa478f3f5124049908eab714bb284c543708bc636998c4dd31657315880db1d993c5cc6d676dec3dfadd13b97089b39b566043df6dc2c9dfa4eb877146a4f06ad5ae37dfe30615b6e1ad20af22b76c4443740f9ac8d5438db982afea5783091676aae8ba6e5c3209969a09146fca26c297c26aae55f2c6636499032e9efac886fa172ddec1579a831cfafe2bd061ccd205bb44d099f8cfea240ebfa01ef232bef7c957f0be579a51a398db02492757edaf1f19b1ca09146a92a8c54b46e643e2cedc63b1a4bb2775487d96b464f509770d4bdbf348e6a8e7fe398337ff36cb0c7a587821cd9dd0ab1fd48185a044c038def4bf4c788999c12a7e33310e8a4eb044467358cf9f3c0b301994fc37db3cbf460dfac93a0805c89ec1266469c4f5231a36280a2600f04e529ec5c2ccc05525936a1a7303026c7130d8b33f07f2a98b0873634ada95124de8eed402b8842089d83fe98b88738bb0cee2c8fe28298f6056afc32be3496d5e19ae2154a59ae1e8b37b0db91870844dc4c71c25c1a7852a29456649ac49cd77daf38ef1218e125c0d85b762548cf39a2d15fdc4223841decb4ff44636da05e26b9e6f581ef28bbfa8a36534fdac156d893243aaa050968b34731cac4f0d2e13028953e472655aedd6378df2c3846a0e60ca380aa94f42ea88a8c229fc0590b95328071721e6bd7516913c05ede3cf2a47aa9450643d819350a98b62dead2baaef5c6552727ef320c8469ddb2163e196d903c24af0202ea9839e76117a71f7931c85b7113563fd62facf3acabcc3b89613dbe673ca75ba17956642aaf9cf0bbf998e8bf63734c81a33aa4afa86fe7d81f3633aa9bc16811bd0677f3bb08c0d939a85f68327757dc76913132dc3a8279fc48dc4aa61567475ae80e9752704ad7e2bd8808daf7542db8b6c24d30c762871636165d49511f9e70b44659a696a42d5484dc4207c8e7d8453dbeabc1b7a67be000090110e80050002006a00000004100300ab089347b275c6122e4d9f21719f157193ad05b8f2de3bec540404164e495e0887095ff5096b762148a6cd785b22cbf0b4c712c9250953a4b43e6e81fa5c883573c323adde77bc2b30b2695b556bf217be52b4a8ab39b560c2fd2bf8429749d82a1370b7273ff9983bf55f92bff72359f6cca0bcb747006f77bb72f108688c6fd76b956186b78bae980c55b2bb349390353eccc09a8086e50c61a703199ac30aae9b88607284f9d6c828cb31b943b555ab55c1e95f481d9898fd911d392db3f6793d894f906bb67b08dfc8f3ec779476de56de17887f59004a4eeeb7ff691fc3116038631d59b69bd127f5cfed0ef41a11b7114cec490beed3341606ce0689d9816d866e2e61bd10bc7c784a7644147d7b7325b8095afaf13c74b4e9cdbb6c8c4b873cf7d981f197fadabc666bdb3df9359c07231742ad54ed989a13af3527ad5b53376be81894134c58a3a27fa672f5bea606cd4d2f0e475fa4cf16ab639a061a47a6991b1193a337f98a1ebcc6025839f44c7a617682e421e3b7888ec588dcac1fd3b7dd9d05758609f777deec37b7b68200e5c5c4391efe4297b791695f3d7f92a31f331874a6ae53fe82257c7c5ae4b15ed25092b2a35a669fddac2b3b4871300cd21fc345809268385cdafde64a095523fd190525cd116e2272ecbb82530f6de1d44fbd477334f598e93efde7a1b7749be12033dad16b39a630807a1b88b596ad947361c7d258e74744ca762d299d0e3130cf84d533be3c65ed717af292a853f4b3687e9cd57ca89988f544e4def0adec108ceb7ad9a33e3f57d0d51e1241836027a0a6bf31a7c883572f299de61275dcfe471021967ddcb67732ae5d1efe51edb94214413c95fec541b5c0d42eb420ff987756fee8a83b10d9671bcf896299e955e6d798cb8aee5c13ab59b53ca4bfe8f9c13141bab3f48bf2d46621aa7ad92fde5c81f069d1679eed2384811d8f343b4f59e87936a4da4b401a6e55a66d546886124a2bee99b9f95fd5cf84321511edc31a1f32bd3b045940c4676cbdb69eb6aab4a4b4beda6621dea67f4cb892dc2d7c55d5a354d4dbf8b2840208953c40d50d661a0aa2fa376a607435cfc7de77800ddd90fa60d0e90580727d6ca666265dc19b8600de128630516406f0d1e9876a7d32c17fe7246b6098f21408f53f2811096942864b00980e2d65c4f02fc952cf4d71ab959366becf515db8021e5498e40a600520de13f5262cbc472bd891240af7133d067db049e893fc224d20b5f017d91968eef8c264a27cb4a414052569bd0197932b856325010b49d307118fdb2ad01155448e1257960a98465cdf5080a77d0d6ac9500da17d4950be8a9b6535cd5661ed8cb1302ef807071cc78f9abacecafc942e4cd1514287245dac3052e9c8ca612094b9c6337c382cfb1e2340b6837b6fedc3b201711eb24706bdcc4a35fb6095ca7c51a7d35e1e2e005cec469b1226a019be64099a14178bb07d40f8ea499fd023108cc90845df7e58c876fb8a2377c7c154114c34f91c0de65aff3ecb5bba3a7a35b3dcbd559e96d9b5bf69db0a323d4414f284a7c98ea7814da6c677e742af387eed7aad0399c88ae1a02c85c9b48e3638df1b78e298a6aedad32c85d77276b01283264ad1ddd8e0013dcda101a3c49342913702bc7251d3b7558886905da857c5d34ee77c3035e6b91a876bda72e133ecc16bc8cec8b8f6645b313e3aea924fa75e4fd3e2330924ec3fbb64cd45ac60d534ec41085f23d7a62928840fb5a19560b93a2e64ede0da9a50f03ae289fca2da48ad5125509e4ea698fc7095e0fd5f57951aa05e4236c9234c00858554490e00202bf214788c84a6ca40ae212570cb07571d02f9e9e60fe29351e5ae64bf03e04c9123490a46ea167f14b135d81c7c802e786d12a09c599eecdb6c47b18fddce098fd56fd9a19e6ef2003ee8714d48e60f29ef083dc376482b1d4685c4d3a9994fd77f2e7517353148c68a47653a8e144a654bca469e9780c35b97020933f59737ee86e2c3f1e0d54066dfab6ae64ade422a462f2237420281a857d401093dea2b911d39d9e938050db36b763a770111ffb791f58a10e4cff67f3b354d2798cd58a73767de555745a12fd33de7ae9a5998998fbdbc0437dccc92e686a748cd1ac3de3c39aec0e8eb292b1b0bf4df4031ec9f435bbe97fb2df619a4eda34bc7af653698e9ae00c1648882cedbe742d5c0304f23fa1b95541341840f781eb99f18d9a85f891e469240357c1ab0108453bca7800d5b7605650e5635982da4c6e02e819f97205aa65925e922d7cddc7b0c2e75ddedf39ed9fd8bb48e1364898b0bacf0a93e0693ee41b6411667e655e7e43662581c5fadcedfab2cd3ea010f268ea0617f5f67d82df896be8eb7513d8468a974f44325789ca7a03f1b7011e8affb3d63eaf3d4d7a384e8c8f88f9a833a882a64d994b60164cbd831937c1f0471afe02c789a2a9c39eab8fb7b56aeabfd3a1bf3a279143fbe569412423077027af02c909b55010e8fbc8d645223432efe0da068ab5b6d6f957a027395058dec27cc029cb56e0c14b4fb565f34548e80f2f225fe3919cbf3d3ec0020ed50138848170aac7157831df23b7d3cc594c41ab3195853070d4d6af8e0e3306f5fa4acb25e9c69f8a55dfac4abfd0bc6cb792b041e754921fed95623c9a6266ea72c16eb7c2c5a68f16680227fc7cc63af38d5559363caf3a328eda3d1d50826c4cba559c830c785a127a597e45ec0de08c31d8ba7bc18cf92ff0431cce4722bd568e11b5272384a641cc6170a9aa07e04e25e31960a6753f231984decaf050f7e546d2dd4d701e4080acd3795139fbcdbe15a9385fa467743e1c933b9ad13927e60e2a195710a7a853c061f9497fbf1ed9b5e4d593356d6ca773851923d35bb26254d6be8393286e43556a89a87b5df0c4004ee39cbba2dabf91cf884f2d59b6aa1b518bf4bcd35a0f7204a188e30f42b37c122a1b0a33b2f148855cf0710224b3c0ce7cedd378f41bb0d53e40a0e4b7b5383ede34b3bad5463f5f6f2a217afb46ec4f3b484ace10bacd918885228f54a8f6eecabad7c7d620dfcd535c04cdbdbcef2746d6c0c297dc16f80e4065122d6d550f9156fb0d4e1182d0aa63b94590cad8afdba285cafefeca55d57b50749f8b2e4ed4ac850263e02f5c4a3be28b3e38d6d6add86b4a55a861fda042dc56cf6d33b516436301e43b5d8ade2c2e78abdeb08e833e679a5df1b0ec1ca783ccae4bce44b4b09664da0fed9aec0d3b36b03d64a598abd1d49aba21bbc395b36c556aa60d5964d12c73ce6992280cc1b32fe10b1b4cf65445458473207b17f6e2c49169fef34b3ee464adfb677df2bd1606b2eb2b14f324bf83d3da444e2335a3465793b1a87378992fcb150885557a014d9687a4fef8001a9ba6918f14c51d76c3d3460b719b2bdc5adff80c618a9407908d3d786f6581fd301800038527186e1a0f5820ccdc0741977e8b94f631576b0c68387af957f685632dbdcd808b1025fd238b1a873044a5a8946106f047e24af760f9d611aa430428dbe24758b6f21d8ebb8e200cda77a57cd472af1af0c548a389b2d04822bbcd245e94dbd0ca2a1ef4eda77b0a54cb50ca4e44ddaa63ca31233c5d737be8453ca6a6615e4486051b74e6207e064f110107b44f0076b3e6bb419c3d834ad98321ad10a1d2f362088f71459a436af15dd8735217becb4c412ec8c2bb834613e2d738350ff4a0eda1dbffbc97b0be4a5091670758f368118ef8159b3e52353b9bd6dc75359eb100b36ac54dd56b31baaaeaca2d7629de322ec410df34d2003e6e85dbdcd4a9955489d6cb1caf6783699944ee889d5cf3f6394d21daddd50ea054fb6d5853b9d5a7161f1034a706bfbd12cbdba27d1ce7b2060b6cd972b662c1fe55607635e98c22d736e3ee4fb490e9622924f89935a36d84bfda6de2d506dd9d1f7193cc70ef7002f2b5f8895427332009dea73f4f3f8a0fcae9dd8d832d801fca5f84a42a58fad869cc418b321ff0eaa92cc602bb9a371143445bbcce56718976a979b1ef43531aa618855153c6addb776cfaab7fff11daa45e31d41d81d29bbbda343e34565f08ef7a87177033ec78ccd715dffbf1dc1462195462205c902efb4b88b32c892b7dd452cba887c716580f9546175d9b72b3d35bd0592261960fe06f3d5de131c514e3658ade382d3f12d333d73452ac526a9089a637c45ab8292d18c8ccdb7039a98fa4c58c8648773974c67260d91f5fb863a5a7e9a60ebfc7ae726d2181e20528c9eeb2e4f4418eae59256882a774202a67c42156bf2a12d6a231350c1e6ccbdb9ebf328eafb10e2f348dfd38c2a246db1f6aee7372ac1db893378c74cfca4fb00cee64e814b36235c85eb09b94624b45dfcab6279cdc52f503850f1d6b628c54900ed28bc9a8ce17065b2c28cce0189bbe3fdb559976826affc5f1d67c3a2930df9205acde724d33560a1f11e8a820902c2bd80a835879291f734874147206f7994839d2786f7d9136af9a8929e06fd6bf70904ee3514a48052037190acfa4023518e623c413bf7e733286ec292d72f3edb6210e244c10164b1843cbe5404e3e5a5d2156f60eab49802471bc34fd0f21bf2ad317c1b1e44e15e9fc0111d9c2ba7da18b132b60a9aa91dbe8870fc400d949a92394e522b0147a260a0217fc0e06e5846388ea18b357b53ace81f014a608fd699d079d4006098c8cd1a71e79c855fb5401f5333fcee98435b4a95c71d05b1ce6612b4ae6b1b7a63e84aa17b7397229be1a6ab8764e7c2a0c1e44b0d8f73c2f0de1a7829745ed889a179d183cf31b41a6b92f7cdca69c39970531060649e41aad1f98ca6e821792eaae396ae3808a5c7da70a1a74432245e575f40e4b834a3be504f838e9f8f44aa05179dc8cfb15ff44c1e415812cb1a50fcbb7182c9a586066ecf3a5a6af6b48b770bb427836627e74cd914210b4ecfd50e83fcdc154b047bebf41b3863d969518d79e35507ad3847ac35adee819f3e35bf159ac948da6065e0aad74c1609a09df29c9b8d4d8f43ed4875bb224359358516a5cae7a569e808bbc27d39241e0707df7aa0229be35adb2e6135004797ad00eedaab66e222bfba33db803e2f76d5bf167468b61aa9a49dfcb557cd9850aed0eb12c1e47e1a1465b14c984cb4cf0bd5f083cb17ca485fb619c815890c67a6b85d2ea4f5f180276301a3bdb9a9539c3c60bc50b55b646d28f95245c3c945a66437642aba6295055029533e66d7946a754f2e1668a9023491e70cea10700ff4f66d91e59f518a945ca9a6b5a97fc2c8796d647e1415d69ea7613cb65f2da057557c959536308628e467f50e9bb39c45045c50ca1c4b8fe08719137b1312764362fa2017ea5373a4414c9a6bc19202f142a750c1940a6c2ceec71dec1243fe3cc80cb42f73bc8b6aa5fd2ab97d24a70ab9c1d4f9cfca8a0fbb1e2b2367eebd204e22a3c97015b7d5070dab7d534528f64dc000f748928afdd76b66918ad9d89393478670a9c3af4436d74b0782cfdff30f700d9182c4ec735a9d40ee24823022b7be0f851678591ff987929d16eaa42f74d3ce16407a5135688255d6b9a84296f887f6836dbb0d33d43aae00b0df44a88fafd9df9e528530e7f6d4daa24e99342c599a3ba6dc6cf212ab5f365e6e499996703e15b4d006a500efa1737f13435b38cc7ec4e3b356806fa0eee29f80a7ce01391343ce3fd54e0254089c52ced7fa9d649c348350ef4e30d79ca21ba25721497998e8e79bb26791000200ac52eefd18d28b3a90729bbe02775709f789b4d4c0dcb3dae472b77f114bc4cbf37d193cbdb00f1ace06fbb039638741570eaec805f9d11e4eff813dba99fef3835eb6625bca4022f2f0dd8142b2a79379758630e313be38069c8cab936e4bdc04640ab53bf437ecadf52e1d1a791242893702325f3221f9d2344e5abc92e5ad97a41e4f7f35f863390b694303000000b10002006defac9d175fab3089927b99018e1494a171bd5eb966eae2338f218f72596f24b025b205ee3c220bdbc1e942c51501f7c415330735f869a7a3ad5a1dd3b080bcf41d332047217f79c2e5b1ace5270b056563cea66345257756936f73e7384d4acb7b05de858480353dc1ac122b964e8edb5f373a71300e1097153773405525c0527b2de761d838d4d77561a5f7614d064969f70c3902c8daac8dadff6111f7d96907dafc9ffa561f0e2c4c76fe0000000400030020000200a87c2b00e4c5050624f0d4ad4ee1b7fa6e55f5a5d042823b5f57d0491400030092f2e6be26deae0abec2fb681359408212007f00760600061a0001006804d100faff000014008000bd06ffffffffffff250301b5012a0106"], 0x22ac}, 0x1, 0x0, 0x0, 0x80}, 0x840) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe1}]}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, 0x0}, 0x20) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4) sendto$inet(r1, &(0x7f00000012c0)="20048a927f1f6588b927481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a750fbf746bec66ba", 0xfe6a, 0xe, 0x0, 0xfffffffffffffe2b) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0) dup(r0) 22:16:20 executing program 5: socketpair(0x11, 0x3, 0x4, 0x0) 22:16:20 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240), 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:16:20 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000040)={0xffffffff}) 22:16:20 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000040)={0x87, 0x19}) 22:16:20 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f0000000280)={0x8, 0x120, 0xfa00, {0x0, {0x0, 0x0, "a286b604b708e735adaeb203e9cb2987278d2131ec02d93b04de2930c188d5140d38dd5e6afa24bc8977925d1da3736a4f3dee373f8c651f183c6fe0190b019c36d3fbda04e4d36803fd8de4ff47b348162777cdd8d6bf4016f337895e6620e11da2a9f1fcdd975b7f66d57808a847f9389a605b23ab645a7d04a39c477dca9145fddf372e5f58dae53bd8988d7f516e86f12962c7197c873ae286ed391b2b1e8961c7a1454d5250d8d5349133a62c4da9e9bf352bb51a47767459e78161acaa9cebb8f575e513106be5db02ad11e965c5128167b0e876c138d32c0ab4c35e04a0fbc98930e0ad1e3df8b9d2ef8a0efaa2af19f581e7a8c5304eead88f5b6001", 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, r1}}, 0x128) 22:16:21 executing program 5: r0 = socket(0x2, 0x3, 0x5) sendmmsg$unix(r0, &(0x7f0000009140)=[{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000001400)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}], 0x20}], 0x1, 0x0) 22:16:21 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240), 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000280)=[{}, {}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0x20) 22:16:21 executing program 0: r0 = socket(0x2, 0x3, 0x8f) getsockopt$PNPIPE_INITSTATE(r0, 0x113, 0x4, 0x0, 0x0) 22:16:21 executing program 1: r0 = socket(0x11, 0x2, 0x0) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e24}, 0x6e) 22:16:21 executing program 4: setresuid(0xffffffffffffffff, 0xee00, 0xee01) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 22:16:21 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f00000000c0)=ANY=[], 0x1e20}}, 0x0) 22:16:21 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000280)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000480)=0x1, r1, 0x0, 0x1, 0x4}}, 0x20) 22:16:21 executing program 2: add_key(&(0x7f00000006c0)='asymmetric\x00', 0x0, &(0x7f0000000740)="fcaf", 0x2, 0xfffffffffffffffb) 22:16:21 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) 22:16:22 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x20, &(0x7f00000002c0)=[@in={0x2, 0x0, @private=0xa010100}, @in={0x2, 0x4e02, @multicast1}]}, &(0x7f0000000100)=0x10) 22:16:22 executing program 0: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x30000009}) 22:16:22 executing program 3: r0 = socket$caif_seqpacket(0x25, 0x5, 0x0) setsockopt$CAIFSO_LINK_SELECT(r0, 0x116, 0x7f, &(0x7f0000000000), 0x4) 22:16:22 executing program 2: r0 = socket$tipc(0x1e, 0x5, 0x0) getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, &(0x7f0000000080)) 22:16:22 executing program 5: r0 = socket$tipc(0x1e, 0x5, 0x0) connect$tipc(r0, 0x0, 0x0) 22:16:22 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) 22:16:22 executing program 4: r0 = syz_open_dev$binderN(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0) mlockall(0x5) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0) 22:16:22 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x14) 22:16:22 executing program 3: shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000000)=""/202) 22:16:22 executing program 2: socketpair$tipc(0x1e, 0x5, 0x0, 0x0) syz_genetlink_get_family_id$l2tp(0x0) 22:16:23 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x40}}, 0x0) 22:16:23 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) [ 1118.025691][T22373] binder: 22372:22373 ioctl c0306201 0 returned -14 22:16:23 executing program 0: r0 = socket(0x22, 0x2, 0x1) sendto$rose(r0, &(0x7f0000000080)="de797cde593fa7d7", 0x8, 0x0, 0x0, 0x0) 22:16:23 executing program 3: socketpair(0x23, 0x0, 0x1f, 0x0) 22:16:23 executing program 2: r0 = socket(0x25, 0x5, 0x0) sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={0x0}}, 0x0) [ 1118.617163][T22386] binder: 22372:22386 ioctl 4018620d 0 returned -22 22:16:23 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000180)='team\x00') sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000b80)=ANY=[@ANYBLOB="e4020000", @ANYRES16=r1, @ANYBLOB="010029bd7000fedbdf2502"], 0x2e4}}, 0x0) [ 1118.675889][T22373] binder: 22372:22373 ioctl c0306201 0 returned -14 22:16:23 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) 22:16:24 executing program 0: add_key(&(0x7f0000000000)='logon\x00', 0x0, &(0x7f0000000080)=')', 0x1, 0xfffffffffffffffd) [ 1119.127972][T22395] netlink: 720 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1119.189275][T22397] netlink: 720 bytes leftover after parsing attributes in process `syz-executor.5'. 22:16:24 executing program 4: r0 = socket(0x25, 0x5, 0x0) setsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x1, 0x0, 0x0) 22:16:24 executing program 3: shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x7000) 22:16:24 executing program 2: syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x3, 0x200000) 22:16:24 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) 22:16:24 executing program 5: r0 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='h', 0x1, 0xfffffffffffffffc) add_key(&(0x7f0000000140)='user\x00', 0x0, 0x0, 0x0, r0) 22:16:24 executing program 0: socket(0x26, 0x80005, 0x0) 22:16:24 executing program 3: r0 = socket(0x25, 0x1, 0x0) getsockname$unix(r0, 0x0, 0x0) 22:16:24 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) 22:16:25 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=@RTM_GETNSID={0x14}, 0x14}}, 0x0) 22:16:25 executing program 0: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x0, @mcast1}, r1}}, 0x30) 22:16:25 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000180)={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "d8211fc0"}, 0x0, 0x0, @userptr}) 22:16:25 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000001100)={0x0, 0x0, "df9ee2fcbb0c1360566173a169fc46787abebc2a3e5b86f04643795df900db4cd4b7e1becaaa2fac51e3674e623a369c3714895aef71519a7498970fab168d133299af041e86e43ae29d8a8a14f84abcc12f171118cba000d27148220cda2ca3957bb2c212c92467d4a5aba05ef9b8e50f952367f418c5ca66f64bd17b8db9fa65adaf9aa3aae5870f57f993595045c6653eb0a9cc81a40c9bc239b292057d3ba57bffa08e78e81fc3145272123834b8d9525f3230e5021eb82de29af538147d14223f0cb6680d0daa21a815855e8b68be43ef0554da7d38ae3fd5959d302798262b412542a5c5be1e87250a52cc5e4f1c5559105c0da592c9b45fa53efc210e", "6b58a01a7b29f02ed45e4b823eef5b3e57ed5d1ad5e3c06b3321966b7b814001ae932ce4038ed76e92232cd8bfbe0d3bebcdd24eb479f12cb1b2155a68d729ccc929a93a95e2cdb65924ef54d774f78ecce2b2a6fc56038d07ea20bb58ba275e18e35a719eccd06e26b8e8a98f944d4fa5946887b75aaf79bee122c08c4aac11c6365c582e3ebbe64b42181d78ac49d9603357f9453ecb42bef7f2f4f7e39123236d5d39741e6461e02fe831fdcfc420d41c95e20db4b183e395505d25507921676a64be0e05b9be7b9f7ff6d9cc2148a49f3be1ccd9cee28d8663a34d4bb50e4b550914812649cf4eef9e895c458df86edbc1b2857c3fb12dd10b0cdfcb4d47d20955b9224bc3d31e829712eaa4694d223d4927116d086d18b7554c941994f58f1bf7e218717b2d28935b2b9a453c58c5475fb5dfe81026f8bc21a0dcb0aa8b74679e9177c82c43dcfeaafa67ca57cb4d1897b24718130c8121f175337656f34ad8f613fc5ec9a4f6043098361677519c73694bb8e1452e682694347e47760b1a4fc314d89ac2fedbf818bef7a0d407013787f7ccc6d6cb9262d02b50125c4ef7e61792dbe2c95657b742afb527fba33bef0d5e0ce667876dba5b8bc7788187329e42fdb7b26051e2dc4d366dba74e1157f302f2505518a3909597a5b867cbceb4f84c3f023d2613bddcc2a098bfb5edaccf916af4360fb61546dd92ed7442e87e7c4e1769acfb2c36506c4e6312a7f78b80c73724f2e5dc9569614270de375048b4a56d232161ef37742bd0bd7099a4a6a983090584710ca58baf452c686629b6b0d1dd3660d1b79c51b70bd3209bbe7820d305a2c28d181d91fb94d8af0c323ee3212db3846e86bcda330658fb4aee0a8f2cbf6bccafdc68d70ab1a771826e4c9586dd99050d85294ff53f38b8262d9ec9d788ecac673b0f1538095216d9e30aa721dd99a7d30ef81b6a7a047a12830aa8d13e8de6fd14077729a69dc8613879561ac2add548d3f5564eb1f14c8261b9a25fa57672b1f33049cda8019cc3a1872d85e6ee1eb9dcd5227d227a55fdcef4349ca02bb6691582dd1c40d9bae1fcc38066e3514a5402b49856ba8f3f8194c1dcad196271db24714c32b15605292eadc771b792b0ea9fd484c6fe1495588153f6c1630a014a3a5571b9009c0e654ef547f1a56da2795ff68e2173adfbff53e5c1d939a12183aec84d2fa3b0a79dcc53d3c2f7b1eff465419ec095db6d813006d154380e4a55fa0c01a3849f98544cad88a0b3d71eaf29022b90bf156cfde6d447e3755eab749947335db039e17f7ca777d1540bb0ea3715bebba4bedecbab6c85cb935eca6ff51e1f7ea1ef73bec0126bd8972b28366d67010a9b1e12e2386f1e1198e700bbdb3d48ae2329620e376dfaffe95196507174bc3947b5421cd719f69a52544ac7dff9d7d77e483f357c306d524accb11bd489adc87eb083ee90eda9612549c9b13fa86d54ce32a7b2ab78f1a8184f679ff8f954a30e5894167111b0b9c20cab648b357c2a8f65d0541d799025d3a030150807182241b051fc121e96a2f5eb6d689e96d4211ee7f0e46dc033e932d6ac4dba0f349b82b668af194d2b0af7ea97cc89cea2e1316402bdc9e4bc3e876960299d6e37e25105393d0af62081b648482b54b4b160bd177b86b497b61529e6305300eb0e3f20e0d59ff79d7a8d842688d907c901438453bb010a9e9da38f17cd412ccf5115c79d2a51c94f4f2b4463caf49f3461c2a20ca0713ecdf5ebaa9de485d52b2277d6eb4f8f9d014583ec85c8c16f96bcc58b5e8f25277e3bd4340a2749bffb6451ebf86ac2402501abd021c9d5234bb354664721bc57f6f87c0efa929db695e71f561ac5096c5dc8972e9b015ac042b6fca4ab1c35adaea797a7d0c68849ada29e94e563af48520640419a0945a7e52358fbfca24ecf927579f4303f601d26fd8eb04e6985a63a6d5d5bb4b1c0cf0641e5e187df874ce0bed29da8d537a11e95a0f5d6cc8401c0a62f3888a3aa7f0f17387e6f7a883242e7c5ef58b1a821e2d6251eb906cf7c7670ffc65b79df2b5e1aa1ffc87e91f3cb60623f742afe1a9689972ee1d4eb17dbf2d5b1d97db74d2e72d5a56ff176ff41e002f26302f3f6bad510d80f0a875576b17b4a46027ddd0878e2b1b86acc2714e2998f9d6fffe72e4251746a2a3a91ad49df230e7a2c67cf6a06315fa72ae4bc0da8d6f868373c24564e7279295a2b760881530fb66dcb0f340a48b8190c77675db1e8b4fb72df8c7c0ea1f6c7f34f944909fbe2989672218520d6c42aefdfb5b4511d02b5eddf55bd92198fdb432c68f3aab3cdf16f188a7bcbc157f1150e97e2859cc354baca13a9504e75ae50a8fd9a70ef491d506d1d392516d62aea0da1f689cf68adaba1972158e8c06b8c96c8e5ddb15cc1404ef603f51d1f9d649fa06fb3c662a923ee5fe99d68587797df1ed6585cd730a4bccd77cb0b31afaedfd41a7a3f22031b257500d3eaee9cfc6d2fc3964b4a8e67a8b82b82385395bf1f0b9beb517aa91368db47a9d387586259a19266b0186667c8e871d6b53f7b34c93f40d8f6e04f96ebb8d531a36bb1606a23d7520c91fcf77badf6f85b12ea58282151b32f47958b88fd771af58847b60dbceb4a37b1865b098c42076d312bef718b687d14233c4891d673611941966b04d1619482d6d7d93982aa13e93b4c334a24d50295565bb7f4ffa9c1d696616d72c73f01109e1e24fd71105dfb5aab4c0f40953241a5c156fe1fabde0a7a75733c13e24813d8be5580d4f02d559b0f2b2f0c32ea0de0ccee774c74c433769543aefcfdcb688833783a3035cb2537dfb4789df16401221ed1c3527e6d91c7c5b17f85f34302e2cc821a3cad7f335566cf3f44f5b2fefcf2a04a8edd4a4b3f2312359ffb5246db59c471838d476242195c2dca03d1eadb06810e528f90c89a1a8300bc1502b274a79cb56e9e8a9194d2b0a24a36d9b51f95e3b240becf07559a4fdee99cac0931c5629401e028d350547edae0567ad7a7b17d895bedc661976bcd8cbb6a9b7b8e4f94180becb4b0b06c7b27127a389ceb1e13fd8fd11c9d029577b952a638024bb426b73909e289ff92d8d4d08927b60c10fda1698fc254c35dfae0485a9124ea4c4388834082a2356a5538f064ff5ac9b68dab3e7709bd30ee3b9422b6f6a80f5fd568f308461c349b93eb81728a8ebd32fd8bd3807440c39878b2131ed0ad2e828bfefc878543cca1c353660fc2bbb09e7e194b95964faed20d982512a70fb04d31a64e73ea59e8a3b2b2a543c1b4e00f38145b10e59fe9e9f87b041250b91b8fc34e761d8ac26838fa572b365424b58fcd11c63279693e913fd075e0721443773eabddd2f722ad14b94b6ac4fe16a2553e4ddbabb3a02bb2ae107d4716934e1f7a55fb22a2f5dccc34fcdd94518bcb153b5cfd3d80206220c6aefe6486da89d289b1e4783c2f876acd990b15d57f97d74d242e43ff7ac1b59095b01ac0d94c671a89f360ecf370a2cf8658c56eb46132de29fbe459c438a07f269a84e7d63292e010555250450974285079255c4cf3b744d512c4eedc8da21e6b1a829328ace2306eac318bdeec1f97c9575560867e75809b9ada920fb93fede745be139b7a061f430978eb315eda0119db0f2097dc9eb48e2b12b760ef2c42bfa060bc59e85839785a26462d7f9e52866c681382c7fd5325bce3bf528819b8705a7e3936e1479a09cf3575ced00dc074d628df7f06f3b1cd79181e2645bf4a4946cd0bc96076c6b1cb131e05c977e078145f21f199df1dcce58bfb3d105fdce111d046d63367da99eb77df24f312c300d5c829a6606d94ca70b38f91c9c739a725a72f17450a6b4f0457175fcf308070ec3af2688ab9e07677b9c2745f3e2f8ae0e440fd03f54ada06b0951a20b3c781a0d311c2e446907ff161ff62ea812d8b06a137a8012a6e8def054eee6f5676eee442489f399a83a9fe6e864f2ce6ffd023e87a4ac2b20e03dc2d7cc76a0e68de4c3508dd51f7a15dca13261c1f8a6e23c0c1b72fe7b207b796612eebfc8307d4223aef699cd5e40cf8ce6719b5e85075954d15320543ec5fad42278bf45b7d1e701d29f9c55f60e59f657514a0dd95e5977d288fcc489a0031637206da0861ef8d1871fbc8a88b11d2a0b2f7ffb1e2e48a75084d716d1d93ea705e53660ab6f82766050c55f07990dc54e10db632f338e157ec6d1daf0962ad67e62ca67312a47c13cdd16c734846fac80743027d410dc7f2ce4088051feba91abfaf30943b0d1f42700c123f52381786d1073ae752b5e637ad9ba56e0884e82d9186dda82a3890ec20df7f4e4e9cd1ee8010940ffc36f9a52b95065424870adb51f6e1ec6d58a582acdb7d90dc09e835e1b567e9350363341b3b704217f6b01a683f8047ead7591d1ebae73c971a7c753dbc9e0afe2256c5538c5bcd44903e74ad53295db1a7caf5c383b785ef872a3f41e0bbe232b2dc93b893ffe4a27a5e8a96c3eea1e760f4c805052e80c6b512e8c451232cb8125039726a53f210e54818ce229652385f5cadf7d04ad482da77a9c2e66d1e7b0166609ce653f00a48d64213c10b86b7c961c0c6f350df6c828acb9e2bdbe0cc696187ed2e482325036a08ddc0caf2e5655cf9e4681fa5d205779447c00f1d755cdd6618a373ecd93dbfe6bbd42a0df8288e0fde1e093a38893877bf5b4e174f4fdfbff365d9da9d52f3f93e5f512470d861fc1db64ef6ca9c40dd4fb13511775e4ce67fa0d0c87ad2ba8d4012692f6ae5d67506ff8200b20968af8d42b0bdc2e17880b51fd545ba762fcb63ad1304f9d2749f648d16ef6732feb4c3da3a293dd58045409645b589cba4a6f6bbff24c08ef7d5711a9ba1326c8d84a6b65e5cd5a832bbf7ecb736386d1641d4c0e43af0ea4d3fa30f30480f09a3af22841ae6c7ddac61e00d142724201c9f25c741da3cfb2e905a6235b4d5a9ae5b66c49ea17c4f468a50834bfadfadf60cc278344dd04981e373a5d6d334f7b41d00cd72bdd77fea654765c52d39cc75c5e7bddac605acb2d2726ea3fd8da592a0e462072d36e9707a7cebcd12ace5f12e9465de60bbcb63ad815fd92221981afb3c40cca22248cb303ca5bb6ed273a6f08c8055701e86a0bcf281d032f082699b947b09bbe5512d8410bc6d9a85aa36fa265aeadae663cda960246e13e28c64afdc07ad0f4be38790246ad14b66721e50bbb5b6a781d3682d20be3711bf71f1865c5e95243823c30310e15ca3a7f286e5c436fe39242ec54166df294e40b4d253fe62dbd26d57af90bbfedc84d83d8e50f25bd1dc8e92c37ff5978303ae4e6f6e8fe1b9749d198ee7244a46e82f3424451f5566860261175b9f7f0412aff296ba5df594ec502"}) 22:16:25 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140), &(0x7f0000000180)=0xc) 22:16:25 executing program 2: r0 = socket(0x2, 0x3, 0x6) sendmsg$FOU_CMD_DEL(r0, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={0x0}}, 0x0) 22:16:25 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) 22:16:25 executing program 0: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x111, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f0000000140)={0x5, 0x10, 0xfa00, {&(0x7f0000000280), r1}}, 0x18) 22:16:25 executing program 4: r0 = socket$tipc(0x1e, 0x5, 0x0) connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{}, 0x4}}, 0x10) 22:16:25 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='U', 0x1}], 0x1}, 0x4000) 22:16:26 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000180)='team\x00') sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000b80)=ANY=[@ANYBLOB="e4020000", @ANYRES16=r1, @ANYBLOB="01"], 0x2e4}}, 0x0) 22:16:26 executing program 2: r0 = socket(0x2, 0x1, 0x0) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x20000000) 22:16:26 executing program 1: syz_init_net_socket$rose(0xb, 0x5, 0x0) r0 = epoll_create1(0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 22:16:26 executing program 0: getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000080)) shmat(0x0, &(0x7f0000ffa000/0x4000)=nil, 0x4000) [ 1121.428737][T22448] netlink: 720 bytes leftover after parsing attributes in process `syz-executor.3'. 22:16:26 executing program 4: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key(&(0x7f00000000c0)='id_legacy\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)="01", 0x1, r0) keyctl$link(0x8, r1, r0) [ 1121.478148][T22452] netlink: 720 bytes leftover after parsing attributes in process `syz-executor.3'. 22:16:26 executing program 5: r0 = socket(0x25, 0x1, 0x0) connect$unix(r0, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e) 22:16:26 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x30000000}) 22:16:26 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 22:16:26 executing program 1: syz_init_net_socket$rose(0xb, 0x5, 0x0) r0 = epoll_create1(0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 22:16:27 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000140), &(0x7f0000000180)=0x4) 22:16:27 executing program 4: r0 = socket(0x28, 0x2, 0x0) getsockname$unix(r0, 0x0, &(0x7f0000000080)=0xfcc7) 22:16:27 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, &(0x7f00000026c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000001680)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x20b}}], 0x20}], 0x1, 0x0) 22:16:27 executing program 2: setresuid(0xee00, 0xee01, 0xee01) socket(0x11, 0x0, 0x0) 22:16:27 executing program 3: r0 = socket(0x23, 0x2, 0x0) sendto$rose(r0, 0x0, 0x0, 0x1, 0x0, 0x0) 22:16:27 executing program 1: syz_init_net_socket$rose(0xb, 0x5, 0x0) r0 = epoll_create1(0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 22:16:27 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000180)={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "98467225"}, 0x0, 0x0, @userptr}) 22:16:27 executing program 5: r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, 0x0, 0x0) 22:16:27 executing program 4: pipe2$9p(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RXATTRWALK(r0, &(0x7f0000000400)={0xf}, 0xf) 22:16:28 executing program 2: openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x10003, 0x0) 22:16:28 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000080)=' '}) 22:16:28 executing program 0: shmat(0x0, &(0x7f0000ff9000/0x3000)=nil, 0x0) 22:16:28 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r1, &(0x7f0000000000)) 22:16:28 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) recvmmsg(r0, &(0x7f0000004b40)=[{{&(0x7f0000000b00)=@rc, 0x80, 0x0, 0x0, &(0x7f0000001e40)=""/239, 0xef}}, {{&(0x7f0000003300)=@tipc=@id, 0x80, &(0x7f00000049c0)=[{&(0x7f0000003380)=""/83, 0x53}, {0x0}, {0x0}, {&(0x7f0000004580)=""/203, 0xcb}, {0x0}, {&(0x7f00000048c0)=""/218, 0xda}], 0x6, &(0x7f0000004a40)=""/243, 0xf3}}], 0x20004582, 0x2, 0x0) 22:16:28 executing program 4: sendto$rxrpc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1123.533960][T22501] binder: 22498:22501 ioctl c0306201 0 returned -14 22:16:28 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) getsockopt$sock_linger(r1, 0x1, 0xd, 0x0, 0x0) 22:16:28 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000003f00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@init={0x18}, @sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0x8000}}], 0x48}], 0x1, 0x0) 22:16:28 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r1, &(0x7f0000000000)) 22:16:29 executing program 4: syz_emit_ethernet(0xe6, &(0x7f00000007c0)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaa4481004700080048"], 0x0) [ 1124.312571][T22501] binder: 22498:22501 ioctl c0306201 0 returned -14 [ 1124.443475][T22507] not chained 530000 origins [ 1124.448098][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1124.453144][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1124.453144][T22507] Call Trace: [ 1124.453144][T22507] dump_stack+0x21c/0x280 [ 1124.453144][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1124.453144][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1124.453144][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1124.490333][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1124.490333][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1124.490333][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1124.490333][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1124.490333][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1124.490333][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1124.490333][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1124.490333][T22507] ? _copy_from_user+0x201/0x310 [ 1124.490333][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1124.490333][T22507] __msan_chain_origin+0x57/0xa0 [ 1124.490333][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1124.548388][T22507] get_compat_msghdr+0x108/0x2b0 [ 1124.548388][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1124.548388][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1124.548388][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1124.548388][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1124.548388][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1124.548388][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1124.548388][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1124.548388][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1124.548388][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1124.548388][T22507] __do_fast_syscall_32+0x129/0x180 [ 1124.548388][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1124.548388][T22507] do_SYSENTER_32+0x73/0x90 [ 1124.548388][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1124.548388][T22507] RIP: 0023:0xf7f56549 [ 1124.548388][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1124.548388][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1124.548388][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1124.548388][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1124.548388][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1124.548388][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1124.548388][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1124.548388][T22507] Uninit was stored to memory at: [ 1124.548388][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1124.548388][T22507] __msan_chain_origin+0x57/0xa0 [ 1124.548388][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1124.548388][T22507] get_compat_msghdr+0x108/0x2b0 [ 1124.548388][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1124.548388][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1124.548388][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1124.548388][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1124.548388][T22507] __do_fast_syscall_32+0x129/0x180 [ 1124.548388][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1124.548388][T22507] do_SYSENTER_32+0x73/0x90 [ 1124.548388][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1124.548388][T22507] [ 1124.548388][T22507] Uninit was stored to memory at: [ 1124.548388][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1124.548388][T22507] __msan_chain_origin+0x57/0xa0 [ 1124.548388][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1124.548388][T22507] get_compat_msghdr+0x108/0x2b0 [ 1124.548388][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1124.548388][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1124.548388][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1124.548388][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1124.548388][T22507] __do_fast_syscall_32+0x129/0x180 [ 1124.548388][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1124.548388][T22507] do_SYSENTER_32+0x73/0x90 [ 1124.548388][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1124.548388][T22507] [ 1124.548388][T22507] Uninit was stored to memory at: [ 1124.548388][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1124.548388][T22507] __msan_chain_origin+0x57/0xa0 [ 1124.548388][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1124.548388][T22507] get_compat_msghdr+0x108/0x2b0 [ 1124.548388][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1124.548388][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1124.548388][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1124.548388][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1124.548388][T22507] __do_fast_syscall_32+0x129/0x180 [ 1124.548388][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1124.548388][T22507] do_SYSENTER_32+0x73/0x90 [ 1124.548388][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1124.548388][T22507] [ 1124.548388][T22507] Uninit was stored to memory at: [ 1124.548388][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1124.548388][T22507] __msan_chain_origin+0x57/0xa0 [ 1124.548388][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1124.548388][T22507] get_compat_msghdr+0x108/0x2b0 [ 1124.548388][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1124.548388][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1124.548388][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1124.548388][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1124.548388][T22507] __do_fast_syscall_32+0x129/0x180 [ 1124.548388][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1124.548388][T22507] do_SYSENTER_32+0x73/0x90 [ 1124.548388][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1124.548388][T22507] [ 1124.548388][T22507] Uninit was stored to memory at: [ 1124.548388][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1124.548388][T22507] __msan_chain_origin+0x57/0xa0 [ 1124.548388][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1124.548388][T22507] get_compat_msghdr+0x108/0x2b0 [ 1124.548388][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1124.548388][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1124.548388][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1124.548388][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1124.548388][T22507] __do_fast_syscall_32+0x129/0x180 [ 1124.548388][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1124.548388][T22507] do_SYSENTER_32+0x73/0x90 [ 1124.548388][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1124.548388][T22507] [ 1124.548388][T22507] Uninit was stored to memory at: [ 1124.548388][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1124.548388][T22507] __msan_chain_origin+0x57/0xa0 [ 1124.548388][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1124.548388][T22507] get_compat_msghdr+0x108/0x2b0 [ 1124.548388][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1124.548388][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1124.548388][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1124.548388][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1124.548388][T22507] __do_fast_syscall_32+0x129/0x180 [ 1124.548388][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1124.548388][T22507] do_SYSENTER_32+0x73/0x90 [ 1124.548388][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1124.548388][T22507] [ 1124.548388][T22507] Uninit was stored to memory at: [ 1124.548388][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1124.548388][T22507] __msan_chain_origin+0x57/0xa0 [ 1124.548388][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1124.548388][T22507] get_compat_msghdr+0x108/0x2b0 [ 1124.548388][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1124.548388][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1124.548388][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1124.548388][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1124.548388][T22507] __do_fast_syscall_32+0x129/0x180 [ 1124.548388][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1124.548388][T22507] do_SYSENTER_32+0x73/0x90 [ 1124.548388][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1124.548388][T22507] [ 1124.548388][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1124.548388][T22507] do_recvmmsg+0xc2/0x22e0 [ 1124.548388][T22507] do_recvmmsg+0xc2/0x22e0 [ 1125.245782][T22509] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:16:30 executing program 0: socketpair(0xa, 0x1, 0x0, 0x0) 22:16:30 executing program 3: 22:16:30 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r1, &(0x7f0000000000)) 22:16:30 executing program 4: 22:16:31 executing program 0: 22:16:31 executing program 4: [ 1127.038568][T22507] not chained 540000 origins [ 1127.043144][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1127.049031][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1127.049031][T22507] Call Trace: [ 1127.049031][T22507] dump_stack+0x21c/0x280 [ 1127.049031][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1127.049031][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1127.049031][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1127.049031][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1127.049031][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1127.049031][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1127.049031][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1127.049031][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1127.049031][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1127.049031][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1127.049031][T22507] ? _copy_from_user+0x201/0x310 [ 1127.049031][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1127.049031][T22507] __msan_chain_origin+0x57/0xa0 [ 1127.049031][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1127.049031][T22507] get_compat_msghdr+0x108/0x2b0 [ 1127.049031][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1127.049031][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1127.049031][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1127.049031][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1127.049031][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1127.173784][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1127.173784][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1127.173784][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1127.173784][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1127.173784][T22507] __do_fast_syscall_32+0x129/0x180 [ 1127.173784][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1127.173784][T22507] do_SYSENTER_32+0x73/0x90 [ 1127.173784][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1127.173784][T22507] RIP: 0023:0xf7f56549 [ 1127.173784][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1127.173784][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1127.243275][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1127.243275][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1127.243275][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1127.243275][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1127.243275][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1127.243275][T22507] Uninit was stored to memory at: [ 1127.243275][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1127.243275][T22507] __msan_chain_origin+0x57/0xa0 [ 1127.307115][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1127.307115][T22507] get_compat_msghdr+0x108/0x2b0 [ 1127.314608][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1127.314608][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1127.314608][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1127.314608][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1127.314608][T22507] __do_fast_syscall_32+0x129/0x180 [ 1127.314608][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1127.314608][T22507] do_SYSENTER_32+0x73/0x90 [ 1127.314608][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1127.314608][T22507] [ 1127.314608][T22507] Uninit was stored to memory at: [ 1127.314608][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1127.314608][T22507] __msan_chain_origin+0x57/0xa0 [ 1127.314608][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1127.314608][T22507] get_compat_msghdr+0x108/0x2b0 [ 1127.383370][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1127.383370][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1127.383370][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1127.383370][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1127.383370][T22507] __do_fast_syscall_32+0x129/0x180 [ 1127.383370][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1127.383370][T22507] do_SYSENTER_32+0x73/0x90 [ 1127.383370][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1127.383370][T22507] [ 1127.431510][T22507] Uninit was stored to memory at: [ 1127.431510][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1127.431510][T22507] __msan_chain_origin+0x57/0xa0 [ 1127.431510][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1127.450286][T22507] get_compat_msghdr+0x108/0x2b0 [ 1127.453334][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1127.453334][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1127.463274][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1127.463274][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1127.463274][T22507] __do_fast_syscall_32+0x129/0x180 [ 1127.463274][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1127.463274][T22507] do_SYSENTER_32+0x73/0x90 [ 1127.463274][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1127.463274][T22507] [ 1127.463274][T22507] Uninit was stored to memory at: [ 1127.463274][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1127.463274][T22507] __msan_chain_origin+0x57/0xa0 [ 1127.463274][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1127.463274][T22507] get_compat_msghdr+0x108/0x2b0 [ 1127.463274][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1127.463274][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1127.463274][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1127.463274][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1127.463274][T22507] __do_fast_syscall_32+0x129/0x180 [ 1127.463274][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1127.557878][T22507] do_SYSENTER_32+0x73/0x90 [ 1127.557878][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1127.557878][T22507] [ 1127.557878][T22507] Uninit was stored to memory at: [ 1127.557878][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1127.557878][T22507] __msan_chain_origin+0x57/0xa0 [ 1127.557878][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1127.557878][T22507] get_compat_msghdr+0x108/0x2b0 [ 1127.557878][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1127.557878][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1127.557878][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1127.557878][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1127.557878][T22507] __do_fast_syscall_32+0x129/0x180 [ 1127.623460][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1127.628783][T22507] do_SYSENTER_32+0x73/0x90 [ 1127.628783][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1127.628783][T22507] [ 1127.628783][T22507] Uninit was stored to memory at: [ 1127.628783][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1127.628783][T22507] __msan_chain_origin+0x57/0xa0 [ 1127.628783][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1127.628783][T22507] get_compat_msghdr+0x108/0x2b0 [ 1127.628783][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1127.628783][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1127.628783][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1127.628783][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1127.628783][T22507] __do_fast_syscall_32+0x129/0x180 [ 1127.693332][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1127.693332][T22507] do_SYSENTER_32+0x73/0x90 [ 1127.693332][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1127.693332][T22507] [ 1127.693332][T22507] Uninit was stored to memory at: [ 1127.693332][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1127.693332][T22507] __msan_chain_origin+0x57/0xa0 [ 1127.693332][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1127.693332][T22507] get_compat_msghdr+0x108/0x2b0 [ 1127.693332][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1127.693332][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1127.693332][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1127.693332][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1127.693332][T22507] __do_fast_syscall_32+0x129/0x180 [ 1127.693332][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1127.693332][T22507] do_SYSENTER_32+0x73/0x90 [ 1127.693332][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1127.693332][T22507] [ 1127.693332][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1127.693332][T22507] do_recvmmsg+0xc2/0x22e0 [ 1127.693332][T22507] do_recvmmsg+0xc2/0x22e0 [ 1128.128404][T22507] not chained 550000 origins [ 1128.133024][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1128.133154][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1128.133154][T22507] Call Trace: [ 1128.133154][T22507] dump_stack+0x21c/0x280 [ 1128.133154][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1128.133154][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1128.133154][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1128.175119][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1128.175119][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1128.175119][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1128.175119][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1128.175119][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1128.175119][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1128.175119][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1128.175119][T22507] ? _copy_from_user+0x201/0x310 [ 1128.175119][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1128.223205][T22507] __msan_chain_origin+0x57/0xa0 [ 1128.223205][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1128.223205][T22507] get_compat_msghdr+0x108/0x2b0 [ 1128.223205][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1128.244432][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1128.244432][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1128.244432][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1128.244432][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1128.244432][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1128.244432][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1128.244432][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1128.244432][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1128.244432][T22507] __do_fast_syscall_32+0x129/0x180 [ 1128.244432][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1128.244432][T22507] do_SYSENTER_32+0x73/0x90 [ 1128.244432][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1128.244432][T22507] RIP: 0023:0xf7f56549 [ 1128.244432][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1128.244432][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1128.337537][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1128.337537][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1128.337537][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1128.337537][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1128.337537][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1128.337537][T22507] Uninit was stored to memory at: [ 1128.337537][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1128.337537][T22507] __msan_chain_origin+0x57/0xa0 [ 1128.337537][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1128.337537][T22507] get_compat_msghdr+0x108/0x2b0 [ 1128.337537][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1128.337537][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1128.337537][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1128.337537][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1128.337537][T22507] __do_fast_syscall_32+0x129/0x180 [ 1128.337537][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1128.337537][T22507] do_SYSENTER_32+0x73/0x90 [ 1128.337537][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1128.337537][T22507] [ 1128.337537][T22507] Uninit was stored to memory at: [ 1128.337537][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1128.337537][T22507] __msan_chain_origin+0x57/0xa0 [ 1128.337537][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1128.337537][T22507] get_compat_msghdr+0x108/0x2b0 [ 1128.337537][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1128.337537][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1128.337537][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1128.337537][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1128.337537][T22507] __do_fast_syscall_32+0x129/0x180 [ 1128.337537][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1128.337537][T22507] do_SYSENTER_32+0x73/0x90 [ 1128.337537][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1128.337537][T22507] [ 1128.337537][T22507] Uninit was stored to memory at: [ 1128.337537][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1128.337537][T22507] __msan_chain_origin+0x57/0xa0 [ 1128.337537][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1128.337537][T22507] get_compat_msghdr+0x108/0x2b0 [ 1128.337537][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1128.337537][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1128.337537][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1128.337537][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1128.337537][T22507] __do_fast_syscall_32+0x129/0x180 [ 1128.337537][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1128.579760][T22507] do_SYSENTER_32+0x73/0x90 [ 1128.579760][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1128.579760][T22507] [ 1128.579760][T22507] Uninit was stored to memory at: [ 1128.579760][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1128.579760][T22507] __msan_chain_origin+0x57/0xa0 [ 1128.579760][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1128.579760][T22507] get_compat_msghdr+0x108/0x2b0 [ 1128.579760][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1128.579760][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1128.579760][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1128.579760][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1128.579760][T22507] __do_fast_syscall_32+0x129/0x180 [ 1128.579760][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1128.579760][T22507] do_SYSENTER_32+0x73/0x90 [ 1128.579760][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1128.579760][T22507] [ 1128.579760][T22507] Uninit was stored to memory at: [ 1128.579760][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1128.579760][T22507] __msan_chain_origin+0x57/0xa0 [ 1128.579760][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1128.579760][T22507] get_compat_msghdr+0x108/0x2b0 [ 1128.579760][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1128.579760][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1128.579760][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1128.579760][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1128.579760][T22507] __do_fast_syscall_32+0x129/0x180 [ 1128.579760][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1128.579760][T22507] do_SYSENTER_32+0x73/0x90 [ 1128.579760][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1128.579760][T22507] [ 1128.579760][T22507] Uninit was stored to memory at: [ 1128.579760][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1128.579760][T22507] __msan_chain_origin+0x57/0xa0 [ 1128.579760][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1128.579760][T22507] get_compat_msghdr+0x108/0x2b0 [ 1128.579760][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1128.579760][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1128.579760][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1128.579760][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1128.579760][T22507] __do_fast_syscall_32+0x129/0x180 [ 1128.579760][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1128.579760][T22507] do_SYSENTER_32+0x73/0x90 [ 1128.579760][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1128.579760][T22507] [ 1128.579760][T22507] Uninit was stored to memory at: [ 1128.579760][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1128.579760][T22507] __msan_chain_origin+0x57/0xa0 [ 1128.579760][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1128.579760][T22507] get_compat_msghdr+0x108/0x2b0 [ 1128.579760][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1128.579760][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1128.579760][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1128.579760][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1128.579760][T22507] __do_fast_syscall_32+0x129/0x180 [ 1128.579760][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1128.579760][T22507] do_SYSENTER_32+0x73/0x90 [ 1128.579760][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1128.579760][T22507] [ 1128.579760][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1128.579760][T22507] do_recvmmsg+0xc2/0x22e0 [ 1128.579760][T22507] do_recvmmsg+0xc2/0x22e0 [ 1129.330946][T22507] not chained 560000 origins [ 1129.333195][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1129.333195][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1129.333195][T22507] Call Trace: [ 1129.333195][T22507] dump_stack+0x21c/0x280 [ 1129.333195][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1129.333195][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1129.333195][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1129.333195][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1129.333195][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1129.333195][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1129.333195][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1129.333195][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1129.404582][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1129.404582][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1129.404582][T22507] ? _copy_from_user+0x201/0x310 [ 1129.404582][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1129.404582][T22507] __msan_chain_origin+0x57/0xa0 [ 1129.404582][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1129.404582][T22507] get_compat_msghdr+0x108/0x2b0 [ 1129.404582][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1129.404582][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1129.404582][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1129.404582][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1129.404582][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1129.404582][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1129.404582][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1129.404582][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1129.404582][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1129.404582][T22507] __do_fast_syscall_32+0x129/0x180 [ 1129.404582][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1129.404582][T22507] do_SYSENTER_32+0x73/0x90 [ 1129.404582][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1129.404582][T22507] RIP: 0023:0xf7f56549 [ 1129.404582][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1129.404582][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1129.404582][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1129.404582][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1129.404582][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1129.404582][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1129.404582][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1129.404582][T22507] Uninit was stored to memory at: [ 1129.404582][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1129.404582][T22507] __msan_chain_origin+0x57/0xa0 [ 1129.404582][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1129.404582][T22507] get_compat_msghdr+0x108/0x2b0 [ 1129.404582][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1129.404582][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1129.404582][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1129.404582][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1129.404582][T22507] __do_fast_syscall_32+0x129/0x180 [ 1129.404582][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1129.404582][T22507] do_SYSENTER_32+0x73/0x90 [ 1129.404582][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1129.404582][T22507] [ 1129.404582][T22507] Uninit was stored to memory at: [ 1129.404582][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1129.404582][T22507] __msan_chain_origin+0x57/0xa0 [ 1129.404582][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1129.404582][T22507] get_compat_msghdr+0x108/0x2b0 [ 1129.404582][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1129.404582][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1129.404582][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1129.404582][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1129.404582][T22507] __do_fast_syscall_32+0x129/0x180 [ 1129.404582][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1129.404582][T22507] do_SYSENTER_32+0x73/0x90 [ 1129.404582][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1129.404582][T22507] [ 1129.404582][T22507] Uninit was stored to memory at: [ 1129.404582][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1129.404582][T22507] __msan_chain_origin+0x57/0xa0 [ 1129.404582][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1129.404582][T22507] get_compat_msghdr+0x108/0x2b0 [ 1129.404582][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1129.404582][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1129.404582][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1129.404582][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1129.404582][T22507] __do_fast_syscall_32+0x129/0x180 [ 1129.404582][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1129.404582][T22507] do_SYSENTER_32+0x73/0x90 [ 1129.404582][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1129.404582][T22507] [ 1129.404582][T22507] Uninit was stored to memory at: [ 1129.404582][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1129.404582][T22507] __msan_chain_origin+0x57/0xa0 [ 1129.404582][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1129.404582][T22507] get_compat_msghdr+0x108/0x2b0 [ 1129.404582][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1129.404582][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1129.404582][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1129.404582][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1129.404582][T22507] __do_fast_syscall_32+0x129/0x180 [ 1129.404582][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1129.404582][T22507] do_SYSENTER_32+0x73/0x90 [ 1129.404582][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1129.404582][T22507] [ 1129.404582][T22507] Uninit was stored to memory at: [ 1129.404582][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1129.404582][T22507] __msan_chain_origin+0x57/0xa0 [ 1129.404582][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1129.404582][T22507] get_compat_msghdr+0x108/0x2b0 [ 1129.404582][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1129.404582][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1129.404582][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1129.404582][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1129.404582][T22507] __do_fast_syscall_32+0x129/0x180 [ 1129.404582][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1129.404582][T22507] do_SYSENTER_32+0x73/0x90 [ 1129.404582][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1129.404582][T22507] [ 1129.404582][T22507] Uninit was stored to memory at: [ 1129.404582][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1129.404582][T22507] __msan_chain_origin+0x57/0xa0 [ 1129.404582][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1129.404582][T22507] get_compat_msghdr+0x108/0x2b0 [ 1129.404582][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1129.404582][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1129.404582][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1129.404582][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1129.404582][T22507] __do_fast_syscall_32+0x129/0x180 [ 1129.404582][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1129.404582][T22507] do_SYSENTER_32+0x73/0x90 [ 1129.404582][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1129.404582][T22507] [ 1129.404582][T22507] Uninit was stored to memory at: [ 1129.404582][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1129.404582][T22507] __msan_chain_origin+0x57/0xa0 [ 1129.404582][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1129.404582][T22507] get_compat_msghdr+0x108/0x2b0 [ 1129.404582][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1129.404582][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1129.404582][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1129.404582][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1129.404582][T22507] __do_fast_syscall_32+0x129/0x180 [ 1129.404582][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1129.404582][T22507] do_SYSENTER_32+0x73/0x90 [ 1129.404582][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1129.404582][T22507] [ 1129.404582][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1129.404582][T22507] do_recvmmsg+0xc2/0x22e0 [ 1129.404582][T22507] do_recvmmsg+0xc2/0x22e0 [ 1130.561129][T22507] not chained 570000 origins [ 1130.563166][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1130.563166][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1130.563166][T22507] Call Trace: [ 1130.563166][T22507] dump_stack+0x21c/0x280 [ 1130.563166][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1130.563166][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1130.563166][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1130.563166][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1130.563166][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1130.563166][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1130.563166][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1130.563166][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1130.563166][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1130.563166][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1130.563166][T22507] ? _copy_from_user+0x201/0x310 [ 1130.563166][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1130.563166][T22507] __msan_chain_origin+0x57/0xa0 [ 1130.563166][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1130.563166][T22507] get_compat_msghdr+0x108/0x2b0 [ 1130.563166][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1130.563166][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1130.563166][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1130.563166][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1130.563166][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1130.563166][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1130.563166][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1130.563166][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1130.563166][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1130.563166][T22507] __do_fast_syscall_32+0x129/0x180 [ 1130.563166][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1130.563166][T22507] do_SYSENTER_32+0x73/0x90 [ 1130.563166][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1130.563166][T22507] RIP: 0023:0xf7f56549 [ 1130.563166][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1130.563166][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1130.563166][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1130.563166][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1130.563166][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1130.563166][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1130.563166][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1130.563166][T22507] Uninit was stored to memory at: [ 1130.563166][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1130.563166][T22507] __msan_chain_origin+0x57/0xa0 [ 1130.563166][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1130.563166][T22507] get_compat_msghdr+0x108/0x2b0 [ 1130.563166][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1130.563166][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1130.563166][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1130.563166][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1130.563166][T22507] __do_fast_syscall_32+0x129/0x180 [ 1130.563166][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1130.563166][T22507] do_SYSENTER_32+0x73/0x90 [ 1130.563166][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1130.563166][T22507] [ 1130.563166][T22507] Uninit was stored to memory at: [ 1130.563166][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1130.563166][T22507] __msan_chain_origin+0x57/0xa0 [ 1130.563166][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1130.563166][T22507] get_compat_msghdr+0x108/0x2b0 [ 1130.563166][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1130.563166][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1130.563166][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1130.563166][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1130.563166][T22507] __do_fast_syscall_32+0x129/0x180 [ 1130.563166][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1130.563166][T22507] do_SYSENTER_32+0x73/0x90 [ 1130.563166][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1130.563166][T22507] [ 1130.563166][T22507] Uninit was stored to memory at: [ 1130.563166][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1130.563166][T22507] __msan_chain_origin+0x57/0xa0 [ 1130.563166][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1130.563166][T22507] get_compat_msghdr+0x108/0x2b0 [ 1130.563166][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1130.563166][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1130.563166][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1130.563166][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1130.563166][T22507] __do_fast_syscall_32+0x129/0x180 [ 1130.563166][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1130.563166][T22507] do_SYSENTER_32+0x73/0x90 [ 1130.563166][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1130.563166][T22507] [ 1130.563166][T22507] Uninit was stored to memory at: [ 1130.563166][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1130.563166][T22507] __msan_chain_origin+0x57/0xa0 [ 1130.563166][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1130.563166][T22507] get_compat_msghdr+0x108/0x2b0 [ 1130.563166][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1130.563166][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1130.563166][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1130.563166][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1130.563166][T22507] __do_fast_syscall_32+0x129/0x180 [ 1130.563166][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1130.563166][T22507] do_SYSENTER_32+0x73/0x90 [ 1130.563166][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1130.563166][T22507] [ 1130.563166][T22507] Uninit was stored to memory at: [ 1130.563166][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1130.563166][T22507] __msan_chain_origin+0x57/0xa0 [ 1130.563166][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1130.563166][T22507] get_compat_msghdr+0x108/0x2b0 [ 1130.563166][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1130.563166][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1130.563166][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1130.563166][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1130.563166][T22507] __do_fast_syscall_32+0x129/0x180 [ 1130.563166][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1130.563166][T22507] do_SYSENTER_32+0x73/0x90 [ 1130.563166][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1130.563166][T22507] [ 1130.563166][T22507] Uninit was stored to memory at: [ 1130.563166][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1130.563166][T22507] __msan_chain_origin+0x57/0xa0 [ 1130.563166][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1130.563166][T22507] get_compat_msghdr+0x108/0x2b0 [ 1130.563166][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1130.563166][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1130.563166][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1130.563166][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1130.563166][T22507] __do_fast_syscall_32+0x129/0x180 [ 1130.563166][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1130.563166][T22507] do_SYSENTER_32+0x73/0x90 [ 1130.563166][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1130.563166][T22507] [ 1130.563166][T22507] Uninit was stored to memory at: [ 1130.563166][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1130.563166][T22507] __msan_chain_origin+0x57/0xa0 [ 1130.563166][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1130.563166][T22507] get_compat_msghdr+0x108/0x2b0 [ 1130.563166][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1130.563166][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1130.563166][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1130.563166][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1130.563166][T22507] __do_fast_syscall_32+0x129/0x180 [ 1130.563166][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1130.563166][T22507] do_SYSENTER_32+0x73/0x90 [ 1130.563166][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1130.563166][T22507] [ 1130.563166][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1130.563166][T22507] do_recvmmsg+0xc2/0x22e0 [ 1130.563166][T22507] do_recvmmsg+0xc2/0x22e0 [ 1131.810427][T22507] not chained 580000 origins [ 1131.813229][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1131.813229][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1131.813229][T22507] Call Trace: [ 1131.813229][T22507] dump_stack+0x21c/0x280 [ 1131.813229][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1131.813229][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1131.813229][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1131.813229][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1131.863309][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1131.863309][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1131.863309][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1131.863309][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1131.863309][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1131.863309][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1131.863309][T22507] ? _copy_from_user+0x201/0x310 [ 1131.863309][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1131.863309][T22507] __msan_chain_origin+0x57/0xa0 [ 1131.863309][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1131.863309][T22507] get_compat_msghdr+0x108/0x2b0 [ 1131.863309][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1131.863309][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1131.863309][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1131.933249][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1131.933249][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1131.943293][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1131.943293][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1131.943293][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1131.943293][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1131.943293][T22507] __do_fast_syscall_32+0x129/0x180 [ 1131.943293][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1131.943293][T22507] do_SYSENTER_32+0x73/0x90 [ 1131.943293][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1131.943293][T22507] RIP: 0023:0xf7f56549 [ 1131.943293][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1132.003326][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1132.003326][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1132.003326][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1132.003326][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1132.003326][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1132.003326][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1132.003326][T22507] Uninit was stored to memory at: [ 1132.003326][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.073265][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.073265][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.073265][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.073265][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.073265][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.073265][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.073265][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.073265][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.073265][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.073265][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.073265][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.073265][T22507] [ 1132.073265][T22507] Uninit was stored to memory at: [ 1132.073265][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.143329][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.143329][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.143329][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.143329][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.143329][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.143329][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.143329][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.143329][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.143329][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.143329][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.143329][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.143329][T22507] [ 1132.143329][T22507] Uninit was stored to memory at: [ 1132.143329][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.213412][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.213412][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.213412][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.213412][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.213412][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.235927][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.243456][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.243456][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.253437][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.253437][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.264731][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.264731][T22507] [ 1132.273503][T22507] Uninit was stored to memory at: [ 1132.273503][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.283269][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.283269][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.293451][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.293451][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.303521][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.303521][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.313482][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.313482][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.323477][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.323477][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.333528][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.333528][T22507] [ 1132.343309][T22507] Uninit was stored to memory at: [ 1132.345207][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.353425][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.353425][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.363435][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.363435][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.374399][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.375744][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.384070][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.384070][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.393527][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.393527][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.403271][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.403271][T22507] [ 1132.413435][T22507] Uninit was stored to memory at: [ 1132.413435][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.423529][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.423529][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.423529][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.423529][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.423529][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.447191][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.455260][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.455260][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.463438][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.463438][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.473448][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.483292][T22507] [ 1132.483292][T22507] Uninit was stored to memory at: [ 1132.483292][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.493527][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.493527][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.503267][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.503267][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.513415][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.513415][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.523498][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.533304][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.533446][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.543313][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.543473][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.553509][T22507] [ 1132.553509][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1132.553509][T22507] do_recvmmsg+0xc2/0x22e0 [ 1132.565157][T22507] do_recvmmsg+0xc2/0x22e0 [ 1132.827029][T22507] not chained 590000 origins [ 1132.831635][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1132.833137][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1132.833137][T22507] Call Trace: [ 1132.833137][T22507] dump_stack+0x21c/0x280 [ 1132.833137][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1132.833137][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1132.833137][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1132.833137][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1132.833137][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1132.833137][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1132.833137][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1132.833137][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1132.833137][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1132.833137][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1132.833137][T22507] ? _copy_from_user+0x201/0x310 [ 1132.833137][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1132.833137][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.833137][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.833137][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.833137][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.833137][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1132.833137][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1132.833137][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1132.833137][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.833137][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1132.833137][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1132.833137][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.833137][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.833137][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.833137][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.833137][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.833137][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.833137][T22507] RIP: 0023:0xf7f56549 [ 1132.833137][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1132.833137][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1132.833137][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1132.833137][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1132.833137][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1132.833137][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1132.833137][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1132.833137][T22507] Uninit was stored to memory at: [ 1132.833137][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.833137][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.833137][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.833137][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.833137][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.833137][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.833137][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.833137][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.833137][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.833137][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.833137][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.833137][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.833137][T22507] [ 1132.833137][T22507] Uninit was stored to memory at: [ 1132.833137][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.833137][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.833137][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.833137][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.833137][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.833137][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.833137][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.833137][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.833137][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.833137][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.833137][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.833137][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.833137][T22507] [ 1132.833137][T22507] Uninit was stored to memory at: [ 1132.833137][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.833137][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.833137][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.833137][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.833137][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.833137][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.833137][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.833137][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.833137][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.833137][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.833137][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.833137][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.833137][T22507] [ 1132.833137][T22507] Uninit was stored to memory at: [ 1132.833137][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.833137][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.833137][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.833137][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.833137][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.833137][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.833137][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.833137][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.833137][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.833137][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.833137][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.833137][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.833137][T22507] [ 1132.833137][T22507] Uninit was stored to memory at: [ 1132.833137][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.833137][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.833137][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.833137][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.833137][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.833137][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.833137][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.833137][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.833137][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.833137][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.833137][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.833137][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.833137][T22507] [ 1132.833137][T22507] Uninit was stored to memory at: [ 1132.833137][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.833137][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.833137][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.833137][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.833137][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.833137][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.833137][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.833137][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.833137][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.833137][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.833137][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.833137][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.833137][T22507] [ 1132.833137][T22507] Uninit was stored to memory at: [ 1132.833137][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1132.833137][T22507] __msan_chain_origin+0x57/0xa0 [ 1132.833137][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1132.833137][T22507] get_compat_msghdr+0x108/0x2b0 [ 1132.833137][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1132.833137][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1132.833137][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1132.833137][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1132.833137][T22507] __do_fast_syscall_32+0x129/0x180 [ 1132.833137][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1132.833137][T22507] do_SYSENTER_32+0x73/0x90 [ 1132.833137][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1132.833137][T22507] [ 1132.833137][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1132.833137][T22507] do_recvmmsg+0xc2/0x22e0 [ 1132.833137][T22507] do_recvmmsg+0xc2/0x22e0 [ 1133.789997][T22507] not chained 600000 origins [ 1133.793141][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1133.793141][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1133.793141][T22507] Call Trace: [ 1133.793141][T22507] dump_stack+0x21c/0x280 [ 1133.793141][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1133.793141][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1133.793141][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1133.793141][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1133.793141][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1133.793141][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1133.793141][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1133.793141][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1133.863272][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1133.863272][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1133.863272][T22507] ? _copy_from_user+0x201/0x310 [ 1133.863272][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1133.863272][T22507] __msan_chain_origin+0x57/0xa0 [ 1133.863272][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1133.863272][T22507] get_compat_msghdr+0x108/0x2b0 [ 1133.863272][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1133.863272][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1133.863272][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1133.863272][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1133.863272][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1133.863272][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1133.863272][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1133.863272][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1133.863272][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1133.863272][T22507] __do_fast_syscall_32+0x129/0x180 [ 1133.863272][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1133.863272][T22507] do_SYSENTER_32+0x73/0x90 [ 1133.863272][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1133.863272][T22507] RIP: 0023:0xf7f56549 [ 1133.863272][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1133.863272][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1133.863272][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1133.863272][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1133.863272][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1133.863272][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1133.863272][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1133.863272][T22507] Uninit was stored to memory at: [ 1133.863272][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1133.863272][T22507] __msan_chain_origin+0x57/0xa0 [ 1133.863272][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1133.863272][T22507] get_compat_msghdr+0x108/0x2b0 [ 1133.863272][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1133.863272][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1133.863272][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1133.863272][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1133.863272][T22507] __do_fast_syscall_32+0x129/0x180 [ 1133.863272][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1133.863272][T22507] do_SYSENTER_32+0x73/0x90 [ 1133.863272][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1133.863272][T22507] [ 1133.863272][T22507] Uninit was stored to memory at: [ 1133.863272][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1133.863272][T22507] __msan_chain_origin+0x57/0xa0 [ 1133.863272][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1133.863272][T22507] get_compat_msghdr+0x108/0x2b0 [ 1133.863272][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1133.863272][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1133.863272][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1133.863272][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1133.863272][T22507] __do_fast_syscall_32+0x129/0x180 [ 1133.863272][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1133.863272][T22507] do_SYSENTER_32+0x73/0x90 [ 1133.863272][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1133.863272][T22507] [ 1133.863272][T22507] Uninit was stored to memory at: [ 1133.863272][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1133.863272][T22507] __msan_chain_origin+0x57/0xa0 [ 1133.863272][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1133.863272][T22507] get_compat_msghdr+0x108/0x2b0 [ 1133.863272][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1133.863272][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1133.863272][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1133.863272][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1133.863272][T22507] __do_fast_syscall_32+0x129/0x180 [ 1133.863272][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1133.863272][T22507] do_SYSENTER_32+0x73/0x90 [ 1133.863272][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1133.863272][T22507] [ 1133.863272][T22507] Uninit was stored to memory at: [ 1133.863272][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1133.863272][T22507] __msan_chain_origin+0x57/0xa0 [ 1133.863272][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1133.863272][T22507] get_compat_msghdr+0x108/0x2b0 [ 1133.863272][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1133.863272][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1133.863272][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1133.863272][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1133.863272][T22507] __do_fast_syscall_32+0x129/0x180 [ 1133.863272][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1133.863272][T22507] do_SYSENTER_32+0x73/0x90 [ 1133.863272][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1133.863272][T22507] [ 1133.863272][T22507] Uninit was stored to memory at: [ 1133.863272][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1133.863272][T22507] __msan_chain_origin+0x57/0xa0 [ 1133.863272][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1134.341362][T22507] get_compat_msghdr+0x108/0x2b0 [ 1134.346448][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1134.353537][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1134.353537][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1134.363333][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1134.366392][T22507] __do_fast_syscall_32+0x129/0x180 [ 1134.373420][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1134.373420][T22507] do_SYSENTER_32+0x73/0x90 [ 1134.386332][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1134.386332][T22507] [ 1134.393413][T22507] Uninit was stored to memory at: [ 1134.393413][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1134.403335][T22507] __msan_chain_origin+0x57/0xa0 [ 1134.406188][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1134.413590][T22507] get_compat_msghdr+0x108/0x2b0 [ 1134.413590][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1134.413590][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1134.426997][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1134.435285][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1134.435285][T22507] __do_fast_syscall_32+0x129/0x180 [ 1134.446309][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1134.446309][T22507] do_SYSENTER_32+0x73/0x90 [ 1134.453433][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1134.463409][T22507] [ 1134.466290][T22507] Uninit was stored to memory at: [ 1134.473589][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1134.473589][T22507] __msan_chain_origin+0x57/0xa0 [ 1134.483358][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1134.486200][T22507] get_compat_msghdr+0x108/0x2b0 [ 1134.493464][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1134.493464][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1134.493464][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1134.503650][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1134.503650][T22507] __do_fast_syscall_32+0x129/0x180 [ 1134.503650][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1134.503650][T22507] do_SYSENTER_32+0x73/0x90 [ 1134.503650][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1134.533562][T22507] [ 1134.533562][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1134.543395][T22507] do_recvmmsg+0xc2/0x22e0 [ 1134.548053][T22507] do_recvmmsg+0xc2/0x22e0 [ 1134.752148][T22507] not chained 610000 origins [ 1134.753134][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1134.753134][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1134.753134][T22507] Call Trace: [ 1134.753134][T22507] dump_stack+0x21c/0x280 [ 1134.753134][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1134.753134][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1134.753134][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1134.753134][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1134.753134][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1134.753134][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1134.753134][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1134.753134][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1134.753134][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1134.753134][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1134.753134][T22507] ? _copy_from_user+0x201/0x310 [ 1134.753134][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1134.753134][T22507] __msan_chain_origin+0x57/0xa0 [ 1134.753134][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1134.753134][T22507] get_compat_msghdr+0x108/0x2b0 [ 1134.753134][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1134.753134][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1134.753134][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1134.753134][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1134.753134][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1134.753134][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1134.753134][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1134.753134][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1134.753134][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1134.753134][T22507] __do_fast_syscall_32+0x129/0x180 [ 1134.753134][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1134.753134][T22507] do_SYSENTER_32+0x73/0x90 [ 1134.753134][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1134.753134][T22507] RIP: 0023:0xf7f56549 [ 1134.753134][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1134.753134][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1134.753134][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1134.753134][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1134.753134][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1134.990428][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1134.993476][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1135.006457][T22507] Uninit was stored to memory at: [ 1135.006457][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1135.013339][T22507] __msan_chain_origin+0x57/0xa0 [ 1135.023446][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1135.026480][T22507] get_compat_msghdr+0x108/0x2b0 [ 1135.033279][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1135.037832][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1135.037832][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1135.046441][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1135.053471][T22507] __do_fast_syscall_32+0x129/0x180 [ 1135.053471][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1135.063522][T22507] do_SYSENTER_32+0x73/0x90 [ 1135.066749][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1135.073580][T22507] [ 1135.073580][T22507] Uninit was stored to memory at: [ 1135.083434][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1135.086395][T22507] __msan_chain_origin+0x57/0xa0 [ 1135.095226][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1135.095226][T22507] get_compat_msghdr+0x108/0x2b0 [ 1135.103480][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1135.106430][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1135.113510][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1135.113510][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1135.126359][T22507] __do_fast_syscall_32+0x129/0x180 [ 1135.126359][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1135.133295][T22507] do_SYSENTER_32+0x73/0x90 [ 1135.140272][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1135.146398][T22507] [ 1135.146398][T22507] Uninit was stored to memory at: [ 1135.153289][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1135.153289][T22507] __msan_chain_origin+0x57/0xa0 [ 1135.163461][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1135.166406][T22507] get_compat_msghdr+0x108/0x2b0 [ 1135.173542][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1135.173542][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1135.183457][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1135.186477][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1135.193319][T22507] __do_fast_syscall_32+0x129/0x180 [ 1135.193319][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1135.208178][T22507] do_SYSENTER_32+0x73/0x90 [ 1135.208178][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1135.213327][T22507] [ 1135.213327][T22507] Uninit was stored to memory at: [ 1135.226457][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1135.226457][T22507] __msan_chain_origin+0x57/0xa0 [ 1135.233515][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1135.233515][T22507] get_compat_msghdr+0x108/0x2b0 [ 1135.246292][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1135.246292][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1135.253305][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1135.253305][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1135.266448][T22507] __do_fast_syscall_32+0x129/0x180 [ 1135.273303][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1135.273303][T22507] do_SYSENTER_32+0x73/0x90 [ 1135.283404][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1135.286327][T22507] [ 1135.293367][T22507] Uninit was stored to memory at: [ 1135.293541][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1135.303384][T22507] __msan_chain_origin+0x57/0xa0 [ 1135.306316][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1135.313351][T22507] get_compat_msghdr+0x108/0x2b0 [ 1135.315239][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1135.323418][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1135.326425][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1135.333284][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1135.333284][T22507] __do_fast_syscall_32+0x129/0x180 [ 1135.344182][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1135.348296][T22507] do_SYSENTER_32+0x73/0x90 [ 1135.353483][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1135.353483][T22507] [ 1135.363408][T22507] Uninit was stored to memory at: [ 1135.366337][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1135.373306][T22507] __msan_chain_origin+0x57/0xa0 [ 1135.373306][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1135.383440][T22507] get_compat_msghdr+0x108/0x2b0 [ 1135.386441][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1135.393294][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1135.393294][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1135.403428][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1135.406454][T22507] __do_fast_syscall_32+0x129/0x180 [ 1135.413461][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1135.413461][T22507] do_SYSENTER_32+0x73/0x90 [ 1135.423413][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1135.433299][T22507] [ 1135.433299][T22507] Uninit was stored to memory at: [ 1135.433299][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1135.443454][T22507] __msan_chain_origin+0x57/0xa0 [ 1135.450046][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1135.453276][T22507] get_compat_msghdr+0x108/0x2b0 [ 1135.453276][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1135.463432][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1135.467682][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1135.473466][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1135.473466][T22507] __do_fast_syscall_32+0x129/0x180 [ 1135.486326][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1135.493298][T22507] do_SYSENTER_32+0x73/0x90 [ 1135.493298][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1135.503457][T22507] [ 1135.506457][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1135.513512][T22507] do_recvmmsg+0xc2/0x22e0 [ 1135.513512][T22507] do_recvmmsg+0xc2/0x22e0 [ 1135.805628][T22507] not chained 620000 origins [ 1135.810405][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1135.813166][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1135.813166][T22507] Call Trace: [ 1135.813166][T22507] dump_stack+0x21c/0x280 [ 1135.813166][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1135.813166][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1135.813166][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1135.813166][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1135.855117][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1135.855117][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1135.855117][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1135.855117][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1135.855117][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1135.855117][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1135.855117][T22507] ? _copy_from_user+0x201/0x310 [ 1135.855117][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1135.855117][T22507] __msan_chain_origin+0x57/0xa0 [ 1135.855117][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1135.855117][T22507] get_compat_msghdr+0x108/0x2b0 [ 1135.855117][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1135.855117][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1135.855117][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1135.855117][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1135.855117][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1135.855117][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1135.855117][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1135.855117][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1135.855117][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1135.855117][T22507] __do_fast_syscall_32+0x129/0x180 [ 1135.855117][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1135.855117][T22507] do_SYSENTER_32+0x73/0x90 [ 1135.855117][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1135.855117][T22507] RIP: 0023:0xf7f56549 [ 1135.855117][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1136.003251][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1136.003251][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1136.003251][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1136.003251][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1136.003251][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1136.003251][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1136.003251][T22507] Uninit was stored to memory at: [ 1136.003251][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.003251][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.003251][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.003251][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.003251][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.003251][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.003251][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.003251][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.003251][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.003251][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.003251][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.003251][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.003251][T22507] [ 1136.003251][T22507] Uninit was stored to memory at: [ 1136.003251][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.003251][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.003251][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.003251][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.003251][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.003251][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.003251][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.003251][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.003251][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.003251][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.003251][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.003251][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.003251][T22507] [ 1136.003251][T22507] Uninit was stored to memory at: [ 1136.003251][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.003251][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.003251][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.003251][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.003251][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.003251][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.003251][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.003251][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.003251][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.003251][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.003251][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.003251][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.003251][T22507] [ 1136.003251][T22507] Uninit was stored to memory at: [ 1136.003251][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.003251][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.003251][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.003251][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.003251][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.003251][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.003251][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.003251][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.003251][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.003251][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.003251][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.003251][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.003251][T22507] [ 1136.003251][T22507] Uninit was stored to memory at: [ 1136.003251][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.003251][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.003251][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.003251][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.003251][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.003251][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.003251][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.003251][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.003251][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.003251][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.003251][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.003251][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.003251][T22507] [ 1136.003251][T22507] Uninit was stored to memory at: [ 1136.003251][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.003251][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.003251][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.003251][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.003251][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.003251][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.003251][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.003251][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.003251][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.003251][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.003251][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.003251][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.003251][T22507] [ 1136.003251][T22507] Uninit was stored to memory at: [ 1136.003251][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.003251][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.003251][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.003251][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.003251][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.003251][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.003251][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.003251][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.003251][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.003251][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.003251][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.003251][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.003251][T22507] [ 1136.003251][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1136.003251][T22507] do_recvmmsg+0xc2/0x22e0 [ 1136.003251][T22507] do_recvmmsg+0xc2/0x22e0 [ 1136.861765][T22507] not chained 630000 origins [ 1136.863165][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1136.863165][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1136.879522][T22507] Call Trace: [ 1136.879522][T22507] dump_stack+0x21c/0x280 [ 1136.879522][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1136.879522][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1136.879522][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1136.879522][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1136.879522][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1136.879522][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1136.879522][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1136.879522][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1136.879522][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1136.879522][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1136.879522][T22507] ? _copy_from_user+0x201/0x310 [ 1136.953248][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1136.953248][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.953248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.953248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.953248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.953248][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1136.953248][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1136.953248][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1136.953248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.953248][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1136.953248][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1136.953248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.953248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.953248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.953248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.953248][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.953248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.953248][T22507] RIP: 0023:0xf7f56549 [ 1136.953248][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1136.953248][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1136.953248][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1136.953248][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1136.953248][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1136.953248][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1136.953248][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1136.953248][T22507] Uninit was stored to memory at: [ 1136.953248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.953248][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.953248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.953248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.953248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.953248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.953248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.953248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.953248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.953248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.953248][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.953248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.953248][T22507] [ 1136.953248][T22507] Uninit was stored to memory at: [ 1136.953248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.953248][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.953248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.953248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.953248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.953248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.953248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.953248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.953248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.953248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.953248][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.953248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.953248][T22507] [ 1136.953248][T22507] Uninit was stored to memory at: [ 1136.953248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.953248][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.953248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.953248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.953248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.953248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.953248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.953248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.953248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.953248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.953248][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.953248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.953248][T22507] [ 1136.953248][T22507] Uninit was stored to memory at: [ 1136.953248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.953248][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.953248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.953248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.953248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.953248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.953248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.953248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.953248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.953248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.953248][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.953248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.953248][T22507] [ 1136.953248][T22507] Uninit was stored to memory at: [ 1136.953248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.953248][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.953248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.953248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.953248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.953248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.953248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.953248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.953248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.953248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.953248][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.953248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.953248][T22507] [ 1136.953248][T22507] Uninit was stored to memory at: [ 1136.953248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.953248][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.953248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.953248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.953248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.953248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.953248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.953248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.953248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.953248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.953248][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.953248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.953248][T22507] [ 1136.953248][T22507] Uninit was stored to memory at: [ 1136.953248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1136.953248][T22507] __msan_chain_origin+0x57/0xa0 [ 1136.953248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1136.953248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1136.953248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1136.953248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1136.953248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1136.953248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1136.953248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1136.953248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1136.953248][T22507] do_SYSENTER_32+0x73/0x90 [ 1136.953248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1136.953248][T22507] [ 1136.953248][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1137.624115][T22507] do_recvmmsg+0xc2/0x22e0 [ 1137.624115][T22507] do_recvmmsg+0xc2/0x22e0 [ 1137.850836][T22507] not chained 640000 origins [ 1137.853156][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1137.853156][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1137.853156][T22507] Call Trace: [ 1137.853156][T22507] dump_stack+0x21c/0x280 [ 1137.853156][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1137.853156][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1137.853156][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1137.853156][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1137.853156][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1137.853156][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1137.853156][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1137.853156][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1137.853156][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1137.853156][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1137.853156][T22507] ? _copy_from_user+0x201/0x310 [ 1137.853156][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1137.853156][T22507] __msan_chain_origin+0x57/0xa0 [ 1137.853156][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1137.853156][T22507] get_compat_msghdr+0x108/0x2b0 [ 1137.853156][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1137.853156][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1137.853156][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1137.853156][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1137.853156][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1137.853156][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1137.853156][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1137.853156][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1137.853156][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1137.853156][T22507] __do_fast_syscall_32+0x129/0x180 [ 1137.853156][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1137.853156][T22507] do_SYSENTER_32+0x73/0x90 [ 1137.853156][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1137.853156][T22507] RIP: 0023:0xf7f56549 [ 1137.853156][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1137.853156][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1137.853156][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1137.853156][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1137.853156][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1137.853156][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1137.853156][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1137.853156][T22507] Uninit was stored to memory at: [ 1137.853156][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1137.853156][T22507] __msan_chain_origin+0x57/0xa0 [ 1137.853156][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1137.853156][T22507] get_compat_msghdr+0x108/0x2b0 [ 1137.853156][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1137.853156][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1137.853156][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1137.853156][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1137.853156][T22507] __do_fast_syscall_32+0x129/0x180 [ 1137.853156][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1137.853156][T22507] do_SYSENTER_32+0x73/0x90 [ 1137.853156][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1137.853156][T22507] [ 1137.853156][T22507] Uninit was stored to memory at: [ 1137.853156][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1137.853156][T22507] __msan_chain_origin+0x57/0xa0 [ 1137.853156][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1137.853156][T22507] get_compat_msghdr+0x108/0x2b0 [ 1137.853156][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1137.853156][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1137.853156][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1137.853156][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1137.853156][T22507] __do_fast_syscall_32+0x129/0x180 [ 1137.853156][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1137.853156][T22507] do_SYSENTER_32+0x73/0x90 [ 1137.853156][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1137.853156][T22507] [ 1137.853156][T22507] Uninit was stored to memory at: [ 1137.853156][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1137.853156][T22507] __msan_chain_origin+0x57/0xa0 [ 1137.853156][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1137.853156][T22507] get_compat_msghdr+0x108/0x2b0 [ 1137.853156][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1137.853156][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1137.853156][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1137.853156][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1137.853156][T22507] __do_fast_syscall_32+0x129/0x180 [ 1137.853156][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1137.853156][T22507] do_SYSENTER_32+0x73/0x90 [ 1137.853156][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1137.853156][T22507] [ 1137.853156][T22507] Uninit was stored to memory at: [ 1137.853156][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1137.853156][T22507] __msan_chain_origin+0x57/0xa0 [ 1137.853156][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1137.853156][T22507] get_compat_msghdr+0x108/0x2b0 [ 1137.853156][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1137.853156][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1137.853156][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1137.853156][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1137.853156][T22507] __do_fast_syscall_32+0x129/0x180 [ 1137.853156][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1137.853156][T22507] do_SYSENTER_32+0x73/0x90 [ 1137.853156][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1137.853156][T22507] [ 1137.853156][T22507] Uninit was stored to memory at: [ 1137.853156][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1137.853156][T22507] __msan_chain_origin+0x57/0xa0 [ 1137.853156][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1137.853156][T22507] get_compat_msghdr+0x108/0x2b0 [ 1137.853156][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1137.853156][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1137.853156][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1137.853156][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1137.853156][T22507] __do_fast_syscall_32+0x129/0x180 [ 1137.853156][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1137.853156][T22507] do_SYSENTER_32+0x73/0x90 [ 1137.853156][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1137.853156][T22507] [ 1137.853156][T22507] Uninit was stored to memory at: [ 1137.853156][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1137.853156][T22507] __msan_chain_origin+0x57/0xa0 [ 1137.853156][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1137.853156][T22507] get_compat_msghdr+0x108/0x2b0 [ 1137.853156][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1137.853156][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1137.853156][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1137.853156][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1137.853156][T22507] __do_fast_syscall_32+0x129/0x180 [ 1137.853156][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1137.853156][T22507] do_SYSENTER_32+0x73/0x90 [ 1137.853156][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1137.853156][T22507] [ 1137.853156][T22507] Uninit was stored to memory at: [ 1137.853156][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1137.853156][T22507] __msan_chain_origin+0x57/0xa0 [ 1137.853156][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1137.853156][T22507] get_compat_msghdr+0x108/0x2b0 [ 1137.853156][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1137.853156][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1137.853156][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1137.853156][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1137.853156][T22507] __do_fast_syscall_32+0x129/0x180 [ 1137.853156][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1137.853156][T22507] do_SYSENTER_32+0x73/0x90 [ 1137.853156][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1137.853156][T22507] [ 1137.853156][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1137.853156][T22507] do_recvmmsg+0xc2/0x22e0 [ 1137.853156][T22507] do_recvmmsg+0xc2/0x22e0 [ 1138.872016][T22507] not chained 650000 origins [ 1138.873158][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1138.873158][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1138.873158][T22507] Call Trace: [ 1138.873158][T22507] dump_stack+0x21c/0x280 [ 1138.873158][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1138.873158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1138.873158][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1138.873158][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1138.927356][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1138.927356][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1138.927356][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1138.927356][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1138.927356][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1138.927356][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1138.927356][T22507] ? _copy_from_user+0x201/0x310 [ 1138.927356][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1138.927356][T22507] __msan_chain_origin+0x57/0xa0 [ 1138.927356][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1138.982222][T22507] get_compat_msghdr+0x108/0x2b0 [ 1138.982222][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1138.992113][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1138.992113][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1138.992113][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1138.992113][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1138.992113][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1138.992113][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1138.992113][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.031190][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.031190][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.031190][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.031190][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.031190][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.031190][T22507] RIP: 0023:0xf7f56549 [ 1139.031190][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1139.031190][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1139.031190][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1139.031190][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1139.031190][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1139.031190][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1139.031190][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1139.031190][T22507] Uninit was stored to memory at: [ 1139.031190][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.031190][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.031190][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.031190][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.031190][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.031190][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.031190][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.031190][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.031190][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.031190][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.031190][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.031190][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.031190][T22507] [ 1139.031190][T22507] Uninit was stored to memory at: [ 1139.031190][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.031190][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.031190][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.031190][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.031190][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.031190][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.031190][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.031190][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.031190][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.031190][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.031190][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.031190][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.031190][T22507] [ 1139.031190][T22507] Uninit was stored to memory at: [ 1139.031190][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.031190][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.031190][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.031190][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.031190][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.031190][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.031190][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.031190][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.031190][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.031190][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.031190][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.031190][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.031190][T22507] [ 1139.031190][T22507] Uninit was stored to memory at: [ 1139.031190][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.031190][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.031190][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.031190][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.031190][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.031190][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.031190][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.031190][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.031190][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.031190][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.031190][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.031190][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.031190][T22507] [ 1139.031190][T22507] Uninit was stored to memory at: [ 1139.031190][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.031190][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.031190][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.031190][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.031190][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.031190][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.031190][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.031190][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.031190][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.031190][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.031190][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.031190][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.031190][T22507] [ 1139.031190][T22507] Uninit was stored to memory at: [ 1139.031190][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.031190][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.031190][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.031190][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.031190][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.031190][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.031190][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.031190][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.031190][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.031190][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.031190][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.031190][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.031190][T22507] [ 1139.031190][T22507] Uninit was stored to memory at: [ 1139.031190][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.031190][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.031190][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.031190][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.031190][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.031190][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.031190][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.031190][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.031190][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.031190][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.031190][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.031190][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.031190][T22507] [ 1139.031190][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1139.031190][T22507] do_recvmmsg+0xc2/0x22e0 [ 1139.031190][T22507] do_recvmmsg+0xc2/0x22e0 [ 1139.842365][T22507] not chained 660000 origins [ 1139.843158][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1139.843158][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1139.843158][T22507] Call Trace: [ 1139.843158][T22507] dump_stack+0x21c/0x280 [ 1139.843158][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1139.843158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1139.843158][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1139.843158][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1139.843158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1139.843158][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1139.843158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1139.843158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1139.843158][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1139.843158][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1139.843158][T22507] ? _copy_from_user+0x201/0x310 [ 1139.843158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1139.843158][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.843158][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.843158][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.843158][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.843158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1139.843158][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1139.843158][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1139.843158][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.843158][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1139.843158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1139.843158][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.843158][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.843158][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.843158][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.843158][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.843158][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.843158][T22507] RIP: 0023:0xf7f56549 [ 1139.843158][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1139.843158][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1139.843158][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1139.843158][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1139.843158][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1139.843158][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1139.843158][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1139.843158][T22507] Uninit was stored to memory at: [ 1139.843158][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.843158][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.843158][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.843158][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.843158][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.843158][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.843158][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.843158][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.843158][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.843158][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.843158][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.843158][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.843158][T22507] [ 1139.843158][T22507] Uninit was stored to memory at: [ 1139.843158][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.843158][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.843158][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.843158][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.843158][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.843158][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.843158][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.843158][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.843158][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.843158][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.843158][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.843158][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.843158][T22507] [ 1139.843158][T22507] Uninit was stored to memory at: [ 1139.843158][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.843158][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.843158][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.843158][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.843158][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.843158][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.843158][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.843158][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.843158][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.843158][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.843158][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.843158][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.843158][T22507] [ 1139.843158][T22507] Uninit was stored to memory at: [ 1139.843158][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.843158][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.843158][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.843158][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.843158][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.843158][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.843158][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.843158][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.843158][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.843158][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.843158][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.843158][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.843158][T22507] [ 1139.843158][T22507] Uninit was stored to memory at: [ 1139.843158][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.843158][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.843158][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.843158][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.843158][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.843158][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.843158][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.843158][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.843158][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.843158][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.843158][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.843158][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.843158][T22507] [ 1139.843158][T22507] Uninit was stored to memory at: [ 1139.843158][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.843158][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.843158][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.843158][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.843158][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.843158][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.843158][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.843158][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.843158][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.843158][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.843158][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.843158][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.843158][T22507] [ 1139.843158][T22507] Uninit was stored to memory at: [ 1139.843158][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1139.843158][T22507] __msan_chain_origin+0x57/0xa0 [ 1139.843158][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1139.843158][T22507] get_compat_msghdr+0x108/0x2b0 [ 1139.843158][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1139.843158][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1139.843158][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1139.843158][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1139.843158][T22507] __do_fast_syscall_32+0x129/0x180 [ 1139.843158][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1139.843158][T22507] do_SYSENTER_32+0x73/0x90 [ 1139.843158][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1139.843158][T22507] [ 1139.843158][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1139.843158][T22507] do_recvmmsg+0xc2/0x22e0 [ 1139.843158][T22507] do_recvmmsg+0xc2/0x22e0 [ 1140.799407][T22507] not chained 670000 origins [ 1140.803149][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1140.803149][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1140.803149][T22507] Call Trace: [ 1140.803149][T22507] dump_stack+0x21c/0x280 [ 1140.803149][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1140.803149][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1140.803149][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1140.803149][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1140.803149][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1140.803149][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1140.803149][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1140.803149][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1140.874716][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1140.874716][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1140.874716][T22507] ? _copy_from_user+0x201/0x310 [ 1140.874716][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1140.874716][T22507] __msan_chain_origin+0x57/0xa0 [ 1140.874716][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1140.874716][T22507] get_compat_msghdr+0x108/0x2b0 [ 1140.874716][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1140.874716][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1140.874716][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1140.874716][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1140.874716][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1140.874716][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1140.874716][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1140.874716][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1140.874716][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1140.874716][T22507] __do_fast_syscall_32+0x129/0x180 [ 1140.874716][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1140.874716][T22507] do_SYSENTER_32+0x73/0x90 [ 1140.874716][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1140.976936][T22507] RIP: 0023:0xf7f56549 [ 1140.976936][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1140.976936][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1140.976936][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1140.976936][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1140.976936][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1140.976936][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1140.976936][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1140.976936][T22507] Uninit was stored to memory at: [ 1140.976936][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1140.976936][T22507] __msan_chain_origin+0x57/0xa0 [ 1140.976936][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1140.976936][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.079305][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.079305][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.079305][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.079305][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.079305][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.079305][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.079305][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.079305][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.079305][T22507] [ 1141.079305][T22507] Uninit was stored to memory at: [ 1141.079305][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1141.079305][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.079305][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.079305][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.079305][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.079305][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.079305][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.079305][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.079305][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.181778][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.181778][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.181778][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.181778][T22507] [ 1141.181778][T22507] Uninit was stored to memory at: [ 1141.181778][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1141.181778][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.181778][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.181778][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.181778][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.181778][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.181778][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.181778][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.181778][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.181778][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.181778][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.181778][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.181778][T22507] [ 1141.181778][T22507] Uninit was stored to memory at: [ 1141.181778][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1141.181778][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.284240][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.284240][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.284240][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.284240][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.284240][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.284240][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.284240][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.284240][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.284240][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.284240][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.284240][T22507] [ 1141.284240][T22507] Uninit was stored to memory at: [ 1141.284240][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1141.284240][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.284240][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.284240][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.284240][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.284240][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.284240][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.284240][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.386558][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.386558][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.386558][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.386558][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.386558][T22507] [ 1141.386558][T22507] Uninit was stored to memory at: [ 1141.386558][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1141.386558][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.386558][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.386558][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.386558][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.386558][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.386558][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.386558][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.386558][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.386558][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.386558][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.386558][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.386558][T22507] [ 1141.386558][T22507] Uninit was stored to memory at: [ 1141.488918][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1141.488918][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.488918][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.488918][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.488918][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.488918][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.488918][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.488918][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.488918][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.488918][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.488918][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.488918][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.488918][T22507] [ 1141.488918][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1141.488918][T22507] do_recvmmsg+0xc2/0x22e0 [ 1141.488918][T22507] do_recvmmsg+0xc2/0x22e0 [ 1141.799421][T22507] not chained 680000 origins [ 1141.803195][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1141.803195][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1141.803195][T22507] Call Trace: [ 1141.803195][T22507] dump_stack+0x21c/0x280 [ 1141.803195][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1141.803195][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1141.803195][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1141.803195][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1141.803195][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1141.803195][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1141.803195][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1141.803195][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1141.803195][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1141.803195][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1141.803195][T22507] ? _copy_from_user+0x201/0x310 [ 1141.803195][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1141.896948][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.896948][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.896948][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.896948][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.896948][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1141.896948][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1141.896948][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1141.896948][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.896948][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1141.896948][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1141.896948][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.896948][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.896948][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.896948][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.896948][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.896948][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.896948][T22507] RIP: 0023:0xf7f56549 [ 1141.896948][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1141.896948][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1141.896948][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1141.896948][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1141.896948][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1141.896948][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1141.896948][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1141.896948][T22507] Uninit was stored to memory at: [ 1141.896948][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1141.896948][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.896948][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.896948][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.896948][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.896948][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.896948][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.896948][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.896948][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.896948][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.896948][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.896948][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.896948][T22507] [ 1141.896948][T22507] Uninit was stored to memory at: [ 1141.896948][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1141.896948][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.896948][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.896948][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.896948][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.896948][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.896948][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.896948][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.896948][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.896948][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.896948][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.896948][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.896948][T22507] [ 1141.896948][T22507] Uninit was stored to memory at: [ 1141.896948][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1141.896948][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.896948][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.896948][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.896948][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.896948][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.896948][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.896948][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.896948][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.896948][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.896948][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.896948][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.896948][T22507] [ 1141.896948][T22507] Uninit was stored to memory at: [ 1141.896948][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1141.896948][T22507] __msan_chain_origin+0x57/0xa0 [ 1141.896948][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1141.896948][T22507] get_compat_msghdr+0x108/0x2b0 [ 1141.896948][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1141.896948][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1141.896948][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1141.896948][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1141.896948][T22507] __do_fast_syscall_32+0x129/0x180 [ 1141.896948][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1141.896948][T22507] do_SYSENTER_32+0x73/0x90 [ 1141.896948][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1141.896948][T22507] [ 1142.338695][T22507] Uninit was stored to memory at: [ 1142.343596][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1142.348708][T22507] __msan_chain_origin+0x57/0xa0 [ 1142.348708][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1142.348708][T22507] get_compat_msghdr+0x108/0x2b0 [ 1142.348708][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1142.348708][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1142.348708][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1142.348708][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1142.348708][T22507] __do_fast_syscall_32+0x129/0x180 [ 1142.348708][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1142.348708][T22507] do_SYSENTER_32+0x73/0x90 [ 1142.348708][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1142.348708][T22507] [ 1142.410330][T22507] Uninit was stored to memory at: [ 1142.410330][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1142.410330][T22507] __msan_chain_origin+0x57/0xa0 [ 1142.410330][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1142.410330][T22507] get_compat_msghdr+0x108/0x2b0 [ 1142.410330][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1142.410330][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1142.410330][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1142.410330][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1142.410330][T22507] __do_fast_syscall_32+0x129/0x180 [ 1142.410330][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1142.410330][T22507] do_SYSENTER_32+0x73/0x90 [ 1142.410330][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1142.410330][T22507] [ 1142.410330][T22507] Uninit was stored to memory at: [ 1142.410330][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1142.410330][T22507] __msan_chain_origin+0x57/0xa0 [ 1142.410330][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1142.410330][T22507] get_compat_msghdr+0x108/0x2b0 [ 1142.410330][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1142.410330][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1142.410330][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1142.410330][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1142.410330][T22507] __do_fast_syscall_32+0x129/0x180 [ 1142.410330][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1142.410330][T22507] do_SYSENTER_32+0x73/0x90 [ 1142.410330][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1142.410330][T22507] [ 1142.410330][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1142.410330][T22507] do_recvmmsg+0xc2/0x22e0 [ 1142.410330][T22507] do_recvmmsg+0xc2/0x22e0 [ 1142.768986][T22507] not chained 690000 origins [ 1142.773334][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1142.773334][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1142.773334][T22507] Call Trace: [ 1142.773334][T22507] dump_stack+0x21c/0x280 [ 1142.773334][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1142.773334][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1142.773334][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1142.773334][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1142.820261][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1142.820261][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1142.820261][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1142.820261][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1142.820261][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1142.820261][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1142.820261][T22507] ? _copy_from_user+0x201/0x310 [ 1142.820261][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1142.820261][T22507] __msan_chain_origin+0x57/0xa0 [ 1142.820261][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1142.820261][T22507] get_compat_msghdr+0x108/0x2b0 [ 1142.820261][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1142.820261][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1142.820261][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1142.820261][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1142.820261][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1142.820261][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1142.820261][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1142.820261][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1142.922555][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1142.922555][T22507] __do_fast_syscall_32+0x129/0x180 [ 1142.922555][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1142.922555][T22507] do_SYSENTER_32+0x73/0x90 [ 1142.922555][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1142.922555][T22507] RIP: 0023:0xf7f56549 [ 1142.922555][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1142.922555][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1142.922555][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1142.922555][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1142.922555][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1142.922555][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1142.922555][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1143.025129][T22507] Uninit was stored to memory at: [ 1143.025129][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.025129][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.025129][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.025129][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.025129][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.025129][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.025129][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.025129][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.025129][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.025129][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.025129][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.025129][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.025129][T22507] [ 1143.025129][T22507] Uninit was stored to memory at: [ 1143.025129][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.025129][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.025129][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.025129][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.025129][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.127367][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.127367][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.127367][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.127367][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.127367][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.127367][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.127367][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.127367][T22507] [ 1143.127367][T22507] Uninit was stored to memory at: [ 1143.127367][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.127367][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.127367][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.127367][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.127367][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.127367][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.127367][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.127367][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.127367][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.127367][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.127367][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.127367][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.229787][T22507] [ 1143.229787][T22507] Uninit was stored to memory at: [ 1143.229787][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.229787][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.229787][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.229787][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.229787][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.229787][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.229787][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.229787][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.229787][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.229787][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.229787][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.229787][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.229787][T22507] [ 1143.229787][T22507] Uninit was stored to memory at: [ 1143.229787][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.229787][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.229787][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.229787][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.332185][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.332185][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.332185][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.332185][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.332185][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.332185][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.332185][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.332185][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.332185][T22507] [ 1143.332185][T22507] Uninit was stored to memory at: [ 1143.332185][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.332185][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.332185][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.332185][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.332185][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.332185][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.332185][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.332185][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.332185][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.434674][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.434674][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.434674][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.434674][T22507] [ 1143.434674][T22507] Uninit was stored to memory at: [ 1143.434674][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.434674][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.434674][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.434674][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.434674][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.434674][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.434674][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.434674][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.434674][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.434674][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.434674][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.434674][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.434674][T22507] [ 1143.434674][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1143.434674][T22507] do_recvmmsg+0xc2/0x22e0 [ 1143.434674][T22507] do_recvmmsg+0xc2/0x22e0 [ 1143.888593][T22507] not chained 700000 origins [ 1143.893137][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1143.893137][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1143.893137][T22507] Call Trace: [ 1143.893137][T22507] dump_stack+0x21c/0x280 [ 1143.893137][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1143.893137][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1143.893137][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1143.893137][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1143.893137][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1143.945223][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1143.945223][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1143.945223][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1143.945223][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1143.945223][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1143.975472][T22507] ? _copy_from_user+0x201/0x310 [ 1143.975472][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1143.975472][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.975472][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.975472][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.975472][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.975472][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1143.975472][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1143.975472][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1143.975472][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.975472][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1143.975472][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1143.975472][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.975472][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.975472][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.975472][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.975472][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.975472][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.975472][T22507] RIP: 0023:0xf7f56549 [ 1143.975472][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1143.975472][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1143.975472][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1143.975472][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1143.975472][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1143.975472][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1143.975472][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1143.975472][T22507] Uninit was stored to memory at: [ 1143.975472][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.975472][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.975472][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.975472][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.975472][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.975472][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.975472][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.975472][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.975472][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.975472][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.975472][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.975472][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.975472][T22507] [ 1143.975472][T22507] Uninit was stored to memory at: [ 1143.975472][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.975472][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.975472][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.975472][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.975472][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.975472][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.975472][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.975472][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.975472][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.975472][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.975472][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.975472][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.975472][T22507] [ 1143.975472][T22507] Uninit was stored to memory at: [ 1143.975472][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.975472][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.975472][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.975472][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.975472][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.975472][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.975472][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.975472][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.975472][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.975472][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.975472][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.975472][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.975472][T22507] [ 1143.975472][T22507] Uninit was stored to memory at: [ 1143.975472][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.975472][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.975472][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.975472][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.975472][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.975472][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.975472][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.975472][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.975472][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.975472][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.975472][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.975472][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.975472][T22507] [ 1143.975472][T22507] Uninit was stored to memory at: [ 1143.975472][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.975472][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.975472][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.975472][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.975472][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.975472][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.975472][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.975472][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.975472][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.975472][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.975472][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.975472][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.975472][T22507] [ 1143.975472][T22507] Uninit was stored to memory at: [ 1143.975472][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.975472][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.975472][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.975472][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.975472][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.975472][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.975472][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.975472][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.975472][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.975472][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.975472][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.975472][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.975472][T22507] [ 1143.975472][T22507] Uninit was stored to memory at: [ 1143.975472][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1143.975472][T22507] __msan_chain_origin+0x57/0xa0 [ 1143.975472][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1143.975472][T22507] get_compat_msghdr+0x108/0x2b0 [ 1143.975472][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1143.975472][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1143.975472][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.975472][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.975472][T22507] __do_fast_syscall_32+0x129/0x180 [ 1143.975472][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1143.975472][T22507] do_SYSENTER_32+0x73/0x90 [ 1143.975472][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.975472][T22507] [ 1143.975472][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1143.975472][T22507] do_recvmmsg+0xc2/0x22e0 [ 1143.975472][T22507] do_recvmmsg+0xc2/0x22e0 [ 1144.882305][T22507] not chained 710000 origins [ 1144.883226][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1144.883226][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1144.883226][T22507] Call Trace: [ 1144.883226][T22507] dump_stack+0x21c/0x280 [ 1144.883226][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1144.883226][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1144.883226][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1144.883226][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1144.883226][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1144.883226][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1144.883226][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1144.883226][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1144.883226][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1144.883226][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1144.883226][T22507] ? _copy_from_user+0x201/0x310 [ 1144.883226][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1144.883226][T22507] __msan_chain_origin+0x57/0xa0 [ 1144.883226][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1144.883226][T22507] get_compat_msghdr+0x108/0x2b0 [ 1144.883226][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1144.883226][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1144.883226][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1144.883226][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1144.883226][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1144.883226][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1145.023242][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1145.023242][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.023242][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.023242][T22507] __do_fast_syscall_32+0x129/0x180 [ 1145.023242][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1145.023242][T22507] do_SYSENTER_32+0x73/0x90 [ 1145.023242][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.023242][T22507] RIP: 0023:0xf7f56549 [ 1145.023242][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1145.023242][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1145.093348][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1145.095369][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1145.095369][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1145.095369][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1145.095369][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1145.095369][T22507] Uninit was stored to memory at: [ 1145.095369][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1145.095369][T22507] __msan_chain_origin+0x57/0xa0 [ 1145.095369][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1145.095369][T22507] get_compat_msghdr+0x108/0x2b0 [ 1145.095369][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1145.095369][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1145.095369][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.095369][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.095369][T22507] __do_fast_syscall_32+0x129/0x180 [ 1145.095369][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1145.188302][T22507] do_SYSENTER_32+0x73/0x90 [ 1145.188302][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.188302][T22507] [ 1145.188302][T22507] Uninit was stored to memory at: [ 1145.188302][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1145.188302][T22507] __msan_chain_origin+0x57/0xa0 [ 1145.188302][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1145.188302][T22507] get_compat_msghdr+0x108/0x2b0 [ 1145.188302][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1145.188302][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1145.188302][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.188302][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.188302][T22507] __do_fast_syscall_32+0x129/0x180 [ 1145.188302][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1145.188302][T22507] do_SYSENTER_32+0x73/0x90 [ 1145.188302][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.188302][T22507] [ 1145.188302][T22507] Uninit was stored to memory at: [ 1145.188302][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1145.188302][T22507] __msan_chain_origin+0x57/0xa0 [ 1145.188302][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1145.188302][T22507] get_compat_msghdr+0x108/0x2b0 [ 1145.188302][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1145.188302][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1145.188302][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.188302][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.188302][T22507] __do_fast_syscall_32+0x129/0x180 [ 1145.188302][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1145.188302][T22507] do_SYSENTER_32+0x73/0x90 [ 1145.188302][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.188302][T22507] [ 1145.188302][T22507] Uninit was stored to memory at: [ 1145.188302][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1145.188302][T22507] __msan_chain_origin+0x57/0xa0 [ 1145.188302][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1145.188302][T22507] get_compat_msghdr+0x108/0x2b0 [ 1145.188302][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1145.188302][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1145.188302][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.188302][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.188302][T22507] __do_fast_syscall_32+0x129/0x180 [ 1145.188302][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1145.188302][T22507] do_SYSENTER_32+0x73/0x90 [ 1145.188302][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.188302][T22507] [ 1145.188302][T22507] Uninit was stored to memory at: [ 1145.188302][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1145.188302][T22507] __msan_chain_origin+0x57/0xa0 [ 1145.188302][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1145.188302][T22507] get_compat_msghdr+0x108/0x2b0 [ 1145.188302][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1145.188302][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1145.188302][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.188302][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.188302][T22507] __do_fast_syscall_32+0x129/0x180 [ 1145.188302][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1145.188302][T22507] do_SYSENTER_32+0x73/0x90 [ 1145.188302][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.188302][T22507] [ 1145.188302][T22507] Uninit was stored to memory at: [ 1145.188302][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1145.188302][T22507] __msan_chain_origin+0x57/0xa0 [ 1145.188302][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1145.188302][T22507] get_compat_msghdr+0x108/0x2b0 [ 1145.188302][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1145.188302][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1145.188302][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.188302][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.188302][T22507] __do_fast_syscall_32+0x129/0x180 [ 1145.188302][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1145.188302][T22507] do_SYSENTER_32+0x73/0x90 [ 1145.188302][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.188302][T22507] [ 1145.188302][T22507] Uninit was stored to memory at: [ 1145.188302][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1145.188302][T22507] __msan_chain_origin+0x57/0xa0 [ 1145.188302][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1145.188302][T22507] get_compat_msghdr+0x108/0x2b0 [ 1145.188302][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1145.188302][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1145.188302][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.188302][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.188302][T22507] __do_fast_syscall_32+0x129/0x180 [ 1145.188302][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1145.188302][T22507] do_SYSENTER_32+0x73/0x90 [ 1145.188302][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.188302][T22507] [ 1145.188302][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1145.188302][T22507] do_recvmmsg+0xc2/0x22e0 [ 1145.188302][T22507] do_recvmmsg+0xc2/0x22e0 [ 1145.843934][T22507] not chained 720000 origins [ 1145.848551][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1145.853245][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1145.853245][T22507] Call Trace: [ 1145.853245][T22507] dump_stack+0x21c/0x280 [ 1145.853245][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1145.853245][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1145.853245][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1145.853245][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1145.853245][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1145.853245][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1145.853245][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1145.853245][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1145.853245][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1145.853245][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1145.853245][T22507] ? _copy_from_user+0x201/0x310 [ 1145.853245][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1145.853245][T22507] __msan_chain_origin+0x57/0xa0 [ 1145.853245][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1145.853245][T22507] get_compat_msghdr+0x108/0x2b0 [ 1145.853245][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1145.853245][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1145.853245][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1145.853245][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1145.853245][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1145.853245][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1145.853245][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1145.853245][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.853245][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.853245][T22507] __do_fast_syscall_32+0x129/0x180 [ 1145.853245][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1145.853245][T22507] do_SYSENTER_32+0x73/0x90 [ 1145.853245][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.853245][T22507] RIP: 0023:0xf7f56549 [ 1145.853245][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1145.853245][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1145.853245][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1145.853245][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1145.853245][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1145.853245][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1145.853245][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1145.853245][T22507] Uninit was stored to memory at: [ 1145.853245][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1145.853245][T22507] __msan_chain_origin+0x57/0xa0 [ 1145.853245][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.116586][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.116586][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.125794][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.125794][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.125794][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.125794][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.125794][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.125794][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.125794][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.125794][T22507] [ 1146.125794][T22507] Uninit was stored to memory at: [ 1146.125794][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1146.125794][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.125794][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.125794][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.125794][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.125794][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.125794][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.125794][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.125794][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.125794][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.125794][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.125794][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.125794][T22507] [ 1146.125794][T22507] Uninit was stored to memory at: [ 1146.125794][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1146.125794][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.125794][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.125794][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.125794][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.125794][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.125794][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.125794][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.125794][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.125794][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.125794][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.125794][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.125794][T22507] [ 1146.125794][T22507] Uninit was stored to memory at: [ 1146.125794][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1146.125794][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.125794][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.125794][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.125794][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.125794][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.125794][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.125794][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.125794][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.125794][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.125794][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.125794][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.125794][T22507] [ 1146.125794][T22507] Uninit was stored to memory at: [ 1146.125794][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1146.125794][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.125794][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.125794][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.125794][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.125794][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.125794][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.125794][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.125794][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.125794][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.125794][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.125794][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.125794][T22507] [ 1146.125794][T22507] Uninit was stored to memory at: [ 1146.125794][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1146.125794][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.125794][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.125794][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.125794][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.125794][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.125794][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.125794][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.125794][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.125794][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.125794][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.125794][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.125794][T22507] [ 1146.125794][T22507] Uninit was stored to memory at: [ 1146.125794][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1146.125794][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.125794][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.125794][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.125794][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.125794][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.125794][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.125794][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.125794][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.125794][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.125794][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.125794][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.125794][T22507] [ 1146.125794][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1146.125794][T22507] do_recvmmsg+0xc2/0x22e0 [ 1146.125794][T22507] do_recvmmsg+0xc2/0x22e0 [ 1146.803695][T22507] not chained 730000 origins [ 1146.808336][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1146.813140][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1146.813140][T22507] Call Trace: [ 1146.813140][T22507] dump_stack+0x21c/0x280 [ 1146.813140][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1146.813140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1146.813140][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1146.813140][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1146.813140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1146.813140][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1146.813140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1146.813140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1146.813140][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1146.813140][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1146.813140][T22507] ? _copy_from_user+0x201/0x310 [ 1146.813140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1146.813140][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.813140][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.813140][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.813140][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.813140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1146.813140][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1146.813140][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1146.813140][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.813140][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1146.813140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1146.813140][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.813140][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.813140][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.813140][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.813140][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.813140][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.813140][T22507] RIP: 0023:0xf7f56549 [ 1146.813140][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1146.813140][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1146.813140][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1146.813140][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1146.813140][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1146.813140][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1146.813140][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1146.813140][T22507] Uninit was stored to memory at: [ 1146.813140][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1146.813140][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.813140][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.813140][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.813140][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.813140][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.813140][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.813140][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.813140][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.813140][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.813140][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.813140][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.813140][T22507] [ 1146.813140][T22507] Uninit was stored to memory at: [ 1146.813140][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1146.813140][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.813140][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.813140][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.813140][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.813140][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.813140][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.813140][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.813140][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.813140][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.813140][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.813140][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.813140][T22507] [ 1146.813140][T22507] Uninit was stored to memory at: [ 1146.813140][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1146.813140][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.813140][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.813140][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.813140][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.813140][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.813140][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.813140][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.813140][T22507] __do_fast_syscall_32+0x129/0x180 [ 1146.813140][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1146.813140][T22507] do_SYSENTER_32+0x73/0x90 [ 1146.813140][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.813140][T22507] [ 1146.813140][T22507] Uninit was stored to memory at: [ 1146.813140][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1146.813140][T22507] __msan_chain_origin+0x57/0xa0 [ 1146.813140][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1146.813140][T22507] get_compat_msghdr+0x108/0x2b0 [ 1146.813140][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1146.813140][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1146.813140][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.305873][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.313385][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.316349][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.324808][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.326157][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.333384][T22507] [ 1147.336290][T22507] Uninit was stored to memory at: [ 1147.336290][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1147.343413][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.353380][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.356320][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.363265][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.363265][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.363265][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.376319][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.383260][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.383260][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.393342][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.396289][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.403411][T22507] [ 1147.403411][T22507] Uninit was stored to memory at: [ 1147.403411][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1147.418151][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.423247][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.428143][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.433377][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.436329][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.436329][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.443241][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.453346][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.456224][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.463405][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.463405][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.473346][T22507] [ 1147.476270][T22507] Uninit was stored to memory at: [ 1147.483259][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1147.483259][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.493373][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.496449][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.503247][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.503247][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.513355][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.516247][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.525211][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.530546][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.533342][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.536230][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.543247][T22507] [ 1147.543247][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1147.556354][T22507] do_recvmmsg+0xc2/0x22e0 [ 1147.556354][T22507] do_recvmmsg+0xc2/0x22e0 [ 1147.831163][T22507] not chained 740000 origins [ 1147.833139][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1147.838051][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1147.838051][T22507] Call Trace: [ 1147.838051][T22507] dump_stack+0x21c/0x280 [ 1147.838051][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1147.838051][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1147.838051][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1147.838051][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1147.838051][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1147.838051][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1147.838051][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1147.838051][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1147.838051][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1147.838051][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1147.838051][T22507] ? _copy_from_user+0x201/0x310 [ 1147.838051][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1147.838051][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.838051][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.838051][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.838051][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.838051][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1147.838051][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1147.838051][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1147.838051][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.838051][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1147.838051][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1147.838051][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.838051][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.838051][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.838051][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.838051][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.838051][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.838051][T22507] RIP: 0023:0xf7f56549 [ 1147.838051][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1147.838051][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1147.838051][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1147.838051][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1147.838051][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1147.838051][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1147.838051][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1147.838051][T22507] Uninit was stored to memory at: [ 1147.838051][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1147.838051][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.838051][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.838051][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.838051][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.838051][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.838051][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.838051][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.838051][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.838051][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.838051][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.838051][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.838051][T22507] [ 1147.838051][T22507] Uninit was stored to memory at: [ 1147.838051][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1147.838051][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.838051][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.838051][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.838051][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.838051][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.838051][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.838051][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.838051][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.838051][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.838051][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.838051][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.838051][T22507] [ 1147.838051][T22507] Uninit was stored to memory at: [ 1147.838051][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1147.838051][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.838051][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.838051][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.838051][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.838051][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.838051][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.838051][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.838051][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.838051][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.838051][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.838051][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.838051][T22507] [ 1147.838051][T22507] Uninit was stored to memory at: [ 1147.838051][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1147.838051][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.838051][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.838051][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.838051][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.838051][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.838051][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.838051][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.838051][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.838051][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.838051][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.838051][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.838051][T22507] [ 1147.838051][T22507] Uninit was stored to memory at: [ 1147.838051][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1147.838051][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.838051][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.838051][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.838051][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.838051][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.838051][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.838051][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.838051][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.838051][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.838051][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.838051][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.838051][T22507] [ 1147.838051][T22507] Uninit was stored to memory at: [ 1147.838051][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1147.838051][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.838051][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.838051][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.838051][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.838051][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.838051][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.838051][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.838051][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.838051][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.838051][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.838051][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.838051][T22507] [ 1147.838051][T22507] Uninit was stored to memory at: [ 1147.838051][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1147.838051][T22507] __msan_chain_origin+0x57/0xa0 [ 1147.838051][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1147.838051][T22507] get_compat_msghdr+0x108/0x2b0 [ 1147.838051][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1147.838051][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1147.838051][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.838051][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.838051][T22507] __do_fast_syscall_32+0x129/0x180 [ 1147.838051][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1147.838051][T22507] do_SYSENTER_32+0x73/0x90 [ 1147.838051][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1147.838051][T22507] [ 1147.838051][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1147.838051][T22507] do_recvmmsg+0xc2/0x22e0 [ 1147.838051][T22507] do_recvmmsg+0xc2/0x22e0 [ 1148.799988][T22507] not chained 750000 origins [ 1148.803142][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1148.803142][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1148.803142][T22507] Call Trace: [ 1148.803142][T22507] dump_stack+0x21c/0x280 [ 1148.803142][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1148.803142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1148.803142][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1148.803142][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1148.803142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1148.803142][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1148.859992][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1148.859992][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1148.859992][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1148.859992][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1148.859992][T22507] ? _copy_from_user+0x201/0x310 [ 1148.859992][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1148.859992][T22507] __msan_chain_origin+0x57/0xa0 [ 1148.859992][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1148.859992][T22507] get_compat_msghdr+0x108/0x2b0 [ 1148.859992][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1148.859992][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1148.859992][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1148.859992][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1148.859992][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1148.859992][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1148.859992][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1148.859992][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.859992][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.859992][T22507] __do_fast_syscall_32+0x129/0x180 [ 1148.859992][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1148.859992][T22507] do_SYSENTER_32+0x73/0x90 [ 1148.859992][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.859992][T22507] RIP: 0023:0xf7f56549 [ 1148.859992][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1148.985924][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1148.985924][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1148.985924][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1148.985924][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1148.985924][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1148.985924][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1148.985924][T22507] Uninit was stored to memory at: [ 1148.985924][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1148.985924][T22507] __msan_chain_origin+0x57/0xa0 [ 1148.985924][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1148.985924][T22507] get_compat_msghdr+0x108/0x2b0 [ 1148.985924][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1148.985924][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1148.985924][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.985924][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.985924][T22507] __do_fast_syscall_32+0x129/0x180 [ 1148.985924][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1148.985924][T22507] do_SYSENTER_32+0x73/0x90 [ 1148.985924][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.985924][T22507] [ 1148.985924][T22507] Uninit was stored to memory at: [ 1148.985924][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1148.985924][T22507] __msan_chain_origin+0x57/0xa0 [ 1148.985924][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1148.985924][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.145605][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.153451][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.153451][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.153451][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.153451][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.153451][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.153451][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.153451][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.153451][T22507] [ 1149.153451][T22507] Uninit was stored to memory at: [ 1149.153451][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.153451][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.153451][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.153451][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.153451][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.153451][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.153451][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.153451][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.153451][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.153451][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.153451][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.153451][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.153451][T22507] [ 1149.153451][T22507] Uninit was stored to memory at: [ 1149.153451][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.153451][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.153451][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.153451][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.153451][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.153451][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.153451][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.153451][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.153451][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.153451][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.153451][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.153451][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.153451][T22507] [ 1149.153451][T22507] Uninit was stored to memory at: [ 1149.153451][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.153451][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.153451][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.153451][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.153451][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.153451][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.153451][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.153451][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.153451][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.153451][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.153451][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.153451][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.153451][T22507] [ 1149.153451][T22507] Uninit was stored to memory at: [ 1149.153451][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.153451][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.153451][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.153451][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.153451][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.153451][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.153451][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.153451][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.153451][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.153451][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.153451][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.153451][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.153451][T22507] [ 1149.153451][T22507] Uninit was stored to memory at: [ 1149.153451][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.153451][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.153451][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.153451][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.153451][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.153451][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.153451][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.153451][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.153451][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.153451][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.153451][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.153451][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.153451][T22507] [ 1149.153451][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1149.153451][T22507] do_recvmmsg+0xc2/0x22e0 [ 1149.153451][T22507] do_recvmmsg+0xc2/0x22e0 [ 1149.754848][T22507] not chained 760000 origins [ 1149.759459][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1149.763143][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1149.763143][T22507] Call Trace: [ 1149.763143][T22507] dump_stack+0x21c/0x280 [ 1149.763143][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1149.763143][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1149.763143][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1149.763143][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1149.763143][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1149.763143][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1149.763143][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1149.763143][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1149.763143][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1149.763143][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1149.763143][T22507] ? _copy_from_user+0x201/0x310 [ 1149.763143][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1149.763143][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.763143][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.763143][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.763143][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.763143][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1149.763143][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1149.763143][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1149.763143][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.763143][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1149.763143][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1149.763143][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.763143][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.763143][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.763143][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.763143][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.763143][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.763143][T22507] RIP: 0023:0xf7f56549 [ 1149.763143][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1149.763143][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1149.763143][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1149.763143][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1149.763143][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1149.987987][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1149.987987][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1149.987987][T22507] Uninit was stored to memory at: [ 1149.987987][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.987987][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.987987][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.987987][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.987987][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.987987][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.987987][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.987987][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.987987][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.987987][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.987987][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.987987][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.987987][T22507] [ 1149.987987][T22507] Uninit was stored to memory at: [ 1149.987987][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.987987][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.987987][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.987987][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.987987][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.987987][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.987987][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.987987][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.987987][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.987987][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.987987][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.987987][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.987987][T22507] [ 1149.987987][T22507] Uninit was stored to memory at: [ 1149.987987][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.987987][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.987987][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.987987][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.987987][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.987987][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.987987][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.987987][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.987987][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.987987][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.987987][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.987987][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.987987][T22507] [ 1149.987987][T22507] Uninit was stored to memory at: [ 1149.987987][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.987987][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.987987][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.987987][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.987987][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.987987][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.987987][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.987987][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.987987][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.987987][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.987987][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.987987][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.987987][T22507] [ 1149.987987][T22507] Uninit was stored to memory at: [ 1149.987987][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.987987][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.987987][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.987987][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.987987][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.987987][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.987987][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.987987][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.987987][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.987987][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.987987][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.987987][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.987987][T22507] [ 1149.987987][T22507] Uninit was stored to memory at: [ 1149.987987][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.987987][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.987987][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.987987][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.987987][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.987987][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.987987][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.987987][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.987987][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.987987][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.987987][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.987987][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.987987][T22507] [ 1149.987987][T22507] Uninit was stored to memory at: [ 1149.987987][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1149.987987][T22507] __msan_chain_origin+0x57/0xa0 [ 1149.987987][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1149.987987][T22507] get_compat_msghdr+0x108/0x2b0 [ 1149.987987][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1149.987987][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1149.987987][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.987987][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.987987][T22507] __do_fast_syscall_32+0x129/0x180 [ 1149.987987][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1149.987987][T22507] do_SYSENTER_32+0x73/0x90 [ 1149.987987][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.987987][T22507] [ 1149.987987][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1149.987987][T22507] do_recvmmsg+0xc2/0x22e0 [ 1149.987987][T22507] do_recvmmsg+0xc2/0x22e0 [ 1150.727486][T22507] not chained 770000 origins [ 1150.732114][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1150.733146][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1150.733146][T22507] Call Trace: [ 1150.733146][T22507] dump_stack+0x21c/0x280 [ 1150.733146][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1150.733146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1150.733146][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1150.733146][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1150.733146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1150.733146][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1150.733146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1150.733146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1150.733146][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1150.733146][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1150.733146][T22507] ? _copy_from_user+0x201/0x310 [ 1150.733146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1150.823297][T22507] __msan_chain_origin+0x57/0xa0 [ 1150.823297][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1150.823297][T22507] get_compat_msghdr+0x108/0x2b0 [ 1150.823297][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1150.823297][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1150.823297][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1150.823297][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1150.823297][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1150.823297][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1150.823297][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1150.823297][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1150.823297][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1150.823297][T22507] __do_fast_syscall_32+0x129/0x180 [ 1150.823297][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1150.823297][T22507] do_SYSENTER_32+0x73/0x90 [ 1150.823297][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1150.823297][T22507] RIP: 0023:0xf7f56549 [ 1150.823297][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1150.823297][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1150.823297][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1150.823297][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1150.823297][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1150.823297][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1150.823297][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1150.823297][T22507] Uninit was stored to memory at: [ 1150.823297][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1150.823297][T22507] __msan_chain_origin+0x57/0xa0 [ 1150.823297][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1150.823297][T22507] get_compat_msghdr+0x108/0x2b0 [ 1150.823297][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1150.823297][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1150.823297][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1150.823297][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1150.823297][T22507] __do_fast_syscall_32+0x129/0x180 [ 1150.823297][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1150.823297][T22507] do_SYSENTER_32+0x73/0x90 [ 1150.823297][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1150.823297][T22507] [ 1150.823297][T22507] Uninit was stored to memory at: [ 1150.823297][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1150.823297][T22507] __msan_chain_origin+0x57/0xa0 [ 1150.823297][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1150.823297][T22507] get_compat_msghdr+0x108/0x2b0 [ 1150.823297][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1151.077942][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1151.085361][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.085361][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.094418][T22507] __do_fast_syscall_32+0x129/0x180 [ 1151.103319][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1151.105382][T22507] do_SYSENTER_32+0x73/0x90 [ 1151.105382][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.115996][T22507] [ 1151.115996][T22507] Uninit was stored to memory at: [ 1151.125286][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1151.125286][T22507] __msan_chain_origin+0x57/0xa0 [ 1151.134578][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1151.134578][T22507] get_compat_msghdr+0x108/0x2b0 [ 1151.145432][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1151.145432][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1151.156328][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.156328][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.165242][T22507] __do_fast_syscall_32+0x129/0x180 [ 1151.173432][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1151.174602][T22507] do_SYSENTER_32+0x73/0x90 [ 1151.174602][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.185321][T22507] [ 1151.185321][T22507] Uninit was stored to memory at: [ 1151.194452][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1151.194452][T22507] __msan_chain_origin+0x57/0xa0 [ 1151.205414][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1151.205414][T22507] get_compat_msghdr+0x108/0x2b0 [ 1151.217648][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1151.217648][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1151.223486][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.223486][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.223486][T22507] __do_fast_syscall_32+0x129/0x180 [ 1151.243279][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1151.243279][T22507] do_SYSENTER_32+0x73/0x90 [ 1151.253385][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.256314][T22507] [ 1151.256314][T22507] Uninit was stored to memory at: [ 1151.265318][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1151.273400][T22507] __msan_chain_origin+0x57/0xa0 [ 1151.276304][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1151.283259][T22507] get_compat_msghdr+0x108/0x2b0 [ 1151.283259][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1151.283259][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1151.296359][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.303311][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.306197][T22507] __do_fast_syscall_32+0x129/0x180 [ 1151.313359][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1151.319326][T22507] do_SYSENTER_32+0x73/0x90 [ 1151.323429][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.323429][T22507] [ 1151.323429][T22507] Uninit was stored to memory at: [ 1151.336326][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1151.343461][T22507] __msan_chain_origin+0x57/0xa0 [ 1151.343461][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1151.353384][T22507] get_compat_msghdr+0x108/0x2b0 [ 1151.356342][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1151.363274][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1151.363274][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.373406][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.378215][T22507] __do_fast_syscall_32+0x129/0x180 [ 1151.383419][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1151.383419][T22507] do_SYSENTER_32+0x73/0x90 [ 1151.393356][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.396316][T22507] [ 1151.403266][T22507] Uninit was stored to memory at: [ 1151.403266][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1151.413409][T22507] __msan_chain_origin+0x57/0xa0 [ 1151.416375][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1151.423244][T22507] get_compat_msghdr+0x108/0x2b0 [ 1151.423244][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1151.433345][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1151.436246][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.443423][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.443423][T22507] __do_fast_syscall_32+0x129/0x180 [ 1151.453357][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1151.456263][T22507] do_SYSENTER_32+0x73/0x90 [ 1151.463256][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.463256][T22507] [ 1151.473390][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1151.476342][T22507] do_recvmmsg+0xc2/0x22e0 [ 1151.485236][T22507] do_recvmmsg+0xc2/0x22e0 [ 1151.750136][T22507] not chained 780000 origins [ 1151.753131][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1151.753131][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1151.753131][T22507] Call Trace: [ 1151.753131][T22507] dump_stack+0x21c/0x280 [ 1151.753131][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1151.786347][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1151.786347][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1151.793252][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1151.803428][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1151.806328][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1151.813330][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1151.815229][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1151.823355][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1151.830132][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1151.833261][T22507] ? _copy_from_user+0x201/0x310 [ 1151.841279][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1151.846240][T22507] __msan_chain_origin+0x57/0xa0 [ 1151.846240][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1151.853435][T22507] get_compat_msghdr+0x108/0x2b0 [ 1151.853435][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1151.866390][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1151.866390][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1151.873276][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1151.873276][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1151.886411][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1151.893268][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1151.893268][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.903339][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.906242][T22507] __do_fast_syscall_32+0x129/0x180 [ 1151.913259][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1151.913259][T22507] do_SYSENTER_32+0x73/0x90 [ 1151.923375][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.928091][T22507] RIP: 0023:0xf7f56549 [ 1151.934090][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1151.953442][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1151.963341][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1151.966390][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1151.973437][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1151.986383][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1151.993283][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1152.003356][T22507] Uninit was stored to memory at: [ 1152.006278][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.013450][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.013450][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.023561][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.023561][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.033263][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.038256][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.043382][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.046333][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.053331][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.053331][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.063417][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.066354][T22507] [ 1152.073516][T22507] Uninit was stored to memory at: [ 1152.073516][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.083352][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.086315][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.093279][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.093279][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.103369][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.106360][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.113287][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.113287][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.126256][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.126256][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.133431][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.138618][T22507] [ 1152.143387][T22507] Uninit was stored to memory at: [ 1152.148237][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.153361][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.153361][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.163440][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.166490][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.173272][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.173272][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.184357][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.187660][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.193439][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.193439][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.206312][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.206312][T22507] [ 1152.213270][T22507] Uninit was stored to memory at: [ 1152.213270][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.223385][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.226362][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.233642][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.241044][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.243348][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.246252][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.255696][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.255696][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.263454][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.263454][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.263454][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.283523][T22507] [ 1152.283523][T22507] Uninit was stored to memory at: [ 1152.283523][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.296141][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.296141][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.303454][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.303454][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.316243][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.316243][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.323468][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.333355][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.336230][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.336230][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.346516][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.353332][T22507] [ 1152.356342][T22507] Uninit was stored to memory at: [ 1152.356342][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.365326][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.365326][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.376237][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.376237][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.383479][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.383479][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.396397][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.403527][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.403527][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.413329][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.416243][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.423424][T22507] [ 1152.423424][T22507] Uninit was stored to memory at: [ 1152.423424][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.436326][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.436326][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.446206][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.453340][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.456182][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.456182][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.463516][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.473362][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.478042][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.483418][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.483418][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.493350][T22507] [ 1152.496313][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1152.503401][T22507] do_recvmmsg+0xc2/0x22e0 [ 1152.503401][T22507] do_recvmmsg+0xc2/0x22e0 [ 1152.794967][T22507] not chained 790000 origins [ 1152.799586][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1152.803141][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1152.813268][T22507] Call Trace: [ 1152.813268][T22507] dump_stack+0x21c/0x280 [ 1152.823222][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1152.823222][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1152.823222][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1152.823222][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1152.823222][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1152.823222][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1152.823222][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1152.823222][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1152.823222][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1152.823222][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1152.823222][T22507] ? _copy_from_user+0x201/0x310 [ 1152.883256][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1152.883256][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.883256][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.883256][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.883256][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.883256][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1152.883256][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1152.883256][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1152.883256][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.883256][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1152.883256][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1152.883256][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.883256][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.953254][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.953254][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.953254][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.953254][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.953254][T22507] RIP: 0023:0xf7f56549 [ 1152.953254][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1152.985923][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1152.985923][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1152.985923][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1152.985923][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1152.985923][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1152.985923][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1152.985923][T22507] Uninit was stored to memory at: [ 1152.985923][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.985923][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.985923][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.985923][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.985923][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.985923][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.985923][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.985923][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.985923][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.985923][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.985923][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.985923][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.985923][T22507] [ 1152.985923][T22507] Uninit was stored to memory at: [ 1152.985923][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.985923][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.985923][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.985923][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.985923][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.985923][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.985923][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.985923][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.985923][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.985923][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.985923][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.985923][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.985923][T22507] [ 1152.985923][T22507] Uninit was stored to memory at: [ 1152.985923][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.985923][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.985923][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.985923][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.985923][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.985923][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.985923][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.985923][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.985923][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.985923][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.985923][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.985923][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.985923][T22507] [ 1152.985923][T22507] Uninit was stored to memory at: [ 1152.985923][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.985923][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.985923][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.985923][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.985923][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.985923][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.985923][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.985923][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.985923][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.985923][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.985923][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.985923][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.985923][T22507] [ 1152.985923][T22507] Uninit was stored to memory at: [ 1152.985923][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.985923][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.985923][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.985923][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.985923][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.985923][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.985923][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.985923][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.985923][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.985923][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.985923][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.985923][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.985923][T22507] [ 1152.985923][T22507] Uninit was stored to memory at: [ 1152.985923][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.985923][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.985923][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.985923][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.985923][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.985923][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.985923][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.985923][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.985923][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.985923][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.985923][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.985923][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.985923][T22507] [ 1152.985923][T22507] Uninit was stored to memory at: [ 1152.985923][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1152.985923][T22507] __msan_chain_origin+0x57/0xa0 [ 1152.985923][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1152.985923][T22507] get_compat_msghdr+0x108/0x2b0 [ 1152.985923][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1152.985923][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1152.985923][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.985923][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.985923][T22507] __do_fast_syscall_32+0x129/0x180 [ 1152.985923][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1152.985923][T22507] do_SYSENTER_32+0x73/0x90 [ 1152.985923][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.985923][T22507] [ 1152.985923][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1152.985923][T22507] do_recvmmsg+0xc2/0x22e0 [ 1152.985923][T22507] do_recvmmsg+0xc2/0x22e0 [ 1153.791533][T22507] not chained 800000 origins [ 1153.793142][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1153.793142][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1153.793142][T22507] Call Trace: [ 1153.793142][T22507] dump_stack+0x21c/0x280 [ 1153.793142][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1153.793142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1153.793142][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1153.793142][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1153.793142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1153.793142][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1153.793142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1153.793142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1153.864902][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1153.864902][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1153.864902][T22507] ? _copy_from_user+0x201/0x310 [ 1153.864902][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1153.864902][T22507] __msan_chain_origin+0x57/0xa0 [ 1153.864902][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1153.864902][T22507] get_compat_msghdr+0x108/0x2b0 [ 1153.864902][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1153.864902][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1153.864902][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1153.864902][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1153.864902][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1153.864902][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1153.864902][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1153.864902][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1153.864902][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1153.864902][T22507] __do_fast_syscall_32+0x129/0x180 [ 1153.864902][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1153.864902][T22507] do_SYSENTER_32+0x73/0x90 [ 1153.864902][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1153.864902][T22507] RIP: 0023:0xf7f56549 [ 1153.864902][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1153.864902][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1154.003939][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1154.003939][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1154.015439][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1154.025915][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1154.035565][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1154.043879][T22507] Uninit was stored to memory at: [ 1154.043879][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.053334][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.055333][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.063941][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.063941][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.073415][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.075472][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.084904][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.084904][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.095413][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.095413][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.103398][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.110140][T22507] [ 1154.113405][T22507] Uninit was stored to memory at: [ 1154.115452][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.123960][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.123960][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.133436][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.137429][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.143892][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.143892][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.155519][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.155519][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.163861][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.163861][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.175389][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.175389][T22507] [ 1154.183381][T22507] Uninit was stored to memory at: [ 1154.186895][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.195351][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.195351][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.203855][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.203855][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.213391][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.215453][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.223922][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.223922][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.235381][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.235381][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.245819][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.245819][T22507] [ 1154.253349][T22507] Uninit was stored to memory at: [ 1154.255466][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.264886][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.264886][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.275423][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.275423][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.283979][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.289014][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.295308][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.295308][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.303939][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.303939][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.315339][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.315339][T22507] [ 1154.323845][T22507] Uninit was stored to memory at: [ 1154.323845][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.335419][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.335419][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.343406][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.343406][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.343406][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.343406][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.363412][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.363412][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.375787][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.375787][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.383262][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.391410][T22507] [ 1154.393370][T22507] Uninit was stored to memory at: [ 1154.395858][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.403261][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.403261][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.415839][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.415839][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.423337][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.426277][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.435771][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.435771][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.443264][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.443264][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.455902][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.463308][T22507] [ 1154.465198][T22507] Uninit was stored to memory at: [ 1154.465198][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.475900][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.475900][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.483457][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.483457][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.483457][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.496440][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.503257][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.503257][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.515873][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.515873][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.523268][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.533346][T22507] [ 1154.535781][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1154.535781][T22507] do_recvmmsg+0xc2/0x22e0 [ 1154.543412][T22507] do_recvmmsg+0xc2/0x22e0 [ 1154.855627][T22507] not chained 810000 origins [ 1154.860250][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1154.863147][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1154.863147][T22507] Call Trace: [ 1154.863147][T22507] dump_stack+0x21c/0x280 [ 1154.863147][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1154.863147][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1154.863147][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1154.902172][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1154.905479][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1154.905479][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1154.905479][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1154.905479][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1154.905479][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1154.905479][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1154.905479][T22507] ? _copy_from_user+0x201/0x310 [ 1154.905479][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1154.905479][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.905479][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.905479][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.905479][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.905479][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1154.905479][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1154.905479][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1154.905479][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.905479][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1154.905479][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1154.905479][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.905479][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.905479][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.905479][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.905479][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.905479][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.905479][T22507] RIP: 0023:0xf7f56549 [ 1154.905479][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1154.905479][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1154.905479][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1154.905479][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1154.905479][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1154.905479][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1154.905479][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1154.905479][T22507] Uninit was stored to memory at: [ 1154.905479][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.905479][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.905479][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.905479][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.905479][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.905479][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.905479][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.905479][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.905479][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.905479][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.905479][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.905479][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.905479][T22507] [ 1154.905479][T22507] Uninit was stored to memory at: [ 1154.905479][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.905479][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.905479][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.905479][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.905479][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.905479][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.905479][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.905479][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.905479][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.905479][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.905479][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.905479][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.905479][T22507] [ 1154.905479][T22507] Uninit was stored to memory at: [ 1154.905479][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.905479][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.905479][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.905479][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.905479][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.905479][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.905479][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.905479][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.905479][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.905479][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.905479][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.905479][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.905479][T22507] [ 1154.905479][T22507] Uninit was stored to memory at: [ 1154.905479][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.905479][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.905479][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.905479][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.905479][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.905479][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.905479][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.905479][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.905479][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.905479][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.905479][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.905479][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.905479][T22507] [ 1154.905479][T22507] Uninit was stored to memory at: [ 1154.905479][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.905479][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.905479][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.905479][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.905479][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.905479][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.905479][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.905479][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.905479][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.905479][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.905479][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.905479][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.905479][T22507] [ 1154.905479][T22507] Uninit was stored to memory at: [ 1154.905479][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.905479][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.905479][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.905479][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.905479][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.905479][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.905479][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.905479][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.905479][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.905479][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.905479][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.905479][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.905479][T22507] [ 1154.905479][T22507] Uninit was stored to memory at: [ 1154.905479][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1154.905479][T22507] __msan_chain_origin+0x57/0xa0 [ 1154.905479][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1154.905479][T22507] get_compat_msghdr+0x108/0x2b0 [ 1154.905479][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1154.905479][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1154.905479][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.905479][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.905479][T22507] __do_fast_syscall_32+0x129/0x180 [ 1154.905479][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1154.905479][T22507] do_SYSENTER_32+0x73/0x90 [ 1154.905479][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.905479][T22507] [ 1154.905479][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1154.905479][T22507] do_recvmmsg+0xc2/0x22e0 [ 1154.905479][T22507] do_recvmmsg+0xc2/0x22e0 [ 1155.816664][T22507] not chained 820000 origins [ 1155.821304][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1155.823144][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1155.823144][T22507] Call Trace: [ 1155.823144][T22507] dump_stack+0x21c/0x280 [ 1155.823144][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1155.823144][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1155.823144][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1155.823144][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1155.823144][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1155.823144][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1155.823144][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1155.823144][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1155.823144][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1155.823144][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1155.823144][T22507] ? _copy_from_user+0x201/0x310 [ 1155.823144][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1155.823144][T22507] __msan_chain_origin+0x57/0xa0 [ 1155.823144][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1155.823144][T22507] get_compat_msghdr+0x108/0x2b0 [ 1155.823144][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1155.823144][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1155.823144][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1155.823144][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1155.823144][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1155.823144][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1155.823144][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1155.823144][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.823144][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.823144][T22507] __do_fast_syscall_32+0x129/0x180 [ 1155.823144][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1155.823144][T22507] do_SYSENTER_32+0x73/0x90 [ 1155.823144][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.823144][T22507] RIP: 0023:0xf7f56549 [ 1155.823144][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1155.823144][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1155.823144][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1155.823144][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1155.823144][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1155.823144][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1155.823144][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1155.823144][T22507] Uninit was stored to memory at: [ 1155.823144][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1155.823144][T22507] __msan_chain_origin+0x57/0xa0 [ 1155.823144][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1155.823144][T22507] get_compat_msghdr+0x108/0x2b0 [ 1155.823144][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1155.823144][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1155.823144][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.823144][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.823144][T22507] __do_fast_syscall_32+0x129/0x180 [ 1155.823144][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1155.823144][T22507] do_SYSENTER_32+0x73/0x90 [ 1155.823144][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.823144][T22507] [ 1155.823144][T22507] Uninit was stored to memory at: [ 1155.823144][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1155.823144][T22507] __msan_chain_origin+0x57/0xa0 [ 1155.823144][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1155.823144][T22507] get_compat_msghdr+0x108/0x2b0 [ 1155.823144][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1155.823144][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1155.823144][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.823144][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.823144][T22507] __do_fast_syscall_32+0x129/0x180 [ 1155.823144][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1155.823144][T22507] do_SYSENTER_32+0x73/0x90 [ 1155.823144][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.823144][T22507] [ 1155.823144][T22507] Uninit was stored to memory at: [ 1155.823144][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1155.823144][T22507] __msan_chain_origin+0x57/0xa0 [ 1155.823144][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1155.823144][T22507] get_compat_msghdr+0x108/0x2b0 [ 1155.823144][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1155.823144][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1155.823144][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.823144][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.823144][T22507] __do_fast_syscall_32+0x129/0x180 [ 1155.823144][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1155.823144][T22507] do_SYSENTER_32+0x73/0x90 [ 1155.823144][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.823144][T22507] [ 1155.823144][T22507] Uninit was stored to memory at: [ 1155.823144][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1155.823144][T22507] __msan_chain_origin+0x57/0xa0 [ 1155.823144][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1155.823144][T22507] get_compat_msghdr+0x108/0x2b0 [ 1155.823144][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1155.823144][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1155.823144][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.823144][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.823144][T22507] __do_fast_syscall_32+0x129/0x180 [ 1155.823144][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1155.823144][T22507] do_SYSENTER_32+0x73/0x90 [ 1155.823144][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.823144][T22507] [ 1155.823144][T22507] Uninit was stored to memory at: [ 1155.823144][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1155.823144][T22507] __msan_chain_origin+0x57/0xa0 [ 1155.823144][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1155.823144][T22507] get_compat_msghdr+0x108/0x2b0 [ 1155.823144][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1155.823144][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1155.823144][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.823144][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.823144][T22507] __do_fast_syscall_32+0x129/0x180 [ 1155.823144][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1155.823144][T22507] do_SYSENTER_32+0x73/0x90 [ 1155.823144][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.823144][T22507] [ 1155.823144][T22507] Uninit was stored to memory at: [ 1155.823144][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1155.823144][T22507] __msan_chain_origin+0x57/0xa0 [ 1155.823144][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1155.823144][T22507] get_compat_msghdr+0x108/0x2b0 [ 1155.823144][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1155.823144][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1155.823144][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.823144][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.823144][T22507] __do_fast_syscall_32+0x129/0x180 [ 1155.823144][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1155.823144][T22507] do_SYSENTER_32+0x73/0x90 [ 1155.823144][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.823144][T22507] [ 1155.823144][T22507] Uninit was stored to memory at: [ 1155.823144][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1155.823144][T22507] __msan_chain_origin+0x57/0xa0 [ 1155.823144][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1155.823144][T22507] get_compat_msghdr+0x108/0x2b0 [ 1155.823144][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1155.823144][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1155.823144][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.823144][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.823144][T22507] __do_fast_syscall_32+0x129/0x180 [ 1155.823144][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1155.823144][T22507] do_SYSENTER_32+0x73/0x90 [ 1155.823144][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.823144][T22507] [ 1155.823144][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1155.823144][T22507] do_recvmmsg+0xc2/0x22e0 [ 1155.823144][T22507] do_recvmmsg+0xc2/0x22e0 [ 1156.776814][T22507] not chained 830000 origins [ 1156.781428][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1156.783140][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1156.783140][T22507] Call Trace: [ 1156.783140][T22507] dump_stack+0x21c/0x280 [ 1156.783140][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1156.783140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1156.783140][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1156.783140][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1156.783140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1156.783140][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1156.783140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1156.783140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1156.783140][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1156.783140][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1156.783140][T22507] ? _copy_from_user+0x201/0x310 [ 1156.783140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1156.783140][T22507] __msan_chain_origin+0x57/0xa0 [ 1156.783140][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1156.783140][T22507] get_compat_msghdr+0x108/0x2b0 [ 1156.783140][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1156.783140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1156.783140][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1156.903722][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1156.904362][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1156.913366][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1156.915805][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1156.923897][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.923897][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.935933][T22507] __do_fast_syscall_32+0x129/0x180 [ 1156.935933][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1156.943970][T22507] do_SYSENTER_32+0x73/0x90 [ 1156.943970][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.955933][T22507] RIP: 0023:0xf7f56549 [ 1156.955933][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1156.975904][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1156.989271][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1156.997332][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1157.003328][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1157.013465][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1157.016037][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1157.023982][T22507] Uninit was stored to memory at: [ 1157.033371][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1157.035835][T22507] __msan_chain_origin+0x57/0xa0 [ 1157.043899][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1157.043899][T22507] get_compat_msghdr+0x108/0x2b0 [ 1157.043899][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1157.056482][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1157.064116][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.064116][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.075894][T22507] __do_fast_syscall_32+0x129/0x180 [ 1157.075894][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1157.083954][T22507] do_SYSENTER_32+0x73/0x90 [ 1157.083954][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1157.095778][T22507] [ 1157.095778][T22507] Uninit was stored to memory at: [ 1157.103983][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1157.103983][T22507] __msan_chain_origin+0x57/0xa0 [ 1157.113393][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1157.117657][T22507] get_compat_msghdr+0x108/0x2b0 [ 1157.124102][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1157.124102][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1157.133343][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.135802][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.143939][T22507] __do_fast_syscall_32+0x129/0x180 [ 1157.143939][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1157.153334][T22507] do_SYSENTER_32+0x73/0x90 [ 1157.158852][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1157.163881][T22507] [ 1157.163881][T22507] Uninit was stored to memory at: [ 1157.176532][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1157.176532][T22507] __msan_chain_origin+0x57/0xa0 [ 1157.183873][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1157.183873][T22507] get_compat_msghdr+0x108/0x2b0 [ 1157.195784][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1157.195784][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1157.203970][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.203970][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.215984][T22507] __do_fast_syscall_32+0x129/0x180 [ 1157.223422][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1157.223422][T22507] do_SYSENTER_32+0x73/0x90 [ 1157.233380][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1157.235914][T22507] [ 1157.235914][T22507] Uninit was stored to memory at: [ 1157.243859][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1157.243859][T22507] __msan_chain_origin+0x57/0xa0 [ 1157.253348][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1157.258677][T22507] get_compat_msghdr+0x108/0x2b0 [ 1157.263952][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1157.263952][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1157.275771][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.275771][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.283869][T22507] __do_fast_syscall_32+0x129/0x180 [ 1157.293480][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1157.296040][T22507] do_SYSENTER_32+0x73/0x90 [ 1157.296040][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1157.306711][T22507] [ 1157.306711][T22507] Uninit was stored to memory at: [ 1157.315782][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1157.315782][T22507] __msan_chain_origin+0x57/0xa0 [ 1157.323998][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1157.323998][T22507] get_compat_msghdr+0x108/0x2b0 [ 1157.337593][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1157.337593][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1157.343846][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.353368][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.355919][T22507] __do_fast_syscall_32+0x129/0x180 [ 1157.363867][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1157.363867][T22507] do_SYSENTER_32+0x73/0x90 [ 1157.373360][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1157.375854][T22507] [ 1157.375854][T22507] Uninit was stored to memory at: [ 1157.383992][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1157.393352][T22507] __msan_chain_origin+0x57/0xa0 [ 1157.395934][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1157.403286][T22507] get_compat_msghdr+0x108/0x2b0 [ 1157.403850][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1157.403850][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1157.415882][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.423282][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.423845][T22507] __do_fast_syscall_32+0x129/0x180 [ 1157.433386][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1157.435911][T22507] do_SYSENTER_32+0x73/0x90 [ 1157.443324][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1157.445708][T22507] [ 1157.445708][T22507] Uninit was stored to memory at: [ 1157.455787][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1157.455787][T22507] __msan_chain_origin+0x57/0xa0 [ 1157.455787][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1157.455787][T22507] get_compat_msghdr+0x108/0x2b0 [ 1157.455787][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1157.480129][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1157.483254][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.493347][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.496284][T22507] __do_fast_syscall_32+0x129/0x180 [ 1157.503419][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1157.503419][T22507] do_SYSENTER_32+0x73/0x90 [ 1157.513343][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1157.516233][T22507] [ 1157.516233][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1157.523267][T22507] do_recvmmsg+0xc2/0x22e0 [ 1157.533371][T22507] do_recvmmsg+0xc2/0x22e0 [ 1157.929734][T22507] not chained 840000 origins [ 1157.933144][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1157.933144][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1157.943332][T22507] Call Trace: [ 1157.943332][T22507] dump_stack+0x21c/0x280 [ 1157.943332][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1157.943332][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1157.943332][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1157.943332][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1157.983289][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1157.983289][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1157.983289][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1157.983289][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1157.983289][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1157.983289][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1158.013277][T22507] ? _copy_from_user+0x201/0x310 [ 1158.013277][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1158.013277][T22507] __msan_chain_origin+0x57/0xa0 [ 1158.013277][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1158.013277][T22507] get_compat_msghdr+0x108/0x2b0 [ 1158.013277][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1158.013277][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1158.013277][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1158.013277][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1158.013277][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1158.013277][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1158.013277][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1158.013277][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.083283][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.083283][T22507] __do_fast_syscall_32+0x129/0x180 [ 1158.083283][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1158.083283][T22507] do_SYSENTER_32+0x73/0x90 [ 1158.083283][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.105468][T22507] RIP: 0023:0xf7f56549 [ 1158.112660][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1158.112660][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1158.112660][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1158.112660][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1158.112660][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1158.112660][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1158.112660][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1158.112660][T22507] Uninit was stored to memory at: [ 1158.112660][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1158.112660][T22507] __msan_chain_origin+0x57/0xa0 [ 1158.112660][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1158.112660][T22507] get_compat_msghdr+0x108/0x2b0 [ 1158.112660][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1158.112660][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1158.112660][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.112660][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.112660][T22507] __do_fast_syscall_32+0x129/0x180 [ 1158.112660][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1158.112660][T22507] do_SYSENTER_32+0x73/0x90 [ 1158.112660][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.112660][T22507] [ 1158.112660][T22507] Uninit was stored to memory at: [ 1158.112660][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1158.112660][T22507] __msan_chain_origin+0x57/0xa0 [ 1158.112660][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1158.112660][T22507] get_compat_msghdr+0x108/0x2b0 [ 1158.112660][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1158.112660][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1158.112660][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.112660][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.112660][T22507] __do_fast_syscall_32+0x129/0x180 [ 1158.112660][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1158.112660][T22507] do_SYSENTER_32+0x73/0x90 [ 1158.112660][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.112660][T22507] [ 1158.112660][T22507] Uninit was stored to memory at: [ 1158.112660][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1158.112660][T22507] __msan_chain_origin+0x57/0xa0 [ 1158.112660][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1158.112660][T22507] get_compat_msghdr+0x108/0x2b0 [ 1158.112660][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1158.112660][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1158.112660][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.112660][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.112660][T22507] __do_fast_syscall_32+0x129/0x180 [ 1158.112660][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1158.112660][T22507] do_SYSENTER_32+0x73/0x90 [ 1158.112660][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.112660][T22507] [ 1158.112660][T22507] Uninit was stored to memory at: [ 1158.112660][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1158.112660][T22507] __msan_chain_origin+0x57/0xa0 [ 1158.112660][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1158.112660][T22507] get_compat_msghdr+0x108/0x2b0 [ 1158.112660][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1158.112660][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1158.112660][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.112660][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.112660][T22507] __do_fast_syscall_32+0x129/0x180 [ 1158.112660][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1158.112660][T22507] do_SYSENTER_32+0x73/0x90 [ 1158.112660][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.112660][T22507] [ 1158.112660][T22507] Uninit was stored to memory at: [ 1158.112660][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1158.112660][T22507] __msan_chain_origin+0x57/0xa0 [ 1158.112660][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1158.112660][T22507] get_compat_msghdr+0x108/0x2b0 [ 1158.112660][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1158.112660][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1158.112660][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.112660][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.112660][T22507] __do_fast_syscall_32+0x129/0x180 [ 1158.112660][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1158.112660][T22507] do_SYSENTER_32+0x73/0x90 [ 1158.112660][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.112660][T22507] [ 1158.112660][T22507] Uninit was stored to memory at: [ 1158.112660][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1158.112660][T22507] __msan_chain_origin+0x57/0xa0 [ 1158.112660][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1158.112660][T22507] get_compat_msghdr+0x108/0x2b0 [ 1158.112660][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1158.112660][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1158.112660][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.112660][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.112660][T22507] __do_fast_syscall_32+0x129/0x180 [ 1158.112660][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1158.112660][T22507] do_SYSENTER_32+0x73/0x90 [ 1158.112660][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.112660][T22507] [ 1158.112660][T22507] Uninit was stored to memory at: [ 1158.112660][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1158.112660][T22507] __msan_chain_origin+0x57/0xa0 [ 1158.112660][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1158.112660][T22507] get_compat_msghdr+0x108/0x2b0 [ 1158.112660][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1158.112660][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1158.112660][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.112660][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.112660][T22507] __do_fast_syscall_32+0x129/0x180 [ 1158.112660][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1158.112660][T22507] do_SYSENTER_32+0x73/0x90 [ 1158.112660][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.112660][T22507] [ 1158.112660][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1158.112660][T22507] do_recvmmsg+0xc2/0x22e0 [ 1158.112660][T22507] do_recvmmsg+0xc2/0x22e0 [ 1158.913051][T22507] not chained 850000 origins [ 1158.913249][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1158.913249][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1158.913249][T22507] Call Trace: [ 1158.913249][T22507] dump_stack+0x21c/0x280 [ 1158.913249][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1158.913249][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1158.953258][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1158.953258][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1158.953258][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1158.953258][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1158.953258][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1158.953258][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1158.953258][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1158.953258][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1158.953258][T22507] ? _copy_from_user+0x201/0x310 [ 1158.953258][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1158.953258][T22507] __msan_chain_origin+0x57/0xa0 [ 1158.953258][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1158.953258][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.023346][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.023346][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1159.023346][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1159.023346][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1159.023346][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.023346][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1159.023346][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1159.023346][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.023346][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.023346][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.023346][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.023346][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.023346][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.023346][T22507] RIP: 0023:0xf7f56549 [ 1159.023346][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1159.023346][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1159.023346][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1159.023346][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1159.023346][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1159.023346][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1159.023346][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1159.023346][T22507] Uninit was stored to memory at: [ 1159.023346][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.023346][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.023346][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.023346][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.023346][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.023346][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.023346][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.023346][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.023346][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.023346][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.023346][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.023346][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.023346][T22507] [ 1159.023346][T22507] Uninit was stored to memory at: [ 1159.023346][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.023346][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.023346][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.023346][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.023346][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.023346][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.023346][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.023346][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.023346][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.023346][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.023346][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.023346][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.023346][T22507] [ 1159.023346][T22507] Uninit was stored to memory at: [ 1159.023346][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.023346][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.023346][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.023346][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.023346][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.023346][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.023346][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.023346][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.023346][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.023346][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.023346][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.023346][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.023346][T22507] [ 1159.023346][T22507] Uninit was stored to memory at: [ 1159.023346][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.023346][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.023346][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.023346][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.023346][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.023346][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.023346][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.023346][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.023346][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.023346][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.023346][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.023346][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.023346][T22507] [ 1159.023346][T22507] Uninit was stored to memory at: [ 1159.023346][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.023346][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.023346][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.023346][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.023346][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.023346][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.023346][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.023346][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.023346][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.023346][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.023346][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.023346][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.023346][T22507] [ 1159.023346][T22507] Uninit was stored to memory at: [ 1159.023346][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.023346][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.023346][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.023346][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.023346][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.023346][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.023346][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.023346][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.023346][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.023346][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.023346][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.023346][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.023346][T22507] [ 1159.023346][T22507] Uninit was stored to memory at: [ 1159.023346][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.023346][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.023346][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.023346][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.023346][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.023346][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.023346][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.023346][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.023346][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.023346][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.023346][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.023346][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.023346][T22507] [ 1159.023346][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1159.023346][T22507] do_recvmmsg+0xc2/0x22e0 [ 1159.023346][T22507] do_recvmmsg+0xc2/0x22e0 [ 1159.872393][T22507] not chained 860000 origins [ 1159.873139][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1159.873139][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1159.873139][T22507] Call Trace: [ 1159.873139][T22507] dump_stack+0x21c/0x280 [ 1159.873139][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1159.873139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1159.873139][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1159.873139][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1159.873139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1159.873139][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1159.873139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1159.873139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1159.873139][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1159.873139][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1159.873139][T22507] ? _copy_from_user+0x201/0x310 [ 1159.873139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1159.873139][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.873139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.873139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.873139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.873139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1159.873139][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1159.873139][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1159.873139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.873139][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1159.873139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1159.873139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.873139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.873139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.873139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.873139][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.873139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.873139][T22507] RIP: 0023:0xf7f56549 [ 1159.873139][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1159.873139][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1159.873139][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1159.873139][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1159.873139][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1159.873139][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1159.873139][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1159.873139][T22507] Uninit was stored to memory at: [ 1159.873139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.873139][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.873139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.873139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.873139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.873139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.873139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.873139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.873139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.873139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.873139][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.873139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.873139][T22507] [ 1159.873139][T22507] Uninit was stored to memory at: [ 1159.873139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.873139][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.873139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.873139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.873139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.873139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.873139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.873139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.873139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.873139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.873139][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.873139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.873139][T22507] [ 1159.873139][T22507] Uninit was stored to memory at: [ 1159.873139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.873139][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.873139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.873139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.873139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.873139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.873139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.873139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.873139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.873139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.873139][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.873139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.873139][T22507] [ 1159.873139][T22507] Uninit was stored to memory at: [ 1159.873139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.873139][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.873139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.873139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.873139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.873139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.873139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.873139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.873139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.873139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.873139][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.873139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.873139][T22507] [ 1159.873139][T22507] Uninit was stored to memory at: [ 1159.873139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.873139][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.873139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.873139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.873139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.873139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.873139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.873139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.873139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.873139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.873139][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.873139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.873139][T22507] [ 1159.873139][T22507] Uninit was stored to memory at: [ 1159.873139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.873139][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.873139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.873139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.873139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.873139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.873139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.873139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.873139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1159.873139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1159.873139][T22507] do_SYSENTER_32+0x73/0x90 [ 1159.873139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.873139][T22507] [ 1159.873139][T22507] Uninit was stored to memory at: [ 1159.873139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1159.873139][T22507] __msan_chain_origin+0x57/0xa0 [ 1159.873139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1159.873139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1159.873139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1159.873139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1159.873139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1160.583750][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1160.583750][T22507] __do_fast_syscall_32+0x129/0x180 [ 1160.583750][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1160.603249][T22507] do_SYSENTER_32+0x73/0x90 [ 1160.603249][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1160.613409][T22507] [ 1160.616350][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1160.623453][T22507] do_recvmmsg+0xc2/0x22e0 [ 1160.623453][T22507] do_recvmmsg+0xc2/0x22e0 [ 1160.932398][T22507] not chained 870000 origins [ 1160.933164][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1160.943754][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1160.943754][T22507] Call Trace: [ 1160.943754][T22507] dump_stack+0x21c/0x280 [ 1160.943754][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1160.943754][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1160.943754][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1160.943754][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1160.943754][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1160.943754][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1160.943754][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1160.943754][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1160.943754][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1160.943754][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1160.943754][T22507] ? _copy_from_user+0x201/0x310 [ 1160.943754][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1160.943754][T22507] __msan_chain_origin+0x57/0xa0 [ 1160.943754][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1160.943754][T22507] get_compat_msghdr+0x108/0x2b0 [ 1160.943754][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1160.943754][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1160.943754][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1160.943754][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1160.943754][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1160.943754][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1160.943754][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1160.943754][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1160.943754][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1160.943754][T22507] __do_fast_syscall_32+0x129/0x180 [ 1160.943754][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1160.943754][T22507] do_SYSENTER_32+0x73/0x90 [ 1160.943754][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1160.943754][T22507] RIP: 0023:0xf7f56549 [ 1160.943754][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1161.123252][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1161.123252][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1161.123252][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1161.123252][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1161.123252][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1161.123252][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1161.123252][T22507] Uninit was stored to memory at: [ 1161.123252][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1161.123252][T22507] __msan_chain_origin+0x57/0xa0 [ 1161.123252][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1161.123252][T22507] get_compat_msghdr+0x108/0x2b0 [ 1161.123252][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1161.123252][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1161.123252][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1161.123252][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1161.123252][T22507] __do_fast_syscall_32+0x129/0x180 [ 1161.123252][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1161.123252][T22507] do_SYSENTER_32+0x73/0x90 [ 1161.123252][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1161.123252][T22507] [ 1161.123252][T22507] Uninit was stored to memory at: [ 1161.123252][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1161.123252][T22507] __msan_chain_origin+0x57/0xa0 [ 1161.123252][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1161.123252][T22507] get_compat_msghdr+0x108/0x2b0 [ 1161.123252][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1161.123252][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1161.123252][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1161.123252][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1161.123252][T22507] __do_fast_syscall_32+0x129/0x180 [ 1161.123252][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1161.123252][T22507] do_SYSENTER_32+0x73/0x90 [ 1161.123252][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1161.123252][T22507] [ 1161.123252][T22507] Uninit was stored to memory at: [ 1161.123252][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1161.123252][T22507] __msan_chain_origin+0x57/0xa0 [ 1161.123252][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1161.123252][T22507] get_compat_msghdr+0x108/0x2b0 [ 1161.123252][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1161.123252][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1161.123252][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1161.123252][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1161.123252][T22507] __do_fast_syscall_32+0x129/0x180 [ 1161.123252][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1161.123252][T22507] do_SYSENTER_32+0x73/0x90 [ 1161.123252][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1161.123252][T22507] [ 1161.123252][T22507] Uninit was stored to memory at: [ 1161.123252][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1161.123252][T22507] __msan_chain_origin+0x57/0xa0 [ 1161.123252][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1161.123252][T22507] get_compat_msghdr+0x108/0x2b0 [ 1161.123252][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1161.123252][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1161.123252][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1161.123252][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1161.123252][T22507] __do_fast_syscall_32+0x129/0x180 [ 1161.123252][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1161.123252][T22507] do_SYSENTER_32+0x73/0x90 [ 1161.123252][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1161.123252][T22507] [ 1161.123252][T22507] Uninit was stored to memory at: [ 1161.123252][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1161.123252][T22507] __msan_chain_origin+0x57/0xa0 [ 1161.123252][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1161.123252][T22507] get_compat_msghdr+0x108/0x2b0 [ 1161.123252][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1161.123252][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1161.123252][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1161.123252][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1161.123252][T22507] __do_fast_syscall_32+0x129/0x180 [ 1161.123252][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1161.123252][T22507] do_SYSENTER_32+0x73/0x90 [ 1161.123252][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1161.123252][T22507] [ 1161.123252][T22507] Uninit was stored to memory at: [ 1161.123252][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1161.123252][T22507] __msan_chain_origin+0x57/0xa0 [ 1161.123252][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1161.123252][T22507] get_compat_msghdr+0x108/0x2b0 [ 1161.123252][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1161.123252][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1161.123252][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1161.123252][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1161.123252][T22507] __do_fast_syscall_32+0x129/0x180 [ 1161.123252][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1161.123252][T22507] do_SYSENTER_32+0x73/0x90 [ 1161.123252][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1161.123252][T22507] [ 1161.123252][T22507] Uninit was stored to memory at: [ 1161.123252][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1161.123252][T22507] __msan_chain_origin+0x57/0xa0 [ 1161.123252][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1161.123252][T22507] get_compat_msghdr+0x108/0x2b0 [ 1161.123252][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1161.123252][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1161.123252][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1161.123252][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1161.123252][T22507] __do_fast_syscall_32+0x129/0x180 [ 1161.123252][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1161.123252][T22507] do_SYSENTER_32+0x73/0x90 [ 1161.123252][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1161.123252][T22507] [ 1161.123252][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1161.123252][T22507] do_recvmmsg+0xc2/0x22e0 [ 1161.123252][T22507] do_recvmmsg+0xc2/0x22e0 [ 1161.905178][T22507] not chained 880000 origins [ 1161.909800][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1161.913211][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1161.913211][T22507] Call Trace: [ 1161.913211][T22507] dump_stack+0x21c/0x280 [ 1161.913211][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1161.913211][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1161.913211][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1161.913211][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1161.913211][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1161.913211][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1161.913211][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1161.913211][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1161.913211][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1161.913211][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1161.913211][T22507] ? _copy_from_user+0x201/0x310 [ 1161.913211][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1161.913211][T22507] __msan_chain_origin+0x57/0xa0 [ 1161.913211][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1161.913211][T22507] get_compat_msghdr+0x108/0x2b0 [ 1161.913211][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1161.913211][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1161.913211][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1161.913211][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1161.913211][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1161.913211][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1161.913211][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1161.913211][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1161.913211][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1161.913211][T22507] __do_fast_syscall_32+0x129/0x180 [ 1161.913211][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1161.913211][T22507] do_SYSENTER_32+0x73/0x90 [ 1161.913211][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1161.913211][T22507] RIP: 0023:0xf7f56549 [ 1161.913211][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1161.913211][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1161.913211][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1161.913211][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1162.133729][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1162.133729][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1162.143248][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1162.143248][T22507] Uninit was stored to memory at: [ 1162.143248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.143248][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.143248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.143248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.143248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.143248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.143248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.143248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.143248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.143248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.143248][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.143248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.143248][T22507] [ 1162.143248][T22507] Uninit was stored to memory at: [ 1162.143248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.143248][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.143248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.143248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.143248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.143248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.143248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.143248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.143248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.143248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.143248][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.143248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.143248][T22507] [ 1162.143248][T22507] Uninit was stored to memory at: [ 1162.143248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.143248][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.143248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.143248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.143248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.143248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.143248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.143248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.143248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.143248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.143248][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.143248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.143248][T22507] [ 1162.143248][T22507] Uninit was stored to memory at: [ 1162.143248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.143248][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.143248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.143248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.143248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.143248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.143248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.143248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.143248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.143248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.143248][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.143248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.143248][T22507] [ 1162.143248][T22507] Uninit was stored to memory at: [ 1162.143248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.143248][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.143248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.143248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.143248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.143248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.143248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.143248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.143248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.143248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.143248][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.143248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.143248][T22507] [ 1162.143248][T22507] Uninit was stored to memory at: [ 1162.143248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.143248][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.143248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.143248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.143248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.143248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.143248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.143248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.143248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.143248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.143248][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.143248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.143248][T22507] [ 1162.143248][T22507] Uninit was stored to memory at: [ 1162.143248][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.143248][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.143248][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.143248][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.143248][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.143248][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.143248][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.143248][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.143248][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.143248][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.143248][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.143248][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.143248][T22507] [ 1162.143248][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1162.143248][T22507] do_recvmmsg+0xc2/0x22e0 [ 1162.143248][T22507] do_recvmmsg+0xc2/0x22e0 [ 1162.914848][T22507] not chained 890000 origins [ 1162.919462][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1162.923139][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1162.923139][T22507] Call Trace: [ 1162.923139][T22507] dump_stack+0x21c/0x280 [ 1162.923139][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1162.923139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1162.923139][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1162.923139][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1162.923139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1162.923139][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1162.923139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1162.923139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1162.923139][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1162.923139][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1162.923139][T22507] ? _copy_from_user+0x201/0x310 [ 1162.923139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1162.923139][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.923139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.923139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.923139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.923139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1162.923139][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1162.923139][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1162.923139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.923139][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1162.923139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1162.923139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.923139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.923139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.923139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.923139][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.923139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.923139][T22507] RIP: 0023:0xf7f56549 [ 1162.923139][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1162.923139][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1162.923139][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1162.923139][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1162.923139][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1162.923139][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1162.923139][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1162.923139][T22507] Uninit was stored to memory at: [ 1162.923139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.923139][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.923139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.923139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.923139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.923139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.923139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.923139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.923139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.923139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.923139][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.923139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.923139][T22507] [ 1162.923139][T22507] Uninit was stored to memory at: [ 1162.923139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.923139][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.923139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.923139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.923139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.923139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.923139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.923139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.923139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.923139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.923139][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.923139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.923139][T22507] [ 1162.923139][T22507] Uninit was stored to memory at: [ 1162.923139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.923139][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.923139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.923139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.923139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.923139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.923139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.923139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.923139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.923139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.923139][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.923139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.923139][T22507] [ 1162.923139][T22507] Uninit was stored to memory at: [ 1162.923139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.923139][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.923139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.923139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.923139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.923139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.923139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.923139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.923139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.923139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.923139][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.923139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.923139][T22507] [ 1162.923139][T22507] Uninit was stored to memory at: [ 1162.923139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.923139][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.923139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.923139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.923139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.923139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.923139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.923139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.923139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.923139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.923139][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.923139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.923139][T22507] [ 1162.923139][T22507] Uninit was stored to memory at: [ 1162.923139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.923139][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.923139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.923139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.923139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.923139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.923139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.923139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.923139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.923139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.923139][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.923139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.923139][T22507] [ 1162.923139][T22507] Uninit was stored to memory at: [ 1162.923139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1162.923139][T22507] __msan_chain_origin+0x57/0xa0 [ 1162.923139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1162.923139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1162.923139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1162.923139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1162.923139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1162.923139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1162.923139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1162.923139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1162.923139][T22507] do_SYSENTER_32+0x73/0x90 [ 1162.923139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1162.923139][T22507] [ 1162.923139][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1162.923139][T22507] do_recvmmsg+0xc2/0x22e0 [ 1162.923139][T22507] do_recvmmsg+0xc2/0x22e0 [ 1163.897278][T22507] not chained 900000 origins [ 1163.901877][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1163.903293][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1163.917629][T22507] Call Trace: [ 1163.923254][T22507] dump_stack+0x21c/0x280 [ 1163.923254][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1163.933392][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1163.936319][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1163.944377][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1163.944377][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1163.953404][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1163.956381][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1163.963262][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1163.963262][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1163.976275][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1163.983275][T22507] ? _copy_from_user+0x201/0x310 [ 1163.983275][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1163.993384][T22507] __msan_chain_origin+0x57/0xa0 [ 1163.996373][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1164.003305][T22507] get_compat_msghdr+0x108/0x2b0 [ 1164.005211][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1164.013379][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1164.015670][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1164.023568][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1164.023568][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1164.033342][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1164.036493][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1164.043438][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1164.043438][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1164.056268][T22507] __do_fast_syscall_32+0x129/0x180 [ 1164.056268][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1164.063259][T22507] do_SYSENTER_32+0x73/0x90 [ 1164.063259][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1164.076382][T22507] RIP: 0023:0xf7f56549 [ 1164.076382][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1164.096235][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1164.103477][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1164.113354][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1164.123257][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1164.133378][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1164.136334][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1164.143433][T22507] Uninit was stored to memory at: [ 1164.153340][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1164.156251][T22507] __msan_chain_origin+0x57/0xa0 [ 1164.163441][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1164.163441][T22507] get_compat_msghdr+0x108/0x2b0 [ 1164.173401][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1164.176385][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1164.183328][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1164.183328][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1164.196367][T22507] __do_fast_syscall_32+0x129/0x180 [ 1164.196367][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1164.204149][T22507] do_SYSENTER_32+0x73/0x90 [ 1164.204149][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1164.216374][T22507] [ 1164.216374][T22507] Uninit was stored to memory at: [ 1164.223283][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1164.225131][T22507] __msan_chain_origin+0x57/0xa0 [ 1164.233414][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1164.236373][T22507] get_compat_msghdr+0x108/0x2b0 [ 1164.243260][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1164.243260][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1164.253339][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1164.256507][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1164.263444][T22507] __do_fast_syscall_32+0x129/0x180 [ 1164.263444][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1164.276268][T22507] do_SYSENTER_32+0x73/0x90 [ 1164.276268][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1164.283262][T22507] [ 1164.283262][T22507] Uninit was stored to memory at: [ 1164.293369][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1164.296350][T22507] __msan_chain_origin+0x57/0xa0 [ 1164.303310][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1164.303310][T22507] get_compat_msghdr+0x108/0x2b0 [ 1164.313341][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1164.316325][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1164.324595][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1164.324595][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1164.333395][T22507] __do_fast_syscall_32+0x129/0x180 [ 1164.338117][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1164.343264][T22507] do_SYSENTER_32+0x73/0x90 [ 1164.343264][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1164.356371][T22507] [ 1164.356371][T22507] Uninit was stored to memory at: [ 1164.363260][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1164.363260][T22507] __msan_chain_origin+0x57/0xa0 [ 1164.373407][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1164.376366][T22507] get_compat_msghdr+0x108/0x2b0 [ 1164.383418][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1164.383418][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1164.393335][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1164.396239][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1164.403261][T22507] __do_fast_syscall_32+0x129/0x180 [ 1164.413450][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1164.416479][T22507] do_SYSENTER_32+0x73/0x90 [ 1164.416479][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1164.426616][T22507] [ 1164.426616][T22507] Uninit was stored to memory at: [ 1164.436420][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1164.436420][T22507] __msan_chain_origin+0x57/0xa0 [ 1164.445265][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1164.445265][T22507] get_compat_msghdr+0x108/0x2b0 [ 1164.456309][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1164.456309][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1164.463295][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1164.463295][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1164.476610][T22507] __do_fast_syscall_32+0x129/0x180 [ 1164.483279][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1164.483279][T22507] do_SYSENTER_32+0x73/0x90 [ 1164.493360][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1164.496314][T22507] [ 1164.496314][T22507] Uninit was stored to memory at: [ 1164.503462][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1164.503462][T22507] __msan_chain_origin+0x57/0xa0 [ 1164.516339][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1164.516339][T22507] get_compat_msghdr+0x108/0x2b0 [ 1164.523289][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1164.529065][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1164.536346][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1164.536346][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1164.543486][T22507] __do_fast_syscall_32+0x129/0x180 [ 1164.553369][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1164.558137][T22507] do_SYSENTER_32+0x73/0x90 [ 1164.563425][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1164.563425][T22507] [ 1164.563425][T22507] Uninit was stored to memory at: [ 1164.576334][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1164.583432][T22507] __msan_chain_origin+0x57/0xa0 [ 1164.583432][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1164.593377][T22507] get_compat_msghdr+0x108/0x2b0 [ 1164.596396][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1164.603263][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1164.603263][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1164.613344][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1164.616252][T22507] __do_fast_syscall_32+0x129/0x180 [ 1164.623450][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1164.623450][T22507] do_SYSENTER_32+0x73/0x90 [ 1164.633339][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1164.636247][T22507] [ 1164.643260][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1164.643260][T22507] do_recvmmsg+0xc2/0x22e0 [ 1164.653450][T22507] do_recvmmsg+0xc2/0x22e0 [ 1164.952397][T22507] not chained 910000 origins [ 1164.953155][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1164.953155][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1164.953155][T22507] Call Trace: [ 1164.953155][T22507] dump_stack+0x21c/0x280 [ 1164.953155][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1164.953155][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1164.953155][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1164.953155][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1164.953155][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1164.953155][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1164.953155][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1164.953155][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1164.953155][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1164.953155][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1164.953155][T22507] ? _copy_from_user+0x201/0x310 [ 1165.039703][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1165.039703][T22507] __msan_chain_origin+0x57/0xa0 [ 1165.039703][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1165.039703][T22507] get_compat_msghdr+0x108/0x2b0 [ 1165.039703][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1165.039703][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1165.039703][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1165.039703][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1165.039703][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1165.039703][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1165.039703][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1165.039703][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1165.039703][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1165.039703][T22507] __do_fast_syscall_32+0x129/0x180 [ 1165.039703][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1165.039703][T22507] do_SYSENTER_32+0x73/0x90 [ 1165.039703][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1165.039703][T22507] RIP: 0023:0xf7f56549 [ 1165.039703][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1165.039703][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1165.039703][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1165.039703][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1165.039703][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1165.039703][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1165.039703][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1165.039703][T22507] Uninit was stored to memory at: [ 1165.039703][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1165.039703][T22507] __msan_chain_origin+0x57/0xa0 [ 1165.039703][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1165.039703][T22507] get_compat_msghdr+0x108/0x2b0 [ 1165.039703][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1165.039703][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1165.039703][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1165.039703][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1165.039703][T22507] __do_fast_syscall_32+0x129/0x180 [ 1165.039703][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1165.039703][T22507] do_SYSENTER_32+0x73/0x90 [ 1165.039703][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1165.039703][T22507] [ 1165.039703][T22507] Uninit was stored to memory at: [ 1165.039703][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1165.039703][T22507] __msan_chain_origin+0x57/0xa0 [ 1165.039703][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1165.039703][T22507] get_compat_msghdr+0x108/0x2b0 [ 1165.039703][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1165.039703][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1165.039703][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1165.039703][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1165.039703][T22507] __do_fast_syscall_32+0x129/0x180 [ 1165.039703][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1165.039703][T22507] do_SYSENTER_32+0x73/0x90 [ 1165.335031][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1165.335031][T22507] [ 1165.335031][T22507] Uninit was stored to memory at: [ 1165.335031][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1165.335031][T22507] __msan_chain_origin+0x57/0xa0 [ 1165.335031][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1165.335031][T22507] get_compat_msghdr+0x108/0x2b0 [ 1165.335031][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1165.335031][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1165.335031][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1165.335031][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1165.335031][T22507] __do_fast_syscall_32+0x129/0x180 [ 1165.335031][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1165.335031][T22507] do_SYSENTER_32+0x73/0x90 [ 1165.335031][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1165.335031][T22507] [ 1165.335031][T22507] Uninit was stored to memory at: [ 1165.335031][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1165.335031][T22507] __msan_chain_origin+0x57/0xa0 [ 1165.335031][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1165.335031][T22507] get_compat_msghdr+0x108/0x2b0 [ 1165.335031][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1165.335031][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1165.335031][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1165.335031][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1165.335031][T22507] __do_fast_syscall_32+0x129/0x180 [ 1165.335031][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1165.335031][T22507] do_SYSENTER_32+0x73/0x90 [ 1165.335031][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1165.335031][T22507] [ 1165.335031][T22507] Uninit was stored to memory at: [ 1165.335031][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1165.335031][T22507] __msan_chain_origin+0x57/0xa0 [ 1165.335031][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1165.335031][T22507] get_compat_msghdr+0x108/0x2b0 [ 1165.335031][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1165.335031][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1165.335031][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1165.335031][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1165.335031][T22507] __do_fast_syscall_32+0x129/0x180 [ 1165.335031][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1165.335031][T22507] do_SYSENTER_32+0x73/0x90 [ 1165.335031][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1165.335031][T22507] [ 1165.335031][T22507] Uninit was stored to memory at: [ 1165.335031][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1165.335031][T22507] __msan_chain_origin+0x57/0xa0 [ 1165.335031][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1165.335031][T22507] get_compat_msghdr+0x108/0x2b0 [ 1165.335031][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1165.335031][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1165.335031][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1165.335031][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1165.335031][T22507] __do_fast_syscall_32+0x129/0x180 [ 1165.335031][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1165.335031][T22507] do_SYSENTER_32+0x73/0x90 [ 1165.335031][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1165.335031][T22507] [ 1165.335031][T22507] Uninit was stored to memory at: [ 1165.335031][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1165.335031][T22507] __msan_chain_origin+0x57/0xa0 [ 1165.335031][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1165.335031][T22507] get_compat_msghdr+0x108/0x2b0 [ 1165.335031][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1165.335031][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1165.335031][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1165.335031][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1165.335031][T22507] __do_fast_syscall_32+0x129/0x180 [ 1165.335031][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1165.335031][T22507] do_SYSENTER_32+0x73/0x90 [ 1165.335031][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1165.335031][T22507] [ 1165.335031][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1165.335031][T22507] do_recvmmsg+0xc2/0x22e0 [ 1165.335031][T22507] do_recvmmsg+0xc2/0x22e0 [ 1165.927885][T22507] not chained 920000 origins [ 1165.932503][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1165.933158][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1165.933158][T22507] Call Trace: [ 1165.933158][T22507] dump_stack+0x21c/0x280 [ 1165.933158][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1165.961111][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1165.961111][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1165.961111][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1165.961111][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1165.961111][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1165.961111][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1165.961111][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1165.961111][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1165.961111][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1165.961111][T22507] ? _copy_from_user+0x201/0x310 [ 1166.015451][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1166.023238][T22507] __msan_chain_origin+0x57/0xa0 [ 1166.023238][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1166.023238][T22507] get_compat_msghdr+0x108/0x2b0 [ 1166.023238][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1166.023238][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1166.023238][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1166.023238][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1166.023238][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1166.023238][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1166.023238][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1166.023238][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1166.023238][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1166.023238][T22507] __do_fast_syscall_32+0x129/0x180 [ 1166.023238][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1166.023238][T22507] do_SYSENTER_32+0x73/0x90 [ 1166.023238][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1166.023238][T22507] RIP: 0023:0xf7f56549 [ 1166.023238][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1166.023238][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1166.023238][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1166.023238][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1166.023238][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1166.023238][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1166.023238][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1166.023238][T22507] Uninit was stored to memory at: [ 1166.023238][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1166.023238][T22507] __msan_chain_origin+0x57/0xa0 [ 1166.023238][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1166.023238][T22507] get_compat_msghdr+0x108/0x2b0 [ 1166.023238][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1166.023238][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1166.023238][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1166.023238][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1166.023238][T22507] __do_fast_syscall_32+0x129/0x180 [ 1166.023238][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1166.023238][T22507] do_SYSENTER_32+0x73/0x90 [ 1166.023238][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1166.023238][T22507] [ 1166.023238][T22507] Uninit was stored to memory at: [ 1166.023238][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1166.023238][T22507] __msan_chain_origin+0x57/0xa0 [ 1166.023238][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1166.023238][T22507] get_compat_msghdr+0x108/0x2b0 [ 1166.023238][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1166.023238][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1166.023238][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1166.023238][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1166.023238][T22507] __do_fast_syscall_32+0x129/0x180 [ 1166.023238][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1166.023238][T22507] do_SYSENTER_32+0x73/0x90 [ 1166.023238][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1166.023238][T22507] [ 1166.023238][T22507] Uninit was stored to memory at: [ 1166.023238][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1166.023238][T22507] __msan_chain_origin+0x57/0xa0 [ 1166.023238][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1166.342016][T22507] get_compat_msghdr+0x108/0x2b0 [ 1166.349135][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1166.349151][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1166.349151][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1166.349151][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1166.349151][T22507] __do_fast_syscall_32+0x129/0x180 [ 1166.349151][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1166.349151][T22507] do_SYSENTER_32+0x73/0x90 [ 1166.349151][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1166.349151][T22507] [ 1166.349151][T22507] Uninit was stored to memory at: [ 1166.349151][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1166.349151][T22507] __msan_chain_origin+0x57/0xa0 [ 1166.349151][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1166.349151][T22507] get_compat_msghdr+0x108/0x2b0 [ 1166.349151][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1166.349151][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1166.349151][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1166.349151][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1166.349151][T22507] __do_fast_syscall_32+0x129/0x180 [ 1166.349151][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1166.349151][T22507] do_SYSENTER_32+0x73/0x90 [ 1166.349151][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1166.349151][T22507] [ 1166.349151][T22507] Uninit was stored to memory at: [ 1166.349151][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1166.349151][T22507] __msan_chain_origin+0x57/0xa0 [ 1166.349151][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1166.349151][T22507] get_compat_msghdr+0x108/0x2b0 [ 1166.349151][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1166.349151][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1166.349151][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1166.349151][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1166.349151][T22507] __do_fast_syscall_32+0x129/0x180 [ 1166.349151][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1166.349151][T22507] do_SYSENTER_32+0x73/0x90 [ 1166.349151][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1166.349151][T22507] [ 1166.349151][T22507] Uninit was stored to memory at: [ 1166.349151][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1166.349151][T22507] __msan_chain_origin+0x57/0xa0 [ 1166.349151][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1166.349151][T22507] get_compat_msghdr+0x108/0x2b0 [ 1166.349151][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1166.349151][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1166.349151][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1166.349151][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1166.349151][T22507] __do_fast_syscall_32+0x129/0x180 [ 1166.349151][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1166.349151][T22507] do_SYSENTER_32+0x73/0x90 [ 1166.349151][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1166.349151][T22507] [ 1166.349151][T22507] Uninit was stored to memory at: [ 1166.349151][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1166.349151][T22507] __msan_chain_origin+0x57/0xa0 [ 1166.349151][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1166.349151][T22507] get_compat_msghdr+0x108/0x2b0 [ 1166.349151][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1166.349151][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1166.349151][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1166.349151][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1166.349151][T22507] __do_fast_syscall_32+0x129/0x180 [ 1166.349151][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1166.349151][T22507] do_SYSENTER_32+0x73/0x90 [ 1166.349151][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1166.349151][T22507] [ 1166.349151][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1166.349151][T22507] do_recvmmsg+0xc2/0x22e0 [ 1166.349151][T22507] do_recvmmsg+0xc2/0x22e0 [ 1166.922159][T22507] not chained 930000 origins [ 1166.923141][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1166.923141][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1166.923141][T22507] Call Trace: [ 1166.923141][T22507] dump_stack+0x21c/0x280 [ 1166.923141][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1166.923141][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1166.923141][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1166.923141][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1166.923141][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1166.923141][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1166.985083][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1166.985083][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1166.985083][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1166.985083][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1166.985083][T22507] ? _copy_from_user+0x201/0x310 [ 1166.985083][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1166.985083][T22507] __msan_chain_origin+0x57/0xa0 [ 1167.023320][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1167.023320][T22507] get_compat_msghdr+0x108/0x2b0 [ 1167.023320][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1167.023320][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1167.023320][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1167.023320][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1167.023320][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1167.023320][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1167.023320][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1167.023320][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1167.023320][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1167.023320][T22507] __do_fast_syscall_32+0x129/0x180 [ 1167.023320][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1167.093411][T22507] do_SYSENTER_32+0x73/0x90 [ 1167.093411][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1167.093411][T22507] RIP: 0023:0xf7f56549 [ 1167.093411][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1167.093411][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1167.093411][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1167.093411][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1167.093411][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1167.093411][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1167.093411][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1167.093411][T22507] Uninit was stored to memory at: [ 1167.093411][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1167.185679][T22507] __msan_chain_origin+0x57/0xa0 [ 1167.185679][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1167.185679][T22507] get_compat_msghdr+0x108/0x2b0 [ 1167.185679][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1167.185679][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1167.185679][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1167.185679][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1167.185679][T22507] __do_fast_syscall_32+0x129/0x180 [ 1167.185679][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1167.185679][T22507] do_SYSENTER_32+0x73/0x90 [ 1167.185679][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1167.185679][T22507] [ 1167.185679][T22507] Uninit was stored to memory at: [ 1167.185679][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1167.185679][T22507] __msan_chain_origin+0x57/0xa0 [ 1167.185679][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1167.185679][T22507] get_compat_msghdr+0x108/0x2b0 [ 1167.185679][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1167.185679][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1167.185679][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1167.185679][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1167.185679][T22507] __do_fast_syscall_32+0x129/0x180 [ 1167.185679][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1167.185679][T22507] do_SYSENTER_32+0x73/0x90 [ 1167.185679][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1167.185679][T22507] [ 1167.185679][T22507] Uninit was stored to memory at: [ 1167.185679][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1167.185679][T22507] __msan_chain_origin+0x57/0xa0 [ 1167.185679][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1167.185679][T22507] get_compat_msghdr+0x108/0x2b0 [ 1167.185679][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1167.185679][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1167.185679][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1167.185679][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1167.185679][T22507] __do_fast_syscall_32+0x129/0x180 [ 1167.185679][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1167.185679][T22507] do_SYSENTER_32+0x73/0x90 [ 1167.185679][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1167.185679][T22507] [ 1167.185679][T22507] Uninit was stored to memory at: [ 1167.185679][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1167.185679][T22507] __msan_chain_origin+0x57/0xa0 [ 1167.185679][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1167.185679][T22507] get_compat_msghdr+0x108/0x2b0 [ 1167.185679][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1167.185679][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1167.185679][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1167.185679][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1167.185679][T22507] __do_fast_syscall_32+0x129/0x180 [ 1167.185679][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1167.185679][T22507] do_SYSENTER_32+0x73/0x90 [ 1167.185679][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1167.185679][T22507] [ 1167.185679][T22507] Uninit was stored to memory at: [ 1167.185679][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1167.185679][T22507] __msan_chain_origin+0x57/0xa0 [ 1167.185679][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1167.185679][T22507] get_compat_msghdr+0x108/0x2b0 [ 1167.185679][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1167.185679][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1167.185679][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1167.185679][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1167.185679][T22507] __do_fast_syscall_32+0x129/0x180 [ 1167.185679][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1167.185679][T22507] do_SYSENTER_32+0x73/0x90 [ 1167.185679][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1167.185679][T22507] [ 1167.185679][T22507] Uninit was stored to memory at: [ 1167.185679][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1167.185679][T22507] __msan_chain_origin+0x57/0xa0 [ 1167.185679][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1167.185679][T22507] get_compat_msghdr+0x108/0x2b0 [ 1167.185679][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1167.185679][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1167.185679][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1167.185679][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1167.185679][T22507] __do_fast_syscall_32+0x129/0x180 [ 1167.185679][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1167.185679][T22507] do_SYSENTER_32+0x73/0x90 [ 1167.185679][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1167.185679][T22507] [ 1167.185679][T22507] Uninit was stored to memory at: [ 1167.185679][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1167.185679][T22507] __msan_chain_origin+0x57/0xa0 [ 1167.185679][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1167.185679][T22507] get_compat_msghdr+0x108/0x2b0 [ 1167.185679][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1167.185679][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1167.185679][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1167.185679][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1167.185679][T22507] __do_fast_syscall_32+0x129/0x180 [ 1167.185679][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1167.185679][T22507] do_SYSENTER_32+0x73/0x90 [ 1167.185679][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1167.185679][T22507] [ 1167.185679][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1167.185679][T22507] do_recvmmsg+0xc2/0x22e0 [ 1167.185679][T22507] do_recvmmsg+0xc2/0x22e0 [ 1167.921339][T22507] not chained 940000 origins [ 1167.923140][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1167.923140][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1167.923140][T22507] Call Trace: [ 1167.923140][T22507] dump_stack+0x21c/0x280 [ 1167.923140][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1167.923140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1167.923140][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1167.923140][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1167.923140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1167.923140][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1167.923140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1167.923140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1167.923140][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1167.923140][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1167.923140][T22507] ? _copy_from_user+0x201/0x310 [ 1167.923140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1167.923140][T22507] __msan_chain_origin+0x57/0xa0 [ 1167.923140][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1167.923140][T22507] get_compat_msghdr+0x108/0x2b0 [ 1167.923140][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1167.923140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1167.923140][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1167.923140][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1167.923140][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1167.923140][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1167.923140][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1167.923140][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1167.923140][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1167.923140][T22507] __do_fast_syscall_32+0x129/0x180 [ 1167.923140][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1167.923140][T22507] do_SYSENTER_32+0x73/0x90 [ 1167.923140][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1167.923140][T22507] RIP: 0023:0xf7f56549 [ 1167.923140][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1167.923140][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1167.923140][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1167.923140][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1167.923140][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1167.923140][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1167.923140][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1167.923140][T22507] Uninit was stored to memory at: [ 1167.923140][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1167.923140][T22507] __msan_chain_origin+0x57/0xa0 [ 1167.923140][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1167.923140][T22507] get_compat_msghdr+0x108/0x2b0 [ 1167.923140][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1167.923140][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1167.923140][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.215734][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.215734][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.215734][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.215734][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.215734][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.215734][T22507] [ 1168.215734][T22507] Uninit was stored to memory at: [ 1168.215734][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.215734][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.215734][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.215734][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.215734][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.215734][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.215734][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.215734][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.215734][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.215734][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.215734][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.215734][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.215734][T22507] [ 1168.215734][T22507] Uninit was stored to memory at: [ 1168.215734][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.215734][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.215734][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.215734][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.215734][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.215734][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.215734][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.215734][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.215734][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.215734][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.215734][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.215734][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.215734][T22507] [ 1168.215734][T22507] Uninit was stored to memory at: [ 1168.215734][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.215734][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.215734][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.215734][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.215734][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.215734][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.215734][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.215734][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.215734][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.215734][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.215734][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.215734][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.215734][T22507] [ 1168.215734][T22507] Uninit was stored to memory at: [ 1168.215734][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.215734][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.215734][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.215734][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.215734][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.215734][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.215734][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.215734][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.215734][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.215734][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.215734][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.215734][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.215734][T22507] [ 1168.215734][T22507] Uninit was stored to memory at: [ 1168.215734][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.215734][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.215734][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.215734][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.215734][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.215734][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.215734][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.215734][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.215734][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.215734][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.215734][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.215734][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.215734][T22507] [ 1168.215734][T22507] Uninit was stored to memory at: [ 1168.215734][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.215734][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.215734][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.215734][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.215734][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.215734][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.215734][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.215734][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.215734][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.215734][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.215734][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.215734][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.215734][T22507] [ 1168.215734][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1168.215734][T22507] do_recvmmsg+0xc2/0x22e0 [ 1168.215734][T22507] do_recvmmsg+0xc2/0x22e0 [ 1168.932728][T22507] not chained 950000 origins [ 1168.933139][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1168.933139][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1168.933139][T22507] Call Trace: [ 1168.933139][T22507] dump_stack+0x21c/0x280 [ 1168.933139][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1168.933139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1168.933139][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1168.933139][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1168.933139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1168.933139][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1168.933139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1168.933139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1168.933139][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1168.933139][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1168.933139][T22507] ? _copy_from_user+0x201/0x310 [ 1168.933139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1168.933139][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.933139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.933139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.933139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.933139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1168.933139][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1168.933139][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1168.933139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.933139][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1168.933139][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1168.933139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.933139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.933139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.933139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.933139][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.933139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.933139][T22507] RIP: 0023:0xf7f56549 [ 1168.933139][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1168.933139][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1168.933139][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1168.933139][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1168.933139][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1168.933139][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1168.933139][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1168.933139][T22507] Uninit was stored to memory at: [ 1168.933139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.933139][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.933139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.933139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.933139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.933139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.933139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.933139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.933139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.933139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.933139][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.933139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.933139][T22507] [ 1168.933139][T22507] Uninit was stored to memory at: [ 1168.933139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.933139][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.933139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.933139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.933139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.933139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.933139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.933139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.933139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.933139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.933139][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.933139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.933139][T22507] [ 1168.933139][T22507] Uninit was stored to memory at: [ 1168.933139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.933139][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.933139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.933139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.933139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.933139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.933139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.933139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.933139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.933139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.933139][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.933139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.933139][T22507] [ 1168.933139][T22507] Uninit was stored to memory at: [ 1168.933139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.933139][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.933139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.933139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.933139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.933139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.933139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.933139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.933139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.933139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.933139][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.933139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.933139][T22507] [ 1168.933139][T22507] Uninit was stored to memory at: [ 1168.933139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.933139][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.933139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.933139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.933139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.933139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.933139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.933139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.933139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.933139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.933139][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.933139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.933139][T22507] [ 1168.933139][T22507] Uninit was stored to memory at: [ 1168.933139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.933139][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.933139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.933139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.933139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.933139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.933139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.933139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.933139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.933139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.933139][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.933139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.933139][T22507] [ 1168.933139][T22507] Uninit was stored to memory at: [ 1168.933139][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1168.933139][T22507] __msan_chain_origin+0x57/0xa0 [ 1168.933139][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1168.933139][T22507] get_compat_msghdr+0x108/0x2b0 [ 1168.933139][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1168.933139][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1168.933139][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1168.933139][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1168.933139][T22507] __do_fast_syscall_32+0x129/0x180 [ 1168.933139][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1168.933139][T22507] do_SYSENTER_32+0x73/0x90 [ 1168.933139][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1168.933139][T22507] [ 1168.933139][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1168.933139][T22507] do_recvmmsg+0xc2/0x22e0 [ 1168.933139][T22507] do_recvmmsg+0xc2/0x22e0 [ 1169.910999][T22507] not chained 960000 origins [ 1169.913142][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1169.913142][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1169.913142][T22507] Call Trace: [ 1169.913142][T22507] dump_stack+0x21c/0x280 [ 1169.913142][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1169.913142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1169.913142][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1169.913142][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1169.913142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1169.913142][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1169.913142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1169.913142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1169.913142][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1169.913142][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1169.913142][T22507] ? _copy_from_user+0x201/0x310 [ 1169.913142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1169.913142][T22507] __msan_chain_origin+0x57/0xa0 [ 1169.913142][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1169.913142][T22507] get_compat_msghdr+0x108/0x2b0 [ 1169.913142][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1169.913142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1169.913142][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1169.913142][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1169.913142][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1169.913142][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1169.913142][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1169.913142][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1169.913142][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1169.913142][T22507] __do_fast_syscall_32+0x129/0x180 [ 1169.913142][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1169.913142][T22507] do_SYSENTER_32+0x73/0x90 [ 1169.913142][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1169.913142][T22507] RIP: 0023:0xf7f56549 [ 1169.913142][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1169.913142][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1169.913142][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1169.913142][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1169.913142][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1169.913142][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1169.913142][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1169.913142][T22507] Uninit was stored to memory at: [ 1169.913142][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1169.913142][T22507] __msan_chain_origin+0x57/0xa0 [ 1169.913142][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1169.913142][T22507] get_compat_msghdr+0x108/0x2b0 [ 1169.913142][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1169.913142][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1169.913142][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1169.913142][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1169.913142][T22507] __do_fast_syscall_32+0x129/0x180 [ 1169.913142][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1169.913142][T22507] do_SYSENTER_32+0x73/0x90 [ 1169.913142][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1169.913142][T22507] [ 1169.913142][T22507] Uninit was stored to memory at: [ 1169.913142][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1169.913142][T22507] __msan_chain_origin+0x57/0xa0 [ 1169.913142][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1169.913142][T22507] get_compat_msghdr+0x108/0x2b0 [ 1169.913142][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1169.913142][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1169.913142][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1169.913142][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1169.913142][T22507] __do_fast_syscall_32+0x129/0x180 [ 1169.913142][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1169.913142][T22507] do_SYSENTER_32+0x73/0x90 [ 1169.913142][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1169.913142][T22507] [ 1169.913142][T22507] Uninit was stored to memory at: [ 1169.913142][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1169.913142][T22507] __msan_chain_origin+0x57/0xa0 [ 1169.913142][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1169.913142][T22507] get_compat_msghdr+0x108/0x2b0 [ 1169.913142][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1169.913142][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1169.913142][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1169.913142][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1169.913142][T22507] __do_fast_syscall_32+0x129/0x180 [ 1169.913142][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1169.913142][T22507] do_SYSENTER_32+0x73/0x90 [ 1169.913142][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1169.913142][T22507] [ 1169.913142][T22507] Uninit was stored to memory at: [ 1169.913142][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1169.913142][T22507] __msan_chain_origin+0x57/0xa0 [ 1169.913142][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1169.913142][T22507] get_compat_msghdr+0x108/0x2b0 [ 1169.913142][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1169.913142][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1169.913142][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1169.913142][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1169.913142][T22507] __do_fast_syscall_32+0x129/0x180 [ 1169.913142][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1169.913142][T22507] do_SYSENTER_32+0x73/0x90 [ 1169.913142][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1169.913142][T22507] [ 1169.913142][T22507] Uninit was stored to memory at: [ 1169.913142][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1169.913142][T22507] __msan_chain_origin+0x57/0xa0 [ 1169.913142][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1169.913142][T22507] get_compat_msghdr+0x108/0x2b0 [ 1169.913142][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1169.913142][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1169.913142][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1169.913142][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1169.913142][T22507] __do_fast_syscall_32+0x129/0x180 [ 1169.913142][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1169.913142][T22507] do_SYSENTER_32+0x73/0x90 [ 1169.913142][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1169.913142][T22507] [ 1169.913142][T22507] Uninit was stored to memory at: [ 1169.913142][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1169.913142][T22507] __msan_chain_origin+0x57/0xa0 [ 1169.913142][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1169.913142][T22507] get_compat_msghdr+0x108/0x2b0 [ 1169.913142][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1169.913142][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1169.913142][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1169.913142][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1169.913142][T22507] __do_fast_syscall_32+0x129/0x180 [ 1169.913142][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1169.913142][T22507] do_SYSENTER_32+0x73/0x90 [ 1169.913142][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1169.913142][T22507] [ 1169.913142][T22507] Uninit was stored to memory at: [ 1169.913142][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1169.913142][T22507] __msan_chain_origin+0x57/0xa0 [ 1169.913142][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1169.913142][T22507] get_compat_msghdr+0x108/0x2b0 [ 1169.913142][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1169.913142][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1169.913142][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1169.913142][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1169.913142][T22507] __do_fast_syscall_32+0x129/0x180 [ 1169.913142][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1169.913142][T22507] do_SYSENTER_32+0x73/0x90 [ 1169.913142][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1169.913142][T22507] [ 1169.913142][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1169.913142][T22507] do_recvmmsg+0xc2/0x22e0 [ 1169.913142][T22507] do_recvmmsg+0xc2/0x22e0 [ 1170.870416][T22507] not chained 970000 origins [ 1170.873146][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1170.873146][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1170.873146][T22507] Call Trace: [ 1170.873146][T22507] dump_stack+0x21c/0x280 [ 1170.873146][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1170.873146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1170.873146][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1170.873146][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1170.873146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1170.873146][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1170.873146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1170.873146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1170.873146][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1170.873146][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1170.873146][T22507] ? _copy_from_user+0x201/0x310 [ 1170.873146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1170.873146][T22507] __msan_chain_origin+0x57/0xa0 [ 1170.873146][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1170.873146][T22507] get_compat_msghdr+0x108/0x2b0 [ 1170.873146][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1170.873146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1170.873146][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1170.873146][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1170.873146][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1170.873146][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1170.873146][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1170.873146][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1170.873146][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1170.873146][T22507] __do_fast_syscall_32+0x129/0x180 [ 1170.873146][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1170.873146][T22507] do_SYSENTER_32+0x73/0x90 [ 1170.873146][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1170.873146][T22507] RIP: 0023:0xf7f56549 [ 1170.873146][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1170.873146][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1170.873146][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1170.873146][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1170.873146][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1170.873146][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1170.873146][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1170.873146][T22507] Uninit was stored to memory at: [ 1170.873146][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1170.873146][T22507] __msan_chain_origin+0x57/0xa0 [ 1170.873146][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1170.873146][T22507] get_compat_msghdr+0x108/0x2b0 [ 1170.873146][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1170.873146][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1170.873146][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1170.873146][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1170.873146][T22507] __do_fast_syscall_32+0x129/0x180 [ 1170.873146][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1170.873146][T22507] do_SYSENTER_32+0x73/0x90 [ 1170.873146][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1170.873146][T22507] [ 1170.873146][T22507] Uninit was stored to memory at: [ 1170.873146][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1170.873146][T22507] __msan_chain_origin+0x57/0xa0 [ 1170.873146][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1170.873146][T22507] get_compat_msghdr+0x108/0x2b0 [ 1170.873146][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1170.873146][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1170.873146][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1170.873146][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1170.873146][T22507] __do_fast_syscall_32+0x129/0x180 [ 1170.873146][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1170.873146][T22507] do_SYSENTER_32+0x73/0x90 [ 1170.873146][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1170.873146][T22507] [ 1170.873146][T22507] Uninit was stored to memory at: [ 1170.873146][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1170.873146][T22507] __msan_chain_origin+0x57/0xa0 [ 1170.873146][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1170.873146][T22507] get_compat_msghdr+0x108/0x2b0 [ 1171.289056][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1171.289056][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1171.289056][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.289056][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.289056][T22507] __do_fast_syscall_32+0x129/0x180 [ 1171.289056][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1171.289056][T22507] do_SYSENTER_32+0x73/0x90 [ 1171.289056][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.289056][T22507] [ 1171.289056][T22507] Uninit was stored to memory at: [ 1171.289056][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1171.289056][T22507] __msan_chain_origin+0x57/0xa0 [ 1171.289056][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1171.289056][T22507] get_compat_msghdr+0x108/0x2b0 [ 1171.289056][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1171.289056][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1171.289056][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.289056][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.289056][T22507] __do_fast_syscall_32+0x129/0x180 [ 1171.289056][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1171.289056][T22507] do_SYSENTER_32+0x73/0x90 [ 1171.289056][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.289056][T22507] [ 1171.289056][T22507] Uninit was stored to memory at: [ 1171.289056][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1171.289056][T22507] __msan_chain_origin+0x57/0xa0 [ 1171.289056][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1171.289056][T22507] get_compat_msghdr+0x108/0x2b0 [ 1171.289056][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1171.289056][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1171.289056][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.289056][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.289056][T22507] __do_fast_syscall_32+0x129/0x180 [ 1171.289056][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1171.289056][T22507] do_SYSENTER_32+0x73/0x90 [ 1171.289056][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.289056][T22507] [ 1171.289056][T22507] Uninit was stored to memory at: [ 1171.289056][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1171.289056][T22507] __msan_chain_origin+0x57/0xa0 [ 1171.289056][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1171.289056][T22507] get_compat_msghdr+0x108/0x2b0 [ 1171.289056][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1171.289056][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1171.289056][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.289056][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.289056][T22507] __do_fast_syscall_32+0x129/0x180 [ 1171.289056][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1171.289056][T22507] do_SYSENTER_32+0x73/0x90 [ 1171.289056][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.289056][T22507] [ 1171.289056][T22507] Uninit was stored to memory at: [ 1171.289056][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1171.289056][T22507] __msan_chain_origin+0x57/0xa0 [ 1171.289056][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1171.289056][T22507] get_compat_msghdr+0x108/0x2b0 [ 1171.289056][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1171.289056][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1171.289056][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.289056][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.289056][T22507] __do_fast_syscall_32+0x129/0x180 [ 1171.289056][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1171.289056][T22507] do_SYSENTER_32+0x73/0x90 [ 1171.289056][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.289056][T22507] [ 1171.289056][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1171.289056][T22507] do_recvmmsg+0xc2/0x22e0 [ 1171.289056][T22507] do_recvmmsg+0xc2/0x22e0 [ 1171.841867][T22507] not chained 980000 origins [ 1171.843139][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1171.843139][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1171.863226][T22507] Call Trace: [ 1171.863226][T22507] dump_stack+0x21c/0x280 [ 1171.863226][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1171.863226][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1171.863226][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1171.863226][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1171.863226][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1171.863226][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1171.903286][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1171.903286][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1171.903286][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1171.903286][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1171.903286][T22507] ? _copy_from_user+0x201/0x310 [ 1171.933256][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1171.933256][T22507] __msan_chain_origin+0x57/0xa0 [ 1171.933256][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1171.933256][T22507] get_compat_msghdr+0x108/0x2b0 [ 1171.933256][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1171.933256][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1171.933256][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1171.963570][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1171.973484][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1171.973484][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1171.973484][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1171.973484][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.973484][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.973484][T22507] __do_fast_syscall_32+0x129/0x180 [ 1171.973484][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1171.973484][T22507] do_SYSENTER_32+0x73/0x90 [ 1171.973484][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.973484][T22507] RIP: 0023:0xf7f56549 [ 1171.973484][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1171.973484][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1171.973484][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1171.973484][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1171.973484][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1171.973484][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1171.973484][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1171.973484][T22507] Uninit was stored to memory at: [ 1171.973484][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1171.973484][T22507] __msan_chain_origin+0x57/0xa0 [ 1171.973484][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1171.973484][T22507] get_compat_msghdr+0x108/0x2b0 [ 1171.973484][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1171.973484][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1171.973484][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.973484][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.973484][T22507] __do_fast_syscall_32+0x129/0x180 [ 1171.973484][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1171.973484][T22507] do_SYSENTER_32+0x73/0x90 [ 1171.973484][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.973484][T22507] [ 1171.973484][T22507] Uninit was stored to memory at: [ 1171.973484][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1171.973484][T22507] __msan_chain_origin+0x57/0xa0 [ 1171.973484][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1171.973484][T22507] get_compat_msghdr+0x108/0x2b0 [ 1171.973484][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1171.973484][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1171.973484][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.973484][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.973484][T22507] __do_fast_syscall_32+0x129/0x180 [ 1171.973484][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1171.973484][T22507] do_SYSENTER_32+0x73/0x90 [ 1171.973484][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.973484][T22507] [ 1171.973484][T22507] Uninit was stored to memory at: [ 1171.973484][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1171.973484][T22507] __msan_chain_origin+0x57/0xa0 [ 1171.973484][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1171.973484][T22507] get_compat_msghdr+0x108/0x2b0 [ 1171.973484][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1172.263552][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1172.263552][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.273391][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.273391][T22507] __do_fast_syscall_32+0x129/0x180 [ 1172.283280][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1172.283280][T22507] do_SYSENTER_32+0x73/0x90 [ 1172.293577][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.293577][T22507] [ 1172.303301][T22507] Uninit was stored to memory at: [ 1172.303301][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1172.313406][T22507] __msan_chain_origin+0x57/0xa0 [ 1172.313406][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1172.323441][T22507] get_compat_msghdr+0x108/0x2b0 [ 1172.323441][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1172.333608][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1172.333608][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.345201][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.345201][T22507] __do_fast_syscall_32+0x129/0x180 [ 1172.353509][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1172.353509][T22507] do_SYSENTER_32+0x73/0x90 [ 1172.363421][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.363421][T22507] [ 1172.373409][T22507] Uninit was stored to memory at: [ 1172.373409][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1172.383430][T22507] __msan_chain_origin+0x57/0xa0 [ 1172.383430][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1172.393421][T22507] get_compat_msghdr+0x108/0x2b0 [ 1172.393421][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1172.403276][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1172.403276][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.414091][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.414091][T22507] __do_fast_syscall_32+0x129/0x180 [ 1172.423267][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1172.423267][T22507] do_SYSENTER_32+0x73/0x90 [ 1172.433414][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.433414][T22507] [ 1172.443468][T22507] Uninit was stored to memory at: [ 1172.443468][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1172.455243][T22507] __msan_chain_origin+0x57/0xa0 [ 1172.455243][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1172.463259][T22507] get_compat_msghdr+0x108/0x2b0 [ 1172.463259][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1172.473510][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1172.473510][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.483270][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.483270][T22507] __do_fast_syscall_32+0x129/0x180 [ 1172.493431][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1172.493431][T22507] do_SYSENTER_32+0x73/0x90 [ 1172.503432][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.513242][T22507] [ 1172.516091][T22507] Uninit was stored to memory at: [ 1172.516091][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1172.523287][T22507] __msan_chain_origin+0x57/0xa0 [ 1172.523287][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1172.533525][T22507] get_compat_msghdr+0x108/0x2b0 [ 1172.533525][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1172.543272][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1172.543272][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.553674][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.553674][T22507] __do_fast_syscall_32+0x129/0x180 [ 1172.565254][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1172.573348][T22507] do_SYSENTER_32+0x73/0x90 [ 1172.573546][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.583334][T22507] [ 1172.583334][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1172.592014][T22507] do_recvmmsg+0xc2/0x22e0 [ 1172.593506][T22507] do_recvmmsg+0xc2/0x22e0 [ 1172.872579][T22507] not chained 990000 origins [ 1172.873227][T22507] CPU: 1 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1172.873227][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1172.873227][T22507] Call Trace: [ 1172.873227][T22507] dump_stack+0x21c/0x280 [ 1172.903285][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1172.903285][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1172.903285][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1172.903285][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1172.903285][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1172.903285][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1172.903285][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1172.903285][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1172.903285][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1172.903285][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1172.903285][T22507] ? _copy_from_user+0x201/0x310 [ 1172.963348][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1172.963348][T22507] __msan_chain_origin+0x57/0xa0 [ 1172.963348][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1172.963348][T22507] get_compat_msghdr+0x108/0x2b0 [ 1172.963348][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1172.963348][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1172.963348][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1172.963348][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1172.963348][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1172.963348][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1172.963348][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1172.963348][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.963348][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.027011][T22507] __do_fast_syscall_32+0x129/0x180 [ 1173.033304][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1173.033304][T22507] do_SYSENTER_32+0x73/0x90 [ 1173.033304][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.033304][T22507] RIP: 0023:0xf7f56549 [ 1173.033304][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1173.033304][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1173.084481][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1173.084481][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1173.094921][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1173.104976][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1173.116850][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1173.124868][T22507] Uninit was stored to memory at: [ 1173.130595][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1173.134895][T22507] __msan_chain_origin+0x57/0xa0 [ 1173.134895][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1173.143487][T22507] get_compat_msghdr+0x108/0x2b0 [ 1173.150763][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1173.155021][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1173.155021][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.164830][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.164830][T22507] __do_fast_syscall_32+0x129/0x180 [ 1173.174989][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1173.174989][T22507] do_SYSENTER_32+0x73/0x90 [ 1173.185026][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.193358][T22507] [ 1173.194916][T22507] Uninit was stored to memory at: [ 1173.194916][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1173.204911][T22507] __msan_chain_origin+0x57/0xa0 [ 1173.204911][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1173.215089][T22507] get_compat_msghdr+0x108/0x2b0 [ 1173.215089][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1173.223375][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1173.223375][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.236557][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.236557][T22507] __do_fast_syscall_32+0x129/0x180 [ 1173.243469][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1173.243469][T22507] do_SYSENTER_32+0x73/0x90 [ 1173.256489][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.263347][T22507] [ 1173.263347][T22507] Uninit was stored to memory at: [ 1173.263347][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1173.276404][T22507] __msan_chain_origin+0x57/0xa0 [ 1173.276404][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1173.283280][T22507] get_compat_msghdr+0x108/0x2b0 [ 1173.283280][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1173.296270][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1173.296270][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.303450][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.313355][T22507] __do_fast_syscall_32+0x129/0x180 [ 1173.316292][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1173.323474][T22507] do_SYSENTER_32+0x73/0x90 [ 1173.323474][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.323474][T22507] [ 1173.334472][T22507] Uninit was stored to memory at: [ 1173.340380][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1173.343260][T22507] __msan_chain_origin+0x57/0xa0 [ 1173.343260][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1173.356246][T22507] get_compat_msghdr+0x108/0x2b0 [ 1173.356246][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1173.363442][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1173.363442][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.376228][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.383278][T22507] __do_fast_syscall_32+0x129/0x180 [ 1173.383278][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1173.393389][T22507] do_SYSENTER_32+0x73/0x90 [ 1173.396356][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.403276][T22507] [ 1173.403276][T22507] Uninit was stored to memory at: [ 1173.403276][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1173.416373][T22507] __msan_chain_origin+0x57/0xa0 [ 1173.416373][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1173.423457][T22507] get_compat_msghdr+0x108/0x2b0 [ 1173.423457][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1173.433448][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1173.439423][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.445251][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.453393][T22507] __do_fast_syscall_32+0x129/0x180 [ 1173.456377][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1173.463276][T22507] do_SYSENTER_32+0x73/0x90 [ 1173.463276][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.473414][T22507] [ 1173.476558][T22507] Uninit was stored to memory at: [ 1173.476558][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1173.483442][T22507] __msan_chain_origin+0x57/0xa0 [ 1173.483442][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1173.496260][T22507] get_compat_msghdr+0x108/0x2b0 [ 1173.503270][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1173.503270][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1173.503270][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.516339][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.523267][T22507] __do_fast_syscall_32+0x129/0x180 [ 1173.523267][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1173.533336][T22507] do_SYSENTER_32+0x73/0x90 [ 1173.536266][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.543460][T22507] [ 1173.543460][T22507] Uninit was stored to memory at: [ 1173.543460][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1173.558063][T22507] __msan_chain_origin+0x57/0xa0 [ 1173.563260][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1173.563260][T22507] get_compat_msghdr+0x108/0x2b0 [ 1173.563260][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1173.576331][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1173.576331][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.583275][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.593334][T22507] __do_fast_syscall_32+0x129/0x180 [ 1173.596224][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1173.603427][T22507] do_SYSENTER_32+0x73/0x90 [ 1173.603427][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.613336][T22507] [ 1173.616270][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1173.623425][T22507] do_recvmmsg+0xc2/0x22e0 [ 1173.623425][T22507] do_recvmmsg+0xc2/0x22e0 [ 1173.879017][T22507] not chained 1000000 origins [ 1173.883161][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1173.883161][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1173.883161][T22507] Call Trace: [ 1173.883161][T22507] dump_stack+0x21c/0x280 [ 1173.883161][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1173.883161][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1173.883161][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1173.883161][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1173.883161][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1173.883161][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1173.883161][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1173.948206][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1173.948206][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1173.948206][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1173.948206][T22507] ? _copy_from_user+0x201/0x310 [ 1173.948206][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1173.948206][T22507] __msan_chain_origin+0x57/0xa0 [ 1173.948206][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1173.948206][T22507] get_compat_msghdr+0x108/0x2b0 [ 1173.948206][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1173.948206][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1173.948206][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1173.948206][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1173.948206][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1173.948206][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1173.948206][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1173.948206][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.948206][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.948206][T22507] __do_fast_syscall_32+0x129/0x180 [ 1173.948206][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1173.948206][T22507] do_SYSENTER_32+0x73/0x90 [ 1173.948206][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.948206][T22507] RIP: 0023:0xf7f56549 [ 1173.948206][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1174.083701][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1174.083701][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1174.093232][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1174.093232][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1174.093232][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1174.093232][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1174.093232][T22507] Uninit was stored to memory at: [ 1174.093232][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1174.093232][T22507] __msan_chain_origin+0x57/0xa0 [ 1174.093232][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1174.093232][T22507] get_compat_msghdr+0x108/0x2b0 [ 1174.093232][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1174.093232][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1174.093232][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.093232][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.093232][T22507] __do_fast_syscall_32+0x129/0x180 [ 1174.093232][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1174.093232][T22507] do_SYSENTER_32+0x73/0x90 [ 1174.093232][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.093232][T22507] [ 1174.093232][T22507] Uninit was stored to memory at: [ 1174.093232][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1174.093232][T22507] __msan_chain_origin+0x57/0xa0 [ 1174.093232][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1174.093232][T22507] get_compat_msghdr+0x108/0x2b0 [ 1174.093232][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1174.093232][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1174.093232][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.093232][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.093232][T22507] __do_fast_syscall_32+0x129/0x180 [ 1174.093232][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1174.093232][T22507] do_SYSENTER_32+0x73/0x90 [ 1174.093232][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.093232][T22507] [ 1174.093232][T22507] Uninit was stored to memory at: [ 1174.093232][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1174.093232][T22507] __msan_chain_origin+0x57/0xa0 [ 1174.093232][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1174.093232][T22507] get_compat_msghdr+0x108/0x2b0 [ 1174.093232][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1174.093232][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1174.093232][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.093232][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.093232][T22507] __do_fast_syscall_32+0x129/0x180 [ 1174.093232][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1174.093232][T22507] do_SYSENTER_32+0x73/0x90 [ 1174.093232][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.093232][T22507] [ 1174.093232][T22507] Uninit was stored to memory at: [ 1174.093232][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1174.093232][T22507] __msan_chain_origin+0x57/0xa0 [ 1174.093232][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1174.093232][T22507] get_compat_msghdr+0x108/0x2b0 [ 1174.093232][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1174.093232][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1174.093232][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.093232][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.093232][T22507] __do_fast_syscall_32+0x129/0x180 [ 1174.093232][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1174.093232][T22507] do_SYSENTER_32+0x73/0x90 [ 1174.093232][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.093232][T22507] [ 1174.093232][T22507] Uninit was stored to memory at: [ 1174.093232][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1174.093232][T22507] __msan_chain_origin+0x57/0xa0 [ 1174.093232][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1174.093232][T22507] get_compat_msghdr+0x108/0x2b0 [ 1174.093232][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1174.093232][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1174.093232][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.093232][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.093232][T22507] __do_fast_syscall_32+0x129/0x180 [ 1174.093232][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1174.093232][T22507] do_SYSENTER_32+0x73/0x90 [ 1174.093232][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.093232][T22507] [ 1174.093232][T22507] Uninit was stored to memory at: [ 1174.093232][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1174.093232][T22507] __msan_chain_origin+0x57/0xa0 [ 1174.093232][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1174.093232][T22507] get_compat_msghdr+0x108/0x2b0 [ 1174.093232][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1174.093232][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1174.093232][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.093232][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.093232][T22507] __do_fast_syscall_32+0x129/0x180 [ 1174.093232][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1174.093232][T22507] do_SYSENTER_32+0x73/0x90 [ 1174.093232][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.093232][T22507] [ 1174.093232][T22507] Uninit was stored to memory at: [ 1174.093232][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1174.093232][T22507] __msan_chain_origin+0x57/0xa0 [ 1174.093232][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1174.093232][T22507] get_compat_msghdr+0x108/0x2b0 [ 1174.093232][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1174.093232][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1174.093232][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.093232][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.093232][T22507] __do_fast_syscall_32+0x129/0x180 [ 1174.093232][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1174.093232][T22507] do_SYSENTER_32+0x73/0x90 [ 1174.093232][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.093232][T22507] [ 1174.093232][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1174.625195][T22507] do_recvmmsg+0xc2/0x22e0 [ 1174.631660][T22507] do_recvmmsg+0xc2/0x22e0 [ 1174.866072][T22507] not chained 1010000 origins [ 1174.870774][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1174.873158][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1174.873158][T22507] Call Trace: [ 1174.873158][T22507] dump_stack+0x21c/0x280 [ 1174.873158][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1174.873158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1174.873158][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1174.873158][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1174.873158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1174.873158][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1174.873158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1174.873158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1174.873158][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1174.873158][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1174.873158][T22507] ? _copy_from_user+0x201/0x310 [ 1174.873158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1174.873158][T22507] __msan_chain_origin+0x57/0xa0 [ 1174.873158][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1174.873158][T22507] get_compat_msghdr+0x108/0x2b0 [ 1174.873158][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1174.873158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1174.873158][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1174.873158][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1174.873158][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1174.873158][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1174.873158][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1174.873158][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.873158][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.873158][T22507] __do_fast_syscall_32+0x129/0x180 [ 1174.873158][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1174.873158][T22507] do_SYSENTER_32+0x73/0x90 [ 1174.873158][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.046144][T22507] RIP: 0023:0xf7f56549 [ 1175.046144][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1175.053234][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1175.053234][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1175.053234][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1175.053234][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1175.053234][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1175.053234][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1175.053234][T22507] Uninit was stored to memory at: [ 1175.053234][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1175.053234][T22507] __msan_chain_origin+0x57/0xa0 [ 1175.053234][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1175.053234][T22507] get_compat_msghdr+0x108/0x2b0 [ 1175.053234][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1175.053234][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1175.053234][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.053234][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.053234][T22507] __do_fast_syscall_32+0x129/0x180 [ 1175.053234][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1175.053234][T22507] do_SYSENTER_32+0x73/0x90 [ 1175.053234][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.053234][T22507] [ 1175.053234][T22507] Uninit was stored to memory at: [ 1175.053234][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1175.053234][T22507] __msan_chain_origin+0x57/0xa0 [ 1175.053234][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1175.053234][T22507] get_compat_msghdr+0x108/0x2b0 [ 1175.053234][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1175.053234][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1175.053234][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.053234][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.053234][T22507] __do_fast_syscall_32+0x129/0x180 [ 1175.053234][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1175.053234][T22507] do_SYSENTER_32+0x73/0x90 [ 1175.053234][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.053234][T22507] [ 1175.053234][T22507] Uninit was stored to memory at: [ 1175.053234][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1175.053234][T22507] __msan_chain_origin+0x57/0xa0 [ 1175.053234][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1175.053234][T22507] get_compat_msghdr+0x108/0x2b0 [ 1175.053234][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1175.053234][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1175.053234][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.053234][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.053234][T22507] __do_fast_syscall_32+0x129/0x180 [ 1175.053234][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1175.053234][T22507] do_SYSENTER_32+0x73/0x90 [ 1175.053234][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.053234][T22507] [ 1175.053234][T22507] Uninit was stored to memory at: [ 1175.053234][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1175.053234][T22507] __msan_chain_origin+0x57/0xa0 [ 1175.053234][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1175.053234][T22507] get_compat_msghdr+0x108/0x2b0 [ 1175.053234][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1175.053234][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1175.053234][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.053234][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.053234][T22507] __do_fast_syscall_32+0x129/0x180 [ 1175.053234][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1175.053234][T22507] do_SYSENTER_32+0x73/0x90 [ 1175.053234][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.053234][T22507] [ 1175.053234][T22507] Uninit was stored to memory at: [ 1175.053234][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1175.053234][T22507] __msan_chain_origin+0x57/0xa0 [ 1175.053234][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1175.053234][T22507] get_compat_msghdr+0x108/0x2b0 [ 1175.053234][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1175.053234][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1175.053234][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.053234][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.053234][T22507] __do_fast_syscall_32+0x129/0x180 [ 1175.053234][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1175.053234][T22507] do_SYSENTER_32+0x73/0x90 [ 1175.053234][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.053234][T22507] [ 1175.053234][T22507] Uninit was stored to memory at: [ 1175.053234][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1175.053234][T22507] __msan_chain_origin+0x57/0xa0 [ 1175.053234][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1175.053234][T22507] get_compat_msghdr+0x108/0x2b0 [ 1175.053234][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1175.053234][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1175.053234][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.053234][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.053234][T22507] __do_fast_syscall_32+0x129/0x180 [ 1175.053234][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1175.053234][T22507] do_SYSENTER_32+0x73/0x90 [ 1175.053234][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.053234][T22507] [ 1175.053234][T22507] Uninit was stored to memory at: [ 1175.053234][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1175.053234][T22507] __msan_chain_origin+0x57/0xa0 [ 1175.053234][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1175.053234][T22507] get_compat_msghdr+0x108/0x2b0 [ 1175.053234][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1175.053234][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1175.053234][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.053234][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.053234][T22507] __do_fast_syscall_32+0x129/0x180 [ 1175.053234][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1175.053234][T22507] do_SYSENTER_32+0x73/0x90 [ 1175.053234][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.053234][T22507] [ 1175.053234][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1175.053234][T22507] do_recvmmsg+0xc2/0x22e0 [ 1175.053234][T22507] do_recvmmsg+0xc2/0x22e0 [ 1175.861743][T22507] not chained 1020000 origins [ 1175.863167][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1175.863167][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1175.863167][T22507] Call Trace: [ 1175.863167][T22507] dump_stack+0x21c/0x280 [ 1175.863167][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1175.893866][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1175.893866][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1175.893866][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1175.893866][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1175.893866][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1175.893866][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1175.893866][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1175.893866][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1175.893866][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1175.893866][T22507] ? _copy_from_user+0x201/0x310 [ 1175.893866][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1175.893866][T22507] __msan_chain_origin+0x57/0xa0 [ 1175.893866][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1175.893866][T22507] get_compat_msghdr+0x108/0x2b0 [ 1175.893866][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1175.893866][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1175.893866][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1175.893866][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1175.893866][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1175.893866][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1175.893866][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1175.893866][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.893866][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.893866][T22507] __do_fast_syscall_32+0x129/0x180 [ 1175.893866][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1175.893866][T22507] do_SYSENTER_32+0x73/0x90 [ 1175.893866][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.893866][T22507] RIP: 0023:0xf7f56549 [ 1175.893866][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1176.063865][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1176.063865][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1176.063865][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1176.063865][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1176.063865][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1176.063865][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1176.063865][T22507] Uninit was stored to memory at: [ 1176.063865][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1176.063865][T22507] __msan_chain_origin+0x57/0xa0 [ 1176.063865][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1176.063865][T22507] get_compat_msghdr+0x108/0x2b0 [ 1176.063865][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1176.063865][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1176.063865][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.063865][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.063865][T22507] __do_fast_syscall_32+0x129/0x180 [ 1176.063865][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1176.063865][T22507] do_SYSENTER_32+0x73/0x90 [ 1176.063865][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.063865][T22507] [ 1176.063865][T22507] Uninit was stored to memory at: [ 1176.063865][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1176.063865][T22507] __msan_chain_origin+0x57/0xa0 [ 1176.063865][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1176.063865][T22507] get_compat_msghdr+0x108/0x2b0 [ 1176.063865][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1176.063865][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1176.063865][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.063865][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.063865][T22507] __do_fast_syscall_32+0x129/0x180 [ 1176.063865][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1176.063865][T22507] do_SYSENTER_32+0x73/0x90 [ 1176.063865][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.063865][T22507] [ 1176.063865][T22507] Uninit was stored to memory at: [ 1176.063865][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1176.063865][T22507] __msan_chain_origin+0x57/0xa0 [ 1176.063865][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1176.063865][T22507] get_compat_msghdr+0x108/0x2b0 [ 1176.063865][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1176.063865][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1176.063865][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.063865][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.063865][T22507] __do_fast_syscall_32+0x129/0x180 [ 1176.063865][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1176.063865][T22507] do_SYSENTER_32+0x73/0x90 [ 1176.063865][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.063865][T22507] [ 1176.063865][T22507] Uninit was stored to memory at: [ 1176.063865][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1176.063865][T22507] __msan_chain_origin+0x57/0xa0 [ 1176.063865][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1176.063865][T22507] get_compat_msghdr+0x108/0x2b0 [ 1176.063865][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1176.063865][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1176.063865][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.063865][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.063865][T22507] __do_fast_syscall_32+0x129/0x180 [ 1176.063865][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1176.063865][T22507] do_SYSENTER_32+0x73/0x90 [ 1176.063865][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.063865][T22507] [ 1176.063865][T22507] Uninit was stored to memory at: [ 1176.063865][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1176.063865][T22507] __msan_chain_origin+0x57/0xa0 [ 1176.063865][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1176.063865][T22507] get_compat_msghdr+0x108/0x2b0 [ 1176.063865][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1176.063865][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1176.063865][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.063865][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.063865][T22507] __do_fast_syscall_32+0x129/0x180 [ 1176.063865][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1176.063865][T22507] do_SYSENTER_32+0x73/0x90 [ 1176.063865][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.063865][T22507] [ 1176.063865][T22507] Uninit was stored to memory at: [ 1176.063865][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1176.063865][T22507] __msan_chain_origin+0x57/0xa0 [ 1176.063865][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1176.063865][T22507] get_compat_msghdr+0x108/0x2b0 [ 1176.063865][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1176.063865][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1176.063865][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.063865][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.063865][T22507] __do_fast_syscall_32+0x129/0x180 [ 1176.063865][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1176.063865][T22507] do_SYSENTER_32+0x73/0x90 [ 1176.063865][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.063865][T22507] [ 1176.063865][T22507] Uninit was stored to memory at: [ 1176.063865][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1176.063865][T22507] __msan_chain_origin+0x57/0xa0 [ 1176.063865][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1176.063865][T22507] get_compat_msghdr+0x108/0x2b0 [ 1176.063865][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1176.063865][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1176.063865][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.063865][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.063865][T22507] __do_fast_syscall_32+0x129/0x180 [ 1176.591881][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1176.591881][T22507] do_SYSENTER_32+0x73/0x90 [ 1176.591881][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.591881][T22507] [ 1176.591881][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1176.591881][T22507] do_recvmmsg+0xc2/0x22e0 [ 1176.591881][T22507] do_recvmmsg+0xc2/0x22e0 [ 1176.835269][T22507] not chained 1030000 origins [ 1176.839980][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1176.843167][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1176.843167][T22507] Call Trace: [ 1176.843167][T22507] dump_stack+0x21c/0x280 [ 1176.843167][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1176.843167][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1176.843167][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1176.843167][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1176.843167][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1176.843167][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1176.843167][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1176.843167][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1176.843167][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1176.843167][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1176.843167][T22507] ? _copy_from_user+0x201/0x310 [ 1176.843167][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1176.843167][T22507] __msan_chain_origin+0x57/0xa0 [ 1176.843167][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1176.843167][T22507] get_compat_msghdr+0x108/0x2b0 [ 1176.843167][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1176.843167][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1176.843167][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1176.843167][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1176.843167][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1176.843167][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1176.843167][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1176.843167][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.843167][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.843167][T22507] __do_fast_syscall_32+0x129/0x180 [ 1176.843167][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1176.843167][T22507] do_SYSENTER_32+0x73/0x90 [ 1176.843167][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.843167][T22507] RIP: 0023:0xf7f56549 [ 1176.843167][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1176.843167][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1176.843167][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1176.843167][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1176.843167][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1176.843167][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1177.084218][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1177.093526][T22507] Uninit was stored to memory at: [ 1177.093526][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.093526][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.093526][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.093526][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.093526][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.124097][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.124097][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.124097][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.124097][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.124097][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.124097][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.124097][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.124097][T22507] [ 1177.124097][T22507] Uninit was stored to memory at: [ 1177.124097][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.124097][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.124097][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.124097][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.124097][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.124097][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.124097][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.124097][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.124097][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.124097][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.124097][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.226429][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.226429][T22507] [ 1177.226429][T22507] Uninit was stored to memory at: [ 1177.226429][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.226429][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.226429][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.226429][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.226429][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.226429][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.226429][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.226429][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.226429][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.226429][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.226429][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.226429][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.226429][T22507] [ 1177.226429][T22507] Uninit was stored to memory at: [ 1177.226429][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.226429][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.226429][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.328858][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.328858][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.328858][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.328858][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.328858][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.328858][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.328858][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.328858][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.328858][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.328858][T22507] [ 1177.328858][T22507] Uninit was stored to memory at: [ 1177.328858][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.328858][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.328858][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.328858][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.328858][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.328858][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.328858][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.328858][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.328858][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.431232][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.431232][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.431232][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.431232][T22507] [ 1177.431232][T22507] Uninit was stored to memory at: [ 1177.431232][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.431232][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.431232][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.431232][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.431232][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.431232][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.431232][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.431232][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.431232][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.431232][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.431232][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.431232][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.431232][T22507] [ 1177.431232][T22507] Uninit was stored to memory at: [ 1177.431232][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.431232][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.533702][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.533702][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.533702][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.533702][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.533702][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.533702][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.533702][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.533702][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.533702][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.533702][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.533702][T22507] [ 1177.533702][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1177.592016][T22507] do_recvmmsg+0xc2/0x22e0 [ 1177.592016][T22507] do_recvmmsg+0xc2/0x22e0 [ 1177.804166][T22507] not chained 1040000 origins [ 1177.808967][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1177.813182][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1177.813182][T22507] Call Trace: [ 1177.813182][T22507] dump_stack+0x21c/0x280 [ 1177.813182][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1177.813182][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1177.813182][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1177.813182][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1177.813182][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1177.813182][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1177.813182][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1177.813182][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1177.813182][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1177.813182][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1177.813182][T22507] ? _copy_from_user+0x201/0x310 [ 1177.813182][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1177.813182][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.813182][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.813182][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.813182][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.813182][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1177.813182][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1177.813182][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1177.813182][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.813182][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1177.813182][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1177.813182][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.813182][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.813182][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.813182][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.813182][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.813182][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.813182][T22507] RIP: 0023:0xf7f56549 [ 1177.813182][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1177.813182][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1177.813182][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1177.813182][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1177.813182][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1177.813182][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1177.813182][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1177.813182][T22507] Uninit was stored to memory at: [ 1177.813182][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.813182][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.813182][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.813182][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.813182][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.813182][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.813182][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.813182][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.813182][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.813182][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.813182][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.813182][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.813182][T22507] [ 1177.813182][T22507] Uninit was stored to memory at: [ 1177.813182][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.813182][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.813182][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.813182][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.813182][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.813182][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.813182][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.813182][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.813182][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.813182][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.813182][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.813182][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.813182][T22507] [ 1177.813182][T22507] Uninit was stored to memory at: [ 1177.813182][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.813182][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.813182][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.813182][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.813182][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.813182][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.813182][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.813182][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.813182][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.813182][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.813182][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.813182][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.813182][T22507] [ 1177.813182][T22507] Uninit was stored to memory at: [ 1177.813182][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.813182][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.813182][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.813182][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.813182][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.813182][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.813182][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.813182][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.813182][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.813182][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.813182][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.813182][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.813182][T22507] [ 1177.813182][T22507] Uninit was stored to memory at: [ 1177.813182][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.813182][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.813182][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.813182][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.813182][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.813182][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.813182][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.813182][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.813182][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.813182][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.813182][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.813182][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.813182][T22507] [ 1177.813182][T22507] Uninit was stored to memory at: [ 1177.813182][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.813182][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.813182][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.813182][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.813182][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.813182][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.813182][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.813182][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.813182][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.813182][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.813182][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.813182][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.813182][T22507] [ 1177.813182][T22507] Uninit was stored to memory at: [ 1177.813182][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1177.813182][T22507] __msan_chain_origin+0x57/0xa0 [ 1177.813182][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1177.813182][T22507] get_compat_msghdr+0x108/0x2b0 [ 1177.813182][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1177.813182][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1177.813182][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.813182][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.813182][T22507] __do_fast_syscall_32+0x129/0x180 [ 1177.813182][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1177.813182][T22507] do_SYSENTER_32+0x73/0x90 [ 1177.813182][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.813182][T22507] [ 1177.813182][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1177.813182][T22507] do_recvmmsg+0xc2/0x22e0 [ 1177.813182][T22507] do_recvmmsg+0xc2/0x22e0 [ 1178.787660][T22507] not chained 1050000 origins [ 1178.792370][T22507] CPU: 0 PID: 22507 Comm: syz-executor.5 Not tainted 5.9.0-rc8-syzkaller #0 [ 1178.793216][T22507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1178.793216][T22507] Call Trace: [ 1178.793216][T22507] dump_stack+0x21c/0x280 [ 1178.793216][T22507] kmsan_internal_chain_origin+0x6f/0x130 [ 1178.793216][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1178.793216][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1178.793216][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1178.793216][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1178.793216][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1178.793216][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1178.793216][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1178.793216][T22507] ? kmsan_internal_set_origin+0x85/0xc0 [ 1178.793216][T22507] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 1178.793216][T22507] ? _copy_from_user+0x201/0x310 [ 1178.793216][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1178.793216][T22507] __msan_chain_origin+0x57/0xa0 [ 1178.793216][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1178.793216][T22507] get_compat_msghdr+0x108/0x2b0 [ 1178.793216][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1178.793216][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1178.793216][T22507] ? __msan_poison_alloca+0xe9/0x110 [ 1178.793216][T22507] ? __sys_recvmmsg+0xb5/0x5f0 [ 1178.793216][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1178.793216][T22507] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1178.793216][T22507] ? kmsan_get_metadata+0x116/0x180 [ 1178.793216][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.793216][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.793216][T22507] __do_fast_syscall_32+0x129/0x180 [ 1178.793216][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1178.793216][T22507] do_SYSENTER_32+0x73/0x90 [ 1178.793216][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.793216][T22507] RIP: 0023:0xf7f56549 [ 1178.793216][T22507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1178.793216][T22507] RSP: 002b:00000000f55500cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1178.793216][T22507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004b40 [ 1178.793216][T22507] RDX: 0000000020004582 RSI: 0000000000000002 RDI: 0000000000000000 [ 1178.793216][T22507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1178.793216][T22507] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1178.793216][T22507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1178.793216][T22507] Uninit was stored to memory at: [ 1178.793216][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1178.793216][T22507] __msan_chain_origin+0x57/0xa0 [ 1178.793216][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1178.793216][T22507] get_compat_msghdr+0x108/0x2b0 [ 1178.793216][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1178.793216][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1178.793216][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.793216][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.793216][T22507] __do_fast_syscall_32+0x129/0x180 [ 1178.793216][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1178.793216][T22507] do_SYSENTER_32+0x73/0x90 [ 1178.793216][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.793216][T22507] [ 1178.793216][T22507] Uninit was stored to memory at: [ 1178.793216][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1178.793216][T22507] __msan_chain_origin+0x57/0xa0 [ 1178.793216][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1178.793216][T22507] get_compat_msghdr+0x108/0x2b0 [ 1178.793216][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1178.793216][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1178.793216][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.793216][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.793216][T22507] __do_fast_syscall_32+0x129/0x180 [ 1178.793216][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1178.793216][T22507] do_SYSENTER_32+0x73/0x90 [ 1178.793216][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.793216][T22507] [ 1178.793216][T22507] Uninit was stored to memory at: [ 1178.793216][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1178.793216][T22507] __msan_chain_origin+0x57/0xa0 [ 1178.793216][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1178.793216][T22507] get_compat_msghdr+0x108/0x2b0 [ 1178.793216][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1178.793216][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1178.793216][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.793216][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.225873][T22507] __do_fast_syscall_32+0x129/0x180 [ 1179.233262][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1179.233262][T22507] do_SYSENTER_32+0x73/0x90 [ 1179.233262][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.233262][T22507] [ 1179.233262][T22507] Uninit was stored to memory at: [ 1179.233262][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1179.233262][T22507] __msan_chain_origin+0x57/0xa0 [ 1179.233262][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1179.233262][T22507] get_compat_msghdr+0x108/0x2b0 [ 1179.233262][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1179.233262][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1179.233262][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.233262][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.233262][T22507] __do_fast_syscall_32+0x129/0x180 [ 1179.233262][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1179.233262][T22507] do_SYSENTER_32+0x73/0x90 [ 1179.233262][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.233262][T22507] [ 1179.233262][T22507] Uninit was stored to memory at: [ 1179.233262][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1179.233262][T22507] __msan_chain_origin+0x57/0xa0 [ 1179.233262][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1179.233262][T22507] get_compat_msghdr+0x108/0x2b0 [ 1179.233262][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1179.233262][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1179.233262][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.233262][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.233262][T22507] __do_fast_syscall_32+0x129/0x180 [ 1179.233262][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1179.233262][T22507] do_SYSENTER_32+0x73/0x90 [ 1179.233262][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.233262][T22507] [ 1179.233262][T22507] Uninit was stored to memory at: [ 1179.233262][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1179.233262][T22507] __msan_chain_origin+0x57/0xa0 [ 1179.233262][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1179.233262][T22507] get_compat_msghdr+0x108/0x2b0 [ 1179.233262][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1179.233262][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1179.233262][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.233262][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.233262][T22507] __do_fast_syscall_32+0x129/0x180 [ 1179.233262][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1179.233262][T22507] do_SYSENTER_32+0x73/0x90 [ 1179.233262][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.233262][T22507] [ 1179.233262][T22507] Uninit was stored to memory at: [ 1179.233262][T22507] kmsan_internal_chain_origin+0xad/0x130 [ 1179.233262][T22507] __msan_chain_origin+0x57/0xa0 [ 1179.233262][T22507] __get_compat_msghdr+0x6db/0x9d0 [ 1179.233262][T22507] get_compat_msghdr+0x108/0x2b0 [ 1179.233262][T22507] do_recvmmsg+0xdc7/0x22e0 [ 1179.233262][T22507] __sys_recvmmsg+0x340/0x5f0 [ 1179.233262][T22507] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.233262][T22507] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.233262][T22507] __do_fast_syscall_32+0x129/0x180 [ 1179.233262][T22507] do_fast_syscall_32+0x6a/0xc0 [ 1179.233262][T22507] do_SYSENTER_32+0x73/0x90 [ 1179.233262][T22507] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.233262][T22507] [ 1179.233262][T22507] Local variable ----msg_sys@do_recvmmsg created at: [ 1179.233262][T22507] do_recvmmsg+0xc2/0x22e0 [ 1179.233262][T22507] do_recvmmsg+0xc2/0x22e0 22:17:24 executing program 5: 22:17:24 executing program 3: 22:17:24 executing program 1: r0 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 22:17:24 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) getsockopt$sock_linger(r1, 0x1, 0xd, 0x0, 0x0) 22:17:24 executing program 4: 22:17:24 executing program 0: 22:17:24 executing program 4: 22:17:25 executing program 3: 22:17:25 executing program 0: 22:17:25 executing program 1: r0 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 22:17:25 executing program 5: 22:17:25 executing program 4: [ 1180.742337][T22555] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:26 executing program 3: 22:17:26 executing program 0: 22:17:26 executing program 1: r0 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 22:17:26 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) getsockopt$sock_linger(r1, 0x1, 0xd, 0x0, 0x0) 22:17:26 executing program 5: 22:17:26 executing program 4: 22:17:26 executing program 5: 22:17:26 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0xfffffffffffffefc) 22:17:26 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) 22:17:26 executing program 0: 22:17:27 executing program 4: 22:17:27 executing program 5: 22:17:27 executing program 3: 22:17:27 executing program 0: 22:17:27 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) [ 1182.471100][T22577] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:28 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) getsockopt$sock_linger(r1, 0x1, 0xd, 0x0, 0x0) 22:17:28 executing program 4: 22:17:28 executing program 5: 22:17:28 executing program 3: 22:17:28 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) 22:17:28 executing program 0: 22:17:28 executing program 4: 22:17:28 executing program 5: 22:17:28 executing program 3: 22:17:28 executing program 1: syz_init_net_socket$rose(0xb, 0x5, 0x0) r0 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 22:17:28 executing program 0: [ 1184.244746][T22601] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:29 executing program 3: 22:17:29 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) 22:17:29 executing program 4: 22:17:29 executing program 0: 22:17:29 executing program 5: 22:17:29 executing program 1: syz_init_net_socket$rose(0xb, 0x5, 0x0) r0 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 22:17:30 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={0x0, @phonet, @isdn, @ethernet={0x0, @remote}}) 22:17:30 executing program 0: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/thread-self\x00', 0x452401, 0x0) 22:17:30 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x127b, 0xffffffffffffffff) 22:17:30 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c03, 0xffffffffffffffff) 22:17:30 executing program 1: syz_init_net_socket$rose(0xb, 0x5, 0x0) r0 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 22:17:30 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vcs\x00', 0xc8007, 0x0) read$FUSE(r0, 0x0, 0x0) 22:17:30 executing program 3: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x8001, 0x200) [ 1186.055059][T22624] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:31 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:31 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x127b, 0xffffffffffffffff) 22:17:31 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) 22:17:31 executing program 5: syz_mount_image$iso9660(&(0x7f0000000240)='iso9660\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x60400, &(0x7f00000016c0)) 22:17:31 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0xc51}, 0x40) 22:17:31 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x1263, 0xffffffffffffffff) 22:17:32 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000200)={&(0x7f0000ffc000/0x1000)=nil, 0x1000}, &(0x7f0000000240)=0x10) 22:17:32 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x127b, 0xffffffffffffffff) 22:17:32 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) 22:17:32 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_GET_STATUS64(r0, 0x4c05, &(0x7f0000000140)) 22:17:32 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x4000801) 22:17:32 executing program 0: open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) [ 1187.850585][T22653] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:33 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) 22:17:33 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) 22:17:33 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0xc0045878, 0xffffffffffffffff) 22:17:33 executing program 5: syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfffffffffffffffe, 0x0) 22:17:33 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x127b, 0xffffffffffffffff) 22:17:33 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00') sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="88000000", @ANYRES16=r1, @ANYBLOB="010026bd7000fedbdf2511000000300001801400020076657468315f746f5f626f6e6400000008000100", @ANYRES32, @ANYBLOB="080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="2c000180080003000300000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="180001801420"], 0x88}}, 0x0) [ 1188.384507][T22678] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1188.502176][T22682] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. 22:17:33 executing program 3: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_LIST_RULES(r0, &(0x7f0000002dc0)={0x0, 0x0, &(0x7f0000002d80)={&(0x7f0000002d40)={0x10}, 0x10}, 0x300}, 0x0) 22:17:33 executing program 5: select(0x40, &(0x7f0000000040), &(0x7f0000000100)={0x1}, 0x0, 0x0) 22:17:33 executing program 4: ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x127b, 0xffffffffffffffff) 22:17:33 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r2, &(0x7f0000000000)) 22:17:34 executing program 0: bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000140)={0x0, 0x0, 0x4}, 0xc) 22:17:34 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x9) sendmmsg$inet6(r0, &(0x7f0000000780)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}], 0x1, 0x4810) 22:17:34 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x1276, 0xffffffffffffffff) 22:17:34 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) 22:17:34 executing program 4: ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x127b, 0xffffffffffffffff) 22:17:34 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r2, &(0x7f0000000000)) 22:17:34 executing program 0: r0 = syz_open_procfs(0x0, 0x0) preadv(r0, 0x0, 0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x368, 0x0, 0x111, 0x0, 0x0, 0x0, 0x298, 0x278, 0x278, 0x298, 0x278, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @local, [], [], 'ip6gre0\x00', 'team_slave_0\x00', {}, {}, 0x88}, 0x0, 0x120, 0x188, 0x0, {}, [@common=@inet=@multiport={{0x50, 'multiport\x00'}}, @common=@unspec=@addrtype1={{0x28, 'addrtype\x00'}, {0x0, 0x0, 0x298}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c8) 22:17:35 executing program 0: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_LIST_RULES(r0, &(0x7f0000002dc0)={0x0, 0x0, &(0x7f0000002d80)={0x0}}, 0x0) 22:17:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000023c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x59) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000000)="4788e548b819cdfeb8000000000f23d80f21f835800000a00f23f8c402fd338302000000123e3664450f01c33cc33c430f795835c74424002d010000c4c27d1d6cd1ce44d8c70f08c744240011000000c744240200000000ff2c2466baf80cb8ba7e6983ef66bafc0caa66b87f008ed8", 0x70}], 0x1, 0x40, 0x0, 0x0) syz_open_procfs$namespace(0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000280)={{0x0, 0x0, 0xffffffffffffff54, {0x6000}}, "be77f645fa0faab4173328e03e0e9f020bbc798c84be65bf762199e269b6d15af3d542e5a531a895866fbf13910d95e922d6aa84d68924efe5e444b34d9df08a868ae23c677546798d6ec2c17d6e3f87f0d757c2078c9325c641fea9938ba4f20ebb2577f51ba467d973398c7fa94be4e2abd427b7ad4385c63e630090759c2a6c768a973d0b1e7244e494d5925d9d9f40afd544b84d1fdb8de7af279d8700739c11327a76f8bc32743c959d8858b276c211222f40206257be84ddd07b20d8b1de9b5390ba5eaa289c0bfdf6b5636b7acfac5159e2e7759338e06ae00e4b7cf162e45442e3c8395858847e3e28da4ed237027cd849991ab91e6e5dc61b9936de574c3b26a2b0e303386c02ed1bb6a5acaf8a9271e196bc59fb3d7d6a88383d53302680fd8ebd0e75fa67333a6fb9da0333d6f87b3f628136a4b9ec1c2f4cf3d5ec900ec17d48e3f741860d963ec6e629243d06b547374ec3f5a0a8e71cdd67e8f591d68711ba4df1f2fc62d9f54c6f7b8844c8ce569fb7f983a631250e77374780413ab37235afdefb70572e79f35d36406aded61bcf76711aacf325b2ac1f78b4ede1239e36d5d644c7a81cdf6b95a1e3aa6c2f70d889654572d1f88f05e5b2c5f5c37d6570102c2525a9b3fa28a88c83ded573a896239900bd365dc0323d4921c3c96a3dae810479a1ac83b64f0f9b2008eb51832bce90105dab379b3d99f6761d4cf438d92356c563c982938fe83026258aad0a7d9f5eacfa359c68ec271d3ecf9a57d3eec56cb0bcf1bb0adc6c297d6e5b101640d3c5b50bcb54faebed4f850e737b5a2837054bccbecfd1c28e70a967a350d21867ea95b2cdfe55fd3edc6e1f4db06a5e6b77a333af48e92899e074794f3b4687dce6d45cb33433e922b1602e767164dc0e760d14b4c70f304de2cb56ca5ea35719f492480e48b9007e4073a8e02450a93d3932971b32aca283773bbb7974486478d380d8524c0eee27ba19d9c51196494bc3f2c41c1ddc72b0b9d97ca307022baf742cb69b45de669e3224c1eaf4e6ec7bb76f921ad3fd01e1138eda10e945ca95302c1729adf6526041169700a783f767632e99b55eac5e4ebc25b63e11649a31e1dba33445a36b40c7cc7ab6450cb4853c69a9f1eb00d466f6c98f297d3e4882fd4d1a9dff0786cece0dd1b03fd84f982b493349f32e49be255102e7bd1475e25574a992da6907a0e6bce48d4601b51ca05798a0e8b5faa9ed6700902e4626b866b4219e3880277bca07f577def954fdd64e089622ed0eec558759a9b6d3e512b330fa30e31403053a73da1747a7874f5b7a9fde4c0f9f29a27e795e275c9f6c33d9db7f370f148a790811428b2f96566bd0e2b148997e69b0ffe1a81cb04d43ce6a24ea2a9414b930fa1330153cb20aaae484e515393b9ddf9d029806c35d5e956462b7cc7f1c7995006ffeae1f1ba1daf8d43309198bf444ec82c670800d5dacd600924564931014b1e834a38274c6560784572e6d4bf8c4a5a1ee5edb2f4ea5fa9f07b11d3d1d88b993fa662bc04dfb9ffa9e534f1622efd7f823346aa7e0a988f56be531c73f34439df61f9737cca8b93d2c25695138c70c469298c3a114c89a8c3409d4dc18e7bd0158631d0b936823a6dda814ed50f83862058d1ecc19b2e1195c910edb5e7164fbd403de0beb5d7feec901a5a373afa1162be95f0e71e50d479e33494d7c98c1cb2ac886c81610678923685fa9f5fff2584c89130b7d2ac78317e531bb2fcade76520cf8bec450e31eebfa5ae2f78587c572d36d56a69cf3f2cc9e15b77c11877d27e8af0196902d7f94646f0294b4507ae4461397ef21b24a2142f740460e1eb1935cbaccd14f71f21d6fb7144de99154f037cf31e9f30da3c935950c7d1c859096d44b57e7bd37147304b2fe51ab63ca7c4031c1f07913c8a894a6b0573886d7a0a62cd20a0f433e541a43808465eb82af5bb9c819a74bed83cf91aa180442c28b9f4d69dd7e728c7734dd3bd3e277e67e96ab9f09e083c0a6e42fe2bc5dcae9a2deddb7f763e62b0d8adacc00af734bb9e978c160600611c83309468a2f942f5d2c9f7cafc97dae2f542ef33be39952fa70ee3e2ecb3105c1a490db73fcf46a3645de10e1cb335ea604f41d10b723872c26f20a71f44b1301fffd601c6a609e0d195bbcb1203cd23fdb3e3f59fa8ae5a484881c34706bacb6a479fa7c9cc6920613dd6903bf046493bac060f046efc6ce43aafe9a3b735c1cb283714548fdc16a2ce9d9dccd77f3b8037132ec1b1f1d965932a9ec4b20efe1f2212c94511b61799b5bd29be84e47d1c1209af544bb4c4820b4897fe00fd583b8ae5394354d1f2532d0801f202ba31bf01a896ebea5302167cf9b0ed71e793d9572fac48d75724caa57f99ba9db2113f5fa52d19356ed1d0c85bd60805952113e521a01444d6a6a502144691a9d32363284410e967626c720cdb3444a56b1b7043047dbf8e5f1b5177c82a651710eaed591e1d4ac5ffaf85411f7c3c3e58fefb5e0528f74b3f78a0b31de68f1e31415a7a37010be818b886c28cca1bf68db068929bad71bc6b4ae2a4c9f2c9bf98f15164e6ef96ef4121c191e5a94ca431b49c475f02acebc42d2c6026e4f7d595e5677947bf6cc0d6f95d7838f76cfc04492cebaed4374984706465ac83a1acbb55450f5b5e1e4cc00a88c334af44d337089c80167a813f54fa903ec85d8f1d22c443bcdfb3d268a3e57f563b9732cc3f5d8b1fd98a6f44e3b056cbeb65946ec917ef093c3a62757f2b27e6b4873ae7183b5b9a6528a576af69449df90cda4bfad6c54bed67fecc6fdc624183aecb5072002c8dc9d45505901c61489ab31b7d6cde6943f042953df648861b68663291117f3deb74d3f9e9501d9d50b095baaeef21aca82e00203c06ce103cc923e6f02ab481eed2da0a4eedeb827e9d7961f6d972f347c649e706dc0259d697a6a5ea1ba33a6f2c16beed92b58fa290026c728e91f3de285a74e56e968c5d174639a915b5e53d7b1e5566b1a89f09434afb2a2ff1fd00d13e7ce5a3dcb8e628f39a6c6825acd4b7152a777d21485f6360af8b1c62a4a29f2ad98d9c393530187c14b4defdfc8ac12433be7f56a40ce4087eb1f7cf949e4e9b3c612e4953716ab027a36ce839f1d2815c289d08e0e500630c2f54344d6549b9645a4b31648d25f71dc7a43651aa8530ccd0cec2f96a4385b185823111c514b5beb817a98824f301462598f03919ec52c0fdf5a522f3e4b250ded3089e0958bb20e5f936c8ab4fc00316ce483254f6e2abc024835acdba239decc60fcc316cbb5fe85db2e22ecd1259c607b575d836222d7a21f0fccdc6d4f90c487c66dcbe9d17f6af2edc30b57189f009072fa5b46e1f49aa33a6546aea60202c4e77066e2f487b2bd36f3178ea888488ae52fad830868172d8f2b3335db98a83c45e047ba93eb32e08a014d13fb8b9f3b54c16adaac8a95c250051baaa3667343a3df51ab7dccedcf4410482fb24ab337285d4c0d182bf00050c5cd2f8a1f7954fe0ce1c2325dc159445464327f0c463dfdae8c944db603ceab504409be7e3316e679960b63e1935018641f0d30d40fb4f83faa2786e7284b0adf6fe0ae04f61c362be89177aa7a27cd00a1c101deb33fbae04b8b20fceeef601049626954f0436470eb4d344fd53c34eab4fca401bb6aa64c1d1891ca88300ce5f8b9b7badb64a5aa3ce8ea848e288239def4602e4812c66503ccc2a68b734d97b2fe71e321e09275bbc727e4c02ce1a967f2f7c5f02f658c5e449a1c718a535561afbddd05ad28559c6ea8a5d19298eeccee69818b69a833b972128e153306522a3733396e25e3a2175443715b0926ea967609f73e2529fa4b6c346e32543431d11f57f557c71ff6b789d9a78e8039f78c5089586aeba7a584b3d6b753f8633d062b5cca3639eb95885027a1b78a90f79d33e8872b455a21618b76a4afd3d704849b067ab8f968bf528fbdbdfdd34e84163d644e211e32f9b5b91f86fb815890f6e405d7324fd6ff84fea268cf4d613d8b8cc784fd434f317dd77ccaf40d974c43d70ec15306c691ce9782267b20b35c150c1c104adff5437068f7c9dee058c08403024e5ed1f35bf1b6db213af8fd0293b230ddc7a405e1e3e584292cf6d9bd4ca1d0c325ecf37c57134320f79fac3f26874b1d595d0aacb7bf454bc4e15f755c1c7e2d0951d7731d8bf27c8002f611a942d633c9e0203ee9f848de15966e6c993d790bbc26958fdc3ff4e62b971697855ad0980d3cf6cd79c0f2f0d41eab6d2c67e83295afcbee60179e0997ddf9b15002b7fc058afa567034dabc640790aba2419a5ccbce25abccde586373f4e31f3436e5bab2e156b4cd6abaadbd4e991cb4a15cdea2202b13bce716e1df40d6bcc275f14c152ffe6294d2b5a5377a9da546490a0ff9ec3f27a0a6070f1b0d72b75a74ac1e764c4670b9547faa728500233dc410132d800bddd4e81272f1ace1fa8186e1b68e19b23ee611b2c9119b094764fd0720212c14f12f1835596660e08dbaf1a28c2ecb391094e8decb500484a4f9de412781fe084695a243d474471a3d6abd4ac640cfb7da40e0327defce9aa8101a25f7145b55db0510dd090af63fd65f9003693b21b2f3d4775c65707fed78474238d6453592933b2265c3836d0c775b95e9739b3de3856072a5b43c9e3024e8843b2522e92d12aab4a636c68af12722ab38d881f4c97118014db986f3ec966783b93d81d1d70e3ea611482df745256c3ef9c6c949c6afc6929f69d9427ddde81f3f278500c586b3bb736c2fc7713ad92ed13640f4051e72b38568e3f211f75261ee6517de0b980076127d7dc00a1660a11232325f7ac097f46e0ef4493cd7de875d14056419373d887a821672d894d32c810464705e92c9abe32967fead2464c8b2f693f45d07a8160f59ec046019b016ee8b07764278af8c6b22b4cc079f406c0ba898332aa8911b026c75edd02d5a40f8ed9c1a3d39c1893a0affe4b38c77305429562e9d0907179753051cbf13ff936091334fe24a53816d2aa5e2e26993dac3f2c573b0001152ee26b633afd966bfb704054227160bf292bbcc35f78a649bb7f4fe1783a6b10de778519c8a71f1381cc67a779e51ce3097e666d964728d55708e76953826c7659c3647d3f3cedf9f1b45b27f5735bb8d78d874bf73147b738b9c0566a0d2fdcb17f85dc712462e381ba1466d92d903ba24d0cc17ddbeb7bd80b5525d7236a8add54d4eca06fe4cd0d3724403c7ad09f22eb2fcb4181eddde271be821579b7382bbfe36dab5079811e62842da65165c27c181dfed279d5ec12a1c0c13541760c2fe5cce95c6892622229ac24a7211ba43e513077f34342b61611a1ab10b6c51f6e3a06be0716d7d1abc82f5903e32f1e6e3e85789c1b8f140bbe1903b9677ec9655e171bf1f4d27dda003c27d4ef0e043d0def451dbc0f48cb6cb605b1e2d27e9fc9db10c0b571b6805f316b00b581d0d7358f83e14d1b4290e61fc0d0bd97334f31a547350c00877c90bcb591b98986c19d9d477f7dc521ac43d2edf9201ea61c43e6365e795bfb44b0d90ced7b9d34a849dec495d79cae7769c721d7cd17f1503df3d113c49fcb18449ff180d39c94717ae8fcba7ee1d8cf75873098a7a697d5f5d7a6eeef14daf146710ee40c94ff8ea9ff048d108688776fd074e72658d6ea43f42ea03883f70f45c7b86d3eb0bced0f3a60b6da510833728ffdb82af9a34c5fc86e0130861ac66c68b784300", "204b9e1804d636301150775298e6490040d0ecb72371cfe0ccc258d2b4450458b909ae785f60b932863937ed25df0ce2b046ccc47e3501ed7a53e69d95dfb761f3fb81659983876f915b21b4b91270b4607875b751136514bb42b1de575e5ae05e98fd37dde49acb6a8e7f7c592ceb8793d00c84515e9b091fca8056f69ef47c1c91735af04b3077a94a24147489c6bbc3d63a76ba4eb1e6adf014106f4b0117fc6a2b2c84ca9e6c40fade373fd49f657e5e828399868d39d2a9d8cb3f4508e156d31ded826a64d84b19ceb0c13d9566f14866028f00408428bc6b9a27761fb13e70561fa8bb45bf2547baeebd7c99e01c1ebdac09ba75e3f67b2bc6898ca2c8e6c2b09efef1e688c74fe8e214b657d3325725531f9ce71d59532adc69f40e0b821fbd14558133f9fcd9d5ace9150703b5879f74028583dccd4984a9fedf23f1f6b8c501f9a99762079404f109e6d69b025edbf2d3169e44f186eb60e7abf9539cb8013670435420f54b7e485644f5afc2d0581d8404c23bcf2c0bcd6d3a6fbc658721e74546ea52d57f259e841e87f01ace9d7fb10bb4356abffa306d91963914bc144e486f78c048aafe20eae27ff53250de7bed8c4167780c53facfd741b93f53d67a60eba1527701896bcd29a6cc20b9390582421eb0e5dce7a66a94881904dd91c47c59e8b7219adae86ba78b230306829368a56dc908245fc72886c3b18facea659b27466d3c6a85b541f20a012660319f8f4ba0faf0d83d28ac63ae417323a0f75b88235d1a60a29c41f662b34ac40ac19c94f227567860a998f5e4d8f65b930c1a1209ba04cc2406599914e8ed7c98d8095a56fd29920c47c6221bf7e6a076dfc90947af9468d8844731ac3923896f25a8402421e24e1d328e5b9daeb97048b87e3d374874071931ad791c1f03324ba01d463364a5bb1dba7e3b807aec9c333703397a45918c73b443dd46f7b289736662ad833302fa89567e44c3de8e2f87bb5f8758abf6f888ad26bb5ed48a4bd828d8fcf5c01cf7588009c1a6c35e94142950b3bac8fa0af15c2f30504cef3e544b132e4096a836aa49336cbe878d2e33075d0712adc3e75b9f9bc7ec420f123084eb296119171535c4fa49d460d4444eb309f424ec13be89ff6641caa089da262ff89c0d4b1a86fac91361a7a124a0e4b27de253186e10671d2532d600f6b4089dc690f600363092ad93fb62fbab9e1a96caefe31e4c117420fd1df64e4e0cf4967cb026a003be444278553c2e58e19ec5a6db3921fab8fa0748965e523659e54a3e01190492f9b01811d06b13d8c833454ab5a93af8a9ad27a155d682d8c78f074da17d6ccb7ded5b5f3c30e3afb3c0e4aab6ce797e8142df9a74f486aee74c0bc021c227d802c5f5e79678c45bac331d6ec24ecb404296dc9e90b2c191fc14c53505e92587f43a5eedc56a6408048d9dbb8bee8840a656952cb361f0d76baa20939e6e8ab917e12b76dd812b95e68c90708d7cd81aa18002eea116f4190e49d1f628a509c8fb65f393ef5bcf7d1b9ea289e0532ee5f46e65709e84aaa7a6334c58eaab5c3cced88fa3e9e365ace119a3c40dfe336abbe6d3a09dfd895cdc3daae26ae9d3f68a3a2184ac5f6972ef034f1f9f0d4100a55b8638db0986f362a23b599903909a5a6193fc2c6e54adc965ff5d48bc1ed1b6ff0ab226b9598f70a13ca0a0b2d2cc05f17449bd4cbd224fa75810955011d5a401348c0b75546c1fd86824ced7b0c79cb4d13a3722aef6f7a0cb49f76a372ff133736f04b67bf6a74d5164a227f4865dfd15181e0a9e5dc53317ffb04a7ab1fba87d3b34bd1cee7c6aef4b3ebef183c9fcd4daf091ef1f5f2709a7eb4a648242c408e7d5b10b766e0f648c654d99d0722189c4956474892e379a84b1f09f13ba589423e43b4b0dd267b1d0c976fb64903ea2d22e2612d9dbad91536a986f44986d74578f2cf378dc6505cc26261548a080e11d74fed2cdaa90479f0656fd927f89a0624f4ce943981ffbec2ceb27c7fb6e6ee7df7c2d26d7151f1dadb172a0017787c5d32d6408b6662c8f5348f34e63649206142164f7aa076b2c83bfffe44126ee923f0b9bc917e52308373553cf19e6798ac83ace350be47f445ef0d268c2a4fc67998a5907db42decc63fcfc30df0a4543da178e442aec97060edc209e34849f6beea0e366eccc80b87c1c16f89e5608b96c176ccfaf6014a619b83d72c5a89749cf763fd76c6ae82b6a1322674838ab9e5f9a0db7aa8b7d27db308edb664fc0197756f6709df36d9f6ed678944e18455a8d49434f9a6f223cbf52b6a1ba266a55331ffe7e83fb4130c2f5528626c4e451d8bac1da046dd59249fe41b6c8a36e82346918e0177c876f44101ff9f7721d8fbe1eca04e13ba8db3f5bd01c3661df0d6c8a24d45a246e0ac80aed4178901a71a939da4622592b3a8d87b3ae35370530039d7d413455e9d61656b58a1e63aa9bf1a87d8bcc6605c3167836f82ba01f54934e2d31d7463e1848ee8a2cca55a029d5ed37236dda9f278981cdb330eabc6bfc33a7fee5678c38b8e0a9258fa8ce5cb8abc3320d44dd16098df1bbf9d3e3142ec1838ba81785e37dc97fda2797e3cf6b7d6c367737b4df96a242149bbba7af54da91b404fbf01f4ecfb7ebd97c67de2415b3bca3b5f21deae988733dcb547a17aa38c0b98aba60fbb1d57f9e8f005ae6233e5da68da32c7a2778944a2eacba03e3312fe968fa3be0e2ceb4d8526803e7a8f24618b1003860e424da518c9602cb092c9c6b930b72523bbf615ad8330e337e64ff82eb78d9a2384e86afece8aa9d9cb1b7ab27265261a3cf542e1655792ed66b28d27bf4f02d13e93413bfc5fae7dbec15aac85331ae3d4032679988ffd1c1750447f763ebc9ba8f8ba4521b74563af6ee8a996af3707dd03118c3f0d18d612a5105519310f7b8c5eb4b7e3a0d675374da18314d144b5d5d0ba2735dab4efdf68f70285ce4d35032427e23fe7c59c5844879550417dc93d2221fe0ff82c7e21ebba19c01fefc6f6eeb7078e7557f077ca089246e6f3901e127ca4685c191847ae720ce30d41939239b2835d9cfd126faabc88eb80d409d8ec1cdf6070c55109bdbbb668fd56c6ebd3503986cdf5ade19903a85516f0ed87872f397e6244b0f58c70b8dd0cbc408dd7a87c42d672d31fde7fbc31b3acff4be744b933ec0645f76b52481ba6f50a25a98f89d9989e347b682a459eb38004d0de0a7314f8319b1e0ce5152a4928d7f59769347a7f48af595d028b5012cf5b7fc081cbec3c5ad30801947b5d3f87a242b05691ef3f46f0ba35fa6ee28a966ad42e34ef6192cb6e5de41411df4638c825688abc1c8f1fa7b2eced5ae40a5d35d7cfd981f4dd46a91e8f123187d8e99a947020cdc4cfcb66ee004232ed5badfa694fd943ed59f01433989e5663a77fd2bbcdbfaad5ab482150f22ffa6b1ae9e99134b320c04444c3d5d71e37c6d4faf82b1297d75a520e6e6c5a0d7ab86dea5245a97b16a7690f50e9abd452da33c58974cb63e4711fece83cf1251c6eecc7c9a887b0a881f148b6c8fa3749ef09661488909a2f74e41a4968f5f1d1ebd9a511f5732ea60a18032d68dcf34a5914b1c24275e6c3d331a8c454e4c615dc5f6ce4de1b44fc755da73eef517bca08fa464443eabf4046961625ee82c406e08359b49785a1cbe9822cada3375da9adf55bd50e156a314f10107a3fb880a944fa3a0cdb4be2234c19ab26f8075c6389a0a6062e82050b493a30e617f728b8d0ced0b69da60c6fdadd95ee1c0e656b63ecc72a491e07bce4c3df3761e51bb327a86d55a375e4f5859a8b179a47f4b5b8b85fed0db916e31885d0ad185d6c7e79449e282a5d10a7cf86d0305a2673cd9aa834d130fcb1098c0f69771ae23e2b49cdd3d39be17fcc309a282486bf0e0829a0805a036b0b1e357f03a861857312dab3033f00957ff6f03a35240724bc6adf429090f555aca563ffb5e4b67c75486149f2495971bf653617f29e50d59da32288afeabc768787d2e830c70d5f0dbd8db5e9923b8893f32c4cdc0d8130caefade59d7f5e270f8b5487b69815dd8cec6d3dfa3ca308987f2970ab3e8714cdbae27dc22fa434805c9284b904840a92bc76490c15c6a04df137940d48f7ac6285f858611376f447ebaf11ce4014066d57e5fa579b588e0d795fb0322d1b8606faf9507092be3e320184a5324df47792e8b015ee27ace73b0bc05f3eff2c2a9ee45752df32a85b1ad5679aedbe40ac59511938929e210a409e538c139d1fb93891d2b9908f915b9c556788bb8926b6a96923038a119eb68bcb528a42e97f8fbd49e7d5bb3e51987cca590ea8a18e049f64d8c994d63a707c441e63509f909adf5f7c26d36714bd56307513003f8f85f20c8fea4248627d2f19891baef9b134a8ecb6e3da6232c5b818d7469645038312b6b952f782f28ccd199367a51f750927e5f11ef04cb299dc7ba0c24500134d3a9a0a4f62903ae930f5ba49c39855ffc4aba6cc9d400075f094875db9ebcbcbb35309421d08a928b0216dcbbf718761b01b4d41cf55b0b2bf4c89603a61e5ac2f5bf5236d4bee90617e1b2fdc3a4540db2c89561c1cb9b1e28436013546e654e36fa328097ce8a4baf5a2fd78f9bca617bd4de062dbbc38c7356232b385823b6c604a401f43f5864111eff29045c12b6c622182e097caa5a9945133375b46dc0e268e860dd58b62403c41393f02c7f1d23a1d0daad5d2eb7a085387ea6b81ceb6191d5ffa7f58848996caad4796ee8d9e1bad072455a37d8b64888cb4007f344783afca22db07a2ccb8531c6a9d69bffdf1f949e3fce89f223119595c5b9bfa51893ff36849be61ff02939360a5d5b0e05d22aa3a1f16c27103edeb00c0f763bd4251805ec8d894692cd1636b4b1c96ab613896c17b2fb8a414a91463d54f145e1d49378e726e5921d8cd34aeb176a36701c9b75311806efcf402d4345034d7fd5165857bd2cd07b32a18334a3cf358dadbc8144b806120805a07714d8d0029fe0db7958bbb69b9a216e5945fdf0b892665c0bad2cd822797d5c7223094cd54042c781fba9d7f05a169f390225385d5c055896dc8a620a637a7c73ee77fbf2152fb62af9bcbe01389dd846724fa24ca6088d2bddf9bcae4d9e11f86266e4d87f6b11f3721c30c3f48ddfecb7623802c7e3f595b088473747d25b70bbdf8920924c6bb9e202e6d54e340a469e8ecf66b49dda0036a7d071492742593c2e02bd7bd703774f2ac8c45dbfa1f8ce4c205a05064362bf2819e80bd406367a86ece3f5d54b43029b3f7fcc2378c5e33e8de66fa5f3c4974310c3ac4d2ab1234b1fea14d71512c578dfab154a74dc66c8a5ff983a41e02c57c58cd9c3a77d22f15f8a6abe41de51ce4a92151ee25c6f2c4feb0453b4f86fb4c7e19063b871ff6458b2ad51b992df6b16de3a5a2f5935c85d5a8709d82943c645f6199e76b38d718b86945638d92daa15aeb9beaa53028a425c6ee90dbd58b57f4a748ec0037fca725812aaac8e201d5121c06c9d3bfcbe799b9fa28440fceec78a5d39a112626bd0f9e530cb5573083e6b3b0ce5ef60e85ea643331d45663f309d75d36c88ed56abbac74672daa72c2f180ab5d117d2ab17db9e36a807bcaa62a07aa5486d39d63f64d23f03e58f6fa346b39005cde05121ecc2146ae982d02532a2deb90d8b9cfd32ff03a5294933292fb3d58760bc81a72df0e602b9b4b7e407bc542924e9763fe0d4bd5346ccb9e10b1ea7dade31d4bbc9"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:17:35 executing program 4: ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x127b, 0xffffffffffffffff) 22:17:35 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r2, &(0x7f0000000000)) 22:17:35 executing program 3: r0 = io_uring_setup(0x23bc, &(0x7f00000001c0)) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, 0x0, 0x1) 22:17:35 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000dc40)={0x0, 0x0, &(0x7f000000dc00)={0x0, 0x9c4}}, 0x0) 22:17:35 executing program 4: r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x127b, 0xffffffffffffffff) 22:17:36 executing program 5: syz_mount_image$iso9660(0x0, 0x0, 0x0, 0x1, &(0x7f0000001600)=[{&(0x7f00000004c0)="fb6a34d172af0745c57fc5275ff2cd31b7d55e33b847340405aa369f0312c98bdc738e72318fbeec284fb0c5a1bd085c49e8fca687de17dba2f1a8404c17ac7873f15edf03926eea1a73500f41924a250f59d092b2736c0135c9b7da8e8f8b1f68c679c0cc6a17b70b2377febc8aaac648a4efa2e53e755e821bf9a5484274526da4d93f7ff31eb2cb9024c6153e919c747cbeeeec0e486162ae25952bfc61d45c1dd391345e68b805b5f854e2c227c346dc3a51f8b5cc96167f188e107d8ad73a47b63d0f42a2952041f16336e175f0947a062279a4b3b9ab65011b62ef044395bf07be0b6e92e671560410382b20bddc1836ac1ba1ebbc5d33b7e5b5105ba5d6156bddb7dea93544893807c7a775d98a315b3fe6bb5c08814eea0acb21b085e274ad2e47634de89796bf15d496b6ee5d8ddf9fa1754f3d24d55a230357435492e0bc154270aaf553cfdc9202823d3dfc1d8ff40a5043ae2cf46386e5e143796b1987d050b83ba0f7e0453e0dd708cb85d8266e3d9f66a6035a89fe7799019cb295a8de5b86115f61b187053eca22770ab26357e5ef5ddd6178dc37578e408da49c7d9a12f109c65001002b6efd3a2bb0385075ceee7e9284c87d8eedf34b6f84c92a5e778b01052cda069e188a39ca20c335ba404c81379ad790bc6158a4eed67469583d9533beec960f2e230bfe71ae47c2bb1a8f2ff18724ec7f83ad835fa60d18daa209148610af6fbe03823a1d502abef94eaa1279915dafd9403b4b533ef64085ab325572712d3a9feb60c2b91b1ea7e96e69dfd596f2911af238e670808b1fcb9d057ce121755a08f588ddcd982f5b200a59608e513e85a086b90339a830ef01a41295082ef11bc379b313fa4eca4c3f1784bd404b2e7f4850d763e43e134a58fdfb8c8ef6b4202abc80f54a84ae3b30bc7362b3510af2d31cea439669689267ea54da7751b2871dcaa1b44fe7742e300d7ef23f9007dc8ebafa1ca2f22af81ddfe5a589b5fbc73a1997ba9313736b0f9cedea8321257f4ee08cdda66ffa03b5ad5ffe4cc7bf9da5fbf3f4196a9563556686f6956d122c3a2b85df5b8e82d8f71a834734a67f78cf41aa71ca3ce15e108f6ea02b06293d7f3b8d5974650768cd3cf13f32bb82c1e6bbb52cdfce4418b92a5eeb00d773499d8ff0a3587822ddb2580150502c9b03ca4613f5c288b7383b6c88c2da15d95a1019512eb3e2030d13feb48ea51789464c48fb938e6a0370d6bc011a175618fbe6e42a38f56efcf993a2656c54d70b4454de06c5c0711eb3ebce4c39b06450d7238200d4882b41c37ea16768b6832e9cf45559273fb4f85d9db72d03066bb5396dff0d1a20686e457fe8481fea1fd545e966c2c5a17a189836bc468ba9e43efa3ed31a336c28bc51c796ae4d4b35a82abe180304e759d251e8a50a3d60c4a3f7f4343b8199b5e72f75466f4c47976e3e9b3865b19093dff8a7e59815ccfd240e65c28c1af5936640d59c9174cc050cc7560a755879389ac1a81abd28da094b3f233f5fa30354379d564f5e1dd896e7a16da88e61529f3bddf74287f2d774181a8777c9739ccfa191da45810fd28985975e92536f7fdda1fc5cbd102e2003c7638788944fd184aa891b0811738c4491b8e747a7e3531316e567fd823a03476925368cc476464c91ea51f14a2e5a25be59cdab5fcd6db88761ced701f6b9f408ce23ae5993cf70a4f902af4d3631f78778b320120869eab5ad5c03a6896a199f1d95c0caa704b5c570963149d5825d0468b6bfc965b81a64ec0e3af9619e55277b47a85c9a6d50eb393c3d7f828e134cc1c296e98b680ee4183cf439aedc4e73fdf9955408a3ba8bfcd88c8b22cac7c45e27fd7c202e69ff76dcc3871595f1855aa8e2e81cc7733b506e081809ef99a7f13b1734780d98b78c03dc45f38beac222cdf388e9efd47832f77b8abc9857ede75c31e994af7e2db12148e5ad15fbc705d3ecebc8d486456f384dfc43e9a3c5ae1e3cb5731d169d64b47af4114aff8e2f48d7eb005c76f0c93d694dd3669e4b336b498187fffd84cd57dab425443380ce721fda13b071c59a608366a70e433b55171f41e7fdd3e07ab603ca648d4af36e5ddd59077765e44950c270fa60755df4fc9c868a182369b03fe36bf939d23528ebb6945291f9dee28d76a3afe4cdf21cd1a1d09c4e65ae89f1694086ee444cbac0d0b109f4d6536300841324ceb2935c63bb5af682bb53c1b91e18340609c103324131e849eabbc60d8a10d24b3d1c4373abe6cf759ac524f5794579ce92919b267698cd2ef5c72cd373298c8bfa295d5a33a4187dcecd2017909056b9bc6553aae84cdf2716be034eb3bdb1b322c31d0f484465006f48ee89f675d74c35e2e8ed7ee0b8c855b3f3b31298cda832a1fbd7d6383da09753e80bc55b25487fb8d2aa35bc1d56a08f5f12d9e986afc9cbdf61c68e59f1516e225871b186abd5a6c2deab6e136ca85dfc83c77757a91e03dab505c1ac1b8d4b4c47d3fc7342c99b9380c113ccd7aa0dbaa28a12c51ff82c02d44a84010a185badba8f6c5da4ed9b15ca2a34a00cf25fb1393ea0727e75bcffdbd3d81af4a984af67a60d7d3d6ed0291d2e635fab472ceaf302f49a910b7278c2fca7e903aed6c90106ecaf2872b963ecd046542061d3016174fbd48c1a5453310f0101db130d04200c2206dbfef722f3ae3b47d309caa5aca2b25b1e7e1b8c5027097a48278d9ac7d6c852a3397c6b00f7640bd93cbfb7f7a2ff6471f3271d0022f7ee517fe1b7d0f90623b86b546eee60c0271219c94b639581f47c3566140494ca6c9c8452b0a8f786ff8276ce9ecb4d8e62df37c1a76f54b49b2a7083c5ff931e8c2a0a0c117777d9c256384e4bb2a0051d230b5689b594a663118dfd07dd024812ca5c77659456af56f9a0c79f22ae5e3473d0b3bb3020367aa0e043b3340c123274ed6d15b403a32dbd71e41add34da5080d8f3d572d7a16ef39a62ccc5a3b97b8215f86bcd5efc2d6dc6335d2e564e38e3e2906440a4b6d17c1a8f8a04bc6c94b9cfeac56ba2fbea19d9d51423e219f5d72e770e883430f1b86f5b5bde4ea4be0326ca83c3c4d6b865df824ece8110526403ee9a25d7a8138fbf7df017e7c7daa59e60b4303d1ccef7028f4e9498ef26e419acb42bf986911ee1c9aea193783df5df39e1dbf3ec3bb1e18911fd5073f1835a88a16365a93a214594dee70fb28fd127264a9de52c01d10c597144df4ce7e1ddfdc0240f4581f4f7332622eadea5b476f4624e11baeee2ca5fa73c9a209fb359bb893e7ddd5e20c47f2965b0074f86e1f20b2ce2a7e14f46a2215ea3207fdad1eaf0dc2c5b4d4cc04c991f9ee1f6ddcc243aa86e4be4388e2ee28ed970902690cf9bf5df241b2699c907a8b25859513e8f4af3ac025bbe18305ab5395d7887188023030b14795fd6d8b0e7fbfd0d9f5cdedeb596b16e5f8898788941ad50063010be86b75f68c3d757444a756b13003bcdefa11187d186492269c05d3be83b79a0c2292c11a8e94b55c15d9699cb39f21dcdc14eff618f1503bc5ddcdb4c46c084e5848e4f0ab9cc6ed93807cabb1910f44f772cb74c739eb194d64b1b8bcb90df1ded9d4a9df5f82a59933bce9d67c395ceb92a33fded48662286e211f1be7ec257f8d005362449df633c0607bc24060a6381c57d60d5ef634b76f312e78747886160e17ed152d30ca1b57d2f4a89e7e36168b6eeb1859a0bfe3a24bb04023455dacf4ed25d7135950ce5d6eb3bec9ef563f2a5361ebcee38ebb606e7cb2905fabf6b2a26a23b02cb6567c76bd166f52d3527a739d2eb43f0b6e4c24b7de5933150b65705a508c1555e1c42bd3065ff9bde1d82e5cc2ff735869b99ae4ef6919f0d9457e204eb16d327262cf2f4b7253e0b6524162a82be6078a4768c71fab101a601f23fb8d0eb70e10a029ade73114448aa5b47b4ea3b1a3c5b495a2fbf07aa1a272040470bf18fc87b9e25c02a2c450f5a096b419f8446bff18362b2b61477c1c83fbb51deb6f707b5ff2007d0f75f9e4be40bb618ad5addb4aff88a16ac", 0xb41}], 0x0, 0x0) 22:17:36 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) 22:17:36 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) 22:17:36 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x6, 0x209e20, 0x2, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r3, 0x0}, 0x20) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x6, 0x209e20, 0x2, 0x1}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000b40)={r4, &(0x7f0000000300)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={r4, &(0x7f0000000000), &(0x7f0000000140)=""/130}, 0x18) 22:17:36 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vcs\x00', 0x0, 0x0) read$FUSE(r0, 0x0, 0x0) 22:17:36 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x401070cd, 0xffffffffffffffff) 22:17:36 executing program 4: r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x127b, 0xffffffffffffffff) 22:17:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000023c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x59) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000000)="4788e548b819cdfeb8000000000f23d80f21f835800000a00f23f8c402fd338302000000123e3664450f01c33cc33c430f795835c74424002d010000c4c27d1d6cd1ce44d8c70f08c744240011000000c744240200000000ff2c2466baf80cb8ba7e6983ef66bafc0caa66b87f008ed8", 0x70}], 0x1, 0x40, 0x0, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/user\x00') perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) socket$inet6_udp(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000280)={{0x0, 0x0, 0xffffffffffffff54, {0x6000}}, "be77f645fa0faab4173328e03e0e9f020bbc798c84be65bf762199e269b6d15af3d542e5a531a895866fbf13910d95e922d6aa84d68924efe5e444b34d9df08a868ae23c677546798d6ec2c17d6e3f87f0d757c2078c9325c641fea9938ba4f20ebb2577f51ba467d973398c7fa94be4e2abd427b7ad4385c63e630090759c2a6c768a973d0b1e7244e494d5925d9d9f40afd544b84d1fdb8de7af279d8700739c11327a76f8bc32743c959d8858b276c211222f40206257be84ddd07b20d8b1de9b5390ba5eaa289c0bfdf6b5636b7acfac5159e2e7759338e06ae00e4b7cf162e45442e3c8395858847e3e28da4ed237027cd849991ab91e6e5dc61b9936de574c3b26a2b0e303386c02ed1bb6a5acaf8a9271e196bc59fb3d7d6a88383d53302680fd8ebd0e75fa67333a6fb9da0333d6f87b3f628136a4b9ec1c2f4cf3d5ec900ec17d48e3f741860d963ec6e629243d06b547374ec3f5a0a8e71cdd67e8f591d68711ba4df1f2fc62d9f54c6f7b8844c8ce569fb7f983a631250e77374780413ab37235afdefb70572e79f35d36406aded61bcf76711aacf325b2ac1f78b4ede1239e36d5d644c7a81cdf6b95a1e3aa6c2f70d889654572d1f88f05e5b2c5f5c37d6570102c2525a9b3fa28a88c83ded573a896239900bd365dc0323d4921c3c96a3dae810479a1ac83b64f0f9b2008eb51832bce90105dab379b3d99f6761d4cf438d92356c563c982938fe83026258aad0a7d9f5eacfa359c68ec271d3ecf9a57d3eec56cb0bcf1bb0adc6c297d6e5b101640d3c5b50bcb54faebed4f850e737b5a2837054bccbecfd1c28e70a967a350d21867ea95b2cdfe55fd3edc6e1f4db06a5e6b77a333af48e92899e074794f3b4687dce6d45cb33433e922b1602e767164dc0e760d14b4c70f304de2cb56ca5ea35719f492480e48b9007e4073a8e02450a93d3932971b32aca283773bbb7974486478d380d8524c0eee27ba19d9c51196494bc3f2c41c1ddc72b0b9d97ca307022baf742cb69b45de669e3224c1eaf4e6ec7bb76f921ad3fd01e1138eda10e945ca95302c1729adf6526041169700a783f767632e99b55eac5e4ebc25b63e11649a31e1dba33445a36b40c7cc7ab6450cb4853c69a9f1eb00d466f6c98f297d3e4882fd4d1a9dff0786cece0dd1b03fd84f982b493349f32e49be255102e7bd1475e25574a992da6907a0e6bce48d4601b51ca05798a0e8b5faa9ed6700902e4626b866b4219e3880277bca07f577def954fdd64e089622ed0eec558759a9b6d3e512b330fa30e31403053a73da1747a7874f5b7a9fde4c0f9f29a27e795e275c9f6c33d9db7f370f148a790811428b2f96566bd0e2b148997e69b0ffe1a81cb04d43ce6a24ea2a9414b930fa1330153cb20aaae484e515393b9ddf9d029806c35d5e956462b7cc7f1c7995006ffeae1f1ba1daf8d43309198bf444ec82c670800d5dacd600924564931014b1e834a38274c6560784572e6d4bf8c4a5a1ee5edb2f4ea5fa9f07b11d3d1d88b993fa662bc04dfb9ffa9e534f1622efd7f823346aa7e0a988f56be531c73f34439df61f9737cca8b93d2c25695138c70c469298c3a114c89a8c3409d4dc18e7bd0158631d0b936823a6dda814ed50f83862058d1ecc19b2e1195c910edb5e7164fbd403de0beb5d7feec901a5a373afa1162be95f0e71e50d479e33494d7c98c1cb2ac886c81610678923685fa9f5fff2584c89130b7d2ac78317e531bb2fcade76520cf8bec450e31eebfa5ae2f78587c572d36d56a69cf3f2cc9e15b77c11877d27e8af0196902d7f94646f0294b4507ae4461397ef21b24a2142f740460e1eb1935cbaccd14f71f21d6fb7144de99154f037cf31e9f30da3c935950c7d1c859096d44b57e7bd37147304b2fe51ab63ca7c4031c1f07913c8a894a6b0573886d7a0a62cd20a0f433e541a43808465eb82af5bb9c819a74bed83cf91aa180442c28b9f4d69dd7e728c7734dd3bd3e277e67e96ab9f09e083c0a6e42fe2bc5dcae9a2deddb7f763e62b0d8adacc00af734bb9e978c160600611c83309468a2f942f5d2c9f7cafc97dae2f542ef33be39952fa70ee3e2ecb3105c1a490db73fcf46a3645de10e1cb335ea604f41d10b723872c26f20a71f44b1301fffd601c6a609e0d195bbcb1203cd23fdb3e3f59fa8ae5a484881c34706bacb6a479fa7c9cc6920613dd6903bf046493bac060f046efc6ce43aafe9a3b735c1cb283714548fdc16a2ce9d9dccd77f3b8037132ec1b1f1d965932a9ec4b20efe1f2212c94511b61799b5bd29be84e47d1c1209af544bb4c4820b4897fe00fd583b8ae5394354d1f2532d0801f202ba31bf01a896ebea5302167cf9b0ed71e793d9572fac48d75724caa57f99ba9db2113f5fa52d19356ed1d0c85bd60805952113e521a01444d6a6a502144691a9d32363284410e967626c720cdb3444a56b1b7043047dbf8e5f1b5177c82a651710eaed591e1d4ac5ffaf85411f7c3c3e58fefb5e0528f74b3f78a0b31de68f1e31415a7a37010be818b886c28cca1bf68db068929bad71bc6b4ae2a4c9f2c9bf98f15164e6ef96ef4121c191e5a94ca431b49c475f02acebc42d2c6026e4f7d595e5677947bf6cc0d6f95d7838f76cfc04492cebaed4374984706465ac83a1acbb55450f5b5e1e4cc00a88c334af44d337089c80167a813f54fa903ec85d8f1d22c443bcdfb3d268a3e57f563b9732cc3f5d8b1fd98a6f44e3b056cbeb65946ec917ef093c3a62757f2b27e6b4873ae7183b5b9a6528a576af69449df90cda4bfad6c54bed67fecc6fdc624183aecb5072002c8dc9d45505901c61489ab31b7d6cde6943f042953df648861b68663291117f3deb74d3f9e9501d9d50b095baaeef21aca82e00203c06ce103cc923e6f02ab481eed2da0a4eedeb827e9d7961f6d972f347c649e706dc0259d697a6a5ea1ba33a6f2c16beed92b58fa290026c728e91f3de285a74e56e968c5d174639a915b5e53d7b1e5566b1a89f09434afb2a2ff1fd00d13e7ce5a3dcb8e628f39a6c6825acd4b7152a777d21485f6360af8b1c62a4a29f2ad98d9c393530187c14b4defdfc8ac12433be7f56a40ce4087eb1f7cf949e4e9b3c612e4953716ab027a36ce839f1d2815c289d08e0e500630c2f54344d6549b9645a4b31648d25f71dc7a43651aa8530ccd0cec2f96a4385b185823111c514b5beb817a98824f301462598f03919ec52c0fdf5a522f3e4b250ded3089e0958bb20e5f936c8ab4fc00316ce483254f6e2abc024835acdba239decc60fcc316cbb5fe85db2e22ecd1259c607b575d836222d7a21f0fccdc6d4f90c487c66dcbe9d17f6af2edc30b57189f009072fa5b46e1f49aa33a6546aea60202c4e77066e2f487b2bd36f3178ea888488ae52fad830868172d8f2b3335db98a83c45e047ba93eb32e08a014d13fb8b9f3b54c16adaac8a95c250051baaa3667343a3df51ab7dccedcf4410482fb24ab337285d4c0d182bf00050c5cd2f8a1f7954fe0ce1c2325dc159445464327f0c463dfdae8c944db603ceab504409be7e3316e679960b63e1935018641f0d30d40fb4f83faa2786e7284b0adf6fe0ae04f61c362be89177aa7a27cd00a1c101deb33fbae04b8b20fceeef601049626954f0436470eb4d344fd53c34eab4fca401bb6aa64c1d1891ca88300ce5f8b9b7badb64a5aa3ce8ea848e288239def4602e4812c66503ccc2a68b734d97b2fe71e321e09275bbc727e4c02ce1a967f2f7c5f02f658c5e449a1c718a535561afbddd05ad28559c6ea8a5d19298eeccee69818b69a833b972128e153306522a3733396e25e3a2175443715b0926ea967609f73e2529fa4b6c346e32543431d11f57f557c71ff6b789d9a78e8039f78c5089586aeba7a584b3d6b753f8633d062b5cca3639eb95885027a1b78a90f79d33e8872b455a21618b76a4afd3d704849b067ab8f968bf528fbdbdfdd34e84163d644e211e32f9b5b91f86fb815890f6e405d7324fd6ff84fea268cf4d613d8b8cc784fd434f317dd77ccaf40d974c43d70ec15306c691ce9782267b20b35c150c1c104adff5437068f7c9dee058c08403024e5ed1f35bf1b6db213af8fd0293b230ddc7a405e1e3e584292cf6d9bd4ca1d0c325ecf37c57134320f79fac3f26874b1d595d0aacb7bf454bc4e15f755c1c7e2d0951d7731d8bf27c8002f611a942d633c9e0203ee9f848de15966e6c993d790bbc26958fdc3ff4e62b971697855ad0980d3cf6cd79c0f2f0d41eab6d2c67e83295afcbee60179e0997ddf9b15002b7fc058afa567034dabc640790aba2419a5ccbce25abccde586373f4e31f3436e5bab2e156b4cd6abaadbd4e991cb4a15cdea2202b13bce716e1df40d6bcc275f14c152ffe6294d2b5a5377a9da546490a0ff9ec3f27a0a6070f1b0d72b75a74ac1e764c4670b9547faa728500233dc410132d800bddd4e81272f1ace1fa8186e1b68e19b23ee611b2c9119b094764fd0720212c14f12f1835596660e08dbaf1a28c2ecb391094e8decb500484a4f9de412781fe084695a243d474471a3d6abd4ac640cfb7da40e0327defce9aa8101a25f7145b55db0510dd090af63fd65f9003693b21b2f3d4775c65707fed78474238d6453592933b2265c3836d0c775b95e9739b3de3856072a5b43c9e3024e8843b2522e92d12aab4a636c68af12722ab38d881f4c97118014db986f3ec966783b93d81d1d70e3ea611482df745256c3ef9c6c949c6afc6929f69d9427ddde81f3f278500c586b3bb736c2fc7713ad92ed13640f4051e72b38568e3f211f75261ee6517de0b980076127d7dc00a1660a11232325f7ac097f46e0ef4493cd7de875d14056419373d887a821672d894d32c810464705e92c9abe32967fead2464c8b2f693f45d07a8160f59ec046019b016ee8b07764278af8c6b22b4cc079f406c0ba898332aa8911b026c75edd02d5a40f8ed9c1a3d39c1893a0affe4b38c77305429562e9d0907179753051cbf13ff936091334fe24a53816d2aa5e2e26993dac3f2c573b0001152ee26b633afd966bfb704054227160bf292bbcc35f78a649bb7f4fe1783a6b10de778519c8a71f1381cc67a779e51ce3097e666d964728d55708e76953826c7659c3647d3f3cedf9f1b45b27f5735bb8d78d874bf73147b738b9c0566a0d2fdcb17f85dc712462e381ba1466d92d903ba24d0cc17ddbeb7bd80b5525d7236a8add54d4eca06fe4cd0d3724403c7ad09f22eb2fcb4181eddde271be821579b7382bbfe36dab5079811e62842da65165c27c181dfed279d5ec12a1c0c13541760c2fe5cce95c6892622229ac24a7211ba43e513077f34342b61611a1ab10b6c51f6e3a06be0716d7d1abc82f5903e32f1e6e3e85789c1b8f140bbe1903b9677ec9655e171bf1f4d27dda003c27d4ef0e043d0def451dbc0f48cb6cb605b1e2d27e9fc9db10c0b571b6805f316b00b581d0d7358f83e14d1b4290e61fc0d0bd97334f31a547350c00877c90bcb591b98986c19d9d477f7dc521ac43d2edf9201ea61c43e6365e795bfb44b0d90ced7b9d34a849dec495d79cae7769c721d7cd17f1503df3d113c49fcb18449ff180d39c94717ae8fcba7ee1d8cf75873098a7a697d5f5d7a6eeef14daf146710ee40c94ff8ea9ff048d108688776fd074e72658d6ea43f42ea03883f70f45c7b86d3eb0bced0f3a60b6da510833728ffdb82af9a34c5fc86e0130861ac66c68b784300", "204b9e1804d636301150775298e6490040d0ecb72371cfe0ccc258d2b4450458b909ae785f60b932863937ed25df0ce2b046ccc47e3501ed7a53e69d95dfb761f3fb81659983876f915b21b4b91270b4607875b751136514bb42b1de575e5ae05e98fd37dde49acb6a8e7f7c592ceb8793d00c84515e9b091fca8056f69ef47c1c91735af04b3077a94a24147489c6bbc3d63a76ba4eb1e6adf014106f4b0117fc6a2b2c84ca9e6c40fade373fd49f657e5e828399868d39d2a9d8cb3f4508e156d31ded826a64d84b19ceb0c13d9566f14866028f00408428bc6b9a27761fb13e70561fa8bb45bf2547baeebd7c99e01c1ebdac09ba75e3f67b2bc6898ca2c8e6c2b09efef1e688c74fe8e214b657d3325725531f9ce71d59532adc69f40e0b821fbd14558133f9fcd9d5ace9150703b5879f74028583dccd4984a9fedf23f1f6b8c501f9a99762079404f109e6d69b025edbf2d3169e44f186eb60e7abf9539cb8013670435420f54b7e485644f5afc2d0581d8404c23bcf2c0bcd6d3a6fbc658721e74546ea52d57f259e841e87f01ace9d7fb10bb4356abffa306d91963914bc144e486f78c048aafe20eae27ff53250de7bed8c4167780c53facfd741b93f53d67a60eba1527701896bcd29a6cc20b9390582421eb0e5dce7a66a94881904dd91c47c59e8b7219adae86ba78b230306829368a56dc908245fc72886c3b18facea659b27466d3c6a85b541f20a012660319f8f4ba0faf0d83d28ac63ae417323a0f75b88235d1a60a29c41f662b34ac40ac19c94f227567860a998f5e4d8f65b930c1a1209ba04cc2406599914e8ed7c98d8095a56fd29920c47c6221bf7e6a076dfc90947af9468d8844731ac3923896f25a8402421e24e1d328e5b9daeb97048b87e3d374874071931ad791c1f03324ba01d463364a5bb1dba7e3b807aec9c333703397a45918c73b443dd46f7b289736662ad833302fa89567e44c3de8e2f87bb5f8758abf6f888ad26bb5ed48a4bd828d8fcf5c01cf7588009c1a6c35e94142950b3bac8fa0af15c2f30504cef3e544b132e4096a836aa49336cbe878d2e33075d0712adc3e75b9f9bc7ec420f123084eb296119171535c4fa49d460d4444eb309f424ec13be89ff6641caa089da262ff89c0d4b1a86fac91361a7a124a0e4b27de253186e10671d2532d600f6b4089dc690f600363092ad93fb62fbab9e1a96caefe31e4c117420fd1df64e4e0cf4967cb026a003be444278553c2e58e19ec5a6db3921fab8fa0748965e523659e54a3e01190492f9b01811d06b13d8c833454ab5a93af8a9ad27a155d682d8c78f074da17d6ccb7ded5b5f3c30e3afb3c0e4aab6ce797e8142df9a74f486aee74c0bc021c227d802c5f5e79678c45bac331d6ec24ecb404296dc9e90b2c191fc14c53505e92587f43a5eedc56a6408048d9dbb8bee8840a656952cb361f0d76baa20939e6e8ab917e12b76dd812b95e68c90708d7cd81aa18002eea116f4190e49d1f628a509c8fb65f393ef5bcf7d1b9ea289e0532ee5f46e65709e84aaa7a6334c58eaab5c3cced88fa3e9e365ace119a3c40dfe336abbe6d3a09dfd895cdc3daae26ae9d3f68a3a2184ac5f6972ef034f1f9f0d4100a55b8638db0986f362a23b599903909a5a6193fc2c6e54adc965ff5d48bc1ed1b6ff0ab226b9598f70a13ca0a0b2d2cc05f17449bd4cbd224fa75810955011d5a401348c0b75546c1fd86824ced7b0c79cb4d13a3722aef6f7a0cb49f76a372ff133736f04b67bf6a74d5164a227f4865dfd15181e0a9e5dc53317ffb04a7ab1fba87d3b34bd1cee7c6aef4b3ebef183c9fcd4daf091ef1f5f2709a7eb4a648242c408e7d5b10b766e0f648c654d99d0722189c4956474892e379a84b1f09f13ba589423e43b4b0dd267b1d0c976fb64903ea2d22e2612d9dbad91536a986f44986d74578f2cf378dc6505cc26261548a080e11d74fed2cdaa90479f0656fd927f89a0624f4ce943981ffbec2ceb27c7fb6e6ee7df7c2d26d7151f1dadb172a0017787c5d32d6408b6662c8f5348f34e63649206142164f7aa076b2c83bfffe44126ee923f0b9bc917e52308373553cf19e6798ac83ace350be47f445ef0d268c2a4fc67998a5907db42decc63fcfc30df0a4543da178e442aec97060edc209e34849f6beea0e366eccc80b87c1c16f89e5608b96c176ccfaf6014a619b83d72c5a89749cf763fd76c6ae82b6a1322674838ab9e5f9a0db7aa8b7d27db308edb664fc0197756f6709df36d9f6ed678944e18455a8d49434f9a6f223cbf52b6a1ba266a55331ffe7e83fb4130c2f5528626c4e451d8bac1da046dd59249fe41b6c8a36e82346918e0177c876f44101ff9f7721d8fbe1eca04e13ba8db3f5bd01c3661df0d6c8a24d45a246e0ac80aed4178901a71a939da4622592b3a8d87b3ae35370530039d7d413455e9d61656b58a1e63aa9bf1a87d8bcc6605c3167836f82ba01f54934e2d31d7463e1848ee8a2cca55a029d5ed37236dda9f278981cdb330eabc6bfc33a7fee5678c38b8e0a9258fa8ce5cb8abc3320d44dd16098df1bbf9d3e3142ec1838ba81785e37dc97fda2797e3cf6b7d6c367737b4df96a242149bbba7af54da91b404fbf01f4ecfb7ebd97c67de2415b3bca3b5f21deae988733dcb547a17aa38c0b98aba60fbb1d57f9e8f005ae6233e5da68da32c7a2778944a2eacba03e3312fe968fa3be0e2ceb4d8526803e7a8f24618b1003860e424da518c9602cb092c9c6b930b72523bbf615ad8330e337e64ff82eb78d9a2384e86afece8aa9d9cb1b7ab27265261a3cf542e1655792ed66b28d27bf4f02d13e93413bfc5fae7dbec15aac85331ae3d4032679988ffd1c1750447f763ebc9ba8f8ba4521b74563af6ee8a996af3707dd03118c3f0d18d612a5105519310f7b8c5eb4b7e3a0d675374da18314d144b5d5d0ba2735dab4efdf68f70285ce4d35032427e23fe7c59c5844879550417dc93d2221fe0ff82c7e21ebba19c01fefc6f6eeb7078e7557f077ca089246e6f3901e127ca4685c191847ae720ce30d41939239b2835d9cfd126faabc88eb80d409d8ec1cdf6070c55109bdbbb668fd56c6ebd3503986cdf5ade19903a85516f0ed87872f397e6244b0f58c70b8dd0cbc408dd7a87c42d672d31fde7fbc31b3acff4be744b933ec0645f76b52481ba6f50a25a98f89d9989e347b682a459eb38004d0de0a7314f8319b1e0ce5152a4928d7f59769347a7f48af595d028b5012cf5b7fc081cbec3c5ad30801947b5d3f87a242b05691ef3f46f0ba35fa6ee28a966ad42e34ef6192cb6e5de41411df4638c825688abc1c8f1fa7b2eced5ae40a5d35d7cfd981f4dd46a91e8f123187d8e99a947020cdc4cfcb66ee004232ed5badfa694fd943ed59f01433989e5663a77fd2bbcdbfaad5ab482150f22ffa6b1ae9e99134b320c04444c3d5d71e37c6d4faf82b1297d75a520e6e6c5a0d7ab86dea5245a97b16a7690f50e9abd452da33c58974cb63e4711fece83cf1251c6eecc7c9a887b0a881f148b6c8fa3749ef09661488909a2f74e41a4968f5f1d1ebd9a511f5732ea60a18032d68dcf34a5914b1c24275e6c3d331a8c454e4c615dc5f6ce4de1b44fc755da73eef517bca08fa464443eabf4046961625ee82c406e08359b49785a1cbe9822cada3375da9adf55bd50e156a314f10107a3fb880a944fa3a0cdb4be2234c19ab26f8075c6389a0a6062e82050b493a30e617f728b8d0ced0b69da60c6fdadd95ee1c0e656b63ecc72a491e07bce4c3df3761e51bb327a86d55a375e4f5859a8b179a47f4b5b8b85fed0db916e31885d0ad185d6c7e79449e282a5d10a7cf86d0305a2673cd9aa834d130fcb1098c0f69771ae23e2b49cdd3d39be17fcc309a282486bf0e0829a0805a036b0b1e357f03a861857312dab3033f00957ff6f03a35240724bc6adf429090f555aca563ffb5e4b67c75486149f2495971bf653617f29e50d59da32288afeabc768787d2e830c70d5f0dbd8db5e9923b8893f32c4cdc0d8130caefade59d7f5e270f8b5487b69815dd8cec6d3dfa3ca308987f2970ab3e8714cdbae27dc22fa434805c9284b904840a92bc76490c15c6a04df137940d48f7ac6285f858611376f447ebaf11ce4014066d57e5fa579b588e0d795fb0322d1b8606faf9507092be3e320184a5324df47792e8b015ee27ace73b0bc05f3eff2c2a9ee45752df32a85b1ad5679aedbe40ac59511938929e210a409e538c139d1fb93891d2b9908f915b9c556788bb8926b6a96923038a119eb68bcb528a42e97f8fbd49e7d5bb3e51987cca590ea8a18e049f64d8c994d63a707c441e63509f909adf5f7c26d36714bd56307513003f8f85f20c8fea4248627d2f19891baef9b134a8ecb6e3da6232c5b818d7469645038312b6b952f782f28ccd199367a51f750927e5f11ef04cb299dc7ba0c24500134d3a9a0a4f62903ae930f5ba49c39855ffc4aba6cc9d400075f094875db9ebcbcbb35309421d08a928b0216dcbbf718761b01b4d41cf55b0b2bf4c89603a61e5ac2f5bf5236d4bee90617e1b2fdc3a4540db2c89561c1cb9b1e28436013546e654e36fa328097ce8a4baf5a2fd78f9bca617bd4de062dbbc38c7356232b385823b6c604a401f43f5864111eff29045c12b6c622182e097caa5a9945133375b46dc0e268e860dd58b62403c41393f02c7f1d23a1d0daad5d2eb7a085387ea6b81ceb6191d5ffa7f58848996caad4796ee8d9e1bad072455a37d8b64888cb4007f344783afca22db07a2ccb8531c6a9d69bffdf1f949e3fce89f223119595c5b9bfa51893ff36849be61ff02939360a5d5b0e05d22aa3a1f16c27103edeb00c0f763bd4251805ec8d894692cd1636b4b1c96ab613896c17b2fb8a414a91463d54f145e1d49378e726e5921d8cd34aeb176a36701c9b75311806efcf402d4345034d7fd5165857bd2cd07b32a18334a3cf358dadbc8144b806120805a07714d8d0029fe0db7958bbb69b9a216e5945fdf0b892665c0bad2cd822797d5c7223094cd54042c781fba9d7f05a169f390225385d5c055896dc8a620a637a7c73ee77fbf2152fb62af9bcbe01389dd846724fa24ca6088d2bddf9bcae4d9e11f86266e4d87f6b11f3721c30c3f48ddfecb7623802c7e3f595b088473747d25b70bbdf8920924c6bb9e202e6d54e340a469e8ecf66b49dda0036a7d071492742593c2e02bd7bd703774f2ac8c45dbfa1f8ce4c205a05064362bf2819e80bd406367a86ece3f5d54b43029b3f7fcc2378c5e33e8de66fa5f3c4974310c3ac4d2ab1234b1fea14d71512c578dfab154a74dc66c8a5ff983a41e02c57c58cd9c3a77d22f15f8a6abe41de51ce4a92151ee25c6f2c4feb0453b4f86fb4c7e19063b871ff6458b2ad51b992df6b16de3a5a2f5935c85d5a8709d82943c645f6199e76b38d718b86945638d92daa15aeb9beaa53028a425c6ee90dbd58b57f4a748ec0037fca725812aaac8e201d5121c06c9d3bfcbe799b9fa28440fceec78a5d39a112626bd0f9e530cb5573083e6b3b0ce5ef60e85ea643331d45663f309d75d36c88ed56abbac74672daa72c2f180ab5d117d2ab17db9e36a807bcaa62a07aa5486d39d63f64d23f03e58f6fa346b39005cde05121ecc2146ae982d02532a2deb90d8b9cfd32ff03a5294933292fb3d58760bc81a72df0e602b9b4b7e407bc542924e9763fe0d4bd5346ccb9e10b1ea7dade31d4bbc9"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:17:36 executing program 0: openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x4c980, 0x0) 22:17:36 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) 22:17:37 executing program 4: r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x127b, 0xffffffffffffffff) 22:17:37 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r0, &(0x7f0000002b00)=[{{&(0x7f0000000140)=@ethernet={0x0, @multicast}, 0x80, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000dc40)={0x0, 0x0, &(0x7f000000dc00)={&(0x7f000000d200)=ANY=[@ANYBLOB="c4090000", @ANYRES16, @ANYBLOB="04"], 0x9c4}}, 0x0) 22:17:37 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) 22:17:38 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:38 executing program 0: socketpair(0x2c, 0x3, 0x88, &(0x7f0000006a40)) 22:17:38 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c06, 0xffffffffffffffff) 22:17:38 executing program 4: syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x127b, 0xffffffffffffffff) 22:17:38 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, 0x0) [ 1193.497742][T22792] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:38 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000200)={0x1a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x40) 22:17:38 executing program 3: 22:17:38 executing program 4: syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x127b, 0xffffffffffffffff) 22:17:38 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, 0x0) 22:17:39 executing program 5: pselect6(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0xe0}, &(0x7f00000000c0)={0x77359400}, 0x0) 22:17:39 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:39 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x1278, 0xffffffffffffffff) 22:17:39 executing program 4: syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x127b, 0xffffffffffffffff) 22:17:39 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x401070ca, 0xffffffffffffffff) 22:17:39 executing program 1: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, 0x0) [ 1194.676145][T22807] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:39 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) 22:17:40 executing program 3: pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={[0x3]}, 0x8}) 22:17:40 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:40 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, 0x0, 0x0, 0x4845, 0x0, 0x7) 22:17:40 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, 0x0, 0x0, 0x20000094, 0x0, 0xfffffd7f) 22:17:40 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000040)='\x00\x00', 0x1, 0x20000040, 0x0, 0xfffffffffffffe68) 22:17:40 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000000540)=[{0x0, 0x0, 0x0}], 0x1, 0xc000) [ 1195.802542][T22824] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:41 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendto(r0, 0x0, 0x0, 0xc0d0, 0x0, 0xfffffffffffffccf) 22:17:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000040)="e9c5d8", 0x0, 0x2800c810, 0x0, 0xfffffffffffffec4) 22:17:41 executing program 1: 22:17:41 executing program 5: 22:17:41 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:41 executing program 4: 22:17:41 executing program 3: 22:17:41 executing program 1: 22:17:42 executing program 0: 22:17:42 executing program 5: [ 1197.008196][T22841] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:42 executing program 4: 22:17:42 executing program 3: 22:17:42 executing program 0: 22:17:42 executing program 1: 22:17:42 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:42 executing program 5: 22:17:43 executing program 4: [ 1198.031367][T22851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:43 executing program 3: 22:17:43 executing program 1: 22:17:43 executing program 0: 22:17:43 executing program 5: 22:17:43 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:43 executing program 4: 22:17:43 executing program 3: 22:17:44 executing program 0: 22:17:44 executing program 1: 22:17:44 executing program 5: 22:17:44 executing program 4: [ 1199.247545][T22864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:44 executing program 3: 22:17:44 executing program 0: 22:17:44 executing program 1: 22:17:44 executing program 5: 22:17:44 executing program 4: 22:17:44 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:45 executing program 3: 22:17:45 executing program 0: 22:17:45 executing program 1: 22:17:45 executing program 5: 22:17:45 executing program 4: 22:17:45 executing program 3: 22:17:45 executing program 0: 22:17:45 executing program 1: [ 1200.845709][T22877] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:46 executing program 5: 22:17:46 executing program 4: 22:17:46 executing program 3: 22:17:46 executing program 2: setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:46 executing program 0: 22:17:46 executing program 1: 22:17:46 executing program 5: 22:17:46 executing program 4: [ 1201.880215][T22895] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:47 executing program 3: 22:17:47 executing program 1: 22:17:47 executing program 0: 22:17:47 executing program 5: 22:17:47 executing program 4: 22:17:47 executing program 3: 22:17:47 executing program 2: setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:47 executing program 1: 22:17:47 executing program 5: 22:17:47 executing program 0: [ 1202.908622][T22907] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:48 executing program 4: 22:17:48 executing program 3: 22:17:48 executing program 1: 22:17:48 executing program 0: 22:17:48 executing program 5: 22:17:48 executing program 2: setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:48 executing program 4: 22:17:48 executing program 3: 22:17:48 executing program 1: 22:17:49 executing program 0: [ 1203.986791][T22919] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:49 executing program 5: 22:17:49 executing program 4: 22:17:49 executing program 3: 22:17:49 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:49 executing program 1: 22:17:49 executing program 0: 22:17:49 executing program 5: 22:17:49 executing program 4: [ 1204.928217][T22929] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:50 executing program 3: 22:17:50 executing program 0: 22:17:50 executing program 1: 22:17:50 executing program 5: 22:17:50 executing program 4: 22:17:50 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:50 executing program 3: 22:17:50 executing program 1: 22:17:50 executing program 0: [ 1206.051034][T22942] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:51 executing program 4: 22:17:51 executing program 5: 22:17:51 executing program 3: 22:17:51 executing program 1: 22:17:51 executing program 0: 22:17:51 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) [ 1207.200404][T22951] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:52 executing program 0: 22:17:52 executing program 5: 22:17:52 executing program 4: 22:17:52 executing program 1: 22:17:52 executing program 3: 22:17:52 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:53 executing program 4: 22:17:53 executing program 5: 22:17:53 executing program 0: 22:17:53 executing program 1: 22:17:53 executing program 3: syz_genetlink_get_family_id$tipc2(&(0x7f0000000500)='TIPCv2\x00') [ 1208.297337][T22963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:53 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() capget(&(0x7f00000000c0)={0x20080522}, 0x0) perf_event_open(&(0x7f00000002c0)={0x5, 0x70, 0xff, 0xa1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x6, 0x2, @perf_config_ext={0x0, 0x2}, 0x20, 0x0, 0x3, 0x2, 0x2, 0x0, 0x86}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) open(&(0x7f0000000280)='./file0\x00', 0x3fc, 0x0) openat$full(0xffffff9c, 0x0, 0x10800, 0x0) move_pages(0x0, 0x4, &(0x7f0000000040)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil], &(0x7f00000003c0)=[0x200000], &(0x7f0000000400)=[0x0, 0x0], 0x4) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) flock(r2, 0x2) socket$inet(0x2, 0x0, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) dup2(r3, r2) 22:17:53 executing program 4: syz_genetlink_get_family_id$batadv(&(0x7f0000000200)='batadv\x00') openat$autofs(0xffffff9c, &(0x7f0000000300)='/dev/autofs\x00', 0x301d02, 0x0) 22:17:53 executing program 0: syz_open_procfs$namespace(0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_io_uring_setup(0x5e04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2, 0x273}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) prctl$PR_SET_ENDIAN(0x14, 0x1) prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) 22:17:53 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:53 executing program 3: modify_ldt$read_default(0x2, &(0x7f0000000a40)=""/59, 0x3b) 22:17:53 executing program 1: syz_io_uring_setup(0x5e04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x273}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) write$FUSE_GETXATTR(0xffffffffffffffff, &(0x7f0000000240)={0x18, 0xfffffffffffffff5}, 0x18) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) [ 1209.156726][T22984] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:54 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000880)='/dev/loop#\x00', 0x0, 0x105182) sendfile(r0, r0, 0x0, 0x2400001d) 22:17:54 executing program 4: openat$zero(0xffffff9c, &(0x7f00000002c0)='/dev/zero\x00', 0x400, 0x0) 22:17:54 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x1009, 0x0) socket$xdp(0x2c, 0x3, 0x0) getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0) shmctl$IPC_SET(0x0, 0x1, &(0x7f00000004c0)={{0x1, 0x0, 0x0, 0x0, 0xee01, 0x24, 0x20}, 0x1ff, 0x6, 0x5, 0xef5, 0x0, 0xffffffffffffffff, 0x9}) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000080)={@ipv4={[], [], @remote}}, 0x14) sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='./file0\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$full(0xffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x2104, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000580)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000000)) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="60000400", @ANYRES16=0x0, @ANYBLOB="050d28bd7000ffdbdf25020000000c0004001f000000000000001400078008000100", @ANYRES32, @ANYBLOB="0c00050002010000000000000c00040001000080000000000c000300ff030000000000000800010000000000"], 0x60}, 0x1, 0x0, 0x0, 0x44060}, 0x4000000) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f00000000c0)={0x1, 'vlan0\x00', {}, 0x4}) getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000300), &(0x7f0000000340)=0x4) 22:17:54 executing program 1: openat$vnet(0xffffff9c, &(0x7f0000000600)='/dev/vhost-net\x00', 0x2, 0x0) 22:17:54 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:55 executing program 0: perf_event_open(&(0x7f0000000fc0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1210.157023][T23011] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:57 executing program 5: socket(0x0, 0x1, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ff8000/0x5000)=nil, 0x5000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$zero(0xffffff9c, &(0x7f0000000a80)='/dev/zero\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000fc0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, r0, 0x0) 22:17:57 executing program 4: perf_event_open(&(0x7f0000000fc0)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:17:57 executing program 1: perf_event_open(&(0x7f0000000fc0)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:17:57 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:57 executing program 0: perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0xb0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCCONS(r0, 0x541d) 22:17:57 executing program 3: r0 = openat$vnet(0xffffff9c, &(0x7f0000000600)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000680)) 22:17:57 executing program 3: openat$autofs(0xffffff9c, &(0x7f0000000480)='/dev/autofs\x00', 0x44c80, 0x0) [ 1212.321881][T23031] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1212.324392][T14111] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1212.510699][T14111] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1212.704002][T14111] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 22:17:57 executing program 4: syz_genetlink_get_family_id$tipc2(&(0x7f00000010c0)='TIPCv2\x00') 22:17:57 executing program 0: getitimer(0x1, &(0x7f0000000200)) 22:17:57 executing program 1: r0 = openat$autofs(0xffffff9c, &(0x7f0000000300)='/dev/autofs\x00', 0x0, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={r0, 0x0, 0x0}, 0x10) [ 1212.871189][T14111] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 22:17:58 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:58 executing program 3: syz_open_procfs$namespace(0x0, 0x0) syz_io_uring_complete(0x0) syz_io_uring_setup(0x5e04, &(0x7f0000000100), &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 22:17:58 executing program 5: socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000500)='TIPCv2\x00') [ 1213.463069][T14111] tipc: TX() has been purged, node left! [ 1213.503064][T23065] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:17:58 executing program 4: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x30, 0xffffffffffffffff, 0x0) 22:17:58 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 22:17:58 executing program 0: add_key$fscrypt_provisioning(&(0x7f0000000c00)='fscrypt-provisioning\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffa) 22:17:59 executing program 5: r0 = openat$vnet(0xffffff9c, &(0x7f0000000600)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, 0x0) 22:17:59 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:17:59 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='wchan\x00') lseek(r0, 0x0, 0x1) 22:17:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) dup(0xffffffffffffffff) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:17:59 executing program 5: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) ftruncate(r0, 0x5) epoll_create1(0x0) dup3(r1, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000000008, &(0x7f0000000240)=0x0) getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000001540)=""/4096, 0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x40000}]) sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000440)={0x0, 0xac}, 0x1, 0x0, 0x0, 0x80}, 0x4c040) sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x28, 0x0, 0x8, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0x37}}}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x40805}, 0x80) ioctl$TIOCGRS485(r0, 0x542e, &(0x7f00000000c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x8, 0x0, @dev={0xfe, 0x80, [], 0x2b}, 0x3}, 0x1c) setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000100)=0x2e4, 0x4) setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r3, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r3, &(0x7f0000004d80)=[{{0x0, 0x2000000, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c910ccab00220bc31d41e44f96f67971b8ed8a3dc9eb4123a903d58da02dd1eca653150422bc91e9585fbf8", 0x57}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd1dd89172a4b0db90eea51bdfec78bb53e8d41773cba7f1305a8a40b7368445a71ef7870273f1544930baf73a8bfa6ece09d54376b821b65fdf1e0704f1f3c5a823fa67f635159af010053f5b909f8e944c43d6fb1c4fca639b470d3e6ad140d0838958ecf0fc98a780205474fdeb93a97d27b4f3314a9585129aaec893d7fe36d87fd746841ac5c60b31e1732a1a3ca0afcc4068cdde63b142700c563c1ab59dc0b7200723bf21c694583ed8fed1b2bc5c204df3812c223ce0de2f40b69e7f4e8ba1c3ebc31de2f4190e3f1ceb", 0xf7}, {&(0x7f00000012c0), 0x80fe}, {&(0x7f0000000280)="0c22fcc306e8a4d628dc3f33cd1758b784d34ef62ecd943b96c5573b05e34886b55503a08eeac42aafc204e9fec654b4b0853f4c32d8d6f8968a96b81710a9ed49ae96ea22eb07accdc99ed31fb48b921b4c9af7278829eb32247169da3593e5e73371e82e3558cd87b9c876b91e091e933496ae3a6b5a00a79f50110980c83af2fd44e0f08908f806be4146080def894a3ac87c3d214e32b0e031c8873b6ed3cdb9c160ee236576cb5a749ee356d4f5df961b35ec3667bcfa641e2c812a5eefbd78546783b6bd280dc4ec1cd015bee7d07f0993d6", 0xd5}, {&(0x7f0000001440)="7b18908bcd34b2f4eef2193c5f89bb79551b5d7000ccc31628374b03e7f0b8bbfe45", 0x22}], 0x5, 0x0, 0x0, 0xffffffe0}}], 0x400000000000132, 0x400000a) 22:17:59 executing program 0: r0 = openat$zero(0xffffff9c, &(0x7f0000000a80)='/dev/zero\x00', 0x0, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, 0x0, 0x0) [ 1214.744334][T23079] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1215.117118][ T31] audit: type=1804 audit(1604096280.159:23): pid=23092 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir656387413/syzkaller.7fVHSN/863/bus" dev="sda1" ino=16112 res=1 errno=0 [ 1215.246985][T23092] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 22:18:00 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, 0x0, 0x0) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) [ 1215.842599][ T31] audit: type=1804 audit(1604096280.879:24): pid=23088 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir656387413/syzkaller.7fVHSN/863/bus" dev="sda1" ino=16112 res=1 errno=0 [ 1215.966546][T23100] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1218.804363][T14111] device hsr_slave_0 left promiscuous mode [ 1218.831490][T14111] device hsr_slave_1 left promiscuous mode [ 1218.848852][T14111] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1218.858214][T14111] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1218.895775][T14111] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1218.905608][T14111] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1218.940416][T14111] device bridge_slave_1 left promiscuous mode [ 1218.947435][T14111] bridge0: port 2(bridge_slave_1) entered disabled state [ 1218.969970][T14111] device bridge_slave_0 left promiscuous mode [ 1218.977053][T14111] bridge0: port 1(bridge_slave_0) entered disabled state [ 1219.030124][T14111] device veth1_macvtap left promiscuous mode [ 1219.036529][T14111] device veth0_macvtap left promiscuous mode [ 1219.042672][T14111] device veth1_vlan left promiscuous mode [ 1219.048735][T14111] device veth0_vlan left promiscuous mode [ 1222.346833][ T8490] Bluetooth: hci3: command 0x0409 tx timeout [ 1222.695274][T14111] team0 (unregistering): Port device team_slave_1 removed [ 1222.712460][T14111] team0 (unregistering): Port device team_slave_0 removed [ 1222.732755][T14111] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1222.752371][T14111] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1222.834596][T14111] bond0 (unregistering): Released all slaves [ 1222.918546][T23134] IPVS: ftp: loaded support on port[0] = 21 [ 1223.287623][T23134] chnl_net:caif_netlink_parms(): no params data found [ 1223.632612][T23134] bridge0: port 1(bridge_slave_0) entered blocking state [ 1223.640079][T23134] bridge0: port 1(bridge_slave_0) entered disabled state [ 1223.650704][T23134] device bridge_slave_0 entered promiscuous mode [ 1223.675785][T23134] bridge0: port 2(bridge_slave_1) entered blocking state [ 1223.683053][T23134] bridge0: port 2(bridge_slave_1) entered disabled state [ 1223.693431][T23134] device bridge_slave_1 entered promiscuous mode [ 1223.774174][T23134] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1223.800949][T23134] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1223.876065][T23134] team0: Port device team_slave_0 added [ 1223.899211][T23134] team0: Port device team_slave_1 added [ 1223.976364][T23134] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1223.983734][T23134] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1224.010523][T23134] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1224.035974][T23134] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1224.043053][T23134] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1224.069322][T23134] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1224.127681][T23134] device hsr_slave_0 entered promiscuous mode [ 1224.139710][T23134] device hsr_slave_1 entered promiscuous mode [ 1224.149052][T23134] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1224.157415][T23134] Cannot create hsr debugfs directory [ 1224.423830][T11015] Bluetooth: hci3: command 0x041b tx timeout [ 1224.485580][T23134] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1224.513619][T11015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1224.522019][T11015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1224.544281][T23134] 8021q: adding VLAN 0 to HW filter on device team0 [ 1224.562405][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1224.572445][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1224.582046][T10369] bridge0: port 1(bridge_slave_0) entered blocking state [ 1224.589503][T10369] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1224.634413][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1224.644829][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1224.654769][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1224.664121][T10369] bridge0: port 2(bridge_slave_1) entered blocking state [ 1224.671360][T10369] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1224.680731][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1224.690949][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1224.702016][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1224.712670][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1224.731867][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1224.744047][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1224.754974][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1224.775432][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1224.798047][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1224.816429][T23134] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1224.860902][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1224.870016][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1224.893663][T23134] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1225.014712][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1225.025152][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1225.071613][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1225.081240][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1225.099662][T23134] device veth0_vlan entered promiscuous mode [ 1225.122416][T23134] device veth1_vlan entered promiscuous mode [ 1225.131204][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1225.140525][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1225.153096][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1225.205179][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1225.214978][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1225.224928][T10369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1225.241154][T23134] device veth0_macvtap entered promiscuous mode [ 1225.262282][T23134] device veth1_macvtap entered promiscuous mode [ 1225.301305][T23134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1225.313892][T23134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1225.324807][T23134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1225.335696][T23134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1225.345798][T23134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1225.356503][T23134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1225.366652][T23134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1225.377400][T23134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1225.387549][T23134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1225.398271][T23134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1225.410899][T23134] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1225.420346][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1225.430017][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1225.439260][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1225.449588][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1225.476501][T23134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1225.487622][T23134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1225.497784][T23134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1225.509108][T23134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1225.519190][T23134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1225.530039][T23134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1225.543307][T23134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1225.553958][T23134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1225.564109][T23134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1225.574843][T23134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1225.588716][T23134] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1225.596968][ T8901] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1225.607129][ T8901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1225.874548][T14111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1225.882449][T14111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1225.904795][T15897] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1225.923992][T14119] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1225.931909][T14119] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1225.947530][T15897] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 22:18:11 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}}, 0x0) 22:18:11 executing program 4: connect$caif(0xffffffffffffffff, 0x0, 0x0) 22:18:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) dup(0xffffffffffffffff) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:11 executing program 0: syz_io_uring_setup(0x5e04, &(0x7f0000000100)={0x0, 0x8c5d}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 22:18:11 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, 0x0, 0x0) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:18:11 executing program 5: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, &(0x7f0000000740), 0x0, 0x0) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\trust\xe3c*sgrVeo:De', 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, 0xffffffffffffffff, 0x0) fstatfs(r0, &(0x7f0000000780)=""/4096) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, &(0x7f0000000080)=0xf000) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000280)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x38}}, 0x0) [ 1226.492869][T23383] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1226.508381][ T9995] Bluetooth: hci3: command 0x040f tx timeout 22:18:11 executing program 5: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, &(0x7f0000000740), 0x0, 0x0) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\trust\xe3c*sgrVeo:De', 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, 0xffffffffffffffff, 0x0) fstatfs(r0, &(0x7f0000000780)=""/4096) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, &(0x7f0000000080)=0xf000) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000280)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x38}}, 0x0) 22:18:11 executing program 4: sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) modify_ldt$read_default(0x2, 0x0, 0x0) 22:18:11 executing program 0: openat$zero(0xffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xcc703, 0x0) 22:18:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) dup(0xffffffffffffffff) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:12 executing program 3: 22:18:12 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, 0x0, 0x0) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:18:12 executing program 4: 22:18:12 executing program 5: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, &(0x7f0000000740), 0x0, 0x0) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\trust\xe3c*sgrVeo:De', 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, 0xffffffffffffffff, 0x0) fstatfs(r0, &(0x7f0000000780)=""/4096) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, &(0x7f0000000080)=0xf000) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000280)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x38}}, 0x0) [ 1227.647023][T23424] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:18:12 executing program 0: 22:18:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) dup(0xffffffffffffffff) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:12 executing program 3: 22:18:13 executing program 4: add_key$user(&(0x7f0000000d40)='user\x00', &(0x7f0000000d80)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) 22:18:13 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:18:13 executing program 0: add_key$user(&(0x7f0000000d40)='user\x00', 0x0, &(0x7f0000000dc0)='%', 0x1, 0xfffffffffffffffc) 22:18:13 executing program 5: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, &(0x7f0000000740), 0x0, 0x0) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\trust\xe3c*sgrVeo:De', 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, 0xffffffffffffffff, 0x0) fstatfs(r0, &(0x7f0000000780)=""/4096) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, &(0x7f0000000080)=0xf000) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000280)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x38}}, 0x0) 22:18:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) dup(0xffffffffffffffff) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:13 executing program 3: [ 1228.584236][T11015] Bluetooth: hci3: command 0x0419 tx timeout 22:18:13 executing program 4: [ 1228.773955][T23443] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:18:14 executing program 0: 22:18:14 executing program 5: 22:18:14 executing program 3: 22:18:14 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) dup(0xffffffffffffffff) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:14 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:18:14 executing program 4: 22:18:14 executing program 0: 22:18:14 executing program 5: [ 1229.751011][T23463] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:18:14 executing program 3: 22:18:14 executing program 4: 22:18:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) dup(0xffffffffffffffff) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:15 executing program 0: 22:18:15 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x400000000000070, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:18:15 executing program 5: 22:18:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000023c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x59) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000000)="4788e548b819cdfeb8000000000f23d80f21f835800000a00f23f8c402fd338302000000123e3664450f01c33cc33c430f795835c74424002d010000c4c27d1d6cd1ce44d8c70f08c744240011000000c744240200000000ff2c2466baf80cb8ba7e6983ef66bafc0caa66b87f008ed8", 0x70}], 0x1, 0x40, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x70}}, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000280)={{0x0, 0x0, 0xffffffffffffff54, {0x6000}}, "be77f645fa0faab4173328e03e0e9f020bbc798c84be65bf762199e269b6d15af3d542e5a531a895866fbf13910d95e922d6aa84d68924efe5e444b34d9df08a868ae23c677546798d6ec2c17d6e3f87f0d757c2078c9325c641fea9938ba4f20ebb2577f51ba467d973398c7fa94be4e2abd427b7ad4385c63e630090759c2a6c768a973d0b1e7244e494d5925d9d9f40afd544b84d1fdb8de7af279d8700739c11327a76f8bc32743c959d8858b276c211222f40206257be84ddd07b20d8b1de9b5390ba5eaa289c0bfdf6b5636b7acfac5159e2e7759338e06ae00e4b7cf162e45442e3c8395858847e3e28da4ed237027cd849991ab91e6e5dc61b9936de574c3b26a2b0e303386c02ed1bb6a5acaf8a9271e196bc59fb3d7d6a88383d53302680fd8ebd0e75fa67333a6fb9da0333d6f87b3f628136a4b9ec1c2f4cf3d5ec900ec17d48e3f741860d963ec6e629243d06b547374ec3f5a0a8e71cdd67e8f591d68711ba4df1f2fc62d9f54c6f7b8844c8ce569fb7f983a631250e77374780413ab37235afdefb70572e79f35d36406aded61bcf76711aacf325b2ac1f78b4ede1239e36d5d644c7a81cdf6b95a1e3aa6c2f70d889654572d1f88f05e5b2c5f5c37d6570102c2525a9b3fa28a88c83ded573a896239900bd365dc0323d4921c3c96a3dae810479a1ac83b64f0f9b2008eb51832bce90105dab379b3d99f6761d4cf438d92356c563c982938fe83026258aad0a7d9f5eacfa359c68ec271d3ecf9a57d3eec56cb0bcf1bb0adc6c297d6e5b101640d3c5b50bcb54faebed4f850e737b5a2837054bccbecfd1c28e70a967a350d21867ea95b2cdfe55fd3edc6e1f4db06a5e6b77a333af48e92899e074794f3b4687dce6d45cb33433e922b1602e767164dc0e760d14b4c70f304de2cb56ca5ea35719f492480e48b9007e4073a8e02450a93d3932971b32aca283773bbb7974486478d380d8524c0eee27ba19d9c51196494bc3f2c41c1ddc72b0b9d97ca307022baf742cb69b45de669e3224c1eaf4e6ec7bb76f921ad3fd01e1138eda10e945ca95302c1729adf6526041169700a783f767632e99b55eac5e4ebc25b63e11649a31e1dba33445a36b40c7cc7ab6450cb4853c69a9f1eb00d466f6c98f297d3e4882fd4d1a9dff0786cece0dd1b03fd84f982b493349f32e49be255102e7bd1475e25574a992da6907a0e6bce48d4601b51ca05798a0e8b5faa9ed6700902e4626b866b4219e3880277bca07f577def954fdd64e089622ed0eec558759a9b6d3e512b330fa30e31403053a73da1747a7874f5b7a9fde4c0f9f29a27e795e275c9f6c33d9db7f370f148a790811428b2f96566bd0e2b148997e69b0ffe1a81cb04d43ce6a24ea2a9414b930fa1330153cb20aaae484e515393b9ddf9d029806c35d5e956462b7cc7f1c7995006ffeae1f1ba1daf8d43309198bf444ec82c670800d5dacd600924564931014b1e834a38274c6560784572e6d4bf8c4a5a1ee5edb2f4ea5fa9f07b11d3d1d88b993fa662bc04dfb9ffa9e534f1622efd7f823346aa7e0a988f56be531c73f34439df61f9737cca8b93d2c25695138c70c469298c3a114c89a8c3409d4dc18e7bd0158631d0b936823a6dda814ed50f83862058d1ecc19b2e1195c910edb5e7164fbd403de0beb5d7feec901a5a373afa1162be95f0e71e50d479e33494d7c98c1cb2ac886c81610678923685fa9f5fff2584c89130b7d2ac78317e531bb2fcade76520cf8bec450e31eebfa5ae2f78587c572d36d56a69cf3f2cc9e15b77c11877d27e8af0196902d7f94646f0294b4507ae4461397ef21b24a2142f740460e1eb1935cbaccd14f71f21d6fb7144de99154f037cf31e9f30da3c935950c7d1c859096d44b57e7bd37147304b2fe51ab63ca7c4031c1f07913c8a894a6b0573886d7a0a62cd20a0f433e541a43808465eb82af5bb9c819a74bed83cf91aa180442c28b9f4d69dd7e728c7734dd3bd3e277e67e96ab9f09e083c0a6e42fe2bc5dcae9a2deddb7f763e62b0d8adacc00af734bb9e978c160600611c83309468a2f942f5d2c9f7cafc97dae2f542ef33be39952fa70ee3e2ecb3105c1a490db73fcf46a3645de10e1cb335ea604f41d10b723872c26f20a71f44b1301fffd601c6a609e0d195bbcb1203cd23fdb3e3f59fa8ae5a484881c34706bacb6a479fa7c9cc6920613dd6903bf046493bac060f046efc6ce43aafe9a3b735c1cb283714548fdc16a2ce9d9dccd77f3b8037132ec1b1f1d965932a9ec4b20efe1f2212c94511b61799b5bd29be84e47d1c1209af544bb4c4820b4897fe00fd583b8ae5394354d1f2532d0801f202ba31bf01a896ebea5302167cf9b0ed71e793d9572fac48d75724caa57f99ba9db2113f5fa52d19356ed1d0c85bd60805952113e521a01444d6a6a502144691a9d32363284410e967626c720cdb3444a56b1b7043047dbf8e5f1b5177c82a651710eaed591e1d4ac5ffaf85411f7c3c3e58fefb5e0528f74b3f78a0b31de68f1e31415a7a37010be818b886c28cca1bf68db068929bad71bc6b4ae2a4c9f2c9bf98f15164e6ef96ef4121c191e5a94ca431b49c475f02acebc42d2c6026e4f7d595e5677947bf6cc0d6f95d7838f76cfc04492cebaed4374984706465ac83a1acbb55450f5b5e1e4cc00a88c334af44d337089c80167a813f54fa903ec85d8f1d22c443bcdfb3d268a3e57f563b9732cc3f5d8b1fd98a6f44e3b056cbeb65946ec917ef093c3a62757f2b27e6b4873ae7183b5b9a6528a576af69449df90cda4bfad6c54bed67fecc6fdc624183aecb5072002c8dc9d45505901c61489ab31b7d6cde6943f042953df648861b68663291117f3deb74d3f9e9501d9d50b095baaeef21aca82e00203c06ce103cc923e6f02ab481eed2da0a4eedeb827e9d7961f6d972f347c649e706dc0259d697a6a5ea1ba33a6f2c16beed92b58fa290026c728e91f3de285a74e56e968c5d174639a915b5e53d7b1e5566b1a89f09434afb2a2ff1fd00d13e7ce5a3dcb8e628f39a6c6825acd4b7152a777d21485f6360af8b1c62a4a29f2ad98d9c393530187c14b4defdfc8ac12433be7f56a40ce4087eb1f7cf949e4e9b3c612e4953716ab027a36ce839f1d2815c289d08e0e500630c2f54344d6549b9645a4b31648d25f71dc7a43651aa8530ccd0cec2f96a4385b185823111c514b5beb817a98824f301462598f03919ec52c0fdf5a522f3e4b250ded3089e0958bb20e5f936c8ab4fc00316ce483254f6e2abc024835acdba239decc60fcc316cbb5fe85db2e22ecd1259c607b575d836222d7a21f0fccdc6d4f90c487c66dcbe9d17f6af2edc30b57189f009072fa5b46e1f49aa33a6546aea60202c4e77066e2f487b2bd36f3178ea888488ae52fad830868172d8f2b3335db98a83c45e047ba93eb32e08a014d13fb8b9f3b54c16adaac8a95c250051baaa3667343a3df51ab7dccedcf4410482fb24ab337285d4c0d182bf00050c5cd2f8a1f7954fe0ce1c2325dc159445464327f0c463dfdae8c944db603ceab504409be7e3316e679960b63e1935018641f0d30d40fb4f83faa2786e7284b0adf6fe0ae04f61c362be89177aa7a27cd00a1c101deb33fbae04b8b20fceeef601049626954f0436470eb4d344fd53c34eab4fca401bb6aa64c1d1891ca88300ce5f8b9b7badb64a5aa3ce8ea848e288239def4602e4812c66503ccc2a68b734d97b2fe71e321e09275bbc727e4c02ce1a967f2f7c5f02f658c5e449a1c718a535561afbddd05ad28559c6ea8a5d19298eeccee69818b69a833b972128e153306522a3733396e25e3a2175443715b0926ea967609f73e2529fa4b6c346e32543431d11f57f557c71ff6b789d9a78e8039f78c5089586aeba7a584b3d6b753f8633d062b5cca3639eb95885027a1b78a90f79d33e8872b455a21618b76a4afd3d704849b067ab8f968bf528fbdbdfdd34e84163d644e211e32f9b5b91f86fb815890f6e405d7324fd6ff84fea268cf4d613d8b8cc784fd434f317dd77ccaf40d974c43d70ec15306c691ce9782267b20b35c150c1c104adff5437068f7c9dee058c08403024e5ed1f35bf1b6db213af8fd0293b230ddc7a405e1e3e584292cf6d9bd4ca1d0c325ecf37c57134320f79fac3f26874b1d595d0aacb7bf454bc4e15f755c1c7e2d0951d7731d8bf27c8002f611a942d633c9e0203ee9f848de15966e6c993d790bbc26958fdc3ff4e62b971697855ad0980d3cf6cd79c0f2f0d41eab6d2c67e83295afcbee60179e0997ddf9b15002b7fc058afa567034dabc640790aba2419a5ccbce25abccde586373f4e31f3436e5bab2e156b4cd6abaadbd4e991cb4a15cdea2202b13bce716e1df40d6bcc275f14c152ffe6294d2b5a5377a9da546490a0ff9ec3f27a0a6070f1b0d72b75a74ac1e764c4670b9547faa728500233dc410132d800bddd4e81272f1ace1fa8186e1b68e19b23ee611b2c9119b094764fd0720212c14f12f1835596660e08dbaf1a28c2ecb391094e8decb500484a4f9de412781fe084695a243d474471a3d6abd4ac640cfb7da40e0327defce9aa8101a25f7145b55db0510dd090af63fd65f9003693b21b2f3d4775c65707fed78474238d6453592933b2265c3836d0c775b95e9739b3de3856072a5b43c9e3024e8843b2522e92d12aab4a636c68af12722ab38d881f4c97118014db986f3ec966783b93d81d1d70e3ea611482df745256c3ef9c6c949c6afc6929f69d9427ddde81f3f278500c586b3bb736c2fc7713ad92ed13640f4051e72b38568e3f211f75261ee6517de0b980076127d7dc00a1660a11232325f7ac097f46e0ef4493cd7de875d14056419373d887a821672d894d32c810464705e92c9abe32967fead2464c8b2f693f45d07a8160f59ec046019b016ee8b07764278af8c6b22b4cc079f406c0ba898332aa8911b026c75edd02d5a40f8ed9c1a3d39c1893a0affe4b38c77305429562e9d0907179753051cbf13ff936091334fe24a53816d2aa5e2e26993dac3f2c573b0001152ee26b633afd966bfb704054227160bf292bbcc35f78a649bb7f4fe1783a6b10de778519c8a71f1381cc67a779e51ce3097e666d964728d55708e76953826c7659c3647d3f3cedf9f1b45b27f5735bb8d78d874bf73147b738b9c0566a0d2fdcb17f85dc712462e381ba1466d92d903ba24d0cc17ddbeb7bd80b5525d7236a8add54d4eca06fe4cd0d3724403c7ad09f22eb2fcb4181eddde271be821579b7382bbfe36dab5079811e62842da65165c27c181dfed279d5ec12a1c0c13541760c2fe5cce95c6892622229ac24a7211ba43e513077f34342b61611a1ab10b6c51f6e3a06be0716d7d1abc82f5903e32f1e6e3e85789c1b8f140bbe1903b9677ec9655e171bf1f4d27dda003c27d4ef0e043d0def451dbc0f48cb6cb605b1e2d27e9fc9db10c0b571b6805f316b00b581d0d7358f83e14d1b4290e61fc0d0bd97334f31a547350c00877c90bcb591b98986c19d9d477f7dc521ac43d2edf9201ea61c43e6365e795bfb44b0d90ced7b9d34a849dec495d79cae7769c721d7cd17f1503df3d113c49fcb18449ff180d39c94717ae8fcba7ee1d8cf75873098a7a697d5f5d7a6eeef14daf146710ee40c94ff8ea9ff048d108688776fd074e72658d6ea43f42ea03883f70f45c7b86d3eb0bced0f3a60b6da510833728ffdb82af9a34c5fc86e0130861ac66c68b784300", "204b9e1804d636301150775298e6490040d0ecb72371cfe0ccc258d2b4450458b909ae785f60b932863937ed25df0ce2b046ccc47e3501ed7a53e69d95dfb761f3fb81659983876f915b21b4b91270b4607875b751136514bb42b1de575e5ae05e98fd37dde49acb6a8e7f7c592ceb8793d00c84515e9b091fca8056f69ef47c1c91735af04b3077a94a24147489c6bbc3d63a76ba4eb1e6adf014106f4b0117fc6a2b2c84ca9e6c40fade373fd49f657e5e828399868d39d2a9d8cb3f4508e156d31ded826a64d84b19ceb0c13d9566f14866028f00408428bc6b9a27761fb13e70561fa8bb45bf2547baeebd7c99e01c1ebdac09ba75e3f67b2bc6898ca2c8e6c2b09efef1e688c74fe8e214b657d3325725531f9ce71d59532adc69f40e0b821fbd14558133f9fcd9d5ace9150703b5879f74028583dccd4984a9fedf23f1f6b8c501f9a99762079404f109e6d69b025edbf2d3169e44f186eb60e7abf9539cb8013670435420f54b7e485644f5afc2d0581d8404c23bcf2c0bcd6d3a6fbc658721e74546ea52d57f259e841e87f01ace9d7fb10bb4356abffa306d91963914bc144e486f78c048aafe20eae27ff53250de7bed8c4167780c53facfd741b93f53d67a60eba1527701896bcd29a6cc20b9390582421eb0e5dce7a66a94881904dd91c47c59e8b7219adae86ba78b230306829368a56dc908245fc72886c3b18facea659b27466d3c6a85b541f20a012660319f8f4ba0faf0d83d28ac63ae417323a0f75b88235d1a60a29c41f662b34ac40ac19c94f227567860a998f5e4d8f65b930c1a1209ba04cc2406599914e8ed7c98d8095a56fd29920c47c6221bf7e6a076dfc90947af9468d8844731ac3923896f25a8402421e24e1d328e5b9daeb97048b87e3d374874071931ad791c1f03324ba01d463364a5bb1dba7e3b807aec9c333703397a45918c73b443dd46f7b289736662ad833302fa89567e44c3de8e2f87bb5f8758abf6f888ad26bb5ed48a4bd828d8fcf5c01cf7588009c1a6c35e94142950b3bac8fa0af15c2f30504cef3e544b132e4096a836aa49336cbe878d2e33075d0712adc3e75b9f9bc7ec420f123084eb296119171535c4fa49d460d4444eb309f424ec13be89ff6641caa089da262ff89c0d4b1a86fac91361a7a124a0e4b27de253186e10671d2532d600f6b4089dc690f600363092ad93fb62fbab9e1a96caefe31e4c117420fd1df64e4e0cf4967cb026a003be444278553c2e58e19ec5a6db3921fab8fa0748965e523659e54a3e01190492f9b01811d06b13d8c833454ab5a93af8a9ad27a155d682d8c78f074da17d6ccb7ded5b5f3c30e3afb3c0e4aab6ce797e8142df9a74f486aee74c0bc021c227d802c5f5e79678c45bac331d6ec24ecb404296dc9e90b2c191fc14c53505e92587f43a5eedc56a6408048d9dbb8bee8840a656952cb361f0d76baa20939e6e8ab917e12b76dd812b95e68c90708d7cd81aa18002eea116f4190e49d1f628a509c8fb65f393ef5bcf7d1b9ea289e0532ee5f46e65709e84aaa7a6334c58eaab5c3cced88fa3e9e365ace119a3c40dfe336abbe6d3a09dfd895cdc3daae26ae9d3f68a3a2184ac5f6972ef034f1f9f0d4100a55b8638db0986f362a23b599903909a5a6193fc2c6e54adc965ff5d48bc1ed1b6ff0ab226b9598f70a13ca0a0b2d2cc05f17449bd4cbd224fa75810955011d5a401348c0b75546c1fd86824ced7b0c79cb4d13a3722aef6f7a0cb49f76a372ff133736f04b67bf6a74d5164a227f4865dfd15181e0a9e5dc53317ffb04a7ab1fba87d3b34bd1cee7c6aef4b3ebef183c9fcd4daf091ef1f5f2709a7eb4a648242c408e7d5b10b766e0f648c654d99d0722189c4956474892e379a84b1f09f13ba589423e43b4b0dd267b1d0c976fb64903ea2d22e2612d9dbad91536a986f44986d74578f2cf378dc6505cc26261548a080e11d74fed2cdaa90479f0656fd927f89a0624f4ce943981ffbec2ceb27c7fb6e6ee7df7c2d26d7151f1dadb172a0017787c5d32d6408b6662c8f5348f34e63649206142164f7aa076b2c83bfffe44126ee923f0b9bc917e52308373553cf19e6798ac83ace350be47f445ef0d268c2a4fc67998a5907db42decc63fcfc30df0a4543da178e442aec97060edc209e34849f6beea0e366eccc80b87c1c16f89e5608b96c176ccfaf6014a619b83d72c5a89749cf763fd76c6ae82b6a1322674838ab9e5f9a0db7aa8b7d27db308edb664fc0197756f6709df36d9f6ed678944e18455a8d49434f9a6f223cbf52b6a1ba266a55331ffe7e83fb4130c2f5528626c4e451d8bac1da046dd59249fe41b6c8a36e82346918e0177c876f44101ff9f7721d8fbe1eca04e13ba8db3f5bd01c3661df0d6c8a24d45a246e0ac80aed4178901a71a939da4622592b3a8d87b3ae35370530039d7d413455e9d61656b58a1e63aa9bf1a87d8bcc6605c3167836f82ba01f54934e2d31d7463e1848ee8a2cca55a029d5ed37236dda9f278981cdb330eabc6bfc33a7fee5678c38b8e0a9258fa8ce5cb8abc3320d44dd16098df1bbf9d3e3142ec1838ba81785e37dc97fda2797e3cf6b7d6c367737b4df96a242149bbba7af54da91b404fbf01f4ecfb7ebd97c67de2415b3bca3b5f21deae988733dcb547a17aa38c0b98aba60fbb1d57f9e8f005ae6233e5da68da32c7a2778944a2eacba03e3312fe968fa3be0e2ceb4d8526803e7a8f24618b1003860e424da518c9602cb092c9c6b930b72523bbf615ad8330e337e64ff82eb78d9a2384e86afece8aa9d9cb1b7ab27265261a3cf542e1655792ed66b28d27bf4f02d13e93413bfc5fae7dbec15aac85331ae3d4032679988ffd1c1750447f763ebc9ba8f8ba4521b74563af6ee8a996af3707dd03118c3f0d18d612a5105519310f7b8c5eb4b7e3a0d675374da18314d144b5d5d0ba2735dab4efdf68f70285ce4d35032427e23fe7c59c5844879550417dc93d2221fe0ff82c7e21ebba19c01fefc6f6eeb7078e7557f077ca089246e6f3901e127ca4685c191847ae720ce30d41939239b2835d9cfd126faabc88eb80d409d8ec1cdf6070c55109bdbbb668fd56c6ebd3503986cdf5ade19903a85516f0ed87872f397e6244b0f58c70b8dd0cbc408dd7a87c42d672d31fde7fbc31b3acff4be744b933ec0645f76b52481ba6f50a25a98f89d9989e347b682a459eb38004d0de0a7314f8319b1e0ce5152a4928d7f59769347a7f48af595d028b5012cf5b7fc081cbec3c5ad30801947b5d3f87a242b05691ef3f46f0ba35fa6ee28a966ad42e34ef6192cb6e5de41411df4638c825688abc1c8f1fa7b2eced5ae40a5d35d7cfd981f4dd46a91e8f123187d8e99a947020cdc4cfcb66ee004232ed5badfa694fd943ed59f01433989e5663a77fd2bbcdbfaad5ab482150f22ffa6b1ae9e99134b320c04444c3d5d71e37c6d4faf82b1297d75a520e6e6c5a0d7ab86dea5245a97b16a7690f50e9abd452da33c58974cb63e4711fece83cf1251c6eecc7c9a887b0a881f148b6c8fa3749ef09661488909a2f74e41a4968f5f1d1ebd9a511f5732ea60a18032d68dcf34a5914b1c24275e6c3d331a8c454e4c615dc5f6ce4de1b44fc755da73eef517bca08fa464443eabf4046961625ee82c406e08359b49785a1cbe9822cada3375da9adf55bd50e156a314f10107a3fb880a944fa3a0cdb4be2234c19ab26f8075c6389a0a6062e82050b493a30e617f728b8d0ced0b69da60c6fdadd95ee1c0e656b63ecc72a491e07bce4c3df3761e51bb327a86d55a375e4f5859a8b179a47f4b5b8b85fed0db916e31885d0ad185d6c7e79449e282a5d10a7cf86d0305a2673cd9aa834d130fcb1098c0f69771ae23e2b49cdd3d39be17fcc309a282486bf0e0829a0805a036b0b1e357f03a861857312dab3033f00957ff6f03a35240724bc6adf429090f555aca563ffb5e4b67c75486149f2495971bf653617f29e50d59da32288afeabc768787d2e830c70d5f0dbd8db5e9923b8893f32c4cdc0d8130caefade59d7f5e270f8b5487b69815dd8cec6d3dfa3ca308987f2970ab3e8714cdbae27dc22fa434805c9284b904840a92bc76490c15c6a04df137940d48f7ac6285f858611376f447ebaf11ce4014066d57e5fa579b588e0d795fb0322d1b8606faf9507092be3e320184a5324df47792e8b015ee27ace73b0bc05f3eff2c2a9ee45752df32a85b1ad5679aedbe40ac59511938929e210a409e538c139d1fb93891d2b9908f915b9c556788bb8926b6a96923038a119eb68bcb528a42e97f8fbd49e7d5bb3e51987cca590ea8a18e049f64d8c994d63a707c441e63509f909adf5f7c26d36714bd56307513003f8f85f20c8fea4248627d2f19891baef9b134a8ecb6e3da6232c5b818d7469645038312b6b952f782f28ccd199367a51f750927e5f11ef04cb299dc7ba0c24500134d3a9a0a4f62903ae930f5ba49c39855ffc4aba6cc9d400075f094875db9ebcbcbb35309421d08a928b0216dcbbf718761b01b4d41cf55b0b2bf4c89603a61e5ac2f5bf5236d4bee90617e1b2fdc3a4540db2c89561c1cb9b1e28436013546e654e36fa328097ce8a4baf5a2fd78f9bca617bd4de062dbbc38c7356232b385823b6c604a401f43f5864111eff29045c12b6c622182e097caa5a9945133375b46dc0e268e860dd58b62403c41393f02c7f1d23a1d0daad5d2eb7a085387ea6b81ceb6191d5ffa7f58848996caad4796ee8d9e1bad072455a37d8b64888cb4007f344783afca22db07a2ccb8531c6a9d69bffdf1f949e3fce89f223119595c5b9bfa51893ff36849be61ff02939360a5d5b0e05d22aa3a1f16c27103edeb00c0f763bd4251805ec8d894692cd1636b4b1c96ab613896c17b2fb8a414a91463d54f145e1d49378e726e5921d8cd34aeb176a36701c9b75311806efcf402d4345034d7fd5165857bd2cd07b32a18334a3cf358dadbc8144b806120805a07714d8d0029fe0db7958bbb69b9a216e5945fdf0b892665c0bad2cd822797d5c7223094cd54042c781fba9d7f05a169f390225385d5c055896dc8a620a637a7c73ee77fbf2152fb62af9bcbe01389dd846724fa24ca6088d2bddf9bcae4d9e11f86266e4d87f6b11f3721c30c3f48ddfecb7623802c7e3f595b088473747d25b70bbdf8920924c6bb9e202e6d54e340a469e8ecf66b49dda0036a7d071492742593c2e02bd7bd703774f2ac8c45dbfa1f8ce4c205a05064362bf2819e80bd406367a86ece3f5d54b43029b3f7fcc2378c5e33e8de66fa5f3c4974310c3ac4d2ab1234b1fea14d71512c578dfab154a74dc66c8a5ff983a41e02c57c58cd9c3a77d22f15f8a6abe41de51ce4a92151ee25c6f2c4feb0453b4f86fb4c7e19063b871ff6458b2ad51b992df6b16de3a5a2f5935c85d5a8709d82943c645f6199e76b38d718b86945638d92daa15aeb9beaa53028a425c6ee90dbd58b57f4a748ec0037fca725812aaac8e201d5121c06c9d3bfcbe799b9fa28440fceec78a5d39a112626bd0f9e530cb5573083e6b3b0ce5ef60e85ea643331d45663f309d75d36c88ed56abbac74672daa72c2f180ab5d117d2ab17db9e36a807bcaa62a07aa5486d39d63f64d23f03e58f6fa346b39005cde05121ecc2146ae982d02532a2deb90d8b9cfd32ff03a5294933292fb3d58760bc81a72df0e602b9b4b7e407bc542924e9763fe0d4bd5346ccb9e10b1ea7dade31d4bbc9"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:18:15 executing program 3: [ 1230.740058][T23480] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:18:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) dup(0xffffffffffffffff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:16 executing program 0: 22:18:16 executing program 5: 22:18:16 executing program 3: 22:18:16 executing program 4: 22:18:16 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, 0x0, 0x0, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:18:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:16 executing program 0: 22:18:16 executing program 5: 22:18:17 executing program 3: [ 1231.917711][T23504] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:18:17 executing program 4: 22:18:17 executing program 0: 22:18:17 executing program 5: 22:18:17 executing program 4: 22:18:17 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, 0x0, 0x0, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:18:17 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r0, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:17 executing program 3: 22:18:18 executing program 0: 22:18:18 executing program 5: 22:18:18 executing program 4: [ 1233.059373][T23521] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:18:18 executing program 3: 22:18:18 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r0, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:18 executing program 0: 22:18:18 executing program 5: 22:18:18 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, 0x0, 0x0, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x1c) 22:18:18 executing program 4: 22:18:18 executing program 3: 22:18:19 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r0, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:19 executing program 0: [ 1234.043053][T23536] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:18:19 executing program 5: 22:18:19 executing program 4: 22:18:19 executing program 3: 22:18:19 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:19 executing program 0: 22:18:19 executing program 5: 22:18:19 executing program 2: 22:18:20 executing program 4: 22:18:20 executing program 3: unshare(0x40600) 22:18:20 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:20 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001c80)={0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x40) 22:18:20 executing program 0: openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46c2c2, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x4) 22:18:20 executing program 5: openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x101840, 0x0) 22:18:20 executing program 4: openat$dir(0xffffffffffffff9c, &(0x7f00000017c0)='./file0\x00', 0x68741, 0x0) setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x4) 22:18:20 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendto$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x40) 22:18:20 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:21 executing program 2: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='cmdline\x00') write$cgroup_netprio_ifpriomap(r0, 0x0, 0x34) 22:18:21 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x9a241, 0x0) write$P9_RSETATTR(r0, 0x0, 0x0) 22:18:21 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='cmdline\x00') write$P9_RCREATE(r0, 0x0, 0x0) 22:18:21 executing program 4: semget(0x0, 0x4, 0x1c1) 22:18:21 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001c80)={0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 22:18:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:21 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f00000017c0)='./file0\x00', 0x140, 0x0) setxattr$system_posix_acl(&(0x7f0000000280)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0) 22:18:21 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 22:18:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000080)="87", 0x1, 0x24000001, 0x0, 0x0) 22:18:22 executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps\x00') read$eventfd(r0, 0x0, 0x0) 22:18:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:22 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x61) 22:18:22 executing program 5: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x7009, 0x0) 22:18:22 executing program 0: renameat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00') 22:18:22 executing program 4: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000680)='./file0\x00', 0x100, 0x400, &(0x7f0000000080)) 22:18:22 executing program 3: mmap$perf(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x100000c, 0xf17bd8af3d02c232, 0xffffffffffffffff, 0x0) 22:18:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:23 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x705140, 0x8) 22:18:23 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='io\x00') write$cgroup_subtree(r0, 0x0, 0xfffffffffffffd9d) 22:18:23 executing program 0: open$dir(&(0x7f00000000c0)='./file0\x00', 0x88240, 0x0) 22:18:23 executing program 4: pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), &(0x7f0000000400)={0x0}) 22:18:23 executing program 3: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) futimesat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) 22:18:23 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:23 executing program 2: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x10, &(0x7f0000000180)) 22:18:23 executing program 5: open$dir(&(0x7f0000000040)='./file0\x00', 0x440440, 0x55) 22:18:23 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000001240), 0x0, 0x40065, 0x0, 0x0) 22:18:24 executing program 4: timer_create(0x4, 0x0, &(0x7f0000000180)) 22:18:24 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:24 executing program 3: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) utimensat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x100) 22:18:24 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x70f082, 0x1) 22:18:24 executing program 4: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 22:18:24 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendto$unix(r0, 0x0, 0x0, 0x24000004, 0x0, 0xfffffffffffffcdc) 22:18:24 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00') write$P9_RAUTH(r0, &(0x7f0000000080)={0x14}, 0x14) 22:18:24 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:24 executing program 2: open(&(0x7f0000000080)='./file1\x00', 0x808c0, 0xac) 22:18:25 executing program 3: openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46c2c2, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000180)) 22:18:25 executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fd\x00') getsockname$unix(r0, 0x0, 0x0) 22:18:25 executing program 5: pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), 0x0) 22:18:25 executing program 0: creat(&(0x7f00000001c0)='./file0\x00', 0x0) listxattr(&(0x7f0000000140)='./file0/file0\x00', 0x0, 0x0) 22:18:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:25 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RXATTRCREATE(r0, 0x0, 0xffffffe4) 22:18:25 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000080)="be", 0x1, 0x90, 0x0, 0x0) 22:18:25 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x9a241, 0x0) write$P9_RLOPEN(r0, 0x0, 0x0) 22:18:25 executing program 5: r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) r1 = epoll_create(0x3) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000004180)) 22:18:26 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x309381, 0x0) write$P9_RLERRORu(r0, 0x0, 0xd) 22:18:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:26 executing program 3: openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x240c3, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0) 22:18:26 executing program 2: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) recvmmsg(r0, 0x0, 0x0, 0x0, 0x0) 22:18:26 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x9a241, 0x0) write$P9_RREMOVE(r0, 0x0, 0x0) 22:18:26 executing program 5: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000002700)='/proc/thread-self\x00', 0x18000, 0x0) [ 1241.753297][ T31] audit: type=1800 audit(1604096306.789:25): pid=23681 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16200 res=0 errno=0 22:18:26 executing program 0: clone(0x800, 0x0, 0x0, 0x0, 0x0) 22:18:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:27 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x80) 22:18:27 executing program 2: setrlimit(0x1, &(0x7f0000000000)) 22:18:27 executing program 4: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000140)='./file0\x00', 0x11) 22:18:27 executing program 0: timer_create(0x6, &(0x7f0000000100)={0x0, 0xc, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000140)) 22:18:27 executing program 5: open(&(0x7f0000000000)='./file1\x00', 0x28040, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f00000012c0)=@file={0x1, './file1\x00'}, 0x6e) 22:18:27 executing program 3: openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8c40, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x100, 0x3) 22:18:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:27 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46c2c2, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x408201, 0x0) 22:18:28 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x9a241, 0x0) write$P9_RREMOVE(r0, 0x0, 0xffffffffffffff89) 22:18:28 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000080)="87", 0x1, 0x24000001, &(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x6e) 22:18:28 executing program 5: openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x68741, 0x51) 22:18:28 executing program 3: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x86082, 0x0) write$P9_RMKDIR(r0, 0x0, 0x0) 22:18:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:28 executing program 2: prlimit64(0x0, 0x7, &(0x7f0000000040), 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) 22:18:28 executing program 0: openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4dc2c2, 0x150) execveat(0xffffffffffffff9c, &(0x7f00000010c0)='./file0\x00', 0x0, 0x0, 0x0) 22:18:28 executing program 4: openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self\x00', 0x545440, 0x0) 22:18:29 executing program 5: openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x460842, 0x126) 22:18:29 executing program 3: semget$private(0x0, 0x3, 0xbd3335327a6de3de) 22:18:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, &(0x7f00000000c0)='6', 0x1, 0x4004044, &(0x7f0000000040)=@file={0x0, './file0\x00'}, 0x6e) 22:18:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:29 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001c80)={0xffffffffffffffff}) sendmmsg$inet(r0, 0x0, 0x0, 0x8000) 22:18:29 executing program 0: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x0, &(0x7f00000000c0)={{0x77359400}}, 0x0) 22:18:29 executing program 5: open$dir(&(0x7f00000000c0)='./file0\x00', 0x88240, 0x5) 22:18:29 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000000), 0x0, 0x14000, 0x0, 0x53) 22:18:29 executing program 2: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x0, 0x80, &(0x7f0000000680)) 22:18:30 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, 0x0, 0xfec4) 22:18:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, 0x0) 22:18:30 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, 0x0, 0x0, 0x90, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @empty}, 0x80) 22:18:30 executing program 5: mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, &(0x7f0000000000), 0x800, 0x1) 22:18:30 executing program 3: creat(&(0x7f00000001c0)='./file0\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x101000, 0x23) 22:18:30 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f00000017c0)='./file0\x00', 0x68741, 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000340)='./file0\x00', 0x4000018) 22:18:30 executing program 4: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x100, 0x40, &(0x7f0000000080)) 22:18:30 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001c80)={0xffffffffffffffff}) sendto(r0, &(0x7f0000000000)="a9", 0x1, 0x4000, 0x0, 0x0) [ 1245.898597][ T31] audit: type=1804 audit(1604096310.939:26): pid=23777 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir588254287/syzkaller.lvHx1D/28/file0" dev="sda1" ino=16217 res=1 errno=0 22:18:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, 0x0) 22:18:31 executing program 5: mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8000, &(0x7f0000000000), 0x2d, 0x1) 22:18:31 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0xfffffffffffffd9f}, 0x0) 22:18:31 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendto$unix(r0, 0x0, 0x0, 0x20004c84, &(0x7f0000000040)=@abs, 0x6e) 22:18:31 executing program 4: creat(&(0x7f00000001c0)='./file0\x00', 0x0) open(&(0x7f0000000080)='./file0\x00', 0x1a1201, 0x12a) 22:18:31 executing program 0: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r0 = getegid() fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, r0, 0x1000) 22:18:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, 0x0) 22:18:31 executing program 5: semget$private(0x0, 0x1, 0x62) 22:18:31 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000080)="be", 0x1, 0x90, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @empty}, 0x80) 22:18:32 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000000)='H', 0x1, 0x40040, &(0x7f0000000140)=@abs, 0x6e) 22:18:32 executing program 4: mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x8000, 0x0) 22:18:32 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x9a243, 0x0) write$P9_RLCREATE(r0, 0x0, 0xfffffffffffffed3) 22:18:33 executing program 4: symlinkat(0x0, 0xffffffffffffffff, &(0x7f0000000100)='\x00') 22:18:33 executing program 5: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) futimesat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={{}, {0x77359400}}) 22:18:33 executing program 2: creat(&(0x7f0000000100)='./file0\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x603, 0x1) 22:18:33 executing program 3: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4000, 0x10, &(0x7f0000000200)) 22:18:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:33 executing program 0: openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4dc2c2, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x121804, 0x32) [ 1248.315873][ T31] audit: type=1804 audit(1604096313.349:27): pid=23827 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir362686438/syzkaller.DiYTCc/910/file0" dev="sda1" ino=16234 res=1 errno=0 22:18:33 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000080), 0x0, 0x90, 0x0, 0x0) 22:18:33 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0xa8c02, 0x13c) 22:18:33 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000000)="16", 0x1, 0x20000c84, &(0x7f0000000040)=@abs, 0x6e) 22:18:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:33 executing program 3: open(&(0x7f0000000080)='./file1\x00', 0xc0, 0x0) open(&(0x7f0000000000)='./file1\x00', 0x141100, 0x10) 22:18:33 executing program 0: semget$private(0x0, 0xa, 0x137) 22:18:34 executing program 4: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mknodat(r0, &(0x7f0000000040)='./file0\x00', 0x4, 0x0) 22:18:34 executing program 5: openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46c2c2, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1, 0x10) 22:18:34 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000080), 0x0, 0x24000001, &(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x6e) 22:18:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x9e, 0x0, 0x11e57ed0, 0x1f00, 0x4b564d03]}) 22:18:34 executing program 0: openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0xc00, 0x0) 22:18:34 executing program 3: openat$dir(0xffffffffffffff9c, &(0x7f00000017c0)='./file0\x00', 0x140, 0x189) 22:18:34 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) getsockname(r0, 0x0, &(0x7f00000000c0)) 22:18:34 executing program 5: mmap$perf(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4, 0xf17bd8af3d02c232, 0xffffffffffffffff, 0x0) 22:18:35 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46c2c2, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0x400, &(0x7f0000000180)) 22:18:35 executing program 3: pipe2$9p(&(0x7f00000001c0), 0x800) 22:18:35 executing program 1: open$dir(&(0x7f0000000040)='./file0\x00', 0x400042, 0x147) 22:18:35 executing program 0: 22:18:35 executing program 4: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46c2c2, 0x0) faccessat(r0, &(0x7f0000000000)='./file0\x00', 0x0) 22:18:35 executing program 5: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x80182, 0x0) write$P9_RRENAMEAT(r0, 0x0, 0xffffffffffffffa2) 22:18:35 executing program 3: creat(&(0x7f00000001c0)='./file0\x00', 0x0) listxattr(&(0x7f0000000140)='./file0\x00', 0x0, 0x1d) 22:18:35 executing program 2: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) linkat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) 22:18:36 executing program 0: openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46c2c2, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00') 22:18:36 executing program 1: 22:18:36 executing program 4: 22:18:36 executing program 5: 22:18:36 executing program 3: 22:18:36 executing program 2: 22:18:36 executing program 1: 22:18:36 executing program 0: 22:18:36 executing program 4: 22:18:36 executing program 5: 22:18:37 executing program 1: 22:18:37 executing program 2: 22:18:37 executing program 3: 22:18:37 executing program 0: 22:18:37 executing program 4: 22:18:37 executing program 5: 22:18:37 executing program 1: 22:18:37 executing program 2: 22:18:37 executing program 3: 22:18:37 executing program 0: 22:18:38 executing program 4: 22:18:38 executing program 5: 22:18:38 executing program 2: 22:18:38 executing program 1: 22:18:38 executing program 3: 22:18:38 executing program 4: 22:18:38 executing program 0: 22:18:38 executing program 5: 22:18:39 executing program 1: 22:18:39 executing program 2: 22:18:39 executing program 3: 22:18:39 executing program 0: 22:18:39 executing program 4: 22:18:39 executing program 5: 22:18:39 executing program 1: 22:18:39 executing program 2: 22:18:39 executing program 0: 22:18:39 executing program 3: 22:18:39 executing program 4: 22:18:39 executing program 5: 22:18:40 executing program 1: 22:18:40 executing program 2: 22:18:40 executing program 0: 22:18:40 executing program 3: 22:18:40 executing program 4: 22:18:40 executing program 5: 22:18:40 executing program 1: 22:18:40 executing program 2: 22:18:40 executing program 0: 22:18:41 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001c80)={0xffffffffffffffff}) sendto(r0, &(0x7f0000000000), 0x0, 0x4000, 0x0, 0x0) 22:18:41 executing program 4: 22:18:41 executing program 5: 22:18:41 executing program 1: 22:18:41 executing program 2: 22:18:41 executing program 0: 22:18:41 executing program 4: 22:18:41 executing program 3: 22:18:41 executing program 5: 22:18:42 executing program 1: 22:18:42 executing program 2: 22:18:42 executing program 0: 22:18:42 executing program 4: 22:18:42 executing program 3: 22:18:42 executing program 5: 22:18:42 executing program 1: 22:18:42 executing program 0: 22:18:42 executing program 2: 22:18:42 executing program 4: 22:18:43 executing program 3: 22:18:43 executing program 5: 22:18:43 executing program 0: 22:18:43 executing program 1: 22:18:43 executing program 2: 22:18:43 executing program 3: 22:18:43 executing program 4: 22:18:43 executing program 5: 22:18:43 executing program 0: 22:18:44 executing program 1: 22:18:44 executing program 3: 22:18:44 executing program 2: 22:18:44 executing program 5: 22:18:44 executing program 4: 22:18:44 executing program 0: 22:18:44 executing program 1: 22:18:44 executing program 3: 22:18:44 executing program 2: 22:18:45 executing program 5: 22:18:45 executing program 0: 22:18:45 executing program 4: 22:18:45 executing program 1: 22:18:45 executing program 3: 22:18:45 executing program 2: 22:18:45 executing program 5: 22:18:45 executing program 0: 22:18:45 executing program 4: 22:18:45 executing program 1: 22:18:46 executing program 3: 22:18:46 executing program 2: 22:18:46 executing program 5: 22:18:46 executing program 0: 22:18:46 executing program 4: 22:18:46 executing program 1: 22:18:46 executing program 2: 22:18:46 executing program 3: 22:18:46 executing program 5: 22:18:46 executing program 0: 22:18:46 executing program 4: 22:18:47 executing program 1: 22:18:47 executing program 2: 22:18:47 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x541b, 0x0) 22:18:47 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net\x00') read$FUSE(r0, 0x0, 0x0) 22:18:47 executing program 0: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, 0x0, 0xffffffffffffff5b, 0x0, &(0x7f0000000080)={0x2, 0x0, @private}, 0x10) 22:18:47 executing program 4: syz_mount_image$fuse(0x0, &(0x7f0000000d80)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 22:18:47 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, &(0x7f00000001c0)='>', 0x1, 0x2000c004, &(0x7f0000000280)={0x2, 0x4e22, @empty}, 0x10) 22:18:47 executing program 2: 22:18:48 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000002600)={0x0, 0x0, &(0x7f00000025c0)={0x0, 0x4c}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f0000006b40)={0x0, 0x0, &(0x7f0000006b00)={0x0}}, 0x0) 22:18:48 executing program 0: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f00000000c0)={@multicast2, @dev={0xac, 0x14, 0x14, 0xc}}, 0xc) 22:18:48 executing program 5: r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 22:18:48 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, 0x0) 22:18:48 executing program 1: socket(0x1000000010, 0x80002, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000000)="97d138dfe019fd586a5dedfa22443bf4f951665f07000005eb3014203873bc33760036f3b9524a00000000", 0x2b}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}}, 0x78) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 22:18:48 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2283, 0x0) 22:18:48 executing program 3: syz_mount_image$squashfs(&(0x7f0000000000)='squashfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={[], [{@smackfsfloor={'smackfsfloor', 0x3d, '.:{'}}]}) 22:18:48 executing program 0: pipe2(&(0x7f0000000340), 0x0) syz_open_procfs(0x0, &(0x7f0000007180)='fd/4\x00') 22:18:48 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000001280)='./file0\x00', 0x0, 0x5, &(0x7f0000001500)=[{&(0x7f00000012c0)="d5", 0x1, 0x2}, {&(0x7f0000001300)="e6", 0x1}, {&(0x7f0000001380)="f5", 0x1, 0x2a04}, {&(0x7f0000001400)='s', 0x1}, {&(0x7f0000001440)="c8", 0x1}], 0x0, &(0x7f0000001580)={[], [{@subj_role={'subj_role'}}]}) [ 1263.782648][T24041] ptrace attach of "/root/syz-executor.1"[24039] was attempted by "/root/syz-executor.1"[24041] 22:18:48 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000240)={&(0x7f0000000140), 0xc, &(0x7f0000000200)={0x0}}, 0x0) 22:18:49 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_MON_GET(r0, &(0x7f00000059c0)={0x0, 0x0, &(0x7f0000005980)={0x0}}, 0x0) 22:18:49 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa\x00', 0x0, 0x0) write$FUSE_NOTIFY_POLL(r0, 0x0, 0x0) 22:18:49 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x2000, 0x0}, &(0x7f0000000280)="adcdfe51bac9", 0x0, 0x0, 0x0, 0x0, 0x0}) 22:18:49 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0xb, &(0x7f0000000040)="243403eb", 0x4) 22:18:49 executing program 0: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x1, 0x842) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000180)=ANY=[], 0x22) write$FUSE_LSEEK(r0, &(0x7f0000000000)={0x18}, 0x18) 22:18:49 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x17, &(0x7f0000000000)="94", 0x1) 22:18:49 executing program 4: syz_mount_image$ext4(&(0x7f0000001240)='ext3\x00', &(0x7f0000001280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001580)={[], [{@smackfsfloor={'smackfsfloor', 0x3d, '/proc/thread-self\x00'}}]}) 22:18:50 executing program 2: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, 0x0, 0x0, 0x4, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) 22:18:50 executing program 3: msgctl$IPC_SET(0x0, 0x1, &(0x7f00000000c0)={{0x3, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}}) 22:18:50 executing program 5: mincore(&(0x7f0000ffa000/0x3000)=nil, 0x3000, &(0x7f0000000500)=""/134) 22:18:50 executing program 1: r0 = socket$can_raw(0x1d, 0x3, 0x1) recvmsg$can_raw(r0, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x0) 22:18:50 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="a00000000002010100000000000000000300000a08000b007369700008000b00736970005800018014000180080001006401010208000200e00000020c000280050001003a00000006000340000200002c00018014000300ff0100000000000000000000000000011400040000000000000000000000000000000001080005400000000809000600707074700000000006"], 0xa0}}, 0x0) 22:18:50 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x28, 0x7, 0xa, 0xe05, 0x0, 0x0, {}, [@NFTA_RULE_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x28}}, 0x0) [ 1265.632208][T24077] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. 22:18:50 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x0, 0x0}) 22:18:50 executing program 3: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000024c0)='/dev/vcsa\x00', 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) 22:18:50 executing program 5: timer_create(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, @tid=0xffffffffffffffff}, 0x0) 22:18:51 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0x0, 0x1c, 0xf7, @buffer={0x0, 0xc5, &(0x7f0000000040)=""/197}, &(0x7f0000000140)="b46fea3dcf098e5f7096907a788a44e0bc474b1b1ca4406f67384c0b", &(0x7f00000002c0)=""/66, 0x0, 0x40, 0x0, &(0x7f0000000200)}) 22:18:51 executing program 4: r0 = socket$inet(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000000)={@rand_addr, @loopback}, 0x8) 22:18:51 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r0, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={0x0}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001640)=ANY=[], 0x6c}}, 0x0) 22:18:51 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x2, &(0x7f0000000040)="003a0e3e", 0x4) 22:18:51 executing program 5: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x0, 0x101842) read$FUSE(r0, &(0x7f0000002180)={0x2020}, 0x2020) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000180)=ANY=[], 0x200001a2) 22:18:51 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) recvmmsg(r0, &(0x7f0000006940)=[{{&(0x7f0000001440)=@pptp={0x18, 0x2, {0x0, @broadcast}}, 0xfffffffffffffff0, 0x0}}], 0x1, 0x0, 0x0) 22:18:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x15, &(0x7f0000000180)="92ee156a", 0x4) 22:18:51 executing program 4: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$can_bcm(r0, &(0x7f00000011c0)={&(0x7f0000000040)=@ipx, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/79, 0x4f}, {&(0x7f0000000140)=""/55, 0x37}], 0x2, &(0x7f00000001c0)=""/4096, 0x1000}, 0x1) syz_mount_image$ext4(&(0x7f0000001240)='ext3\x00', &(0x7f0000001280)='./file0\x00', 0x0, 0x5, &(0x7f0000001500)=[{&(0x7f00000012c0)="d5665d71b2bb99a5798d591641e5cb1d8dc7b0f69fc3c03438c3758712e004ff29a67fa481", 0x25, 0x2}, {&(0x7f0000001300)="e60f4c07cbada588b162b64b6375a413b7fe10d661a53b79195ec10eb0eb3f6ebe6a3d442be470ec54313afa08c659ddf9a58608be862a0689c4e1ddd508fc46b23519c6d7fdf6b6a4ae74092757ce78859866a8c3", 0x55, 0x8}, {&(0x7f0000001380)="f58e2d32615e7bec093d79e3b94e4da54f8572a0f7c30f62b1b88245d07576afb6d4607169208d6c9ea90fba5bbe613ac60c214d5ca24e9832e8fd413b0618fa7c63106caefdaae1db", 0x49, 0x2a04}, {&(0x7f0000001400)="73f3", 0x2, 0xb63}, {&(0x7f0000001440)="c8308e8f1c5199c621e66c6168be9f2aafe5c6424e8d2b8581f8bdcb194c4e55ede39c2ca9c0c23a68f3772e0eaaa26dfb95beae2d50e96e6a95966235f64e883388e59177acb4e22e076e7027dd7b87d6bbb178bf8709f452e113fdd9c43f5afadad19a8f9cd8ee8ecb01e4f3f023a049794d4f062edc98d7734580748beb19d6e44eeb72b86cbd64e1c3e487746e20050aeb8f40f6fdb9f1d77b0f1cd2", 0x9e, 0x81}], 0x200000, &(0x7f0000001580)={[{@nobarrier='nobarrier'}, {@noinit_itable='noinit_itable'}], [{@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@fowner_lt={'fowner<', 0xee01}}, {@dont_measure='dont_measure'}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@obj_user={'obj_user', 0x3d, '/proc/thread-self\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '/proc/thread-self\x00'}}, {@subj_role={'subj_role'}}]}) 22:18:52 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000001c0)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x142, 0x0, "2cf246e5d6b2cf942fed4b4e5a096e71c8243000a624a9af4a96089139f9efdf94928afbc50d20729fcce3cf510c13339e48735d1c25cc2eddd0e7702d00"}, 0xd8) [ 1267.550653][T24109] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 22:18:52 executing program 2: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvram\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, 0x0) 22:18:52 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2275, 0x0) 22:18:52 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0xb, &(0x7f0000000000)="94", 0x1) 22:18:53 executing program 4: socket$can_raw(0x1d, 0x3, 0x1) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100)={0x8}, 0x0, 0x0, 0x0) 22:18:53 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0xf) 22:18:53 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002000)='fuse\x00', 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) open(&(0x7f0000002100)='./file0/file0\x00', 0x0, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x3) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$getregset(0x4204, 0x0, 0x0, 0x0) tkill(0x0, 0x0) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) 22:18:53 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x24008044, &(0x7f0000000080)={0x2, 0x0, @dev}, 0x10) 22:18:53 executing program 3: r0 = socket$inet(0x2, 0x3, 0x1) sendto$inet(r0, &(0x7f0000000000)="c08d5d", 0x3, 0x0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) 22:18:53 executing program 0: r0 = socket$nl_crypto(0x10, 0x3, 0x15) getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) 22:18:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0xa, &(0x7f0000000000)="94", 0x1) 22:18:53 executing program 4: getresuid(&(0x7f0000005fc0), &(0x7f0000006000), &(0x7f0000006040)) [ 1268.946724][T24135] fuse: Bad value for 'fd' 22:18:54 executing program 2: syz_mount_image$ext4(&(0x7f0000001240)='ext3\x00', 0x0, 0x0, 0x1, &(0x7f0000001500)=[{&(0x7f0000001400)='s', 0x1}], 0x0, &(0x7f0000001580)) 22:18:54 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000002780)='/dev/net/tun\x00', 0x40180, 0x0) 22:18:54 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2285, 0x0) 22:18:54 executing program 1: getitimer(0x0, &(0x7f000000ef40)) 22:18:54 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000480)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f00000014c0)={0xec4, 0xd, 0xa, 0x101, 0x0, 0x0, {}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0xea4, 0x3, 0x0, 0x1, [{0x150, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_DATA={0x14c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x95, 0x1, "21b0a1679bc9b2674f1e86c91a8ba3e7bbfd3dd15b157695bec2b150eae416d6b12588eb0db0e17a4aad842b9df1176149f3a2db2ddfee9ec3da0ddbd99499f981bbc1bf4dfbab5a27b0a2abe8b4168fcd023edd0fbaaf011dea2290557befce9ba4987091f32b6e704b143d026992fbdd8a1dd93c74b0e763bcb1cec2e0460fa376f986defec94ac6dd42bebd855b1c34"}, @NFTA_DATA_VALUE={0x1d, 0x1, "816f5880d40ca51dff14089c485b96d762de76b4f048319b40"}, @NFTA_DATA_VALUE={0x75, 0x1, "6d3998361bc9f35647b548153de25325bb8ea345633165d577a3ad3449b7b1b73b3f7c3a33c65db17767584035b82f151cadc96b8d1d5480a055c6fed51248a9413d0076e49088cd4dc63866d83117814d2615f0d8353ae68302ae2c9cffdd75ef7c3cb32d17cdac7e4d30d72da3a512e7"}]}]}, {0x8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x4}]}, {0xc0, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xb4, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xad, 0x1, "00bf54f7b99c4cbc7493fae199176e7afb93c1985098ec701729d8b23abde4966bf1ab73ca47547fe1ab2d75091dd1da66809d951c2d796bcc9252f42d06ef3ef900b22a324e651f0b6b2334c74798a23e871e91cabf2e79412a3cbcf1a993b7c2dfd208bc2fdc5ecf0ce9f16383c3517bbe49d7776be18013e12e1e8c0bcb1bd53cd4dcb30a0cce1c8cd84ca3fb7f10c339184ca9538b8636ac6ce35cee7e25d227c4c81b7a9d03c6"}]}, @NFTA_SET_ELEM_FLAGS={0x8}]}, {0x2e8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0xe8, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x75, 0x1, "cc714170e324c948c5317ef30078e035954f5d335f5e3613a90fd3e36d0dc3b0e20c674f95449c4835e121e24ab148626a239058d327158396d35a2b2ab45cc4b52c6a5692d1b66017ceb254b12d22c0ba1e91cc1685f5d05ae6deddbddabf060ce3fe188d27e4f3144344fd6638c13db3"}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}, @NFTA_SET_ELEM_DATA={0x1f0, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x64, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x25, 0x1, "a998fdb19310bce3e8f1ac5aee326499b384e51549f536e2c224ee5ebbce9de18c"}, @NFTA_DATA_VALUE={0xf1, 0x1, "3d84e3e4a6f3fbc3426a15925d724cde0f1a4ec2f6a7768f572fa1031e4ac340eede598e95f0847a8f479b43c69c42b6e1ac7ae0e601ad246e798140ea64ba33d8a1bb42a23519464a74d1e0fe573a2e8416983b5e055174465ac376003d128875065d780750e06409b49559ad5e54ab539a11781ccb72d4571604e69e31b5945c53c85792136ec1fc628f3ed7bfff885929238b6ee1c167387e97d0356452943cec918c765ae0baa033cedd6f5d81278b8ee5a106cee59852e7077a7cb5632cd41194f6be02f5ca196b2438d1791be01a39e11a11df2842f974f5a3c29cf46563fcfa1eb692d503a56cea796f"}, @NFTA_DATA_VERDICT={0x6c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}]}, {0x9a0, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0xf5, 0x6, 0x1, 0x0, "361245068d4aee23e84cfef9b38be1dac6c1ca4e1125218cf29eeb194980ae8d3a860440e09049f81d92638454e648cd5c2c19292a3b32885a263f8a40a2f845d87a02857d66e9e853abf4667768ba18edd6afb7f6dd847188890761f37dba7c5e95f744fd0bd9c2fae9c0174a6957e71e481041d26ee6238e9d7f42e1aa1fb2b78cc3b5f338c5e43756746a38b80fad84e6e6e9df5cb0229e0a3b58938d7eea293e5ac2435db7ae828c918d770ec82789681437f71c5caa657a3bfdad243dedb1a76749b825faa2f34ba37e60d822d1cbee65eec3d756daf20d3b1e741cafae86e162b89693a259d464555a05a857c6f9"}, @NFTA_SET_ELEM_USERDATA={0x8a1, 0x6, 0x1, 0x0, "c0eb1807a5f1a85b892316ba2fb28056ff124352895477d42fc0d4f4d2743209b6e94b3c3b7e977087cec2840db827b87efe3f7dfb339742a534b0165b7082946843e1d25163ae74ddbee0a7a970c57ef8259cdc2036ba82de46859f71ffffa7d44d0edfcd0732aa5c4e061cf92cc8be83c9c2b78c788bb81881b00a3d9fc182d9000c72351ea7e15e38ffac1af667c79482e348d3dcf3223c7e29601accf81e6415ecebd1bd0010a2c0f3a7e34b6e9b87e19e929482b719edcceba69240da2ded12d521ce7a089a3f816a23b46bc6facb08e7a1c78c93c544bb9640b931bf9f76575777788ff5cfe0d3c0b87e5ae80f27540dee55575536c08eaf235b2c8b3664f5c8c9b957ffc60e59cf05cc5ef5bcce9ed34c566f626896a675065fad513aa81de52d3f584882bfc3db15d1dff49b0096fc577f0489b2019aa61a36cd480f73a038a8d6a851ada5a97c225c089c5cf08bffe1ce52fe9f27fe390e42ea26e38b68eccd6596abacb9f18b8b2cbbed2290204c079358e80d711d18552e1f4d54b021b4dc010d2619f29f85f0ebcee9b99f6c6391c61c66743d8b5228d65528f022bac16d8975d538fab780afde81b6e1720f095262397719fd7970aa9ec0d0e02311e8ff86113c337883c430a49e199c28d6d2ec6b37d1f0b98791acf52351ea8968882a8371ab457dd07f4c34f2f7a3d7cdccc1af319fa253c7baa998db0a0aae31906681e3d64060ffe87167b8e339b8f1865540c720264f766e07fde9baa02148dad1fa7aac4f193e0dbfbf85a8f32ef3c1638e177a1a4dad28cad8a835cf8d0ed21acc9cb33838e3fd5eb0ca70a1e3d7f593ad7e0018a6a7d06e2d9e675d480992a5d276ad87c33eb968c0c24125f5cfba7522dc6bda6d8de55e005fc5a30bdb5c88862ac970db33a2260e55d8cc52f09eaf109950cc4da2b6e1606d6352fd813eb5f4759044331e32fb989cd42015be96e1a444f8b37f8056f1aedd298a2e80eed65995e4d46704956ad7667f53aae6c8757711ca55b4288d02cf6520f39d3548080b13193028b833aca25ceae66c6db15b067693e8c4a7309a192c115bb9c3b89d7eb0414263466e9ef5077692eb4cc424e839fdc30d4ba57bb141e6d04b8d1254d049615fa8ba992373c3e385a809e9a15d8d40f00bb07ec7f07e251f4a866a39f383e65bee0d66a724c1b85d249bfc277221d273c6e707588a3b00d497aca0aeebac440e7176ac9ccc235a35fc1c55e91435de432d3845181612fde943dbfdf9ce6a5f2a9e48a2b73df4fac53a0833dc8c0fdccb0b814dd9f357654b6c8b9875586246f575cac512eafdca53ddfd620d07f214b8426c2c74e5bf7f6088028cfc7850f1b1a40b0b83ad9cffbaaa7a88812f42a255f2805ac38a24bb2f755ec3c9829e2bbcf5391978d1b91fc05f00c60f24718757bb7ae00a01ca4c0ca02edb3ad1dcaf8e9f44560e1bcf0d836ac3151ad6f6c93ebbd3f10c5ec5e89aa3d44c4a36256c7547d17b491acbde0ea71e7a7e8ca1391be639668e46c4ae6dee30336c1309d3bec18afcb2bae722fcec17471a6a92253a22a9b7ff832fcb668fb4017e0b48623373af596e116e75b8c61d02e1760bd39485e07eaa8586c37c7dd6ed4f64c185f7823bf7049ebe062cdd043e8b114984acd8c7127b6073c487d40c22ff783f4815ae08dffda363f94822621e45f3587aed9c4639f3b1515b125d70a23583b47ad7f6fcd5ed3627e475304377aed9e32a5e3e8a690be2723f0b9507020eacf9b27d8894a6681962f00d20140ed362d26b785fac1b7ae6340b1c419eb5bb84b5b5ba75ee7579a7d6eb62cb37107f7eca8f2e0ef53604ec455a3c03599a6fafbbca3043503ec873dd1992806c49c45c017b219ed4d34baf3bbe7b43f0278591a5d261d31ae608eb30aa1bda9f8b3ae3a7f19765f12416dfcb43dbbfa5b4c6caacd489809147ac06fac2b7b354d9eab7080c6f7e182b0bb0f83fc146d972d22ad86b7b4e1f03f16e690c6b8667784bdda5b191a70003e883c3dd51b2473e310ff8a472ba3f6f373c18d0e823d13495214bb30ffdb6616a39a33890f4c2100af23766ec6349e305160c86572eb259b66b62f8a8103b14ecff331027502d3c4618380ec9a6e141a600dc387a13c9e38f1e89c4bdffd66d99bf7fad5d99b8896635a8c7e14325bf0577b088e919a4abbdae996ef827a2625b3926367464583488cf707b34391a79e3a1ebff05b78cdbcab15210bcb09d14c8ed2e0d8ff14335cc6287be715bb74da505cefb1e7c0a004cf719fc8ddbb425e7d2383d4b49b5da5d16923590dcbb0040e6ed4eae9fd5bf8bbd94eb8f5d719da572ee94658bff9e1010247e5440fa6246d68f06e6e0c057fe7464f352b5b4ae49b61cd6fa9cb9d48b54b063721ba4b3bdd0a6bfca68fa62a9c43532c71b723ef266087f5f9d245040de837e26bf572472d8af5cfeaef6a48715c6cbeccce2f3698cd989032d1b02be77f1597ae40840b3ab0660ed2c8fb94e8f9de5e790b95ca119c4640c8736c85ccf669e73c6dfd411fdb8c7cfbfb7fd7cbeb09564277c187156d3c2e559bbd92f72297164f4fd9099821d9c66b7dc060d6cfacebabea3255b55e0f7950cba9a87c363d0995157062e2add3c2da30017989ecd001d1d763233d910eb3dbc32c58402acd4727b512eccbebe9a09835a355927a6c0448612c0ed864029520739456f4687c42ee09b3911838c8115d2d5c3fb118c451c2814461181950b4ad70746e9a346c5c66c9bbc99796137b19a28f4b7324648c96440bb928813827f6f1cc02d5599beb258621e45ec29bf33b3760f0748ebf2fd3fea62d46a1770a2d820c8cf5f80411a0bcfd461d298450f6ba567df632982017be7f1c376895712356ac1c8463310a026fff099baeaad87debbcbe9a783769c2927490db53549bc92d0c1efb4259df9ae0a822f7ddc2af098b37145916ad181a009e990cd9345ed94f4221f467bc3749cff4926388d5b0b5ef049b9108821cf6fbff0c6add73bd5e62d674d4166af4443dd7baae361fa04e167f0731d70a5fb15deac67f3f432ff61b7e305c9a3dafa5efff662d88546e1dee303f6c2574475ccf563263f"}]}]}]}, 0xec4}}, 0x0) 22:18:54 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x3, &(0x7f0000000000)="94", 0x1) 22:18:54 executing program 3: pipe2(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) read$FUSE(r0, &(0x7f00000014c0)={0x2020}, 0x2020) write$FUSE_DIRENTPLUS(r1, &(0x7f0000000140)={0xb8, 0x0, 0x0, [{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}}, {0x0, 0x0, 0xb, 0x0, '/dev/nvram\x00'}}]}, 0xb8) 22:18:55 executing program 1: pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000004bc0), &(0x7f0000004c40)={&(0x7f0000004c00), 0x8}) 22:18:55 executing program 2: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000000)="97d138dfe019fd586a5dedfa22443bf4f951665f07000005eb3014203873bc33760036f3b9524a00000000", 0x2b}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}}, 0x78) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 22:18:55 executing program 0: syz_mount_image$msdos(&(0x7f0000001240)='msdos\x00', &(0x7f00000049c0)='./file0\x00', 0x0, 0x0, 0x0, 0x1806884, &(0x7f0000004a00)) 22:18:55 executing program 5: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000040)={@multicast2, @dev={0xac, 0x14, 0x14, 0x34}}, 0x8) 22:18:55 executing program 4: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x4000) socket$inet_tcp(0x2, 0x1, 0x0) 22:18:55 executing program 3: socket(0x10, 0x3, 0x8000) 22:18:55 executing program 1: openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/fuse\x00', 0x2, 0x0) 22:18:55 executing program 2: r0 = socket$can_raw(0x1d, 0x3, 0x1) recvmsg$can_raw(r0, 0x0, 0x0) 22:18:55 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20048000, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) 22:18:55 executing program 5: r0 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f0000000440)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz', 0x2}, 0x0, 0x0, r0) keyctl$read(0xb, r0, &(0x7f00000002c0)=""/209, 0xfffffcd3) 22:18:55 executing program 4: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) pipe(&(0x7f0000000000)) syz_mount_image$ext4(&(0x7f0000001240)='ext3\x00', &(0x7f0000001280)='./file0\x00', 0x0, 0x4, &(0x7f0000001500)=[{&(0x7f00000012c0), 0x0, 0x2}, {&(0x7f0000001300), 0x0, 0x8}, {&(0x7f0000001380)}, {&(0x7f0000001440), 0x0, 0x81}], 0x0, &(0x7f0000001580)={[{@nobarrier='nobarrier'}, {@noinit_itable='noinit_itable'}], [{@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@fowner_lt={'fowner<', 0xee01}}, {@dont_measure='dont_measure'}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@obj_user={'obj_user', 0x3d, '/proc/thread-self\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '/proc/thread-self\x00'}}, {@subj_role={'subj_role'}}]}) 22:18:56 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000800)={{{@in6=@private2, @in6=@loopback}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b4a6dc83f74c8a9}, {{}, 0x0, @in6=@private0}}, 0xe8) 22:18:56 executing program 1: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x1, 0x842) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000180)=ANY=[], 0x200001a2) 22:18:56 executing program 2: r0 = socket$inet(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x24, 0x0, 0x61) [ 1271.405931][T24190] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 22:18:56 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETGEN(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x10, 0xa, 0x401}, 0x14}}, 0x0) recvmmsg(r0, &(0x7f0000006940)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2020, 0x0) 22:18:56 executing program 5: select(0x40, &(0x7f0000000140), &(0x7f0000000180)={0x9}, 0x0, 0x0) [ 1271.588554][T24196] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 22:18:56 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2288, 0x0) 22:18:57 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x5411, 0x0) 22:18:57 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000480)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f00000014c0)={0xec4, 0xd, 0xa, 0x101, 0x0, 0x0, {}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0xea4, 0x3, 0x0, 0x1, [{0x150, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_DATA={0x14c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x95, 0x1, "21b0a1679bc9b2674f1e86c91a8ba3e7bbfd3dd15b157695bec2b150eae416d6b12588eb0db0e17a4aad842b9df1176149f3a2db2ddfee9ec3da0ddbd99499f981bbc1bf4dfbab5a27b0a2abe8b4168fcd023edd0fbaaf011dea2290557befce9ba4987091f32b6e704b143d026992fbdd8a1dd93c74b0e763bcb1cec2e0460fa376f986defec94ac6dd42bebd855b1c34"}, @NFTA_DATA_VALUE={0x1d, 0x1, "816f5880d40ca51dff14089c485b96d762de76b4f048319b40"}, @NFTA_DATA_VALUE={0x75, 0x1, "6d3998361bc9f35647b548153de25325bb8ea345633165d577a3ad3449b7b1b73b3f7c3a33c65db17767584035b82f151cadc96b8d1d5480a055c6fed51248a9413d0076e49088cd4dc63866d83117814d2615f0d8353ae68302ae2c9cffdd75ef7c3cb32d17cdac7e4d30d72da3a512e7"}]}]}, {0x8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x4}]}, {0xc0, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xb4, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xad, 0x1, "00bf54f7b99c4cbc7493fae199176e7afb93c1985098ec701729d8b23abde4966bf1ab73ca47547fe1ab2d75091dd1da66809d951c2d796bcc9252f42d06ef3ef900b22a324e651f0b6b2334c74798a23e871e91cabf2e79412a3cbcf1a993b7c2dfd208bc2fdc5ecf0ce9f16383c3517bbe49d7776be18013e12e1e8c0bcb1bd53cd4dcb30a0cce1c8cd84ca3fb7f10c339184ca9538b8636ac6ce35cee7e25d227c4c81b7a9d03c6"}]}, @NFTA_SET_ELEM_FLAGS={0x8}]}, {0x2e8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0xe8, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x75, 0x1, "cc714170e324c948c5317ef30078e035954f5d335f5e3613a90fd3e36d0dc3b0e20c674f95449c4835e121e24ab148626a239058d327158396d35a2b2ab45cc4b52c6a5692d1b66017ceb254b12d22c0ba1e91cc1685f5d05ae6deddbddabf060ce3fe188d27e4f3144344fd6638c13db3"}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}, @NFTA_SET_ELEM_DATA={0x1f0, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x64, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x25, 0x1, "a998fdb19310bce3e8f1ac5aee326499b384e51549f536e2c224ee5ebbce9de18c"}, @NFTA_DATA_VALUE={0xf1, 0x1, "3d84e3e4a6f3fbc3426a15925d724cde0f1a4ec2f6a7768f572fa1031e4ac340eede598e95f0847a8f479b43c69c42b6e1ac7ae0e601ad246e798140ea64ba33d8a1bb42a23519464a74d1e0fe573a2e8416983b5e055174465ac376003d128875065d780750e06409b49559ad5e54ab539a11781ccb72d4571604e69e31b5945c53c85792136ec1fc628f3ed7bfff885929238b6ee1c167387e97d0356452943cec918c765ae0baa033cedd6f5d81278b8ee5a106cee59852e7077a7cb5632cd41194f6be02f5ca196b2438d1791be01a39e11a11df2842f974f5a3c29cf46563fcfa1eb692d503a56cea796f"}, @NFTA_DATA_VERDICT={0x6c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}]}, {0x9a0, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0xf5, 0x6, 0x1, 0x0, "361245068d4aee23e84cfef9b38be1dac6c1ca4e1125218cf29eeb194980ae8d3a860440e09049f81d92638454e648cd5c2c19292a3b32885a263f8a40a2f845d87a02857d66e9e853abf4667768ba18edd6afb7f6dd847188890761f37dba7c5e95f744fd0bd9c2fae9c0174a6957e71e481041d26ee6238e9d7f42e1aa1fb2b78cc3b5f338c5e43756746a38b80fad84e6e6e9df5cb0229e0a3b58938d7eea293e5ac2435db7ae828c918d770ec82789681437f71c5caa657a3bfdad243dedb1a76749b825faa2f34ba37e60d822d1cbee65eec3d756daf20d3b1e741cafae86e162b89693a259d464555a05a857c6f9"}, @NFTA_SET_ELEM_USERDATA={0x8a1, 0x6, 0x1, 0x0, "c0eb1807a5f1a85b892316ba2fb28056ff124352895477d42fc0d4f4d2743209b6e94b3c3b7e977087cec2840db827b87efe3f7dfb339742a534b0165b7082946843e1d25163ae74ddbee0a7a970c57ef8259cdc2036ba82de46859f71ffffa7d44d0edfcd0732aa5c4e061cf92cc8be83c9c2b78c788bb81881b00a3d9fc182d9000c72351ea7e15e38ffac1af667c79482e348d3dcf3223c7e29601accf81e6415ecebd1bd0010a2c0f3a7e34b6e9b87e19e929482b719edcceba69240da2ded12d521ce7a089a3f816a23b46bc6facb08e7a1c78c93c544bb9640b931bf9f76575777788ff5cfe0d3c0b87e5ae80f27540dee55575536c08eaf235b2c8b3664f5c8c9b957ffc60e59cf05cc5ef5bcce9ed34c566f626896a675065fad513aa81de52d3f584882bfc3db15d1dff49b0096fc577f0489b2019aa61a36cd480f73a038a8d6a851ada5a97c225c089c5cf08bffe1ce52fe9f27fe390e42ea26e38b68eccd6596abacb9f18b8b2cbbed2290204c079358e80d711d18552e1f4d54b021b4dc010d2619f29f85f0ebcee9b99f6c6391c61c66743d8b5228d65528f022bac16d8975d538fab780afde81b6e1720f095262397719fd7970aa9ec0d0e02311e8ff86113c337883c430a49e199c28d6d2ec6b37d1f0b98791acf52351ea8968882a8371ab457dd07f4c34f2f7a3d7cdccc1af319fa253c7baa998db0a0aae31906681e3d64060ffe87167b8e339b8f1865540c720264f766e07fde9baa02148dad1fa7aac4f193e0dbfbf85a8f32ef3c1638e177a1a4dad28cad8a835cf8d0ed21acc9cb33838e3fd5eb0ca70a1e3d7f593ad7e0018a6a7d06e2d9e675d480992a5d276ad87c33eb968c0c24125f5cfba7522dc6bda6d8de55e005fc5a30bdb5c88862ac970db33a2260e55d8cc52f09eaf109950cc4da2b6e1606d6352fd813eb5f4759044331e32fb989cd42015be96e1a444f8b37f8056f1aedd298a2e80eed65995e4d46704956ad7667f53aae6c8757711ca55b4288d02cf6520f39d3548080b13193028b833aca25ceae66c6db15b067693e8c4a7309a192c115bb9c3b89d7eb0414263466e9ef5077692eb4cc424e839fdc30d4ba57bb141e6d04b8d1254d049615fa8ba992373c3e385a809e9a15d8d40f00bb07ec7f07e251f4a866a39f383e65bee0d66a724c1b85d249bfc277221d273c6e707588a3b00d497aca0aeebac440e7176ac9ccc235a35fc1c55e91435de432d3845181612fde943dbfdf9ce6a5f2a9e48a2b73df4fac53a0833dc8c0fdccb0b814dd9f357654b6c8b9875586246f575cac512eafdca53ddfd620d07f214b8426c2c74e5bf7f6088028cfc7850f1b1a40b0b83ad9cffbaaa7a88812f42a255f2805ac38a24bb2f755ec3c9829e2bbcf5391978d1b91fc05f00c60f24718757bb7ae00a01ca4c0ca02edb3ad1dcaf8e9f44560e1bcf0d836ac3151ad6f6c93ebbd3f10c5ec5e89aa3d44c4a36256c7547d17b491acbde0ea71e7a7e8ca1391be639668e46c4ae6dee30336c1309d3bec18afcb2bae722fcec17471a6a92253a22a9b7ff832fcb668fb4017e0b48623373af596e116e75b8c61d02e1760bd39485e07eaa8586c37c7dd6ed4f64c185f7823bf7049ebe062cdd043e8b114984acd8c7127b6073c487d40c22ff783f4815ae08dffda363f94822621e45f3587aed9c4639f3b1515b125d70a23583b47ad7f6fcd5ed3627e475304377aed9e32a5e3e8a690be2723f0b9507020eacf9b27d8894a6681962f00d20140ed362d26b785fac1b7ae6340b1c419eb5bb84b5b5ba75ee7579a7d6eb62cb37107f7eca8f2e0ef53604ec455a3c03599a6fafbbca3043503ec873dd1992806c49c45c017b219ed4d34baf3bbe7b43f0278591a5d261d31ae608eb30aa1bda9f8b3ae3a7f19765f12416dfcb43dbbfa5b4c6caacd489809147ac06fac2b7b354d9eab7080c6f7e182b0bb0f83fc146d972d22ad86b7b4e1f03f16e690c6b8667784bdda5b191a70003e883c3dd51b2473e310ff8a472ba3f6f373c18d0e823d13495214bb30ffdb6616a39a33890f4c2100af23766ec6349e305160c86572eb259b66b62f8a8103b14ecff331027502d3c4618380ec9a6e141a600dc387a13c9e38f1e89c4bdffd66d99bf7fad5d99b8896635a8c7e14325bf0577b088e919a4abbdae996ef827a2625b3926367464583488cf707b34391a79e3a1ebff05b78cdbcab15210bcb09d14c8ed2e0d8ff14335cc6287be715bb74da505cefb1e7c0a004cf719fc8ddbb425e7d2383d4b49b5da5d16923590dcbb0040e6ed4eae9fd5bf8bbd94eb8f5d719da572ee94658bff9e1010247e5440fa6246d68f06e6e0c057fe7464f352b5b4ae49b61cd6fa9cb9d48b54b063721ba4b3bdd0a6bfca68fa62a9c43532c71b723ef266087f5f9d245040de837e26bf572472d8af5cfeaef6a48715c6cbeccce2f3698cd989032d1b02be77f1597ae40840b3ab0660ed2c8fb94e8f9de5e790b95ca119c4640c8736c85ccf669e73c6dfd411fdb8c7cfbfb7fd7cbeb09564277c187156d3c2e559bbd92f72297164f4fd9099821d9c66b7dc060d6cfacebabea3255b55e0f7950cba9a87c363d0995157062e2add3c2da30017989ecd001d1d763233d910eb3dbc32c58402acd4727b512eccbebe9a09835a355927a6c0448612c0ed864029520739456f4687c42ee09b3911838c8115d2d5c3fb118c451c2814461181950b4ad70746e9a346c5c66c9bbc99796137b19a28f4b7324648c96440bb928813827f6f1cc02d5599beb258621e45ec29bf33b3760f0748ebf2fd3fea62d46a1770a2d820c8cf5f80411a0bcfd461d298450f6ba567df632982017be7f1c376895712356ac1c8463310a026fff099baeaad87debbcbe9a783769c2927490db53549bc92d0c1efb4259df9ae0a822f7ddc2af098b37145916ad181a009e990cd9345ed94f4221f467bc3749cff4926388d5b0b5ef049b9108821cf6fbff0c6add73bd5e62d674d4166af4443dd7baae361fa04e167f0731d70a5fb15deac67f3f432ff61b7e305c9a3dafa5efff662d88546e1dee303f6c2574475ccf563263f"}]}]}]}, 0xec4}}, 0x0) 22:18:57 executing program 5: syz_mount_image$msdos(0x0, 0x0, 0x0, 0x3, &(0x7f0000005f00)=[{&(0x7f0000006140)='lm', 0x2, 0xffff}, {&(0x7f0000004d40)="9aeb0546f63d94a34c0e8bbf4d46ceee236a8c115a7c252e1a83b5e598209bd6571329544c2d767c620f98780d29c44d23d8c1d543adcf5136f608e98ec62810643a6cc262bfc00e31fc47d3390d33b383c29409ded6abdf627317d745bc1beb3a2ea8b875e80eecacb47bf3bb2c2fba180f71e0c709f13027453cdc0eeab07b822859afdb4c414f85a9cf2184b7f9bb81727aa1bd0e5bddc5c63a027faba4a71df0e3b99c89e023934dfce75510d82c7592e5e0f2f8c44eccb21aec679ce6bb7bac865e74e7c212c2d8ac4a7f7daa7c36a1cb9e776744e0203ac4f892238804a5f49c1add4d3ddf4ab2bbbf7eff989dbfb2d77668f931b9879d5c1c87407074d311357bf348000999be17d46b87dbb4395e715fb43e543ae1587db07ddfe98f339883a4015e1f7b987c1bb81a9c4b90c063723685d8cb6e4325832b36bbe4576407a4e768f5077a089ac8bd79b8cc6984bab242c3fce731dbe0bcf1adb80a561c65bed7dba2f51909cf193cc5ac357914c236e58ef987fef5a96611bd6fc567244feb7b22c82b208097d5df87404d555aaa391a8b24c9faec31b0dc5ee563d17055c1b15dfdd3dcb28962a0aac73f504083b92fafc6204d90bcb09d97e1a3cc4e0e8b20eb74dfc302cde05294df6788830c4b726d693c73db56df75e2008488cd622b0af54c9513aa73720439e1c84d89b45d064f12f14c62b14f15d596b1bcc8671911c0309fb49ba7d7128a9c9f05a0ece37abb8eedf4d10f3f06dfc9f9523bd9bc66ef5fb2ce20dac899aad3c2d1d6f6185e7af96b5bd5f1ed4528054d148c7fa03c007953169900a18768de1b5d74d6c90c0b38eb23970dba223968d566548900a880589f333f669f09377ca62ec1a876185401d00f9dbeb4b15c61828d8c3d1682120475ea0d8e21743b81bce93fe6242e29f21a6216888063a5af51b190c66d9cda4b33fbf63405eae99199e794045fa08809dc364fca60a75cc5b2797f", 0x2c1}, {&(0x7f0000005e00)="11", 0x1, 0xfffffffffffffffd}], 0x0, 0x0) 22:18:57 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000001280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 22:18:57 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_tables_targets\x00') write$FUSE_NOTIFY_DELETE(r0, 0x0, 0x0) 22:18:57 executing program 4: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x4, &(0x7f0000001500)=[{&(0x7f0000001300)="e6", 0x1}, {&(0x7f0000001380)="f5", 0x1, 0x2a04}, {&(0x7f0000001400)='s', 0x1}, {&(0x7f0000001440)="c8", 0x1}], 0x200000, &(0x7f0000001580)={[{@nobarrier='nobarrier'}, {@noinit_itable='noinit_itable'}], [{@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@dont_measure='dont_measure'}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@smackfsfloor={'smackfsfloor', 0x3d, '/proc/thread-self\x00'}}, {@subj_role={'subj_role'}}]}) 22:18:57 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x227c, 0x0) 22:18:57 executing program 2: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, 0x0, 0x0, 0x4804, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) 22:18:58 executing program 5: process_vm_readv(0x0, &(0x7f0000001640)=[{&(0x7f0000000180)=""/185, 0xfffffd6e}, {&(0x7f0000000100)=""/86, 0x56}, {&(0x7f0000000180)}, {&(0x7f00000016c0)=""/4096, 0x1000}, {&(0x7f0000001340)=""/247, 0xf7}, {&(0x7f0000001440)=""/217, 0xd9}, {&(0x7f0000001540)=""/248, 0xf8}], 0x7, &(0x7f0000001300)=[{&(0x7f0000001200)=""/190, 0xbe}], 0x1, 0x0) 22:18:58 executing program 0: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x25, &(0x7f0000000000)={@loopback, @local}, 0xc) 22:18:58 executing program 1: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_tables_targets\x00') 22:18:58 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000000140)='/dev/vcsa#\x00', 0x0, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000180)) 22:18:58 executing program 4: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002680)='batadv\x00') 22:18:58 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000780)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, 0xc) 22:18:58 executing program 5: syz_genetlink_get_family_id$batadv(&(0x7f0000000040)='batadv\x00') syz_genetlink_get_family_id$batadv(0x0) pipe2$9p(&(0x7f0000002a40)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r0, &(0x7f0000002a80)={0x7}, 0x7) 22:18:58 executing program 1: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x0, 0x101842) read$FUSE(r0, &(0x7f0000002180)={0x2020}, 0x2020) 22:18:58 executing program 0: socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) 22:18:59 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x24008044, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:18:59 executing program 4: syz_mount_image$msdos(0x0, 0x0, 0x0, 0x2, &(0x7f0000005f00)=[{&(0x7f0000006140)='l', 0x1, 0xffff}, {&(0x7f0000005e00)="11", 0x1, 0xfffffffffffffffd}], 0x0, 0x0) 22:18:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20048000, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0x15, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, "f6340278d663f9d92a5edfee4582945bf98c20e3f869e92721bd974ed6ad2c081a378fada59770a9d6f5be50030f6c0598ab4f13e4fd44f81fb80ea19426a105548a4f6c57a7321083ca81d6c9c3edde"}, 0xd8) 22:18:59 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="a00000000002010100000000000000000300000a08000b007369700008000b00736970005800018014000180080001006401010208000200e00000020c000280050001003a00000006000340000200002c00018014000300ff0100000000000000000000000000011400040000000000000000000000000000000001080005400000000809000600707074700000000006000704"], 0xa0}}, 0x0) 22:18:59 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='limits\x00') write$FUSE_LK(r0, 0x0, 0x0) 22:18:59 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 22:18:59 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_SET_KEEP_ORPHAN(r0, 0x2287, &(0x7f0000000340)) [ 1274.780949][T24267] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 22:18:59 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x2c, 0x7, 0xa, 0xe05, 0x0, 0x0, {}, [@NFTA_RULE_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}]}, 0x2c}}, 0x0) 22:19:00 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2201, 0x0) 22:19:00 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x14}, 0x14}}, 0x0) 22:19:00 executing program 1: syz_open_procfs(0x0, &(0x7f0000000000)='limits\x00') 22:19:00 executing program 0: syz_genetlink_get_family_id$nbd(&(0x7f00000003c0)='nbd\x00') 22:19:00 executing program 3: syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x1, 0x0) select(0x40, &(0x7f0000000000)={0x8}, 0x0, &(0x7f00000000c0)={0x5}, 0x0) 22:19:00 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, 0x0, 0x0, 0x10, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10) 22:19:01 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2284, 0x0) 22:19:01 executing program 2: pipe2(&(0x7f0000000340)={0xffffffffffffffff}, 0x0) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, 0x0) 22:19:01 executing program 1: r0 = socket$inet(0x2, 0x3, 0x1) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000080)) 22:19:01 executing program 0: openat$vcsa(0xffffffffffffff9c, &(0x7f00000024c0)='/dev/vcsa\x00', 0x400, 0x0) 22:19:01 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0xc5, &(0x7f0000000040)=""/197}, &(0x7f0000000140)="b46fea3dcf09", 0x0, 0x0, 0x0, 0x0, 0x0}) 22:19:01 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x21, &(0x7f0000000000)="94", 0x1) 22:19:01 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2284, 0x0) 22:19:01 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETGEN(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x10, 0xa, 0x401}, 0x14}}, 0x0) 22:19:01 executing program 1: r0 = socket$inet(0x2, 0x3, 0x1) bind$can_raw(r0, 0x0, 0xf00) 22:19:01 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x1a9206) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffc, 0x6, 0x0, @buffer={0x0, 0xd9, &(0x7f0000000140)=""/217}, &(0x7f0000000240)="6582939a9884", 0x0, 0x6, 0x4, 0x0, 0x0}) 22:19:01 executing program 0: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) ioctl$VFIO_CHECK_EXTENSION(r0, 0x3b65, 0x0) 22:19:02 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x55, 0x0, 0x0, 0x0, 0x0, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x2c}}, 0x0) 22:19:02 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2284, 0x0) 22:19:02 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2202, 0x0) 22:19:02 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x1a9206) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffc, 0x6, 0x0, @buffer={0x0, 0xd9, &(0x7f0000000140)=""/217}, &(0x7f0000000240)="6582939a9884", 0x0, 0x6, 0x4, 0x0, 0x0}) 22:19:02 executing program 1: syz_mount_image$msdos(0x0, 0x0, 0x0, 0x2, &(0x7f0000005f00)=[{&(0x7f0000006140)='lm', 0x2, 0xffff}, {&(0x7f0000004d40)="9aeb0546f63d94a34c0e8bbf4d46ceee236a8c115a7c252e1a83b5e598209bd6571329544c2d767c620f98780d29c44d23d8c1d543adcf5136f608e98ec62810643a6cc262bfc00e31fc47d3390d33b383c29409ded6abdf627317d745bc1beb3a2ea8b875e80eecacb47bf3bb2c2fba180f71e0c709f13027453cdc0eeab07b822859afdb4c414f85a9cf2184b7f9bb81727aa1bd0e5bddc5c63a027faba4a71df0e3b99c89e023934dfce75510d82c7592e5e0f2f8c44eccb21aec679ce6bb7bac865e74e7c212c2d8ac4a7f7daa7c36a1cb9e776744e0203ac4f892238804a5f49c1add4d3ddf4ab2bbbf7eff989dbfb2d77668f931b9879d5c1c87407074d311357bf348000999be17d46b87dbb4395e715fb43e543ae1587db07ddfe98f339883a4015e1f7b987c1bb81a9c4b90c063723685d8cb6e4325832b36bbe4576407a4e768f5077a089ac8bd79b8cc6984bab242c3fce731dbe0bcf1adb80a561c65bed7dba2f51909cf193cc5ac357914c236e58ef987fef5a96611bd6fc567244feb7b22c82b208097d5df87404d555aaa391a8b24c9faec31b0dc5ee563d17055c1b15dfdd3dcb28962a0aac73f504083b92fafc6204d90bcb09d97e1a3cc4e0e8b20eb74dfc302cde05294df6788830c4b726d693c73db56df75e2008488cd622b0af54c9513aa73720439e1c84d89b45d064f12f14c62b14f15d596b1bcc8671911c0309fb49ba7d7128a9c9f05a0ece37abb8eedf4d10f3f06dfc9f9523bd9bc66ef5fb2ce20dac899aad3c2d1d6f6185e7af96b5bd5f1ed4528054d148c7fa03c007953169900a18768de1b5d74d6c90c0b38eb23970dba223968d566548900a880589f333f669f09377ca62ec1a876185401d00f9dbeb4b15c61828d8c3d1682120475ea0d8e21743b81bce93fe6242e29f21a6216888063a5af51b190c66d9cda4b33fbf63405eae99199e794045fa08809dc364fca60a75cc5b2797f", 0x2c1}], 0x0, 0x0) 22:19:02 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x1276, 0x0) 22:19:02 executing program 4: syz_genetlink_get_family_id$batadv(&(0x7f0000000040)='batadv\x00') openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/fuse\x00', 0x2, 0x0) syz_genetlink_get_family_id$batadv(0x0) pipe2$9p(&(0x7f0000002a40)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RUNLINKAT(r0, &(0x7f0000002a80)={0x7}, 0x7) 22:19:03 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2284, 0x0) 22:19:03 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2202, 0x0) 22:19:03 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) read$FUSE(r0, 0x0, 0x0) 22:19:03 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2202, 0x0) 22:19:03 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x30, 0x7, 0xa, 0xe05, 0x0, 0x0, {}, [@NFTA_RULE_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x8, 0x4, 0x0, 0x1, [{0x4}]}]}, 0x30}}, 0x0) 22:19:03 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0xc0481273, 0x0) 22:19:03 executing program 4: clock_gettime(0x0, &(0x7f0000004b80)={0x0, 0x0}) pselect6(0x40, &(0x7f0000004ac0), 0x0, 0x0, &(0x7f0000004bc0)={0x0, r0+60000000}, 0x0) 22:19:03 executing program 5: ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2284, 0x0) 22:19:03 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2202, 0x0) 22:19:03 executing program 3: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) 22:19:04 executing program 0: socketpair(0x0, 0x455ca5745059e6c1, 0x0, 0x0) 22:19:04 executing program 1: pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0) 22:19:04 executing program 5: ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2284, 0x0) 22:19:04 executing program 4: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa\x00', 0x0, 0x0) sendmsg$NLBL_CALIPSO_C_ADD(r0, 0x0, 0x0) 22:19:04 executing program 2: ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2202, 0x0) 22:19:04 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) recvfrom$inet(r0, 0x0, 0x0, 0x2000, 0x0, 0x0) 22:19:04 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20048000, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0x19, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, "f6340278d663f9d92a5edfee4582945bf98c20e3f869e92721bd974ed6ad2c081a378fada59770a9d6f5be50030f6c0598ab4f13e4fd44f81fb80ea19426a105548a4f6c57a7321083ca81d6c9c3edde"}, 0xd8) 22:19:04 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0x0, 0x21, 0xf7, @buffer={0x0, 0xc5, &(0x7f0000000040)=""/197}, &(0x7f0000000140)="b46fea3dcf098e5f7096907a788a44e0bc474b1b1ca4406f67384c0b66c2e61b62", &(0x7f00000002c0)=""/66, 0x0, 0x0, 0x0, 0x0}) 22:19:05 executing program 4: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$can_bcm(r0, &(0x7f00000011c0)={&(0x7f0000000040)=@ipx, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/79, 0x4f}, {&(0x7f0000000140)=""/55, 0x37}], 0x2, &(0x7f00000001c0)=""/4096, 0x1000}, 0x1) r1 = syz_mount_image$ext4(&(0x7f0000001240)='ext3\x00', &(0x7f0000001280)='./file0\x00', 0x0, 0x5, &(0x7f0000001500)=[{&(0x7f00000012c0)="d5665d71b2bb99a5798d591641e5cb1d8dc7b0f69fc3c03438c3758712e004ff29a67fa481", 0x25, 0x2}, {&(0x7f0000001300)="e60f4c07cbada588b162b64b6375a413b7fe10d661a53b79195ec10eb0eb3f6ebe6a3d442be470ec54313afa08c659ddf9a58608be862a0689c4e1ddd508fc46b23519c6d7fdf6b6a4ae74092757ce78859866a8c3", 0x55, 0x8}, {&(0x7f0000001380)="f58e2d32615e7bec093d79e3b94e4da54f8572a0f7c30f62b1b88245d07576afb6d4607169208d6c9ea90fba5bbe613ac60c214d5ca24e9832e8fd413b0618fa7c63106caefdaae1db", 0x49, 0x2a04}, {&(0x7f0000001400)="73f3", 0x2, 0xb63}, {&(0x7f0000001440)="c8308e8f1c5199c621e66c6168be9f2aafe5c6424e8d2b8581f8bdcb194c4e55ede39c2ca9c0c23a68f3772e0eaaa26dfb95beae2d50e96e6a95966235f64e883388e59177acb4e22e076e7027dd7b87d6bbb178bf8709f452e113fdd9c43f5afadad19a8f9cd8ee8ecb01e4f3f023a049794d4f062edc98d7734580748beb19d6e44eeb72b86cbd64e1c3e487746e20050aeb8f40f6fdb9f1d77b0f1cd2", 0x9e, 0x81}], 0x200000, &(0x7f0000001580)={[{@nobarrier='nobarrier'}, {@noinit_itable='noinit_itable'}], [{@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@fowner_lt={'fowner<', 0xee01}}, {@dont_measure='dont_measure'}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@obj_user={'obj_user', 0x3d, '/proc/thread-self\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '/proc/thread-self\x00'}}, {@subj_role={'subj_role'}}]}) getdents(r1, &(0x7f0000001680)=""/16, 0x10) 22:19:05 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={0x0}}, 0x0) 22:19:05 executing program 5: ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2284, 0x0) 22:19:05 executing program 2: ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2202, 0x0) 22:19:05 executing program 0: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000000)={@loopback, @local}, 0xc) 22:19:05 executing program 1: timer_create(0x0, &(0x7f0000000080)={0x0, 0x1a, 0x0, @tid=0xffffffffffffffff}, &(0x7f00000000c0)) 22:19:05 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020) [ 1280.858250][T24383] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 22:19:06 executing program 2: ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2202, 0x0) 22:19:06 executing program 5: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2284, 0x0) 22:19:06 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x18, &(0x7f0000000280)="cb9756d3", 0x4) 22:19:06 executing program 4: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x2, &(0x7f0000001500)=[{&(0x7f00000012c0)="d5", 0x1}, {0x0}], 0x200000, &(0x7f0000001580)={[{@nobarrier='nobarrier'}, {@noinit_itable='noinit_itable'}], [{@dont_measure='dont_measure'}, {@subj_role={'subj_role'}}]}) 22:19:06 executing program 1: timer_settime(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000280)) 22:19:06 executing program 3: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x3, &(0x7f0000001500)=[{&(0x7f0000001300)="e6", 0x1}, {&(0x7f0000001380)="f5", 0x1, 0x2a04}, {&(0x7f0000001440)="c8", 0x1}], 0x0, 0x0) 22:19:06 executing program 2: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2202, 0x0) 22:19:06 executing program 5: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2284, 0x0) 22:19:06 executing program 0: pipe2(&(0x7f0000000340)={0xffffffffffffffff}, 0x0) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000500)) 22:19:06 executing program 1: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x0, 0x842) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000000)=ANY=[], 0x200001a2) 22:19:07 executing program 2: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2202, 0x0) 22:19:07 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, 0x0) 22:19:07 executing program 3: r0 = socket$inet(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x6, 0x0, 0x0) 22:19:07 executing program 0: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) write$FUSE_NOTIFY_RETRIEVE(r0, 0x0, 0xfffffffffffffc37) 22:19:07 executing program 5: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2284, 0x0) 22:19:08 executing program 2: r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2202, 0x0) 22:19:08 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f00000038c0)) pipe2(&(0x7f0000003640), 0x0) 22:19:08 executing program 3: syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x1, 0x0) select(0x40, &(0x7f0000000000)={0x8}, &(0x7f0000000080)={0x5}, 0x0, 0x0) 22:19:08 executing program 5: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2284, 0x0) 22:19:08 executing program 0: r0 = socket$inet(0x2, 0x3, 0x1) bind$can_raw(r0, 0x0, 0xf) 22:19:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000005300)='NLBL_CALIPSO\x00') sendmsg$TIPC_NL_MON_GET(r0, &(0x7f00000059c0)={&(0x7f0000005640)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000005980)={&(0x7f00000056c0)={0x230, 0x0, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x20}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x101}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8f4}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4240}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x20}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x13}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2a}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x80}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xe3}]}, @TIPC_NLA_SOCK={0x30, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8a5}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x32f6}]}, @TIPC_NLA_BEARER={0xf0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0xff, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast1}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @multicast1}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x2, @remote}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x4, @remote}}, {0x20, 0x2, @in6={0xa, 0x0, 0x9, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x10}}}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_MTU={0x8}]}]}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfffff000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}]}]}, 0x230}, 0x1, 0x0, 0x0, 0x5}, 0xc0) 22:19:08 executing program 4: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000001240)='ext3\x00', &(0x7f0000001280)='./file0\x00', 0x0, 0x4, &(0x7f0000001500)=[{&(0x7f00000012c0)}, {0x0, 0x0, 0x8}, {&(0x7f0000001400), 0x0, 0xb63}, {0x0}], 0x200000, &(0x7f0000001580)={[{@nobarrier='nobarrier'}, {@noinit_itable='noinit_itable'}], [{@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@fowner_lt={'fowner<', 0xee01}}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@obj_user={'obj_user', 0x3d, '/proc/thread-self\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '/proc/thread-self\x00'}}, {@subj_role={'subj_role'}}]}) 22:19:08 executing program 2: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2202, 0x0) 22:19:08 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20048000, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, "f6340278d663f9d92a5edfee4582945bf98c20e3f869e92721bd974ed6ad2c081a378fada59770a9d6f5be50030f6c0598ab4f13e4fd44f81fb80ea19426a105548a4f6c57a7321083ca81d6c9c3edde"}, 0xd8) 22:19:09 executing program 5: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2284, 0x0) 22:19:09 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0xf, &(0x7f0000000000)="94", 0x1) [ 1284.455142][T24457] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 22:19:09 executing program 2: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2202, 0x0) 22:19:09 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x2, 0x4e21, @local}, 0x10) 22:19:09 executing program 4: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/vlan/vlan1\x00') 22:19:09 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2282, 0x0) 22:19:09 executing program 5: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2284, 0x0) 22:19:10 executing program 0: syz_mount_image$ext4(&(0x7f0000001240)='ext3\x00', &(0x7f0000001280)='./file0\x00', 0x0, 0x1, &(0x7f0000001500)=[{&(0x7f00000012c0)="d5", 0x1}], 0x0, &(0x7f0000001580)) 22:19:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="a00000000002010100000000000000000300000a08000b007369700008000b00736970005800018014000180080001006401010208000200e00000020c000280050001003a00000006000340000200002c00018014000300ff01000000000000000000000000000114000400000000000000000000000000000000010800054000000008090006"], 0xa0}}, 0x0) 22:19:10 executing program 2: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x2202, 0x0) 22:19:10 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2282, 0x0) [ 1285.495606][T24478] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 22:19:10 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x22, &(0x7f0000000000)="94", 0x1) 22:19:10 executing program 5: syz_mount_image$ext4(&(0x7f0000001240)='ext3\x00', &(0x7f0000001280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001580)) [ 1285.608012][T24478] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 1285.741922][T24487] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. 22:19:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x4020940d, &(0x7f00000003c0)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 22:19:11 executing program 0: r0 = socket$inet(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x4, 0x0, 0x0) 22:19:11 executing program 1: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000024c0)='/dev/vcsa\x00', 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0) 22:19:11 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="a0000000000201"], 0xa0}}, 0x0) 22:19:11 executing program 5: syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x0, 0x0) 22:19:11 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2282, 0x0) [ 1286.493661][T24500] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.2'. 22:19:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x1267, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 22:19:11 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x227a, 0x0) 22:19:11 executing program 2: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, &(0x7f0000000000)="f0", 0x1, 0x0, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) 22:19:11 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LIST(r0, 0xffffffffffffffff, 0x0) 22:19:12 executing program 5: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10) 22:19:12 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x42, 0x0, "2cf246e5d6b2cf942fed4b4e6d096e71c8243000a624a9af4a96089139f9efdfb4928afbc50d20729fcce3cf510c13339e48735d1c3bcc2e440f9b3776461f682db8c98d3b674a8076adbb45129ea17f"}, 0xd8) sendto$inet(r0, 0x0, 0x0, 0x24008044, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) 22:19:12 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, 0x0, 0x0, 0x1, 0x0, 0x0) 22:19:12 executing program 2: clock_gettime(0x0, &(0x7f0000004b80)={0x0}) pselect6(0x40, &(0x7f0000004ac0), 0x0, 0x0, &(0x7f0000004bc0)={r0}, &(0x7f0000004c40)={&(0x7f0000004c00)={[0x6]}, 0x8}) 22:19:12 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="a00000000002010100000000000000000300000a08000b007369700008000b00736970005800018014000180080001006401010208000200e00000020c000280050001003a00000006000340000200002c00018014000300ff01000000000000000000000000000114000400000000000000000000000000000000010800054000000008090006007070747000000000060007"], 0xa0}, 0x1, 0x0, 0x0, 0x10090}, 0x4000000) 22:19:13 executing program 1: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) recvmsg$can_bcm(0xffffffffffffffff, &(0x7f00000011c0)={&(0x7f0000000040)=@ipx, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/79, 0x4f}, {&(0x7f0000000140)=""/55, 0x37}], 0x2, &(0x7f00000001c0)=""/4096, 0x1000}, 0x1) syz_mount_image$ext4(&(0x7f0000001240)='ext3\x00', &(0x7f0000001280)='./file0\x00', 0x0, 0x5, &(0x7f0000001500)=[{&(0x7f00000012c0)="d5665d71b2bb99a5798d591641e5cb1d8dc7b0f69fc3c03438c3758712e004ff29a67f", 0x23, 0x2}, {0x0, 0x0, 0x8}, {&(0x7f0000001380)="f58e2d32615e7bec093d79e3b94e4da54f8572a0f7c30f62b1b88245d07576afb6d4607169208d6c9ea90fba5bbe613ac60c214d5ca24e9832e8fd413b0618fa7c63106caefdaae1db", 0x49, 0x2a04}, {&(0x7f0000001400)="73f3", 0x2}, {&(0x7f0000001440)="c8308e8f1c5199c621e66c6168be9f2aafe5c6424e8d2b8581f8bdcb194c4e55ede39c2ca9c0c23a68f3772e0eaaa26dfb95beae2d50e96e6a95966235f64e883388e59177acb4e22e076e7027dd7b87d6bbb178bf8709f452e113fdd9c43f5afadad19a8f9cd8ee8ecb01e4f3f023a049794d4f062edc98d7734580748beb19d6e44eeb72b86cbd64e1c3e487746e20050aeb8f40f6fdb9f1d77b0f1cd2", 0x9e, 0x81}], 0x200000, &(0x7f0000001580)={[{@nobarrier='nobarrier'}, {@noinit_itable='noinit_itable'}], [{@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@fowner_lt={'fowner<', 0xee01}}, {@dont_measure='dont_measure'}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@obj_user={'obj_user', 0x3d, '/proc/thread-self\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '/proc/thread-self\x00'}}, {@subj_role={'subj_role'}}]}) 22:19:13 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x29, &(0x7f0000000000)="94", 0x300) 22:19:13 executing program 3: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x0, 0x842) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000180)=ANY=[], 0x200001a2) [ 1288.420363][T24526] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. 22:19:13 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000140)="b46fea3dcf09", 0x0, 0x0, 0x0, 0x0, 0x0}) [ 1288.575770][T24528] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 1288.717493][T24533] EXT4-fs (loop1): VFS: Can't find ext4 filesystem 22:19:13 executing program 5: recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000006a00)={0x0, 0x989680}) 22:19:13 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0x0, 0x21, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000140)="b46fea3dcf098e5f7096907a788a44e0bc474b1b1ca4406f67384c0b66c2e61b62", 0x0, 0x0, 0x0, 0x0, 0x0}) 22:19:14 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20048000, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) recvmmsg(r0, &(0x7f0000000e00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 22:19:14 executing program 1: syz_open_procfs(0xffffffffffffffff, &(0x7f0000003c00)='children\x00') [ 1289.509635][ C0] sd 0:0:1:0: [sg0] tag#2329 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1289.520490][ C0] sd 0:0:1:0: [sg0] tag#2329 CDB: Read element status attached [ 1289.528554][ C0] sd 0:0:1:0: [sg0] tag#2329 CDB[00]: b4 6f ea 3d cf 09 8e 5f 70 96 90 7a 78 8a 44 e0 [ 1289.538531][ C0] sd 0:0:1:0: [sg0] tag#2329 CDB[10]: bc 47 4b 1b 1c a4 40 6f 67 38 4c 0b 66 c2 e6 1b [ 1289.548525][ C0] sd 0:0:1:0: [sg0] tag#2329 CDB[20]: 62 22:19:14 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, 0x0) 22:19:14 executing program 5: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x3, &(0x7f0000001500)=[{&(0x7f00000012c0)="d5", 0x1}, {0x0}, {0x0}], 0x0, 0x0) 22:19:14 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="93d138dfe02b3c010100f1b9d873bc33fa7d9cfe38", 0x15}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 22:19:15 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_mreq(r0, 0x0, 0x0, 0x0, 0x0) 22:19:15 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000240)={&(0x7f0000000040)=@in6={0x1c, 0x1c, 0x2}, 0x1c, 0x0}, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000580)="bc", 0x1}], 0x1}, 0x20089) 22:19:16 executing program 4: r0 = socket(0x1c, 0x10000001, 0x84) bind(r0, &(0x7f00000001c0)=@un=@abs={0x8}, 0x8) 22:19:16 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000240)={&(0x7f0000000040)=@in6={0x1c, 0x1c, 0x2}, 0x1c, 0x0}, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x104) 22:19:16 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0xc, &(0x7f0000000080)='@', 0x1) 22:19:16 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r0, &(0x7f0000006940)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40, 0x0) 22:19:16 executing program 0: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockname(r0, 0x0, &(0x7f0000000280)) 22:19:16 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x3, &(0x7f00000000c0)={0x0, 0x0, 0x4}, 0x8) 22:19:17 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xca}, 0x14) 22:19:17 executing program 4: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x26, &(0x7f0000000240), &(0x7f0000000300)=0x8) 22:19:17 executing program 0: r0 = socket(0x1c, 0x10000005, 0x0) listen(r0, 0x0) 22:19:17 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x3, &(0x7f00000000c0)={0x2, 0x0, 0x4}, 0x8) 22:19:17 executing program 1: socket(0x1c, 0x10000001, 0x84) 22:19:17 executing program 5: semget(0x3, 0x2, 0x2a6) 22:19:17 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000001640)={&(0x7f0000000040)=@in={0x10, 0x2}, 0x10, 0x0, 0x0, 0x0, 0x10}, 0x0) setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xca, 0x6531}, 0x14) 22:19:17 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) setsockopt$sock_timeval(r0, 0xffff, 0x4, &(0x7f0000000100), 0x10) 22:19:17 executing program 0: r0 = socket(0x1c, 0x10000001, 0x84) connect$inet(r0, &(0x7f0000000040)={0x10, 0x2}, 0x10) 22:19:17 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x13, &(0x7f0000000140)={0x0, 0x0, 0x1, '}'}, 0x9) 22:19:17 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = socket$inet6_sctp(0x1c, 0x5, 0x84) dup2(r0, r1) 22:19:18 executing program 5: shmget(0x1, 0xc00000, 0x0, &(0x7f00003fe000/0xc00000)=nil) 22:19:18 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000240)={&(0x7f0000000040)=@in6={0x1c, 0x1c, 0x2}, 0x1c, 0x0}, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x104) sendmsg$inet_sctp(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 22:19:18 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000100)={0x10, 0x2}, 0x10) 22:19:18 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xa, &(0x7f0000000000), 0x98) 22:19:18 executing program 0: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x11, &(0x7f0000000240), 0x4) 22:19:18 executing program 2: r0 = socket(0x1c, 0x10000001, 0x84) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0xf, &(0x7f0000000040), &(0x7f0000000080)=0xc) 22:19:19 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000240)={&(0x7f0000000040)=@in6={0x1c, 0x1c, 0x1}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000000c0)='q', 0x1}], 0x1}, 0x0) 22:19:19 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x3, &(0x7f00000000c0)={0x0, 0x3}, 0x8) 22:19:19 executing program 3: r0 = socket(0x1c, 0x10000001, 0x84) listen(r0, 0x0) 22:19:19 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000240)={&(0x7f0000000040)=@in6={0x1c, 0x1c, 0x1}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000000c0)='q', 0x1}], 0x1}, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) 22:19:19 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000240)={&(0x7f0000000040)=@in6={0x1c, 0x1c, 0x2}, 0x1c, 0x0}, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x21, &(0x7f00000000c0)={0x0, 0x220}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 22:19:19 executing program 2: 22:19:19 executing program 5: 22:19:19 executing program 3: 22:19:19 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000300)={0x10, 0x2}, 0x10) connect$inet(r0, &(0x7f0000000000)={0xfffffffffffffdaf, 0x2}, 0x10) 22:19:20 executing program 0: r0 = socket(0x1c, 0x10000001, 0x84) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x1, &(0x7f0000000200), 0x10) 22:19:20 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000240)={&(0x7f0000000040)=@in6={0x1c, 0x1c, 0x2}, 0x1c, 0x0}, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x104) sendmsg$inet_sctp(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000580)="bc", 0x1}], 0x1}, 0x0) 22:19:20 executing program 4: 22:19:20 executing program 4: 22:19:20 executing program 5: 22:19:20 executing program 3: 22:19:20 executing program 2: 22:19:20 executing program 0: 22:19:20 executing program 1: 22:19:21 executing program 5: 22:19:21 executing program 4: 22:19:21 executing program 3: 22:19:21 executing program 2: 22:19:21 executing program 1: 22:19:21 executing program 0: 22:19:21 executing program 5: 22:19:22 executing program 4: 22:19:22 executing program 2: 22:19:22 executing program 3: 22:19:22 executing program 0: 22:19:22 executing program 1: 22:19:22 executing program 5: 22:19:22 executing program 4: 22:19:22 executing program 2: 22:19:22 executing program 3: 22:19:22 executing program 0: 22:19:23 executing program 1: 22:19:23 executing program 5: 22:19:23 executing program 4: 22:19:23 executing program 3: 22:19:23 executing program 2: 22:19:23 executing program 0: 22:19:23 executing program 1: 22:19:23 executing program 5: 22:19:24 executing program 3: 22:19:24 executing program 4: 22:19:24 executing program 2: 22:19:24 executing program 0: 22:19:24 executing program 1: 22:19:24 executing program 5: 22:19:24 executing program 3: 22:19:24 executing program 4: 22:19:24 executing program 2: 22:19:24 executing program 0: 22:19:25 executing program 5: 22:19:25 executing program 3: 22:19:25 executing program 1: 22:19:25 executing program 4: 22:19:25 executing program 2: 22:19:25 executing program 0: 22:19:25 executing program 3: 22:19:25 executing program 5: 22:19:25 executing program 1: 22:19:25 executing program 4: 22:19:25 executing program 2: 22:19:26 executing program 0: 22:19:26 executing program 1: 22:19:26 executing program 3: 22:19:26 executing program 5: 22:19:26 executing program 4: 22:19:26 executing program 2: 22:19:26 executing program 0: 22:19:26 executing program 1: 22:19:26 executing program 3: 22:19:27 executing program 5: 22:19:27 executing program 4: 22:19:27 executing program 2: 22:19:27 executing program 0: 22:19:27 executing program 3: 22:19:27 executing program 1: 22:19:27 executing program 5: 22:19:27 executing program 4: 22:19:28 executing program 2: 22:19:28 executing program 0: 22:19:28 executing program 3: 22:19:28 executing program 5: 22:19:28 executing program 1: 22:19:28 executing program 2: 22:19:28 executing program 4: 22:19:29 executing program 0: 22:19:29 executing program 3: 22:19:29 executing program 5: 22:19:29 executing program 2: 22:19:29 executing program 1: 22:19:29 executing program 4: 22:19:29 executing program 0: 22:19:29 executing program 3: 22:19:29 executing program 1: 22:19:29 executing program 5: 22:19:29 executing program 2: 22:19:30 executing program 4: 22:19:30 executing program 3: 22:19:30 executing program 0: 22:19:30 executing program 1: 22:19:30 executing program 5: 22:19:30 executing program 2: 22:19:30 executing program 4: 22:19:30 executing program 3: 22:19:30 executing program 1: 22:19:30 executing program 0: 22:19:30 executing program 5: 22:19:31 executing program 2: 22:19:31 executing program 4: 22:19:31 executing program 1: 22:19:31 executing program 3: 22:19:31 executing program 5: 22:19:31 executing program 0: 22:19:31 executing program 2: 22:19:32 executing program 1: 22:19:32 executing program 4: 22:19:32 executing program 5: 22:19:32 executing program 0: 22:19:32 executing program 3: 22:19:32 executing program 2: 22:19:32 executing program 1: 22:19:32 executing program 4: 22:19:33 executing program 0: 22:19:33 executing program 3: 22:19:33 executing program 5: 22:19:33 executing program 2: 22:19:33 executing program 1: 22:19:33 executing program 4: 22:19:33 executing program 0: 22:19:33 executing program 3: 22:19:33 executing program 5: 22:19:33 executing program 2: 22:19:33 executing program 1: 22:19:34 executing program 4: 22:19:34 executing program 0: 22:19:34 executing program 3: 22:19:34 executing program 5: 22:19:34 executing program 2: 22:19:34 executing program 1: 22:19:34 executing program 4: 22:19:34 executing program 0: 22:19:35 executing program 5: 22:19:35 executing program 3: 22:19:35 executing program 2: 22:19:35 executing program 1: 22:19:35 executing program 0: 22:19:35 executing program 4: 22:19:35 executing program 5: 22:19:35 executing program 3: 22:19:35 executing program 2: 22:19:35 executing program 1: 22:19:35 executing program 4: 22:19:36 executing program 0: 22:19:36 executing program 5: 22:19:36 executing program 0: 22:19:36 executing program 5: 22:19:36 executing program 4: 22:19:36 executing program 3: 22:19:36 executing program 1: 22:19:37 executing program 2: 22:19:37 executing program 0: 22:19:37 executing program 5: 22:19:37 executing program 4: 22:19:37 executing program 1: 22:19:37 executing program 3: 22:19:37 executing program 2: 22:19:38 executing program 0: 22:19:38 executing program 4: 22:19:38 executing program 5: 22:19:38 executing program 2: 22:19:38 executing program 3: 22:19:38 executing program 1: 22:19:38 executing program 0: 22:19:38 executing program 4: 22:19:38 executing program 5: 22:19:38 executing program 2: 22:19:39 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ifreq(r0, 0x8991, &(0x7f0000000040)={'bridge0\x00', @ifru_settings={0x0, 0x0, @te1=0x0}}) 22:19:39 executing program 3: syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local, @dev, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "7a69e0", 0x8, 0x11, 0x0, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {[], {0x0, 0x0, 0x8}}}}}}, 0x0) 22:19:39 executing program 0: syz_emit_ethernet(0x6a, &(0x7f0000000000)={@link_local, @link_local, @val={@void}, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}}}}}, 0x0) 22:19:39 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) syz_emit_ethernet(0x25b0, &(0x7f0000005280)=ANY=[], 0x0) recvmmsg(r0, &(0x7f0000003d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20, 0x0) 22:19:39 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000340)=@newspdinfo={0x14, 0x24, 0x303}, 0x14}}, 0x0) 22:19:39 executing program 2: futex(&(0x7f0000000000), 0x0, 0x4, &(0x7f0000000080), 0x0, 0x0) 22:19:39 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0) 22:19:39 executing program 3: r0 = gettid() process_vm_writev(r0, &(0x7f00000001c0)=[{&(0x7f0000002b40)=""/263, 0x107}], 0x1, &(0x7f0000002ac0)=[{&(0x7f0000001600)=""/135, 0x87}, {0x0}], 0x2, 0x0) 22:19:39 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ifreq(r0, 0x8927, &(0x7f0000000040)={'macvlan0\x00', @ifru_settings={0x0, 0x0, @te1=0x0}}) 22:19:40 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000000000)=@buf) 22:19:40 executing program 5: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1189, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:19:40 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ifreq(r0, 0x8913, &(0x7f0000000040)={'ipvlan0\x00', @ifru_settings={0x0, 0x0, @te1=0x0}}) 22:19:40 executing program 1: syz_emit_ethernet(0x1a, &(0x7f0000000180)={@empty, @multicast, @val={@void}, {@generic={0x8864, "263231f9b1bb2031"}}}, 0x0) 22:19:40 executing program 3: semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000140)={{0x3, 0x0, 0xffffffffffffffff}}) 22:19:40 executing program 0: futex(0x0, 0x3, 0x0, &(0x7f0000000080), 0x0, 0x0) 22:19:40 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nvram\x00', 0x0, 0x0) sendmsg$unix(r0, &(0x7f0000001a00)={0x0, 0x0, &(0x7f0000001900)=[{0x0}, {0x0}], 0x2, &(0x7f0000001980)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}], 0x38}, 0x0) 22:19:40 executing program 5: clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x8001000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x240, 0xd8, 0x0, 0x148, 0xd8, 0x0, 0x1a8, 0x2a8, 0x2a8, 0x1a8, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0) 22:19:40 executing program 2: semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000001940)=""/197) 22:19:41 executing program 3: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) pause() ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) 22:19:41 executing program 1: r0 = gettid() process_vm_writev(r0, &(0x7f0000001600)=[{&(0x7f0000000040)=""/179, 0xb3}], 0x1, &(0x7f0000001880)=[{&(0x7f0000001680)=""/182, 0xb6}], 0x1, 0x0) 22:19:41 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x5) 22:19:41 executing program 4: futex(&(0x7f0000000000), 0x3, 0x0, 0x0, &(0x7f0000000100), 0x0) 22:19:41 executing program 0: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@timestamp_addr={0x44, 0x4, 0x5c}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 22:19:41 executing program 2: openat$full(0xffffffffffffff9c, &(0x7f0000000200)='/dev/full\x00', 0x40001, 0x0) 22:19:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ifreq(r0, 0x891b, &(0x7f0000000040)={'bridge0\x00', @ifru_settings={0x0, 0x0, @te1=0x0}}) 22:19:42 executing program 5: r0 = socket$netlink(0x10, 0x3, 0xa) sendmsg$NLBL_CIPSOV4_C_LISTALL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 22:19:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000140)={'team_slave_0\x00', @ifru_settings={0x0, 0x0, @te1=0x0}}) 22:19:42 executing program 0: mq_open(&(0x7f0000000000)='((\\\\[\x15%(\x00', 0x0, 0x0, 0x0) 22:19:42 executing program 2: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='/dev/nvram\x00') 22:19:42 executing program 5: r0 = socket$netlink(0x10, 0x3, 0xa) sendmsg$NLBL_CIPSOV4_C_LISTALL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x24, 0x0, 0x0, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}]}, 0x24}}, 0x0) getrandom(&(0x7f0000000000)=""/174, 0xae, 0x3) 22:19:42 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) ioctl$PPPIOCGIDLE(r0, 0x8010743f, 0x0) 22:19:42 executing program 1: socket(0x10, 0x3, 0xff) 22:19:42 executing program 2: syz_emit_ethernet(0x3a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x3, 0x4}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 22:19:42 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000040)) 22:19:43 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) syz_emit_ethernet(0x25b0, &(0x7f0000005280)=ANY=[], 0x0) recvmsg(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0) 22:19:43 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:43 executing program 2: process_vm_writev(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000001880)=[{0x0}], 0x1, 0x0) semctl$SEM_INFO(0x0, 0x0, 0x13, &(0x7f00000018c0)=""/95) 22:19:44 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, 0x0) 22:19:44 executing program 5: r0 = gettid() openat$nvram(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nvram\x00', 0x0, 0x0) sched_getattr(r0, &(0x7f0000000000)={0x38}, 0x38, 0x0) 22:19:44 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000040)) 22:19:44 executing program 3: syz_emit_ethernet(0x3a, &(0x7f0000000300)={@local, @remote, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "c95f62", 0x0, 0x3c, 0x0, @private1, @mcast2}}}}, 0x0) 22:19:44 executing program 2: syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/cgroup\x00') 22:19:44 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:44 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:19:44 executing program 5: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:19:45 executing program 0: syz_emit_ethernet(0x4a, &(0x7f0000000140)={@link_local, @local, @void, {@ipv4={0x800, @tipc={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x1000, 0x0, 0x6, 0x0, @empty, @multicast2}, @payload_named={{{{{0x28, 0x0, 0x0, 0x0, 0x0, 0xa}}}}}}}}}, 0x0) 22:19:45 executing program 3: r0 = socket$netlink(0x10, 0x3, 0xa) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, 0x0, 0x0, 0x0, 0x0, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}]}, 0x24}}, 0x0) 22:19:45 executing program 2: r0 = socket$netlink(0x10, 0x3, 0xa) sendmsg$TIPC_CMD_GET_REMOTE_MNG(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, ["", "", ""]}, 0x51}}, 0x0) 22:19:45 executing program 4: syz_emit_ethernet(0xa2, &(0x7f0000000100)={@local, @remote, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "388511", 0x68, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x12, "f12f00"/16}, @generic={0x0, 0x5, "398866"}, @sack={0x5, 0xe, [0x0, 0x0, 0x0]}, @sack={0x5, 0x6, [0x0]}, @generic={0x0, 0x11, "5a72a0bc49600e227d1f4d812df207"}, @exp_fastopen={0xfe, 0xf, 0xf989, "e16ce2f96b234154737704"}, @exp_smc={0xfe, 0x6}]}}}}}}}}, 0x0) 22:19:45 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:45 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 22:19:45 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x3}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 22:19:45 executing program 0: r0 = socket$nl_audit(0x10, 0x3, 0x9) getpeername$netlink(r0, &(0x7f00000003c0), &(0x7f0000000400)=0xc) 22:19:45 executing program 2: r0 = gettid() perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x4) 22:19:46 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x3}, 0x14}}, 0x0) 22:19:46 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 22:19:46 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ifreq(r0, 0x8924, &(0x7f0000000040)={'lo\x00', @ifru_settings={0x0, 0x0, @te1=0x0}}) 22:19:46 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:46 executing program 0: syz_emit_ethernet(0x26, &(0x7f0000000040)={@local, @remote, @val={@void}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @empty}}}}}, 0x0) 22:19:46 executing program 4: 22:19:46 executing program 2: 22:19:47 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 22:19:47 executing program 3: 22:19:47 executing program 0: 22:19:47 executing program 4: 22:19:47 executing program 2: 22:19:47 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:47 executing program 3: 22:19:47 executing program 4: 22:19:47 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 22:19:47 executing program 2: 22:19:48 executing program 0: 22:19:48 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:48 executing program 3: 22:19:48 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 22:19:48 executing program 4: 22:19:48 executing program 2: 22:19:48 executing program 0: 22:19:49 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:49 executing program 3: 22:19:49 executing program 4: 22:19:49 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0x0) 22:19:49 executing program 2: 22:19:49 executing program 0: 22:19:49 executing program 4: 22:19:49 executing program 1: openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:49 executing program 2: 22:19:49 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0x0) 22:19:49 executing program 3: 22:19:50 executing program 0: 22:19:50 executing program 4: 22:19:50 executing program 2: 22:19:50 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0x0) 22:19:50 executing program 1: openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:50 executing program 0: r0 = socket$inet(0x2, 0x3, 0x3) ioctl$sock_SIOCADDRT(r0, 0x8915, &(0x7f00000000c0)={0x0, @in, @llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, @ethernet={0x0, @random="7f2b5ea49cef"}}) 22:19:50 executing program 3: syz_usb_connect(0x0, 0x2d, &(0x7f0000000fc0)={{0x12, 0x1, 0x0, 0xa0, 0xcf, 0xc4, 0x8, 0x471, 0x322, 0x103c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xb6, 0x20, 0x7e, 0x0, [], [{{0x9, 0x5, 0x8}}]}}]}}]}}, 0x0) 22:19:50 executing program 4: syz_usb_connect(0x0, 0x24, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0xf9, 0xea, 0xfc, 0x20, 0x12d1, 0xe532, 0xb277, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x1, 0x61}}]}}]}}, 0x0) 22:19:51 executing program 2: r0 = socket$l2tp(0x2, 0x2, 0x73) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8917, &(0x7f00000000c0)={'batadv0\x00'}) 22:19:51 executing program 5: r0 = socket$inet(0x2, 0x3, 0x3) ioctl$sock_SIOCADDRT(r0, 0x890d, 0x0) 22:19:51 executing program 1: openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x1) [ 1326.303867][ T8901] usb 4-1: new high-speed USB device number 6 using dummy_hcd 22:19:51 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x41, 0x0, 0x0) [ 1326.504474][ T2084] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 1326.553664][ T8901] usb 4-1: Using ep0 maxpacket: 8 [ 1326.675358][ T8901] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 22:19:51 executing program 5: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x21, 0x0, 0x0) 22:19:51 executing program 2: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x891e, &(0x7f0000000000)={'batadv_slave_1\x00'}) [ 1326.755378][ T2084] usb 5-1: Using ep0 maxpacket: 32 [ 1326.854996][ T8901] usb 4-1: New USB device found, idVendor=0471, idProduct=0322, bcdDevice=10.3c [ 1326.864395][ T8901] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1326.872536][ T8901] usb 4-1: Product: syz [ 1326.877130][ T8901] usb 4-1: Manufacturer: syz [ 1326.881908][ T8901] usb 4-1: SerialNumber: syz 22:19:51 executing program 1: ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000000)) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:52 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2, 0x4, 0x400000, 0x8, 0x0, 0x1}, 0x40) [ 1327.038117][ T8901] usb 4-1: config 0 descriptor?? [ 1327.085352][ T2084] usb 5-1: New USB device found, idVendor=12d1, idProduct=e532, bcdDevice=b2.77 [ 1327.090112][ T8901] gspca_main: sunplus-2.14.0 probing 0471:0322 [ 1327.094721][ T2084] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1327.109107][ T2084] usb 5-1: Product: syz [ 1327.113641][ T2084] usb 5-1: Manufacturer: syz [ 1327.118523][ T2084] usb 5-1: SerialNumber: syz [ 1327.293561][ T8901] gspca_sunplus: reg_w_riv err -71 [ 1327.299505][ T8901] sunplus: probe of 4-1:0.0 failed with error -71 [ 1327.301103][ T2084] usb 5-1: config 0 descriptor?? 22:19:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x5421, 0x0) [ 1327.376300][ T8901] usb 4-1: USB disconnect, device number 6 [ 1327.382231][ T2084] option 5-1:0.0: GSM modem (1-port) converter detected 22:19:52 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x41, &(0x7f0000000880)=@raw={'raw\x00', 0x9, 0x3, 0x270, 0x0, 0xffffffff, 0xffffffff, 0x120, 0xffffffff, 0x218, 0xffffffff, 0xffffffff, 0x218, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, [], [], 'ip6erspan0\x00', 'syzkaller1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00'}}, {{@ipv6={@empty, @mcast1, [], [], 'veth1_vlan\x00', 'dummy0\x00'}, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2d0) [ 1327.556786][T11015] usb 5-1: USB disconnect, device number 2 [ 1327.564771][T11015] option 5-1:0.0: device disconnected [ 1328.063505][T10369] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 1328.303805][T10369] usb 4-1: Using ep0 maxpacket: 8 [ 1328.383832][T11015] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 1328.430756][T10369] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 1328.594636][T10369] usb 4-1: New USB device found, idVendor=0471, idProduct=0322, bcdDevice=10.3c [ 1328.604196][T10369] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1328.612352][T10369] usb 4-1: Product: syz [ 1328.617168][T10369] usb 4-1: Manufacturer: syz [ 1328.622397][T10369] usb 4-1: SerialNumber: syz [ 1328.657375][T11015] usb 5-1: Using ep0 maxpacket: 32 [ 1328.666732][T10369] usb 4-1: config 0 descriptor?? [ 1328.710864][T10369] gspca_main: sunplus-2.14.0 probing 0471:0322 [ 1328.933461][T10369] gspca_sunplus: reg_w_riv err -71 [ 1328.939289][T10369] sunplus: probe of 4-1:0.0 failed with error -71 [ 1328.965219][T10369] usb 4-1: USB disconnect, device number 7 [ 1328.988818][T11015] usb 5-1: New USB device found, idVendor=12d1, idProduct=e532, bcdDevice=b2.77 [ 1328.998319][T11015] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1329.006631][T11015] usb 5-1: Product: syz [ 1329.010994][T11015] usb 5-1: Manufacturer: syz [ 1329.015979][T11015] usb 5-1: SerialNumber: syz 22:19:54 executing program 3: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x89e0, 0x0) [ 1329.089736][T11015] usb 5-1: config 0 descriptor?? 22:19:54 executing program 4: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x3b, 0x0, 0x0) 22:19:54 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x0, 0x0, &(0x7f0000000100)) 22:19:54 executing program 1: ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000000)) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:54 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNSETFILTEREBPF(r1, 0x6609, 0x0) 22:19:54 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000a00)) [ 1329.189333][T11015] usb 5-1: can't set config #0, error -71 [ 1329.246392][T11015] usb 5-1: USB disconnect, device number 3 22:19:54 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)) r1 = dup2(0xffffffffffffffff, r0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f0000000480)={0x0, 0x0, {}, {0xee01}}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000004c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10003, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) migrate_pages(0x0, 0x3, &(0x7f0000000080)=0x89, &(0x7f0000000140)=0xf6) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24000010) 22:19:54 executing program 2: syz_usb_connect(0x0, 0x2f, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0x2b, 0x23, 0xde, 0x8, 0x1199, 0x224, 0x7f32, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x1d, 0x0, 0x0, [], [{{0x9, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x2}]}}]}}]}}]}}, 0x0) 22:19:54 executing program 1: ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000000)) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:54 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr\x00') read$rfkill(r0, 0x0, 0x0) 22:19:54 executing program 3: r0 = socket$inet(0x2, 0x3, 0x3) ioctl$sock_SIOCADDRT(r0, 0x8901, &(0x7f00000000c0)={0x0, @in, @llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, @ethernet={0x0, @random="7f2b5ea49cef"}}) 22:19:55 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2, 0x4, 0x2, 0x8, 0x8, 0x1}, 0x40) [ 1330.363585][ T8901] usb 3-1: new high-speed USB device number 6 using dummy_hcd 22:19:55 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:55 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x1, 0x0, 0x0, 0x0, 0x9f0}, 0x40) 22:19:55 executing program 4: r0 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f0000000200), 0x4924924924926d3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') r3 = socket(0x10, 0x803, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={0x2c, r2, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @remote}, @FOU_ATTR_IFINDEX={0x8, 0xb, r4}, @FOU_ATTR_PEER_PORT={0x6}]}, 0x2c}}, 0x0) 22:19:55 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040)='batadv\x00') sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0) [ 1330.604440][ T8901] usb 3-1: Using ep0 maxpacket: 8 [ 1330.725205][ T8901] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 22:19:55 executing program 0: socketpair(0x22, 0x3, 0x0, &(0x7f0000000080)) [ 1330.894933][ T8901] usb 3-1: New USB device found, idVendor=1199, idProduct=0224, bcdDevice=7f.32 [ 1330.904790][ T8901] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1330.912951][ T8901] usb 3-1: Product: syz [ 1330.917515][ T8901] usb 3-1: Manufacturer: syz [ 1330.922271][ T8901] usb 3-1: SerialNumber: syz [ 1331.065399][ T8901] usb 3-1: config 0 descriptor?? [ 1331.117125][ T8901] sierra 3-1:0.0: Sierra USB modem converter detected 22:19:56 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:56 executing program 3: process_vm_readv(0x0, &(0x7f0000000400)=[{&(0x7f0000000200)=""/203, 0xcb}], 0x1, &(0x7f0000000b00)=[{0x0}], 0x1, 0x0) [ 1331.327127][ T8901] usb 3-1: Sierra USB modem converter now attached to ttyUSB0 [ 1331.387865][ T8901] usb 3-1: USB disconnect, device number 6 [ 1331.434236][ T8901] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 1331.446663][ T8901] sierra 3-1:0.0: device disconnected [ 1332.173583][ T8901] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 1332.413746][ T8901] usb 3-1: Using ep0 maxpacket: 8 [ 1332.534551][ T8901] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1332.704559][ T8901] usb 3-1: New USB device found, idVendor=1199, idProduct=0224, bcdDevice=7f.32 [ 1332.714125][ T8901] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1332.724418][ T8901] usb 3-1: Product: syz [ 1332.728734][ T8901] usb 3-1: Manufacturer: syz [ 1332.733595][ T8901] usb 3-1: SerialNumber: syz [ 1332.749180][ T8901] usb 3-1: config 0 descriptor?? [ 1332.801491][ T8901] sierra 3-1:0.0: Sierra USB modem converter detected [ 1333.007467][ T8901] usb 3-1: Sierra USB modem converter now attached to ttyUSB0 [ 1333.059642][ T8901] usb 3-1: USB disconnect, device number 7 [ 1333.108078][ T8901] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 1333.118063][ T8901] sierra 3-1:0.0: device disconnected 22:19:58 executing program 2: r0 = socket(0x11, 0x3, 0x0) ioctl$PPPOEIOCSFWD(r0, 0x8946, &(0x7f0000000180)={0x18, 0x0, {0x0, @remote, 'veth0_to_batadv\x00'}}) 22:19:58 executing program 5: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0) 22:19:58 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14}, 0x14}}, 0xc8) 22:19:58 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:58 executing program 3: r0 = socket$l2tp(0x2, 0x2, 0x73) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8914, &(0x7f00000000c0)={'batadv0\x00'}) 22:19:58 executing program 4: r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/userio\x00', 0x802, 0x0) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 1333.396297][T25294] misc userio: No port type given on /dev/userio 22:19:58 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) bind$can_j1939(r0, &(0x7f0000000000), 0x18) 22:19:58 executing program 0: pkey_mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) 22:19:58 executing program 4: io_uring_setup(0x143, &(0x7f0000000080)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 22:19:58 executing program 2: r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 22:19:59 executing program 1: openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000000)) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x1) 22:19:59 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/asound/seq/clients\x00', 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x10, r0, 0x0) 22:19:59 executing program 0: r0 = getuid() ioprio_set$uid(0x1, r0, 0x0) 22:19:59 executing program 5: socketpair$unix(0x1, 0x200000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000003b40)=[{{&(0x7f0000002d80)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) write$P9_RUNLINKAT(r0, 0x0, 0x0) dup3(r0, r2, 0x0) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0) 22:19:59 executing program 2: r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 22:19:59 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x5409, 0x0) 22:20:00 executing program 3: socketpair$unix(0x1, 0x200000005, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000003b40)=[{{&(0x7f0000002d80)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) write$P9_RUNLINKAT(r0, 0x0, 0x0) dup3(r0, r2, 0x0) sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) 22:20:00 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 22:20:00 executing program 1: openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000000)) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:00 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f00000001c0)={0x6, 'macvlan1\x00'}) 22:20:00 executing program 2: r0 = socket$unix(0x1, 0x5, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) 22:20:00 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x10000000040040, 0x0) dup3(r0, r1, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x8903, &(0x7f0000000340)) 22:20:00 executing program 3: socketpair$unix(0x1, 0x800000200000005, 0x0, &(0x7f0000002480)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000003b40)=[{{&(0x7f0000002d80)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) write$P9_RUNLINKAT(r0, 0x0, 0x0) dup3(r0, r2, 0x0) sendmsg$DEVLINK_CMD_TRAP_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 22:20:00 executing program 1: openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000000)) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:00 executing program 0: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$FS_IOC_MEASURE_VERITY(r0, 0x8903, &(0x7f0000000440)) 22:20:01 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg(r0, &(0x7f0000002380)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff}}, 0x80, 0x0}, 0x0) sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000002600)={0x0, 0x0, &(0x7f00000025c0)={&(0x7f0000002580)={0x1c, 0x0, 0x70d}, 0x1c}}, 0x0) dup3(r0, r1, 0x0) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 22:20:01 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x5450, 0x0) 22:20:01 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_ASSOCIATE(r0, 0x0, 0x0) 22:20:02 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r0, &(0x7f0000000300)={0x2, 0x4e22, @remote}, 0x10) getpeername(r0, &(0x7f0000000200)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, &(0x7f0000000100)=0x261) dup3(r0, r1, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89f0, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000000)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00', @empty}}) 22:20:02 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:02 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) dup3(r1, r0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0xfb) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f0000788ffc)=0x100000001, 0xfdf6) write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[], 0x6c1) r2 = dup(r0) write$P9_RLERROR(r2, 0x0, 0x11) 22:20:02 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000380)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0xfffffffffffffc47, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r2 = dup2(r1, r1) sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) ioctl$BLKREPORTZONE(0xffffffffffffffff, 0xc0101282, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000020000000000000000000000000000000000000000000000f77f00000000000000000000000000000000000000001c0000000000000000000000000000000000000000000000000000000000000000000000000000a4"]) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r0, 0x1000000000016) 22:20:02 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg(r0, &(0x7f0000002380)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff}}, 0x80, 0x0}, 0x0) sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000002600)={0x0, 0x0, &(0x7f00000025c0)={&(0x7f0000002580)={0x1c, 0x0, 0x70d}, 0x247}}, 0x0) dup3(r0, r1, 0x0) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 22:20:02 executing program 4: sched_setscheduler(0x0, 0x5, &(0x7f0000000040)) openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) mknodat(0xffffffffffffffff, 0x0, 0x0, 0x0) 22:20:02 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000300)={0x10, 0x2}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x10, 0x2}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000600)={&(0x7f0000000040)=@in6={0x1c, 0x1c, 0x3}, 0x1c, &(0x7f0000000540)=[{&(0x7f0000000080)="9b707d03c68ecec63cf61d40bc657974d52abdfed77e9727152aa7eaf401f9d3d48c8d81f06d7eb821ce80d75bd1d5b9f1ab0cdf576ddb50f6965cc513baa9d893d52bf3185e358b864dd52817cac1e9f27b3cedc137e5a2a151a79c9e02e5ced92a7d6e5d26d552a4f9dac5dcc19cf6a30375691d35c73b0b2a8d78b07bc906c8fb7db873a4f3b16db65df4feecfde8fa4410bc0dc5709cd0", 0x99}], 0x1, &(0x7f00000005c0)=[@dstaddrv6={0x1c, 0x84, 0xa, @mcast2}], 0x1c}, 0x184) 22:20:03 executing program 3: syz_emit_ethernet(0x46, &(0x7f0000000240)={@broadcast, @broadcast, @val, {@ipv6}}, 0x0) 22:20:03 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:03 executing program 5: getresuid(0x0, 0x0, &(0x7f0000001200)) pipe2(&(0x7f0000000680), 0x0) 22:20:03 executing program 0: sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000280)=@in6={0x1c, 0x1c, 0x2}, 0xfffffffffffffe7a, 0x0, 0x0, 0x0, 0x74}, 0x0) 22:20:03 executing program 2: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0x100, &(0x7f0000000140), &(0x7f0000000200)=0xb0) 22:20:03 executing program 3: r0 = socket(0x2, 0x5, 0x0) r1 = socket$inet6_sctp(0x1c, 0x1, 0x84) connect$inet6(r1, &(0x7f00000001c0)={0x1c, 0x1c, 0x1}, 0x1c) r2 = fcntl$dupfd(r1, 0x0, r0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0x1c, 0x1c, 0x2}, 0x1c) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x23, &(0x7f0000000000)=0x1c00, 0xfe6a) 22:20:04 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:04 executing program 5: readlink(0x0, &(0x7f0000000300)=""/191, 0xbf) 22:20:04 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000c40)='/dev/autofs\x00', 0x0, 0x0) fcntl$lock(r0, 0x6, 0x0) 22:20:04 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_timeval(r2, 0x1, 0x14, &(0x7f0000000740), &(0x7f0000000780)=0x10) 22:20:05 executing program 4: r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) connect(r0, &(0x7f00000000c0)=@in6={0x1c, 0x1c, 0x2}, 0x1c) 22:20:05 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x0, 0xffffffffffffffff}) 22:20:05 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:05 executing program 5: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x150, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8, 0x1, 'red\x00'}, {0xffffffffffffff88, 0x2, [@TCA_RED_STAB={0x104, 0x2, "12b580bb5183d74b7fbe9e7282ab9645429e679591373547062b36117ad1ba6717e87c01e386963692ed762dc5e0598d0436b9cc306874e1574364bf17d6aee8dad403cba6c512ffa3fc973a3cfd5d9615b16774d5de6688b3bc387bb7c11e3b3b188423f4913ec338175bba14fa05266dc492a0c03cbe95cae27a9a21f511563a8588296a1b33bbf98bc034b8ad777a90bb3d99e4a4f0f69ba373ca2b19b5a2c2d0d5723c5cfb029e841a79ddee2754d6a98f511ed3fd2af3dfb05d530b6765a7fb3c7e60abb42fa0acc446b99afeebccf34d87a69db23c019664b560f6083f24012e6e882c26c442815bfb521288c85ae4fdefcdee64fb94fee2ead46a2fc1"}, @TCA_RED_MAX_P={0x8}, @TCA_RED_PARMS={0x14}]}}]}, 0x150}}, 0x0) 22:20:05 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendfile(0xffffffffffffffff, r0, &(0x7f0000000080), 0x0) 22:20:05 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg(r0, &(0x7f00000002c0)={&(0x7f0000000140)=@in={0x10, 0x2}, 0x10, 0x0}, 0x0) [ 1340.697985][T25457] netlink: 292 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1340.779831][T25463] netlink: 292 bytes leftover after parsing attributes in process `syz-executor.5'. 22:20:05 executing program 3: symlinkat(&(0x7f0000001000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000001040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400000, 0x0) 22:20:05 executing program 2: r0 = openat$ptmx(0xffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0) fsync(r0) 22:20:06 executing program 0: pipe2(&(0x7f0000000300)={0xffffffffffffffff}, 0x0) recvmsg(r0, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001340)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x0) 22:20:06 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:06 executing program 5: r0 = socket$inet_sctp(0x2, 0x5, 0x84) fcntl$getown(r0, 0x5) 22:20:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg(r0, &(0x7f00000002c0)={&(0x7f0000000140)=@in={0x10, 0x2}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000180)="b121950bf542948b", 0x8}, {&(0x7f0000000340)="27face64b7722a4a8c56cbeaf84cfd5e9aa133a4f15baadcca48a580b846abd05c17314913b30a9b5bd7d04105081ff23f0198a9b98cc56df1f37a86da01089c85d68e0379242fc762c1aed541c5beaa5510eb3fae7e2a9984d2256f363ed9b743d8f3ef87d62906d6cc0c7251ba4388edb7e63f06725b1d365e8ffdf473c184b89c52a65a6fa77b996c1fb943ed45b601918e07a205284ccd337ebb6db0fb09099bb625c953519a73c4f9ab8c7ff6840f17dbde164c6108da53ee417b4ec7422bfdb7beddd22ce1c1caa23fa89386be416abeb22e98613612c4502656b0c8e185b9515c9fa16e10402eb25dbfb6f92942190949d975aed1cfa82149725722a656ac81c8458a3ed34432dbad175d760cd85962072c3bd6044c68fa6cdaee869240cf4052a04051c37138a8c3262a4f1c35ff2777ccb3a489a0c1368250083088b73d87d04ca72b34fbd2dfbb761db74729e1a571f7ef6c9cf1f254cc4d991afa9463ff08157e62a607797d10936e4e6fcda43c05409be1e9aad4b3036d02002508fc14d364f51585edb5ed7b7698e4a628e8d85a7fd96f015c6bb0b875a3e684056a02406ea7a0e0fb648a153dc674cec73c9d33b7bb4b8f10b0be29642d906bd1f6f3ee4fd917f136a0b5e2ef3dc670627c1812ff8a0e97ed98e241f56de01424c748ff5ce92f0c4190165dddff4ed4fbf18a130130bb3aaf5b464131ee472569970bf74ef6c659d67baccc2f35400d0b646f4bc81067344d6f0800f8826b70537f6a8a26fb338c8599eb936f1cd0afba560260ca9e6b90b9e32f8fdbaca69253e05d1f3e0ebd2f40b7b5e91def87df8ffc248f826e3c362a3e666ab36630df42f7455ce3213af9f3bcdd4c184af8b49cc708f164c05b2defadf936563f3fab87ffed50b94b373dc07b15b80b8cf43f27a0a5cd5f2a630778673bc87c7f34697db6ec517eaea1d1c30a40f27d334e3b94f1aab0bf994025b220d3c053167eb7a7ba2c2509e1c2215b1c2210e4a7b67d22b836fa61abf74e50c69ea955b1c17e0cb4227282a605a8030d51252e3b24e1a5b3ceea048536fc3fc04b840dd808586fb117546753ca2ffea807d2c12773563c44762243afffa0acc5bc271bf7786c0ac2224d1ef5f128feefaeb0947e40acda1231982287314550d6bf424438fd55680bb2a10238afabbe6c41ee45d5d5e8ab5c2a3794ecdf8cd7620027404095de8c10c46919c041816906eb7ec829730938a4ff7298ba258762ed29b83b9edd3984dd1aa831b683cd6597701f60a65b74abae76ba045dd5d7fef7fe66c13c15ac7cae71f2758b5e5eda5722b2e634c65d4a2227e341eb4b92c417d68d8c982ee39f94f9bf2f2140489e3030672fa2854c5ce4c06cc1ebca6cf60f1f9012e5ccbe7a378c9aef7730e5033e4115413958ea67e50fa24bf1a76213b4c6c7c915bf2a4ba7f33c92a5653160cad5884a82a7cf940de4ce0fb2e2dadfbdd26bff5293454d3033c5fc5aa1364061a7ac64e167dae822d522d72d8cdfc0e130a41e7493657323118e81519373d567349c41920cf947f31fb4d2bd735e0704ae72dd8dfb3f7fb753782e5b46b608842f305d814da143fb5c8d7a80f58ef07107e4003399c688a22f256ecb47aa204d8199d40c4e988f863ee5479c463db095274ccb0638af5508cdb5c9c18d168fb3e01b55481ca4a8a13df360b2c1899d41c2d61816130855907f0b047ce53e4fa164eed8844ccaaba8855e7f8b4f2ff6976687a66e4d0d4b4a3479b8f8288ae80cc82b1d0624f35e1f04ecc4527fa94d3e06bd9476a3d5a054378e50ecc26a6d53a743fa1751541bf558b2d6d3ca1851348b289ec83a4e8ac032eeafd1d43ef702cdb713b6cfb5fe842a9570f4a9f2fcdf0bfc5e2660748f0b9557c8ddd590ed12075fdf43563818410e1514b74ed33320eb42754aea7caa5e4787079dec71070ed66f9a51e43883f6da97282efbf27bc5ab4b27d5ed586366497a826ca9f37e9f229b6341df74d8ba3b51ada0119881e08fc5d2d261b6a44127401df64804a9f2846c21a1efe40b7f3f62a2a84e65788fdb215ceb27a8b56d0a56b4a2332a9089bf8a008b1f4cad540218c52904472b7959a08db5bdd1a8c550b7140358b4c766b6c72d02e3f8bbc20438d68dd02782e672896832b2a1a2d0127a7723b159016ff1edf25ad3eef8c83778799c7f878243e133dc29fbf1e915b588d4161b6849829bbacb241597324a2df3d97a3eca4d1792df9ce0744aec8a1e1a0da0d9ac313ef44d36b610c7599eade0487040e945b3d9d0759f6da1e00c7ea0ba79e9ae9d08a935c41c1a7e898f2c5739e978cc2fda7ad6c12d963168b7bbd6f1ca643c542271102c8fb0d57b388821a80f4b6ad5af43400ff6a65297ea48bda34013e6ffb57dd158decba9a9c4f5fafd90554f09576561f91ce06f9c5ef86ebde85e56e9a8c039a2a98d6aa412fa84d7a931249b976dbfbd9952a8efdc7a70e40dd42495ac122eacdb4e4c57e6ab97545a40094aeeb382ce66b138018877cdfa63a35fda6201c8d284d75b42dfc3732c38ad4f9ac34609030562297e77d33cf55edacf29e732bab729f3a6996e733513234612ffb00a4129183160e167c3e5ec020526d61543b0e5c1d3d369f176e36d8c4a26eb38fc88c3da8cb11b902dfecd0bdbad3decf7d4e8c6f3889738be547384923be2293148feff6ba43fbc7ddc290e276fcffc928d8c91e294b6934c2bca9bbd611b5f1fd0378c043fe0109051fe7e9f397cdc0e2283652fbe93a5ff5c75f1144607eaf7f31c435b7607f14bfd97ea025c5ee0c7ffb3dd55646576f5219cb9dada1b94f3e80e", 0x7dd}], 0x2}, 0x0) 22:20:06 executing program 3: r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) r1 = dup(r0) getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x1, &(0x7f0000000280), &(0x7f00000002c0)=0x10) 22:20:06 executing program 2: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) connect$inet6(r0, &(0x7f0000000040)={0x1c, 0x1c, 0x1}, 0x1c) 22:20:06 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:06 executing program 0: select(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)={0x0, 0xffffffff}) 22:20:06 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f00000018c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001800)=[@rights], 0xc}, 0xe) 22:20:07 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0x1b, &(0x7f0000000000), 0x4) 22:20:07 executing program 0: bpf$PROG_LOAD(0x22, 0x0, 0x0) 22:20:07 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:07 executing program 2: perf_event_open$cgroup(&(0x7f00000000c0)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2840, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1004}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 22:20:07 executing program 5: bpf$PROG_LOAD(0x1d, 0x0, 0x0) 22:20:07 executing program 3: bpf$PROG_LOAD(0x23, 0x0, 0x0) 22:20:08 executing program 4: bpf$PROG_LOAD(0x2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) 22:20:08 executing program 0: getresuid(&(0x7f0000001380), &(0x7f00000013c0), 0x0) 22:20:08 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:08 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={@local, 0x47}) syz_genetlink_get_family_id$devlink(&(0x7f0000000040)='devlink\x00') socket$nl_route(0x10, 0x3, 0x0) accept4(r0, &(0x7f0000000080)=@in, &(0x7f0000000100)=0x80, 0x800) ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000140)) syz_open_dev$vim2m(&(0x7f0000000180)='/dev/video#\x00', 0x8, 0x2) r1 = syz_io_uring_setup(0x711f, &(0x7f00000001c0)={0x0, 0xc230, 0x10, 0x1, 0x123}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000240), 0x0) syz_io_uring_setup(0x1cc3, &(0x7f00000002c0)={0x0, 0x5151, 0x10, 0x1, 0xf0, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000340), &(0x7f0000000380)) bind$xdp(0xffffffffffffffff, &(0x7f0000000700)={0x2c, 0x0, 0x0, 0x6, r1}, 0x10) 22:20:08 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r0, 0x4b62, &(0x7f00000000c0)) 22:20:08 executing program 5: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000540)=0x101ac80, 0x4) 22:20:08 executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r0, 0x5423, &(0x7f00000000c0)={0x0, 0x0, 0x2c7}) 22:20:08 executing program 0: openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) 22:20:09 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=0x1) 22:20:09 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x4) 22:20:09 executing program 5: syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x2) 22:20:09 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@const={0x1}]}}, &(0x7f0000000200)=""/185, 0x26, 0xb9, 0x14}, 0x20) 22:20:09 executing program 4: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000440)='/dev/nvram\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x8000000) 22:20:09 executing program 0: perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @timestamp, @sack_perm, @sack_perm, @window, @sack_perm], 0x20c3) 22:20:09 executing program 3: r0 = syz_io_uring_setup(0xf47, &(0x7f0000000200), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) io_uring_setup(0x7655, &(0x7f0000000000)={0x0, 0xebc6, 0x20, 0x0, 0x0, 0x0, r0}) 22:20:10 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, 0x0) 22:20:10 executing program 2: r0 = socket$can_j1939(0x1d, 0x2, 0x7) recvmsg$can_j1939(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x2040) 22:20:10 executing program 5: openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x0, 0x0) r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040)) 22:20:10 executing program 4: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000440)='/dev/nvram\x00', 0x40040, 0x0) fsconfig$FSCONFIG_SET_PATH(r0, 0x6, 0x0, 0x0, 0xffffffffffffff9c) syz_io_uring_setup(0x15f1, &(0x7f00000001c0)={0x0, 0x197b, 0x1, 0x3, 0x173}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280)=0x0) r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/capi/capi20\x00', 0x8882, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd=r2, 0xffff, {0x0, r0}, 0x1, 0x2, 0x1}, 0x2) 22:20:10 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, 0x0, 0x305}, 0x14}}, 0x0) 22:20:10 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x19, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x40) 22:20:10 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, 0x0) 22:20:10 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x28, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:20:10 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000400)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0x5452, &(0x7f0000000200)={0x10, 0x0, &(0x7f00000000c0)=[@clear_death], 0x0, 0x0, 0x0}) 22:20:11 executing program 0: syz_usb_connect$uac1(0x0, 0xad, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9b, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0xf, 0x24, 0x6, 0x0, 0x0, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x2a}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, "54c0", "e5"}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x0, 0x0, 0x0, "85"}, @format_type_ii_discrete={0x9}, @as_header={0x7}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x3, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) 22:20:11 executing program 4: bpf$BPF_PROG_QUERY(0x1e, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x20) 22:20:11 executing program 2: syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x92, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0xf, 0x24, 0x6, 0x0, 0x0, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x2a}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, "54c0", "e5"}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x0, 0x0, 0x0, "85"}, @as_header={0x7}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x9}}}}}}}]}}, 0x0) 22:20:11 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000080)={0x679, 0x1, 0x4}) 22:20:11 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000080)={0x1, @pix_mp}) 22:20:11 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, 0x0) [ 1346.513741][ T2084] Bluetooth: hci3: command 0x0406 tx timeout 22:20:11 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x141040, 0x0) [ 1346.694476][ T2084] usb 1-1: new high-speed USB device number 2 using dummy_hcd 22:20:12 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)) [ 1347.024572][ T8901] usb 3-1: new high-speed USB device number 8 using dummy_hcd 22:20:12 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000600)=0x1) [ 1347.077828][ T2084] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1347.086896][ T2084] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1347.096298][ T2084] usb 1-1: config 1 has no interface number 1 [ 1347.102728][ T2084] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1347.115730][ T2084] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 22:20:12 executing program 3: pipe2(&(0x7f0000000b40)={0xffffffffffffffff}, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)={@map=r0, 0xffffffffffffffff, 0x4}, 0x10) 22:20:12 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x9, 0x1, &(0x7f0000000000)=@raw=[@exit], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 1347.386322][ T8901] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1347.395530][ T8901] usb 3-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 1347.406024][ T8901] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1347.425711][ T2084] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1347.435162][ T2084] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1347.443444][ T2084] usb 1-1: Product: syz [ 1347.447730][ T2084] usb 1-1: Manufacturer: syz [ 1347.452420][ T2084] usb 1-1: SerialNumber: syz 22:20:12 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x1, &(0x7f0000000000)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}], &(0x7f0000000040)='syzkaller\x00', 0x6, 0x85, &(0x7f0000000080)=""/133, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 1347.704603][ T8901] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1347.713987][ T8901] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1347.724007][ T8901] usb 3-1: Product: syz [ 1347.728337][ T8901] usb 3-1: Manufacturer: syz [ 1347.733098][ T8901] usb 3-1: SerialNumber: syz [ 1348.047504][ T2084] usb 1-1: USB disconnect, device number 2 [ 1348.204495][ T8901] usb 3-1: 0:2 : does not exist [ 1348.298176][ T8901] usb 3-1: USB disconnect, device number 8 [ 1348.733759][ T2084] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 1348.913803][ T8901] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 1349.113841][ T2084] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1349.122767][ T2084] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1349.132582][ T2084] usb 1-1: config 1 has no interface number 1 [ 1349.139186][ T2084] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1349.150523][ T2084] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1349.274530][ T8901] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1349.283707][ T8901] usb 3-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 1349.294426][ T8901] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 22:20:14 executing program 0: syz_usb_connect$uac1(0x0, 0xad, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9b, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0xf, 0x24, 0x6, 0x0, 0x0, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x2a}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, "54c0", "e5"}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x0, 0x0, 0x0, "85"}, @format_type_ii_discrete={0x9}, @as_header={0x7}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x3, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) 22:20:14 executing program 4: socket$inet(0xa, 0x3, 0x0) [ 1349.515058][ T8901] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1349.524568][ T8901] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1349.532749][ T8901] usb 3-1: Product: syz [ 1349.537345][ T8901] usb 3-1: Manufacturer: syz [ 1349.542124][ T8901] usb 3-1: SerialNumber: syz [ 1349.576850][ T2084] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1349.586184][ T2084] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1349.672516][ T2084] usb 1-1: can't set config #1, error -71 [ 1349.701241][ T2084] usb 1-1: USB disconnect, device number 3 22:20:14 executing program 2: syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x92, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0xf, 0x24, 0x6, 0x0, 0x0, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x2a}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, "54c0", "e5"}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x0, 0x0, 0x0, "85"}, @as_header={0x7}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x9}}}}}}}]}}, 0x0) 22:20:14 executing program 5: bpf$BPF_BTF_LOAD(0x10, &(0x7f00000000c0)={0x0, &(0x7f00000004c0)=""/217, 0x0, 0xd9}, 0x20) 22:20:14 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)) 22:20:14 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000080)={0x2, @sliced}) [ 1349.960741][ T8901] usb 3-1: 0:2 : does not exist 22:20:15 executing program 4: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@const]}}, &(0x7f0000000040)=""/205, 0x26, 0xcd, 0x1}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={r0, 0x10, &(0x7f0000000240)={&(0x7f0000000200)=""/14, 0xe}}, 0x10) [ 1350.037241][ T8901] usb 3-1: USB disconnect, device number 9 [ 1350.114146][ T2084] usb 1-1: new high-speed USB device number 4 using dummy_hcd 22:20:15 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f0000000040)=@framed, &(0x7f00000000c0)='GPL\x00', 0x4, 0xd2, &(0x7f0000000100)=""/210, 0x0, 0x2, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240), 0x8, 0x10, 0x0}, 0x78) 22:20:15 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_buf(r0, 0x107, 0x5, &(0x7f0000000080)="66863915573b07f39707c1703a3b0bfb", 0x10) 22:20:15 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)) [ 1350.525108][ T2084] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1350.534160][ T2084] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1350.543493][ T2084] usb 1-1: config 1 has no interface number 1 [ 1350.549787][ T2084] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1350.560994][ T2084] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 22:20:15 executing program 4: bpf$BPF_BTF_LOAD(0x7, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x20) [ 1350.805055][ T8901] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 1350.855001][ T2084] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1350.864250][ T2084] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1350.872861][ T2084] usb 1-1: Product: syz [ 1350.877350][ T2084] usb 1-1: Manufacturer: syz [ 1350.882044][ T2084] usb 1-1: SerialNumber: syz 22:20:16 executing program 3: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, 0x0, 0x0) [ 1351.164573][ T8901] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1351.173903][ T8901] usb 3-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 1351.184353][ T8901] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1351.425644][ T8901] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1351.435187][ T8901] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1351.443557][ T8901] usb 3-1: Product: syz [ 1351.447876][ T8901] usb 3-1: Manufacturer: syz [ 1351.453361][ T8901] usb 3-1: SerialNumber: syz [ 1351.606743][ T2084] usb 1-1: USB disconnect, device number 4 [ 1351.874154][ T8901] usb 3-1: 0:2 : does not exist [ 1351.929720][ T8901] usb 3-1: USB disconnect, device number 10 22:20:17 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x200000, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000d5f4655fd5f4655f0100ffff53ef010001000000d4f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000091b73ef4b8d944c4be6aeaa0d6c47e6c010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000d4f4655fd5f4655fd5f4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000000080)="8081000000180000d4f4655fd4f4655fd4f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000013900)="111fc0d901", 0x5, 0x30000}], 0x0, &(0x7f0000001700)=ANY=[]) 22:20:17 executing program 5: r0 = socket$tipc(0x1e, 0x2, 0x0) sendmsg$tipc(r0, &(0x7f0000000400)={&(0x7f00000002c0)=@id, 0x10, 0x0}, 0x0) [ 1352.379012][T25816] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue 22:20:17 executing program 2: syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x92, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0xf, 0x24, 0x6, 0x0, 0x0, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x2a}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, "54c0", "e5"}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x0, 0x0, 0x0, "85"}, @as_header={0x7}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x9}}}}}}}]}}, 0x0) 22:20:17 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0x400448c9, &(0x7f0000000080)={0x0, 0x0, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:17 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xa, 0x8001, 0x5, 0x8000}, 0x40) 22:20:17 executing program 3: r0 = socket$can_j1939(0x1d, 0x2, 0x7) recvmsg$can_j1939(r0, &(0x7f00000009c0)={0x0, 0x0, 0x0}, 0x40) 22:20:17 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0505609, &(0x7f0000000080)={0x0, 0x1, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:17 executing program 0: syz_usb_connect$uac1(0x0, 0x84, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x72, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0xb, 0x24, 0x6, 0x0, 0x0, 0x2, [0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) 22:20:18 executing program 1: socketpair(0x1d, 0x0, 0xffff7b7a, &(0x7f0000000000)) 22:20:18 executing program 3: ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 22:20:18 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:18 executing program 5: openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) [ 1353.145359][ T8901] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 1353.423854][T10369] usb 1-1: new high-speed USB device number 5 using dummy_hcd 22:20:18 executing program 1: open_tree(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 1353.514764][ T8901] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1353.523787][ T8901] usb 3-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 1353.534306][ T8901] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 22:20:18 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) [ 1353.785187][ T8901] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1353.794822][ T8901] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1353.802973][ T8901] usb 3-1: Product: syz [ 1353.807495][ T8901] usb 3-1: Manufacturer: syz [ 1353.812242][ T8901] usb 3-1: SerialNumber: syz [ 1353.818450][T10369] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1353.827688][T10369] usb 1-1: config 1 has no interface number 1 [ 1353.834213][T10369] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1353.847393][T10369] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1353.858721][T10369] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1354.135153][T10369] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1354.144542][T10369] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1354.152642][T10369] usb 1-1: Product: syz [ 1354.157231][T10369] usb 1-1: Manufacturer: syz [ 1354.161931][T10369] usb 1-1: SerialNumber: syz [ 1354.286798][ T8901] usb 3-1: 0:2 : does not exist [ 1354.355794][ T8901] usb 3-1: USB disconnect, device number 11 [ 1354.644683][T10369] usb 1-1: USB disconnect, device number 5 22:20:19 executing program 2: syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x92, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0xf, 0x24, 0x6, 0x0, 0x0, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x2a}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, "54c0", "e5"}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x0, 0x0, 0x0, "85"}, @as_header={0x7}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x9}}}}}}}]}}, 0x0) 22:20:19 executing program 3: syz_usb_connect$uac1(0x0, 0x84, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x72, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0xb, 0x24, 0x6, 0x0, 0x0, 0x2, [0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x52, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) 22:20:19 executing program 5: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000040)) 22:20:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000240)=@security={'security\x00', 0xe, 0x4, 0x2d0, 0xffffffff, 0x110, 0x110, 0x210, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'wlan0\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}, {{@ip={@dev, @private, 0x0, 0x0, 'veth0\x00', 'ip6_vti0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00'}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x330) 22:20:19 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) [ 1355.309760][ T8490] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 1355.364465][T10369] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 1355.643951][ T2084] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 1355.697904][ T8490] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1355.709252][ T8490] usb 1-1: config 1 has no interface number 1 [ 1355.716124][ T8490] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1355.729217][ T8490] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1355.734955][T10369] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1355.740359][ T8490] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1355.749332][T10369] usb 4-1: config 1 has no interface number 1 [ 1355.765632][T10369] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1355.778879][T10369] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 82, changing to 7 [ 1355.966951][ T8490] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1355.976576][ T8490] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1355.985059][ T8490] usb 1-1: Product: syz [ 1355.989320][ T8490] usb 1-1: Manufacturer: syz [ 1355.994113][ T8490] usb 1-1: SerialNumber: syz [ 1355.996353][T10369] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1356.008215][T10369] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1356.018839][T10369] usb 4-1: Product: syz [ 1356.023172][T10369] usb 4-1: Manufacturer: syz [ 1356.028473][T10369] usb 4-1: SerialNumber: syz [ 1356.044690][ T2084] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1356.053930][ T2084] usb 3-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 1356.064497][ T2084] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 22:20:21 executing program 0: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) 22:20:21 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}, {0x0, [], 0x2}}, &(0x7f00000004c0)=""/217, 0x1a, 0xd9, 0x1}, 0x20) 22:20:21 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000001440)={0x0, 0x0, 0x0}, 0x2121) 22:20:21 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) [ 1356.241476][ T8490] usb 1-1: can't set config #1, error -71 [ 1356.267499][ T8490] usb 1-1: USB disconnect, device number 6 [ 1356.314908][ T2084] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1356.326697][ T2084] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1356.335542][ T2084] usb 3-1: Product: syz [ 1356.339863][ T2084] usb 3-1: Manufacturer: syz [ 1356.344711][ T2084] usb 3-1: SerialNumber: syz [ 1356.443811][T10369] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1356.544505][T10369] usb 4-1: USB disconnect, device number 8 22:20:21 executing program 4: ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:21 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc050565d, &(0x7f0000000080)={0x0, 0x1, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:21 executing program 1: bpf$BPF_PROG_WITH_BTFID_LOAD(0x2, &(0x7f0000000280)=@bpf_lsm={0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 1356.874927][ T2084] usb 3-1: 0:2 : does not exist [ 1356.950711][ T2084] usb 3-1: USB disconnect, device number 12 [ 1357.167571][T10369] usb 4-1: new high-speed USB device number 9 using dummy_hcd 22:20:22 executing program 2: syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000880)='ns/time\x00') [ 1357.534932][T10369] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1357.544251][T10369] usb 4-1: config 1 has no interface number 1 [ 1357.552798][T10369] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1357.566398][T10369] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 82, changing to 7 [ 1357.745683][T10369] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1357.757132][T10369] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1357.766086][T10369] usb 4-1: Product: syz [ 1357.770409][T10369] usb 4-1: Manufacturer: syz [ 1357.775301][T10369] usb 4-1: SerialNumber: syz 22:20:23 executing program 3: syz_usb_connect$uac1(0x0, 0x84, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x72, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0xb, 0x24, 0x6, 0x0, 0x0, 0x2, [0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x52, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) 22:20:23 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)) 22:20:23 executing program 0: syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/pid_for_children\x00') 22:20:23 executing program 4: ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:23 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc050565d, &(0x7f0000000080)={0x0, 0x1, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc, 0x1, 'macvlan\x00'}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x5, @empty=[0x4]}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x48}}, 0x0) [ 1358.094018][T10369] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1358.214656][T10369] usb 4-1: USB disconnect, device number 9 [ 1358.322917][T25987] netlink: 'syz-executor.2': attribute type 5 has an invalid length. 22:20:23 executing program 0: r0 = syz_io_uring_setup(0xf47, &(0x7f0000000200), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0) 22:20:23 executing program 5: socket$inet(0x2, 0xe, 0x0) 22:20:23 executing program 1: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) 22:20:23 executing program 4: ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:23 executing program 2: bpf$BPF_PROG_QUERY(0xd, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x20) [ 1358.823748][T10369] usb 4-1: new high-speed USB device number 10 using dummy_hcd 22:20:24 executing program 1: r0 = syz_io_uring_setup(0xf45, &(0x7f00000000c0), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280), &(0x7f0000000040)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x300000e, 0x13, r0, 0x10000000) [ 1359.183720][T10369] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1359.194883][T10369] usb 4-1: config 1 has no interface number 1 [ 1359.201179][T10369] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1359.214732][T10369] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 82, changing to 7 [ 1359.535444][T10369] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1359.544872][T10369] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1359.553026][T10369] usb 4-1: Product: syz [ 1359.557578][T10369] usb 4-1: Manufacturer: syz [ 1359.562336][T10369] usb 4-1: SerialNumber: syz [ 1359.934360][T10369] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1359.994322][T10369] usb 4-1: USB disconnect, device number 10 22:20:25 executing program 3: r0 = socket$tipc(0x1e, 0x5, 0x0) getsockopt$TIPC_NODE_RECVQ_DEPTH(r0, 0x10f, 0x83, &(0x7f0000000340), &(0x7f0000000380)=0x4) 22:20:25 executing program 0: bpf$BPF_PROG_QUERY(0x13, &(0x7f0000000040)={0xffffffffffffffff, 0x10, 0x0, 0x0, 0x0}, 0x20) 22:20:25 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, 0x8000}, 0x40) 22:20:25 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:25 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0205649, &(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:25 executing program 1: r0 = io_uring_setup(0x447e, &(0x7f0000000180)={0x0, 0x0, 0x2}) io_uring_enter(r0, 0x186c, 0x92db, 0x2, &(0x7f0000000340)={[0x2a]}, 0x8) 22:20:25 executing program 0: connect$can_j1939(0xffffffffffffffff, 0x0, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, 0x0, 0x0) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vim2m\x00', 0x2, 0x0) 22:20:26 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:26 executing program 1: syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0x8}, 0x0, 0x0, 0x0, 0x0) 22:20:26 executing program 5: fsopen(&(0x7f0000000180)='xfs\x00', 0x0) 22:20:26 executing program 2: shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x8000) 22:20:26 executing program 3: r0 = syz_io_uring_setup(0xf47, &(0x7f0000000200)={0x0, 0xda54}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 22:20:26 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@union={0x2}]}, {0x0, [0x0]}}, &(0x7f0000000400)=""/138, 0x27, 0x8a, 0x1}, 0x20) 22:20:26 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x101a, 0x1}, 0x40) 22:20:26 executing program 2: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000440)='/dev/nvram\x00', 0x0, 0x0) fsconfig$FSCONFIG_SET_PATH(r0, 0x5, &(0x7f0000000040)='/dev/cachefiles\x00', 0x0, 0xffffffffffffff9c) 22:20:26 executing program 1: syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0x8}, 0x0, 0x0, 0x0, 0x0) 22:20:26 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:26 executing program 3: bpf$BPF_BTF_LOAD(0x21, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x20) 22:20:27 executing program 0: pselect6(0xffffffffffffff75, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140)={&(0x7f0000000100), 0x8}) 22:20:27 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc050560f, &(0x7f0000000080)={0x0, 0x1, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:27 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:27 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x6, 0xa}]}}, &(0x7f0000000040)=""/205, 0x26, 0xcd, 0x1}, 0x20) 22:20:27 executing program 1: syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0x8}, 0x0, 0x0, 0x0, 0x0) 22:20:27 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000001140)={0x0, 0x0, 0x2, {0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}}}) 22:20:27 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000080)={0x0, 0x2, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "13c18951"}}) 22:20:28 executing program 5: syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0x0, 0x80) 22:20:28 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:28 executing program 2: socketpair(0x9, 0x0, 0x0, &(0x7f0000000100)) 22:20:28 executing program 1: syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0x8}, 0x0, 0x0, 0x0, 0x0) 22:20:28 executing program 3: r0 = io_uring_setup(0x7d10, &(0x7f0000000080)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f0000000140)=r1, 0x1) 22:20:28 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) pwritev2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:28 executing program 2: socketpair(0x22, 0x0, 0x400, &(0x7f0000000040)) 22:20:28 executing program 5: pipe2(&(0x7f0000000b40), 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x40, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 22:20:28 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000080)={0x0, 0xb, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:28 executing program 1: pselect6(0x40, &(0x7f0000000000)={0x8}, 0x0, 0x0, 0x0, 0x0) 22:20:29 executing program 3: bpf$BPF_PROG_QUERY(0x3, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd4a}, 0x20) 22:20:29 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000480)={0xec4, 0x12, 0x0, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0xe75, 0x1, "ff7d5f296683b2fa8b83383a6ef007c20183853291ca235a8832fe51952fa8b53890c6c1ad788aa86e3cf5bee49270f0b723589d25cf22bb5ee908a38baccbe53483eef623ef0e810dafb82af55030ad0cbc7f90adb25cbcbb9d1b0ae3e1c6621078d353e91b547ac998b8955f30cff8d5206cc19a6dae31aa71af12a5f0029f5c3e0b1b01e7a2119f8f70d9ae0702f09bab9bc1ba05ef5693de7ff22b9854bb5bf16a7358b337f12c7392ec930f444487f3059b03b3c9ad7a0786243a567404ab8833a970b4a9003d59a9ecc791e4c145f51cfc69c96115b3e86a1bd29138334f0c340d5613964591b51a43c3ac40019b178a00e44bab425e919f46ffe173bf740705816c2897a7794be5b72e997759e6053bd20b99f7d2c3cd3dd29c2436d0286c447435cdd01b0d42dd7a98c8d1c1b0aab1c36a2312dd46bb22aece3f074b9e08ae0227efa0e297d013cae2990f1200c15fad9bafc03fe363e7d425d28dd6ed226b406f4fcc8c06facfa252b86db47ee5e0e3255c9b1845123b0111b20bf47ec372a92c6de30f78c8d7d68bc540aa02315fc29f27e36f963218bddf8043844b943a561c46eb2dcd31786ce914b9995a287095b142b674b3182fdf1cd8575836b378314d3dd6fddad64158cceed2567cac781e639b57c1f551b5165ff6295ca2d85874e3c18ad49ff37661cd9fb6fcac8ff153c9f099cfde58ec7a163991494c82a7664e5f0a0774b9024169859e326cfdeee01da0ac6916c48099af8b9f864e5e93326bdb011530a5959e7f5b752f4a2317a83861f30ccf4dbf3c4e422758299e725716276db8793d366e914090bacf97a165410c4df392f36d71154e9c0e905febc5314ea94bc31b9d55c52d958f5a7354fd0b92aa54be054c64d1fb6da54545a78e5caf040a543bd1209382a2c218d76097794f2841f9806b628357ab742ef12783b2ada8f11f4f5d0e0e102d4f41ca25e8087802a7cae93c5c4db077c9112e7c5ab006bd800c6bad8f10ecd12d78a275129efc6e816f8ae8e748ce8e2e9487c77a0505acf651662a631d61e7c4073d9a127ad2181db31fe5a2f9225a12ee1602490700e1c543714480895a7d183d521dab19170c850efadd3d98de8a49bb9fa75e95c6a0eac2c0b1482a934de47c6b5afdfccdf1b5fd9bc0672fb88fc53c7f316dbccea685c1e99083e88f44c26fb49f56a2c269cc4a1884365004ff04c2d5190e8dd9b4c73e77ab9b0a8ca78313cc32f75f28216d1901ee3a79fbfdbdfb9ee78acbdbaeb8979c7fe42da3bc1e50f70811b26e8d4bc577e99f5f9acd41cac7d987871931c0110c4b4dfc926aab358d9ec33272ed8c54062482e09ce71b72ac0a9438d50409a1998b8f14bb65f6aff211a1b64b1e0392486dbf411be150f0eb4ca27f820be749466074ad8879905ff44a66a1e975432969230ae460e632594293b65965ffe64f2c8ccfb6b3bbb53b5fabb38cbd7595dd72506158e1b2b4ccb5836be9f015e65c5053a92b6a3406f634bd0af9ec88963b77d6113f53f0efbcd4e03dbe86a191a874fc8e06e6b43b542dd3fa5e559d85ddae64a6bd7ad89144171aedb6adc9dd854c5aeebcef376b02b0b637ae3a42cb8bbf105a27a913f6e1a7ff9dd3613e5212ae9f6d96ef2b48e0124720ebbee77d0557d8ce2655fce6bdc24e1f381f260788fbe67ae0f0549dd96c2c1b94d50cc4b37f7e609c98a0fa0b2153cf11dcbeb0a8f25ce9af752b418ec6aa1626e22ac30fedfe5d8a8260aa3b56806e51ba55733e63680041e3def9275183c5f1a8c30567b4a9e3cc59fca7818777fc144adb94928677321a11b028fc7e2a9c2f5c0ccacf8b88d97f2d7ccce3b7b95bb94a3e81018b02614d290e2b5641c721675771847045379c78ba99c98dbeaec30fa6e3d9fc65dbf3722618f72c57e65a10d6a355b08e16f6b060f8a3525777dafb3f1be0f6212eed013a9215e362c33405c233d7d8628af2cc4638f20ba90e4bfe4e24058b3d073aee748e8f623ca4fb6ac5163cedd316ce2525b567c8128003ee9244a96696dac15d6b176c9a5c19f1e1a1eb71200c32367fdff41672f37abaf5489c4a3b5e1b88ec431cb3c63e19b3f8324ad7b1962cd6e5ad3227df765075f1d49ac1608fd12b0047a1b1a1446732dcdf051beb2703c89a0e25a9c000d80bdf2368d512b302a57636053235204aa96e01d7309ab60958ce012d22d4071262723465ae635a1a9d95e4232bbff5586fa7d84dd1ca6e4a437d2e79ff17a3e346a3733fbbcbd1b9e524f24af8bdd72550ad85e90c432070bf545958713ac00d3fc010bcf3813c5dcda96b163302fd0a049770d5f953478287cfb4ef5fca66ceac251ba98f282b0cb65d014c2f26c9b4083886e5607c614e468ede634b63437a62810c56bfb0ea621cb5da610a959b0dde598c182157cb3d973b35fc5c83b549cf9eab7f71bd7afaee25b64af7c7282a29f5371328094bb94232003afe5bc5dcec1437845c865004c2c611f6133a26973c34d952a018385df880fc2d5e73ef63a05203e68e17d1a2e3b8efacfe16ed1c6de0ebe71c5590139e3e1630105489f05b862cb17f22f7a0b9cef942bce97f1d39459cf8749c61b7a51ff68e5f823f63aa2afc4c8b34326f8c275b28a1509a68d5ee6778a66f74b5853e219acc8034d4399a88197c92bb538ad1048155f0655d3d9ccdda8b7f0916ddfa2638f9eabb59c44ed6f2d68456a8cfb1dde046a091883504979f1ad460c78570f6cadaedd58cc4ae1b5fe2c55755c16da7d690a24a9d8a392461074dc6e1137dad7db3610c75091e756d0e4285b93ed2ce4bdfbf46ea4f92d18258d3486dc7345ea855a1d57428771a3c9f651186a7b6c08f9d3affc046b22a7372309c1f2ae77b78be26ba2a85ce7882b836f3f9ba639868c8ba8ce145423e74079b490822c2ad061ff191a711b67d36237b701900e25acaf64f6e3de88ed00463164ecd8666012022333af40e0edf5d58046e8db8edc0a730a3e9714089301838b338fb099b4d05e9a129a648f9573d8b5a721a2bbb4354d0edcade423b71b8b4339b13218cfe27565c02c7d072017b3de69aa7abc11e52f7ee432b009d9ba7bc45cf9a25fe2addf7e984d82ca943526beb8e45ec77bbef87b112253a499827a3023616a91ac6191051b08a5e9af518e343ab948a7f93e17fb06b100d79f36ec156c40c88f3c12d15458df30f6a3b61ab84dffecac8808dcf1f55deacae5c7ab901b45814851a0bf3e0b561415308e9245d93b9d40448850d5a33998312e699d984748b35f05ff5ec7e035c7ff0c1af328195372ed80da4cd481cba9d49caa5406e34b24b001d5925bb2b5b5120132c8bb41a1093975d145a49ca7628e86080769161660eb41b1e1b20078ac44470be2f09561bb3f9474b1bd6be968734e173921b6d115842ec54a959dd26646fedf1daabd354e21bcfba10d5793b0c6c6a76189f9d3fc7a2507ed43752ed55fce927dcefb45bc28126cc2d92525ac79322eac2dfa114830e11886fbc854cbfc26214b95e55c0e7ad9c1c0975aeed262c748197ed5a888fb1b88dcc3b09305ee36ccaf217ff94bd66d307cea7cec3f8a60a55360b4c656ec0935a7ba4ab198cc70e3e40115676c6bb5baaad3d7e409a66b50f37eb3ea6378282fbe61acf3cb7f980f5db5f3db35d033b3fb4336853ee51731a827aef5d6c8d816345a3bc4431b785690b51f4db690b90ba94247b720d7c93855d28d344f80f0f1c3b15735045a06a19b76a8b1bcaa71de3d9a7014ccc02b87759781278de6000663dac7ecf4d046a04ef02346ef3b30de2a31797c6b434745007287859bbe33cf2ed4ac9884aeccac37a862d552c87498022bea99277861521da14eabef60f86106e57399a531ed1ad4434facdd0c763e175399ac887317a17475571774de6d4f2780b3d7f6028a8b26731940649ad03b07c0f6609cefa8b2810c1b12592e843cbf15280fa6c3bf97541c45039dc29af1a0c8ec9e66225eeb1417627ff918cd56cfb5dc7ddda907e9853e27fc925cb6301ac522bddb6ab67414ca06cc5a61f315184422677be29b31e9e6279b925ed1a51829a8169f38e313f6abfaa09618317839b4986bdc51566b7e2f0e1a84940951d766eaef7622c3a449d2bf5c00b2a9c0a61dd04813c8eb1ebf9efb04151ec05cdae59661b1817a9ab7223b5806f110d339ece73e8e6c861ff0422390cf118f8973bb7c1f271aa6d4154dcec3b0a47a664a129486dd7e745442b30309eb83d5ba1e62ceec0ce349263c9b246530fbc1b0d3b5260fe38752255c21baa53921da1e5c7f2474aebcb9fc05105715ba89a2cd8e7cffdbc06b7216718c51d73a6b9b4715d44ac478e8f26bb55e3d9d447eeb11ed792da89a8c539a80f97370fad2da8dee1aa4bee094f111585ae6b0e7add582f3db6838ac0227659584b352a2b7a27fff852051f1ec97fe929eac8e779b94795f62eb40e3002cd7150c13670c5bc2ec4c0198921237a259da32197192acb3c7b3845ab65f0e22116a3dade53c44769513dca30f2d3afa83466e84d1dced34f4a716b9e98d29e80b5fc67ff1e8bffcca1581a4180647a4dbe27d867311b003433acae070693dbc324abe0f8b7e2282b7f0ca2751570905f9fbd3ea90ffeb8a4984e65fc3bc439388166fd203a071d9ebf25d2191432adc52a7e3b746537ce0f8f2f917b9137b58e1a467e5a9ee3f21b4e96906174421bd9fc7b038313822dc923c896de00665f3c6bf050b0a99cabd02758715b62ba23dc81fd810e85f6821f21ea1e2aab16b10279471ab4b5bc7e8ed53ea4bf51844b4b861b0970c8136f451952784d725b173fc1ae7a23a41129d45424bf1416331fb40fe878c0c7fc9a282a2288f764b1a213798022eabce48ecde9ce6323621157236db610a08572f598ed936441ee1c86cd4797dfa2730ae824d2e5f2d4912604ddeb75a77160a2a28267eaded70696cb3230af0981b172b11eaba25aa56a32cd1f6150a1a004e17f328d5d1024b2a4227b588e6e7ffbfb038653f2b48014526ee4aba51b7d8f4b14503c8e98bbffdc94acca4db748667e2f654b47f184ec3ba4f7e3f633ba65e58a56bc77defe395b8860052daba13b51decfb04fb756ad34f8c2051d36a3c065b7b90c79b87093d7dd799f9ca7d5a1a29767e71331691576b571547eb8755d4fe85675a43c60c609a6b3644b387d1781c8e0a25dff"}]}, 0xec4}}, 0x0) 22:20:29 executing program 2: openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_io_uring_setup(0xf47, &(0x7f0000000200), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0xc, 0x0, 0x0) 22:20:29 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0) 22:20:29 executing program 1: pselect6(0x40, &(0x7f0000000000)={0x8}, 0x0, 0x0, 0x0, 0x0) 22:20:29 executing program 5: r0 = syz_io_uring_setup(0xf47, &(0x7f0000000200)={0x0, 0xda54}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r1) 22:20:29 executing program 3: r0 = syz_io_uring_setup(0x2601, &(0x7f0000000200), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) r1 = socket$can_j1939(0x1d, 0x2, 0x7) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000380)=[r1], 0x1) 22:20:30 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) read$eventfd(r0, 0x0, 0x0) 22:20:30 executing program 1: pselect6(0x40, &(0x7f0000000000)={0x8}, 0x0, 0x0, 0x0, 0x0) 22:20:30 executing program 2: openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_io_uring_setup(0xf47, &(0x7f0000000200), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0xc, 0x0, 0x0) 22:20:30 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0) 22:20:30 executing program 3: openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000000180)="06", 0x1}, {&(0x7f00000001c0)="14", 0x1}, {&(0x7f0000000200)="b5", 0x1}], 0x3, &(0x7f0000000400)="c258814fbb58815f96c6b4cf0a599319aee05e24a9228edb88e02359857eaeac8123d566ac", 0x25}, 0x0) 22:20:30 executing program 5: r0 = syz_open_dev$binderN(&(0x7f0000000080)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f00000000c0)) 22:20:31 executing program 0: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000440)='/dev/nvram\x00', 0x0, 0x0) fsconfig$FSCONFIG_SET_PATH(r0, 0x5, 0x0, 0x0, 0xffffffffffffff9c) 22:20:31 executing program 1: syz_open_dev$video(0x0, 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0x8}, 0x0, 0x0, 0x0, 0x0) 22:20:31 executing program 2: openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_io_uring_setup(0xf47, &(0x7f0000000200), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0xc, 0x0, 0x0) 22:20:31 executing program 3: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x0, 0x0) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:31 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0) 22:20:31 executing program 5: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x12, 0x1, &(0x7f0000000080)=@raw=[@generic], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:20:31 executing program 0: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000440)='/dev/nvram\x00', 0x40040, 0x0) fsconfig$FSCONFIG_SET_PATH(r0, 0x6, 0x0, 0x0, 0xffffffffffffff9c) syz_io_uring_setup(0x15f1, &(0x7f00000001c0)={0x0, 0x197b, 0x1, 0x3, 0x173}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280)=0x0) r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/capi/capi20\x00', 0x8882, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd=r2, 0xffff, {0x0, r0}, 0x1, 0x2, 0x1}, 0x2) openat$nvram(0xffffffffffffff9c, &(0x7f0000000440)='/dev/nvram\x00', 0x0, 0x0) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000440)='/dev/nvram\x00', 0x0, 0x0) ioctl$TIOCSPGRP(r3, 0x5410, 0x0) 22:20:31 executing program 1: syz_open_dev$video(0x0, 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0x8}, 0x0, 0x0, 0x0, 0x0) 22:20:31 executing program 3: socketpair(0x2c, 0x0, 0x0, &(0x7f0000000080)) 22:20:32 executing program 2: memfd_create(&(0x7f0000000200)='.$\x00', 0x2) 22:20:32 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0x0, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:32 executing program 5: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x38f, &(0x7f00000000c0)={0x0, 0x31b}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c00000011003586000000030000000007"], 0x2c}}, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0x2, 0x0) 22:20:32 executing program 1: syz_open_dev$video(0x0, 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0x8}, 0x0, 0x0, 0x0, 0x0) 22:20:32 executing program 3: socketpair(0x28, 0x0, 0x1, &(0x7f0000000000)) 22:20:32 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000380)=0x2) 22:20:32 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0x0, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:32 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000180)={0x3}) 22:20:32 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:33 executing program 1: syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:33 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x0, 0x0, 0x0, "87996ef1a0a9493ad594580e49ce243827ce7812f6b7d9a0571e52fa99fc5596"}) 22:20:33 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x6c000000}]}]}}, &(0x7f0000000400)=""/138, 0x32, 0x8a, 0x1}, 0x20) 22:20:33 executing program 0: bpf$BPF_PROG_QUERY(0x21, &(0x7f0000000040)={0xffffffffffffffff, 0x10, 0x0, 0x0, 0x0}, 0x20) 22:20:33 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000080)) 22:20:33 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:34 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:20:34 executing program 3: bpf$BPF_PROG_WITH_BTFID_LOAD(0x4, &(0x7f0000000280)=@bpf_lsm={0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:20:34 executing program 2: 22:20:34 executing program 0: 22:20:34 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:34 executing program 1: syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:34 executing program 4: 22:20:34 executing program 2: 22:20:34 executing program 3: 22:20:34 executing program 0: 22:20:35 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:35 executing program 4: 22:20:35 executing program 3: 22:20:35 executing program 2: 22:20:35 executing program 0: 22:20:35 executing program 5: ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:36 executing program 4: 22:20:36 executing program 1: syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:36 executing program 2: 22:20:36 executing program 3: 22:20:36 executing program 0: 22:20:36 executing program 5: ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:36 executing program 4: 22:20:36 executing program 3: 22:20:36 executing program 2: 22:20:37 executing program 0: 22:20:37 executing program 4: 22:20:37 executing program 5: ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:37 executing program 3: 22:20:37 executing program 1: syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) 22:20:37 executing program 2: 22:20:37 executing program 0: 22:20:37 executing program 4: 22:20:38 executing program 3: 22:20:38 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:38 executing program 2: 22:20:38 executing program 0: 22:20:38 executing program 3: 22:20:38 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:38 executing program 4: 22:20:38 executing program 2: 22:20:38 executing program 1: syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) 22:20:38 executing program 0: 22:20:39 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:39 executing program 4: 22:20:39 executing program 3: 22:20:39 executing program 2: 22:20:39 executing program 0: 22:20:39 executing program 4: 22:20:40 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:40 executing program 3: 22:20:40 executing program 2: 22:20:40 executing program 0: 22:20:40 executing program 1: syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) 22:20:40 executing program 4: 22:20:40 executing program 3: 22:20:40 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:40 executing program 2: 22:20:40 executing program 4: 22:20:40 executing program 0: 22:20:41 executing program 3: 22:20:41 executing program 2: 22:20:41 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:41 executing program 0: 22:20:41 executing program 4: 22:20:41 executing program 1: 22:20:42 executing program 2: 22:20:42 executing program 3: 22:20:42 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, 0x0) 22:20:42 executing program 0: 22:20:42 executing program 4: 22:20:42 executing program 1: 22:20:42 executing program 2: 22:20:42 executing program 3: 22:20:42 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, 0x0) 22:20:43 executing program 4: 22:20:43 executing program 0: 22:20:43 executing program 1: 22:20:43 executing program 3: 22:20:43 executing program 2: 22:20:43 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, 0x0) 22:20:43 executing program 1: 22:20:43 executing program 4: 22:20:43 executing program 0: 22:20:43 executing program 3: 22:20:43 executing program 2: 22:20:44 executing program 4: 22:20:44 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:44 executing program 0: 22:20:44 executing program 1: 22:20:44 executing program 3: 22:20:44 executing program 2: 22:20:44 executing program 4: 22:20:44 executing program 0: 22:20:44 executing program 1: 22:20:45 executing program 3: 22:20:45 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:45 executing program 2: 22:20:45 executing program 4: 22:20:45 executing program 1: 22:20:45 executing program 0: 22:20:45 executing program 3: 22:20:45 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "107d13f4"}, 0x0, 0x0, @planes=0x0}) 22:20:45 executing program 2: 22:20:45 executing program 4: 22:20:46 executing program 1: 22:20:46 executing program 0: 22:20:46 executing program 3: 22:20:46 executing program 5: 22:20:46 executing program 2: 22:20:46 executing program 4: 22:20:46 executing program 0: 22:20:46 executing program 1: 22:20:46 executing program 5: 22:20:46 executing program 3: 22:20:47 executing program 4: 22:20:47 executing program 2: 22:20:47 executing program 1: 22:20:47 executing program 0: 22:20:47 executing program 5: 22:20:47 executing program 3: 22:20:47 executing program 4: 22:20:47 executing program 1: 22:20:47 executing program 2: 22:20:47 executing program 0: 22:20:47 executing program 5: 22:20:47 executing program 3: 22:20:48 executing program 1: 22:20:48 executing program 4: 22:20:48 executing program 0: 22:20:48 executing program 2: 22:20:48 executing program 3: 22:20:48 executing program 5: 22:20:48 executing program 1: 22:20:48 executing program 4: 22:20:49 executing program 0: 22:20:49 executing program 2: 22:20:49 executing program 3: 22:20:49 executing program 5: 22:20:49 executing program 1: 22:20:49 executing program 4: 22:20:49 executing program 0: 22:20:49 executing program 2: 22:20:49 executing program 3: 22:20:50 executing program 5: 22:20:50 executing program 1: 22:20:50 executing program 0: 22:20:50 executing program 4: 22:20:50 executing program 2: 22:20:50 executing program 3: 22:20:50 executing program 5: 22:20:50 executing program 1: 22:20:50 executing program 0: 22:20:50 executing program 4: 22:20:51 executing program 2: 22:20:51 executing program 3: 22:20:51 executing program 5: 22:20:51 executing program 4: 22:20:51 executing program 2: 22:20:51 executing program 3: 22:20:51 executing program 0: 22:20:51 executing program 1: 22:20:52 executing program 4: bpf$MAP_CREATE(0x22, &(0x7f0000000180), 0x40) 22:20:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000180)='wg2\x00', 0x4) 22:20:52 executing program 0: write$hidraw(0xffffffffffffffff, 0x0, 0x0) 22:20:52 executing program 3: mount$9p_fd(0x402010, &(0x7f0000000000)='.\x00', &(0x7f0000000040)='9p\x00', 0x0, 0x0) 22:20:52 executing program 2: 22:20:52 executing program 1: 22:20:52 executing program 5: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x6, &(0x7f0000000080)={0x7}, 0x14) 22:20:53 executing program 4: r0 = fsopen(&(0x7f0000000040)='nfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 22:20:53 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_ifreq(r0, 0x8913, &(0x7f0000000080)={'veth0_to_bridge\x00', @ifru_hwaddr=@random}) 22:20:53 executing program 3: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0xe, &(0x7f0000000080), 0x14) 22:20:53 executing program 0: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/user\x00') ioctl$NS_GET_PARENT(r0, 0xb704, 0x0) 22:20:53 executing program 1: mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000700)) 22:20:53 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/bus/input/handlers\x00', 0x0, 0x0) mmap$dsp(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000005, 0x10, r0, 0x0) 22:20:53 executing program 4: r0 = socket(0x15, 0x5, 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000540)={&(0x7f0000000480), 0xc, &(0x7f0000000500)={0x0}}, 0x4000000) 22:20:53 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000180), 0x8d) 22:20:53 executing program 0: setrlimit(0x0, &(0x7f0000000200)={0x59}) 22:20:53 executing program 3: r0 = socket$nl_crypto(0x10, 0x3, 0x15) recvmsg(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0}, 0x0) 22:20:53 executing program 1: setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) socketpair(0x0, 0x6, 0x3, &(0x7f00000010c0)) syz_read_part_table(0xfffffffffffffff9, 0x2, &(0x7f0000001140)=[{0x0}, {&(0x7f0000000040)}]) 22:20:54 executing program 2: syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x2, 0x40000) 22:20:54 executing program 5: r0 = timerfd_create(0x1, 0x0) timerfd_gettime(r0, &(0x7f0000000140)) 22:20:54 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x64}}, 0x0) 22:20:54 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') sendmsg$NL80211_CMD_GET_MPATH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x1c, r1, 0x405, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) 22:20:54 executing program 1: socket(0x1d, 0x0, 0x8000) 22:20:54 executing program 5: r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockname(r0, 0x0, &(0x7f0000000040)) 22:20:55 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f00000000c0)={'team_slave_1\x00', {0x2, 0x0, @remote}}) 22:20:55 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 22:20:55 executing program 0: r0 = socket$l2tp6(0xa, 0x2, 0x73) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f00000002c0), &(0x7f0000000340)=0x68) 22:20:55 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000001c0)={0x0, 0x0, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74501ff8"}}) 22:20:55 executing program 1: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) ftruncate(r1, 0x40204) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800c, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) 22:20:55 executing program 2: r0 = socket(0x22, 0x2, 0x1) getsockopt$PNPIPE_IFINDEX(r0, 0x113, 0x2, 0x0, &(0x7f0000004700)) 22:20:55 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGPTPEER(r0, 0x5412, 0x0) 22:20:55 executing program 0: socketpair(0x10, 0x3, 0x0, &(0x7f0000000280)) 22:20:56 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$DRM_IOCTL_MODESET_CTL(0xffffffffffffffff, 0x40086408, &(0x7f0000000080)={0x0, 0xffffff7f}) clock_gettime(0x0, &(0x7f0000002840)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000002780)=[{{0x0, 0x0, 0x0}, 0x1000}], 0x1, 0x0, &(0x7f0000002880)={r1, r2+60000000}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000005e007f394b51fcf433f766b0b846c9374c74f46d3c"], 0x1c}}, 0x0) [ 1391.154468][T26569] attempt to access beyond end of device [ 1391.160463][T26569] loop1: rw=2049, want=230, limit=127 22:20:56 executing program 4: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x24, &(0x7f0000000080), 0x14) 22:20:56 executing program 5: syz_open_dev$video4linux(&(0x7f0000000280)='/dev/v4l-subdev#\x00', 0x3, 0x0) 22:20:56 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440)='nl80211\x00') ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000004c0)=ANY=[@ANYBLOB='p\a\x00\x00', @ANYRES16=r2, @ANYBLOB="a1052cbd7000fbdbdf253900000008000300", @ANYRES32=r3, @ANYBLOB="90015a80040103"], 0x770}}, 0x0) 22:20:56 executing program 1: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) ftruncate(r1, 0x40204) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800c, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) 22:20:56 executing program 0: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) ftruncate(r1, 0x40204) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800c, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) 22:20:57 executing program 4: sysfs$2(0x2, 0x8, &(0x7f00000001c0)=""/246) [ 1391.923482][T26589] netlink: 1476 bytes leftover after parsing attributes in process `syz-executor.2'. 22:20:57 executing program 3: bpf$MAP_CREATE(0x23, &(0x7f0000000180), 0x40) [ 1392.006896][T26591] netlink: 1476 bytes leftover after parsing attributes in process `syz-executor.2'. 22:20:57 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x14, r1, 0xf8c4d19dda752b31, 0x0, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x0) [ 1392.291275][T26596] attempt to access beyond end of device [ 1392.297299][T26593] attempt to access beyond end of device [ 1392.297349][T26593] loop0: rw=2049, want=230, limit=127 [ 1392.308898][T26596] loop1: rw=2049, want=230, limit=127 22:20:57 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4) 22:20:57 executing program 4: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x4, &(0x7f0000000080), 0x14) 22:20:57 executing program 1: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) ftruncate(r1, 0x40204) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800c, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) 22:20:57 executing program 0: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) ftruncate(r1, 0x40204) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800c, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) 22:20:57 executing program 3: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x2, &(0x7f0000000080)={0x5}, 0x14) 22:20:57 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @remote}}) 22:20:58 executing program 2: capget(0x0, &(0x7f0000000040)) [ 1393.201862][T26616] attempt to access beyond end of device [ 1393.208028][T26616] loop1: rw=2049, want=230, limit=127 22:20:58 executing program 1: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) ftruncate(r1, 0x40204) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800c, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) 22:20:58 executing program 4: syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x40000) 22:20:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000080)) 22:20:58 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f00000001c0)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1}) 22:20:59 executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r0, 0x5422, 0x0) 22:20:59 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0xfffffffffffffffd) 22:20:59 executing program 2: modify_ldt$write(0x1, &(0x7f0000001440), 0x10) socket$inet_udplite(0x2, 0x2, 0x88) socket$inet_udplite(0x2, 0x2, 0x88) syz_80211_inject_frame(0x0, 0x0, 0x0) 22:20:59 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000080)={{0x80}, 'port1\x00', 0x21, 0x140002, 0x0, 0x0, 0x0, 0x0, 0x9}) 22:20:59 executing program 5: openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/clients\x00', 0x0, 0x0) [ 1394.790696][T26646] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 22:20:59 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000b00)='/dev/input/mouse#\x00', 0x0, 0x0) sendmsg$inet6(r0, 0x0, 0x0) 22:20:59 executing program 1: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) ftruncate(r1, 0x40204) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) 22:21:00 executing program 4: syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0xf9, 0xea, 0xfc, 0x20, 0x12d1, 0xe532, 0xb277, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0xff, 0x1, 0x61, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x8}}, {{0x9, 0x5, 0xe}}]}}]}}]}}, 0x0) 22:21:00 executing program 5: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff) modify_ldt$write(0x1, &(0x7f0000001440), 0x10) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f0000000000)={0x40, 0x36314d4e, 0x2, @stepwise={0x2, 0x4, 0x800, 0x8, 0x3, 0x80}}) 22:21:00 executing program 0: openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/seq/clients\x00', 0x0, 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f00000000c0)) 22:21:00 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r0, 0x4b47, &(0x7f00000000c0)={0x0, 0x0, 0x27f}) 22:21:00 executing program 3: modify_ldt$write(0x1, &(0x7f0000000040)={0x7fd}, 0x10) modify_ldt$write(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10) [ 1395.813689][ T2084] usb 5-1: new high-speed USB device number 4 using dummy_hcd 22:21:01 executing program 5: r0 = socket$nl_rdma(0x10, 0x3, 0x14) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0xf0ffffff7f0000) [ 1396.063745][ T2084] usb 5-1: Using ep0 maxpacket: 32 22:21:01 executing program 0: sysfs$2(0x2, 0xfffffffffffffffe, 0x0) 22:21:01 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_ifreq(r0, 0x8946, &(0x7f0000000000)={'veth1_to_bridge\x00', @ifru_hwaddr=@random}) [ 1396.204945][ T2084] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 8 [ 1396.215016][ T2084] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 22:21:01 executing program 1: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) ftruncate(r1, 0x40204) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) [ 1396.408317][ T2084] usb 5-1: New USB device found, idVendor=12d1, idProduct=e532, bcdDevice=b2.77 [ 1396.417759][ T2084] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1396.426401][ T2084] usb 5-1: Product: syz [ 1396.430811][ T2084] usb 5-1: Manufacturer: syz [ 1396.435672][ T2084] usb 5-1: SerialNumber: syz [ 1396.548176][ T2084] usb 5-1: config 0 descriptor?? 22:21:01 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000040)={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "ee06df6d"}, 0x0, 0x0, @userptr}) [ 1396.591605][T26664] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 1396.651834][ T2084] option 5-1:0.0: GSM modem (1-port) converter detected 22:21:01 executing program 5: prctl$PR_GET_PDEATHSIG(0x2, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000080)='wireguard\x00') 22:21:01 executing program 0: r0 = syz_open_dev$binderN(&(0x7f00000001c0)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0xfffffffffffffe81, 0x0, 0x0, 0x4, 0x0, &(0x7f00000000c0)="ebea40636a198f6d15b4b7c9ce3193fb"}) [ 1396.852925][ T2084] usb 5-1: USB disconnect, device number 4 [ 1396.915104][ T2084] option 5-1:0.0: device disconnected [ 1397.290868][T26707] binder: 26705:26707 ioctl c0306201 20000080 returned -14 [ 1397.630898][T19698] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 1397.874744][T19698] usb 5-1: Using ep0 maxpacket: 32 [ 1398.013941][T19698] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 8 [ 1398.024063][T19698] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 1398.208187][T19698] usb 5-1: New USB device found, idVendor=12d1, idProduct=e532, bcdDevice=b2.77 [ 1398.217661][T19698] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1398.226140][T19698] usb 5-1: Product: syz [ 1398.230472][T19698] usb 5-1: Manufacturer: syz [ 1398.235393][T19698] usb 5-1: SerialNumber: syz [ 1398.251738][T19698] usb 5-1: config 0 descriptor?? [ 1398.279332][T26664] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 1398.311324][T19698] option 5-1:0.0: GSM modem (1-port) converter detected 22:21:03 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_ifreq(r0, 0x5411, &(0x7f0000000080)={'veth0_to_bridge\x00', @ifru_hwaddr=@random}) 22:21:03 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x8) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8932, &(0x7f0000000140)={'batadv0\x00'}) 22:21:03 executing program 5: bpf$MAP_CREATE(0x11, 0x0, 0x0) 22:21:03 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, 0x0, &(0x7f00000002c0)) 22:21:03 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r0, 0x5429, 0x0) 22:21:03 executing program 1: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) ftruncate(r1, 0x40204) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) [ 1398.489505][T19698] usb 5-1: USB disconnect, device number 5 [ 1398.498803][T19698] option 5-1:0.0: device disconnected 22:21:03 executing program 5: r0 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x82) [ 1398.932404][T26742] attempt to access beyond end of device [ 1398.938463][T26742] loop1: rw=2049, want=230, limit=127 22:21:04 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000080)={0x0, 'vcan0\x00', {}, 0x7fff}) 22:21:04 executing program 0: r0 = socket(0x2a, 0x2, 0x0) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x48020) 22:21:04 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xc008ae05, 0x0) 22:21:04 executing program 1: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) 22:21:04 executing program 4: r0 = socket(0x23, 0x2, 0x0) sendmsg$NL80211_CMD_DEL_PMK(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x4000810) 22:21:04 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000040)={0x14, 0x88, 0xfa00, {r2, 0x10, 0x0, @in={0x2, 0x0, @remote}}}, 0x90) 22:21:04 executing program 2: r0 = socket(0x23, 0x2, 0x0) sendmsg$NL80211_CMD_DEL_PMK(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 22:21:04 executing program 0: r0 = syz_open_dev$binderN(&(0x7f0000001a80)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)) 22:21:05 executing program 3: r0 = socket$l2tp6(0xa, 0x2, 0x73) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f00000000c0)={'batadv_slave_0\x00', {0x2, 0x0, @multicast1}}) 22:21:05 executing program 4: ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, 0x0) socket$l2tp(0x2, 0x2, 0x73) syz_genetlink_get_family_id$l2tp(&(0x7f0000001200)='l2tp\x00') 22:21:05 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_ifreq(r0, 0x8942, &(0x7f0000000000)={'veth0_virt_wifi\x00', @ifru_hwaddr=@random}) 22:21:05 executing program 2: syz_mount_image$udf(&(0x7f0000000000)='udf\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {&(0x7f0000010300)="01000200a400010054fbf001600000000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0xc000}, {&(0x7f0000010400)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c16351c1d002a4c696e757820554446465300000000000000000000000405", 0xde, 0xc0c0}, {&(0x7f0000010500)="0000000000000000010000000000000000000000000000000000000000000000060002002d0001002caee8016100000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x7d, 0xc1e0}, {&(0x7f0000010600)="000000000000000000000000000000000000000900020000002a4f5354412055444620436f6d706c69616e74000000005001000000000000000200002000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0xc2c0}, {&(0x7f0000010700)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e5001040500000000010000002000020038010000a0000000e0070000000000000000000000000000000000000500020055000100c535f001620000000500000001000000002b4e53523032000000000000000000000000000000000000000000000000000002", 0x9a, 0xc3a0}, {&(0x7f0000010800)="0000000000000000000000000000000000000000000000000300000020050000a0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0xc4a0}, {&(0x7f0000010d00)="0900020005000100a85b7600800000000010e4070913122c171333010100000000000000000000001800000000000000000000000000000000000000000000000000000000000000010000002e00000080020000a0020000002a4c696e7578205544464653000000000000000000000004050000000000000600000002000000500150010102", 0x86, 0x10000}, {&(0x7f0000011100)="02000200fd0001008f77f00100010000004000006000000000400000c007", 0x1e, 0x20000}], 0x0, &(0x7f0000013300)) 22:21:05 executing program 3: syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000001080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1}}]}}, 0x0) [ 1400.684764][T26781] binder: BINDER_SET_CONTEXT_MGR already set [ 1400.690862][T26781] binder: 26780:26781 ioctl 4018620d 20000040 returned -16 22:21:05 executing program 1: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000000c0)='./file1\x00', 0xffff, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000380)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x2) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x5, 0x0, {0x0, 0x101, 0x0, 0x57da, 0x0, 0x3, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x78) sendfile(r1, r1, &(0x7f00000001c0)=0x25, 0x8080fffffffe) 22:21:05 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) [ 1400.792014][T26783] binder: BINDER_SET_CONTEXT_MGR already set [ 1400.798363][T26783] binder: 26780:26783 ioctl 4018620d 20000040 returned -16 22:21:06 executing program 0: r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x1e, 0x0, &(0x7f0000000000)) [ 1401.057102][T26789] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=2016, location=2016 22:21:06 executing program 4: syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xffffffffffffffff, 0xc8940) [ 1401.164281][T26789] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=1312, location=0 [ 1401.176413][T26789] UDF-fs: error (device loop2): udf_read_inode: (ino 1312) failed !bh [ 1401.185405][T26789] ===================================================== [ 1401.192431][T26789] BUG: KMSAN: uninit-value in udf_evict_inode+0x380/0x7a0 [ 1401.194944][T26789] CPU: 0 PID: 26789 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0 [ 1401.203077][T26789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1401.203077][T26789] Call Trace: [ 1401.203077][T26789] dump_stack+0x21c/0x280 [ 1401.203077][T26789] kmsan_report+0xf7/0x1e0 [ 1401.203077][T26789] __msan_warning+0x5f/0xa0 [ 1401.203077][T26789] udf_evict_inode+0x380/0x7a0 [ 1401.203077][T26789] ? inode_wait_for_writeback+0x2e7/0x320 [ 1401.203077][T26789] ? kmsan_get_metadata+0x116/0x180 [ 1401.203077][T26789] ? kzalloc+0x60/0x60 [ 1401.203077][T26789] evict+0x4ca/0xeb0 [ 1401.203077][T26789] iput+0xc44/0xf60 [ 1401.203077][T26789] iget_failed+0x2c3/0x380 [ 1401.203077][T26789] __udf_iget+0x15ae/0x4630 [ 1401.203077][T26789] ? __msan_instrument_asm_store+0x25/0x130 [ 1401.203077][T26789] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1401.203077][T26789] udf_fill_partdesc_info+0xe64/0x1510 [ 1401.203077][T26789] udf_process_sequence+0x46b0/0x6df0 [ 1401.203077][T26789] udf_check_anchor_block+0x50b/0x880 [ 1401.203077][T26789] udf_scan_anchors+0x27c/0xc60 [ 1401.203077][T26789] ? kmsan_get_metadata+0x116/0x180 [ 1401.203077][T26789] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1401.203077][T26789] udf_load_vrs+0x33c/0x1560 [ 1401.203077][T26789] udf_fill_super+0x11f5/0x3280 [ 1401.203077][T26789] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1401.203077][T26789] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1401.203077][T26789] mount_bdev+0x619/0x900 [ 1401.203077][T26789] ? udf_mount+0xe0/0xe0 [ 1401.203077][T26789] udf_mount+0xc9/0xe0 [ 1401.203077][T26789] legacy_get_tree+0x163/0x2e0 [ 1401.203077][T26789] ? lvid_get_unique_id+0x400/0x400 [ 1401.203077][T26789] ? legacy_parse_monolithic+0x310/0x310 [ 1401.203077][T26789] vfs_get_tree+0xd8/0x5d0 [ 1401.203077][T26789] path_mount+0x3dde/0x5db0 [ 1401.203077][T26789] do_mount+0x1c6/0x220 [ 1401.203077][T26789] __se_compat_sys_mount+0x7bb/0xaa0 [ 1401.203077][T26789] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1401.203077][T26789] __ia32_compat_sys_mount+0x62/0x80 [ 1401.203077][T26789] __do_fast_syscall_32+0x129/0x180 [ 1401.203077][T26789] do_fast_syscall_32+0x6a/0xc0 [ 1401.203077][T26789] do_SYSENTER_32+0x73/0x90 [ 1401.203077][T26789] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.203077][T26789] RIP: 0023:0xf7f66549 [ 1401.203077][T26789] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1401.203077][T26789] RSP: 002b:00000000f555ff20 EFLAGS: 00000292 ORIG_RAX: 0000000000000015 [ 1401.203077][T26789] RAX: ffffffffffffffda RBX: 00000000f555ff7c RCX: 0000000020000100 [ 1401.203077][T26789] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 00000000f555ffbc [ 1401.203077][T26789] RBP: 00000000f555ff7c R08: 0000000000000000 R09: 0000000000000000 [ 1401.203077][T26789] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1401.203077][T26789] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1401.203077][T26789] [ 1401.203077][T26789] Uninit was stored to memory at: [ 1401.203077][T26789] kmsan_internal_chain_origin+0xad/0x130 [ 1401.203077][T26789] __msan_chain_origin+0x57/0xa0 [ 1401.203077][T26789] udf_alloc_inode+0x252/0x280 [ 1401.203077][T26789] iget_locked+0x37d/0x13c0 [ 1401.203077][T26789] __udf_iget+0x14c/0x4630 [ 1401.203077][T26789] udf_fill_partdesc_info+0xe64/0x1510 [ 1401.203077][T26789] udf_process_sequence+0x46b0/0x6df0 [ 1401.203077][T26789] udf_check_anchor_block+0x50b/0x880 [ 1401.203077][T26789] udf_scan_anchors+0x27c/0xc60 [ 1401.203077][T26789] udf_load_vrs+0x33c/0x1560 [ 1401.203077][T26789] udf_fill_super+0x11f5/0x3280 [ 1401.203077][T26789] mount_bdev+0x619/0x900 [ 1401.203077][T26789] udf_mount+0xc9/0xe0 [ 1401.203077][T26789] legacy_get_tree+0x163/0x2e0 [ 1401.203077][T26789] vfs_get_tree+0xd8/0x5d0 [ 1401.203077][T26789] path_mount+0x3dde/0x5db0 [ 1401.203077][T26789] do_mount+0x1c6/0x220 [ 1401.203077][T26789] __se_compat_sys_mount+0x7bb/0xaa0 [ 1401.203077][T26789] __ia32_compat_sys_mount+0x62/0x80 [ 1401.203077][T26789] __do_fast_syscall_32+0x129/0x180 [ 1401.203077][T26789] do_fast_syscall_32+0x6a/0xc0 [ 1401.203077][T26789] do_SYSENTER_32+0x73/0x90 [ 1401.203077][T26789] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.203077][T26789] [ 1401.203077][T26789] Uninit was created at: [ 1401.203077][T26789] kmsan_save_stack_with_flags+0x3c/0x90 [ 1401.203077][T26789] kmsan_alloc_page+0xd3/0x1f0 [ 1401.203077][T26789] __alloc_pages_nodemask+0x84e/0x1040 [ 1401.203077][T26789] alloc_pages_current+0x79b/0xb40 [ 1401.203077][T26789] allocate_slab+0x34b/0x11c0 [ 1401.203077][T26789] ___slab_alloc+0xd35/0x1940 [ 1401.203077][T26789] kmem_cache_alloc+0x869/0xc70 [ 1401.203077][T26789] udf_alloc_inode+0x60/0x280 [ 1401.203077][T26789] iget_locked+0x37d/0x13c0 [ 1401.203077][T26789] __udf_iget+0x14c/0x4630 [ 1401.203077][T26789] udf_fill_partdesc_info+0xe64/0x1510 [ 1401.203077][T26789] udf_process_sequence+0x46b0/0x6df0 [ 1401.203077][T26789] udf_check_anchor_block+0x50b/0x880 [ 1401.203077][T26789] udf_scan_anchors+0x27c/0xc60 [ 1401.203077][T26789] udf_load_vrs+0x33c/0x1560 [ 1401.203077][T26789] udf_fill_super+0x11f5/0x3280 [ 1401.203077][T26789] mount_bdev+0x619/0x900 [ 1401.203077][T26789] udf_mount+0xc9/0xe0 [ 1401.203077][T26789] legacy_get_tree+0x163/0x2e0 [ 1401.203077][T26789] vfs_get_tree+0xd8/0x5d0 [ 1401.203077][T26789] path_mount+0x3dde/0x5db0 [ 1401.203077][T26789] do_mount+0x1c6/0x220 [ 1401.203077][T26789] __se_compat_sys_mount+0x7bb/0xaa0 [ 1401.203077][T26789] __ia32_compat_sys_mount+0x62/0x80 [ 1401.203077][T26789] __do_fast_syscall_32+0x129/0x180 [ 1401.203077][T26789] do_fast_syscall_32+0x6a/0xc0 [ 1401.203077][T26789] do_SYSENTER_32+0x73/0x90 [ 1401.203077][T26789] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.203077][T26789] ===================================================== [ 1401.203077][T26789] Disabling lock debugging due to kernel taint [ 1401.203077][T26789] Kernel panic - not syncing: panic_on_warn set ... [ 1401.203077][T26789] CPU: 0 PID: 26789 Comm: syz-executor.2 Tainted: G B 5.9.0-rc8-syzkaller #0 [ 1401.203077][T26789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1401.203077][T26789] Call Trace: [ 1401.203077][T26789] dump_stack+0x21c/0x280 [ 1401.203077][T26789] panic+0x4c8/0xea7 [ 1401.203077][T26789] ? add_taint+0x17c/0x210 [ 1401.203077][T26789] kmsan_report+0x1da/0x1e0 [ 1401.203077][T26789] __msan_warning+0x5f/0xa0 [ 1401.203077][T26789] udf_evict_inode+0x380/0x7a0 [ 1401.203077][T26789] ? inode_wait_for_writeback+0x2e7/0x320 [ 1401.203077][T26789] ? kmsan_get_metadata+0x116/0x180 [ 1401.203077][T26789] ? kzalloc+0x60/0x60 [ 1401.203077][T26789] evict+0x4ca/0xeb0 [ 1401.203077][T26789] iput+0xc44/0xf60 [ 1401.203077][T26789] iget_failed+0x2c3/0x380 [ 1401.203077][T26789] __udf_iget+0x15ae/0x4630 [ 1401.203077][T26789] ? __msan_instrument_asm_store+0x25/0x130 [ 1401.203077][T26789] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1401.203077][T26789] udf_fill_partdesc_info+0xe64/0x1510 [ 1401.203077][T26789] udf_process_sequence+0x46b0/0x6df0 [ 1401.203077][T26789] udf_check_anchor_block+0x50b/0x880 [ 1401.203077][T26789] udf_scan_anchors+0x27c/0xc60 [ 1401.203077][T26789] ? kmsan_get_metadata+0x116/0x180 [ 1401.203077][T26789] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1401.203077][T26789] udf_load_vrs+0x33c/0x1560 [ 1401.203077][T26789] udf_fill_super+0x11f5/0x3280 [ 1401.203077][T26789] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1401.203077][T26789] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1401.203077][T26789] mount_bdev+0x619/0x900 [ 1401.203077][T26789] ? udf_mount+0xe0/0xe0 [ 1401.203077][T26789] udf_mount+0xc9/0xe0 [ 1401.203077][T26789] legacy_get_tree+0x163/0x2e0 [ 1401.203077][T26789] ? lvid_get_unique_id+0x400/0x400 [ 1401.203077][T26789] ? legacy_parse_monolithic+0x310/0x310 [ 1401.203077][T26789] vfs_get_tree+0xd8/0x5d0 [ 1401.203077][T26789] path_mount+0x3dde/0x5db0 [ 1401.203077][T26789] do_mount+0x1c6/0x220 [ 1401.203077][T26789] __se_compat_sys_mount+0x7bb/0xaa0 [ 1401.203077][T26789] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1401.203077][T26789] __ia32_compat_sys_mount+0x62/0x80 [ 1401.203077][T26789] __do_fast_syscall_32+0x129/0x180 [ 1401.203077][T26789] do_fast_syscall_32+0x6a/0xc0 [ 1401.203077][T26789] do_SYSENTER_32+0x73/0x90 [ 1401.203077][T26789] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.203077][T26789] RIP: 0023:0xf7f66549 [ 1401.203077][T26789] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 1401.203077][T26789] RSP: 002b:00000000f555ff20 EFLAGS: 00000292 ORIG_RAX: 0000000000000015 [ 1401.203077][T26789] RAX: ffffffffffffffda RBX: 00000000f555ff7c RCX: 0000000020000100 [ 1401.203077][T26789] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 00000000f555ffbc [ 1401.203077][T26789] RBP: 00000000f555ff7c R08: 0000000000000000 R09: 0000000000000000 [ 1401.203077][T26789] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1401.203077][T26789] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1401.203077][T26789] Kernel Offset: disabled [ 1401.203077][T26789] Rebooting in 86400 seconds..