24889] Uninit was stored to memory at: [ 1142.872241][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1142.872241][T24889] __msan_chain_origin+0x54/0xa0 [ 1142.872241][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1142.872241][T24889] get_compat_msghdr+0x108/0x2b0 [ 1142.872241][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1142.872241][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1142.872241][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1142.872241][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1142.872241][T24889] __do_fast_syscall_32+0x127/0x180 [ 1142.872241][T24889] do_fast_syscall_32+0x77/0xd0 [ 1142.872241][T24889] do_SYSENTER_32+0x73/0x90 [ 1142.872241][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1142.872241][T24889] [ 1142.872241][T24889] Uninit was stored to memory at: [ 1142.872241][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1142.872241][T24889] __msan_chain_origin+0x54/0xa0 [ 1142.872241][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1142.872241][T24889] get_compat_msghdr+0x108/0x2b0 [ 1142.872241][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1142.872241][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1142.872241][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1142.872241][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1142.872241][T24889] __do_fast_syscall_32+0x127/0x180 [ 1142.872241][T24889] do_fast_syscall_32+0x77/0xd0 [ 1142.872241][T24889] do_SYSENTER_32+0x73/0x90 [ 1142.872241][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1142.872241][T24889] [ 1142.872241][T24889] Uninit was stored to memory at: [ 1142.872241][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1142.872241][T24889] __msan_chain_origin+0x54/0xa0 [ 1142.872241][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1142.872241][T24889] get_compat_msghdr+0x108/0x2b0 [ 1142.872241][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1142.872241][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1142.872241][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1142.872241][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1142.872241][T24889] __do_fast_syscall_32+0x127/0x180 [ 1142.872241][T24889] do_fast_syscall_32+0x77/0xd0 [ 1142.872241][T24889] do_SYSENTER_32+0x73/0x90 [ 1142.872241][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1142.872241][T24889] [ 1142.872241][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1142.872241][T24889] do_recvmmsg+0xbf/0x22d0 [ 1142.872241][T24889] do_recvmmsg+0xbf/0x22d0 [ 1143.863507][T24889] not chained 1950000 origins [ 1143.868247][T24889] CPU: 0 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1143.876219][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1143.876219][T24889] Call Trace: [ 1143.876219][T24889] dump_stack+0x24c/0x2e0 [ 1143.876219][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1143.876219][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1143.876219][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1143.876219][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1143.876219][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1143.876219][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1143.876219][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1143.876219][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1143.876219][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1143.876219][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1143.876219][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1143.876219][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1143.876219][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1143.876219][T24889] ? _copy_from_user+0x1fd/0x300 [ 1143.876219][T24889] __msan_chain_origin+0x54/0xa0 [ 1143.876219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1143.876219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1143.876219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1143.876219][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1143.876219][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1143.876219][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1143.876219][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1143.876219][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1143.876219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1143.876219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.876219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.876219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1143.876219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1143.876219][T24889] do_SYSENTER_32+0x73/0x90 [ 1143.876219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.876219][T24889] RIP: 0023:0xf7f89549 [ 1143.876219][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1143.876219][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1143.876219][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1143.876219][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1143.876219][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1143.876219][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1143.876219][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1143.876219][T24889] Uninit was stored to memory at: [ 1143.876219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1143.876219][T24889] __msan_chain_origin+0x54/0xa0 [ 1143.876219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1143.876219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1143.876219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1143.876219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1143.876219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.876219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.876219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1143.876219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1143.876219][T24889] do_SYSENTER_32+0x73/0x90 [ 1143.876219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.876219][T24889] [ 1143.876219][T24889] Uninit was stored to memory at: [ 1143.876219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1143.876219][T24889] __msan_chain_origin+0x54/0xa0 [ 1143.876219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1143.876219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1143.876219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1143.876219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1143.876219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.876219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.876219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1143.876219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1143.876219][T24889] do_SYSENTER_32+0x73/0x90 [ 1143.876219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.876219][T24889] [ 1143.876219][T24889] Uninit was stored to memory at: [ 1143.876219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1143.876219][T24889] __msan_chain_origin+0x54/0xa0 [ 1143.876219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1143.876219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1143.876219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1143.876219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1143.876219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.876219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.876219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1143.876219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1143.876219][T24889] do_SYSENTER_32+0x73/0x90 [ 1143.876219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.876219][T24889] [ 1143.876219][T24889] Uninit was stored to memory at: [ 1143.876219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1143.876219][T24889] __msan_chain_origin+0x54/0xa0 [ 1143.876219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1143.876219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1143.876219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1143.876219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1143.876219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.876219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.876219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1143.876219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1143.876219][T24889] do_SYSENTER_32+0x73/0x90 [ 1143.876219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.876219][T24889] [ 1143.876219][T24889] Uninit was stored to memory at: [ 1143.876219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1143.876219][T24889] __msan_chain_origin+0x54/0xa0 [ 1143.876219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1143.876219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1143.876219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1143.876219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1143.876219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.876219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.876219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1143.876219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1143.876219][T24889] do_SYSENTER_32+0x73/0x90 [ 1143.876219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.876219][T24889] [ 1143.876219][T24889] Uninit was stored to memory at: [ 1143.876219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1143.876219][T24889] __msan_chain_origin+0x54/0xa0 [ 1143.876219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1143.876219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1143.876219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1143.876219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1143.876219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.876219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.876219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1143.876219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1143.876219][T24889] do_SYSENTER_32+0x73/0x90 [ 1143.876219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.876219][T24889] [ 1143.876219][T24889] Uninit was stored to memory at: [ 1143.876219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1143.876219][T24889] __msan_chain_origin+0x54/0xa0 [ 1143.876219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1143.876219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1143.876219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1143.876219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1143.876219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1143.876219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1143.876219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1143.876219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1143.876219][T24889] do_SYSENTER_32+0x73/0x90 [ 1143.876219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1143.876219][T24889] [ 1143.876219][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1143.876219][T24889] do_recvmmsg+0xbf/0x22d0 [ 1143.876219][T24889] do_recvmmsg+0xbf/0x22d0 [ 1144.900551][T24889] not chained 1960000 origins [ 1144.902208][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1144.902208][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1144.902208][T24889] Call Trace: [ 1144.902208][T24889] dump_stack+0x24c/0x2e0 [ 1144.902208][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1144.902208][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1144.902208][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1144.902208][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1144.902208][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1144.902208][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1144.902208][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1144.902208][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1144.902208][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1144.902208][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1144.902208][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1144.902208][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1144.902208][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1145.001931][T24889] ? _copy_from_user+0x1fd/0x300 [ 1145.001931][T24889] __msan_chain_origin+0x54/0xa0 [ 1145.001931][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1145.001931][T24889] get_compat_msghdr+0x108/0x2b0 [ 1145.001931][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1145.001931][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1145.001931][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1145.001931][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1145.001931][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1145.001931][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1145.001931][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1145.001931][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.001931][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.001931][T24889] __do_fast_syscall_32+0x127/0x180 [ 1145.001931][T24889] do_fast_syscall_32+0x77/0xd0 [ 1145.001931][T24889] do_SYSENTER_32+0x73/0x90 [ 1145.001931][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.001931][T24889] RIP: 0023:0xf7f89549 [ 1145.001931][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1145.001931][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1145.001931][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1145.001931][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1145.001931][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1145.001931][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1145.001931][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1145.001931][T24889] Uninit was stored to memory at: [ 1145.001931][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1145.001931][T24889] __msan_chain_origin+0x54/0xa0 [ 1145.001931][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1145.001931][T24889] get_compat_msghdr+0x108/0x2b0 [ 1145.001931][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1145.001931][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1145.001931][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.001931][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.001931][T24889] __do_fast_syscall_32+0x127/0x180 [ 1145.001931][T24889] do_fast_syscall_32+0x77/0xd0 [ 1145.001931][T24889] do_SYSENTER_32+0x73/0x90 [ 1145.001931][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.001931][T24889] [ 1145.001931][T24889] Uninit was stored to memory at: [ 1145.001931][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1145.001931][T24889] __msan_chain_origin+0x54/0xa0 [ 1145.001931][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1145.001931][T24889] get_compat_msghdr+0x108/0x2b0 [ 1145.001931][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1145.001931][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1145.001931][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.001931][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.001931][T24889] __do_fast_syscall_32+0x127/0x180 [ 1145.001931][T24889] do_fast_syscall_32+0x77/0xd0 [ 1145.001931][T24889] do_SYSENTER_32+0x73/0x90 [ 1145.001931][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.001931][T24889] [ 1145.001931][T24889] Uninit was stored to memory at: [ 1145.001931][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1145.001931][T24889] __msan_chain_origin+0x54/0xa0 [ 1145.001931][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1145.001931][T24889] get_compat_msghdr+0x108/0x2b0 [ 1145.001931][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1145.001931][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1145.001931][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.001931][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.001931][T24889] __do_fast_syscall_32+0x127/0x180 [ 1145.001931][T24889] do_fast_syscall_32+0x77/0xd0 [ 1145.001931][T24889] do_SYSENTER_32+0x73/0x90 [ 1145.001931][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.001931][T24889] [ 1145.001931][T24889] Uninit was stored to memory at: [ 1145.001931][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1145.001931][T24889] __msan_chain_origin+0x54/0xa0 [ 1145.001931][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1145.001931][T24889] get_compat_msghdr+0x108/0x2b0 [ 1145.001931][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1145.001931][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1145.001931][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.001931][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.001931][T24889] __do_fast_syscall_32+0x127/0x180 [ 1145.001931][T24889] do_fast_syscall_32+0x77/0xd0 [ 1145.001931][T24889] do_SYSENTER_32+0x73/0x90 [ 1145.001931][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.001931][T24889] [ 1145.001931][T24889] Uninit was stored to memory at: [ 1145.001931][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1145.001931][T24889] __msan_chain_origin+0x54/0xa0 [ 1145.001931][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1145.001931][T24889] get_compat_msghdr+0x108/0x2b0 [ 1145.001931][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1145.001931][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1145.001931][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.001931][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.001931][T24889] __do_fast_syscall_32+0x127/0x180 [ 1145.001931][T24889] do_fast_syscall_32+0x77/0xd0 [ 1145.001931][T24889] do_SYSENTER_32+0x73/0x90 [ 1145.001931][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.001931][T24889] [ 1145.001931][T24889] Uninit was stored to memory at: [ 1145.001931][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1145.001931][T24889] __msan_chain_origin+0x54/0xa0 [ 1145.001931][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1145.001931][T24889] get_compat_msghdr+0x108/0x2b0 [ 1145.001931][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1145.001931][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1145.001931][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.001931][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.001931][T24889] __do_fast_syscall_32+0x127/0x180 [ 1145.001931][T24889] do_fast_syscall_32+0x77/0xd0 [ 1145.001931][T24889] do_SYSENTER_32+0x73/0x90 [ 1145.001931][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.001931][T24889] [ 1145.001931][T24889] Uninit was stored to memory at: [ 1145.001931][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1145.001931][T24889] __msan_chain_origin+0x54/0xa0 [ 1145.001931][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1145.001931][T24889] get_compat_msghdr+0x108/0x2b0 [ 1145.001931][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1145.001931][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1145.001931][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.001931][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.001931][T24889] __do_fast_syscall_32+0x127/0x180 [ 1145.001931][T24889] do_fast_syscall_32+0x77/0xd0 [ 1145.001931][T24889] do_SYSENTER_32+0x73/0x90 [ 1145.001931][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.001931][T24889] [ 1145.001931][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1145.001931][T24889] do_recvmmsg+0xbf/0x22d0 [ 1145.001931][T24889] do_recvmmsg+0xbf/0x22d0 [ 1145.883042][T24889] not chained 1970000 origins [ 1145.887822][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1145.892209][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1145.892209][T24889] Call Trace: [ 1145.892209][T24889] dump_stack+0x24c/0x2e0 [ 1145.892209][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1145.892209][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1145.892209][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1145.892209][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1145.892209][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1145.892209][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1145.892209][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1145.892209][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1145.892209][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1145.892209][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1145.892209][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1145.892209][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1145.892209][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1145.892209][T24889] ? _copy_from_user+0x1fd/0x300 [ 1145.892209][T24889] __msan_chain_origin+0x54/0xa0 [ 1145.892209][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1145.892209][T24889] get_compat_msghdr+0x108/0x2b0 [ 1145.892209][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1145.892209][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1145.892209][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1145.892209][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1145.892209][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1145.892209][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1145.892209][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1145.892209][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1145.892209][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1145.892209][T24889] __do_fast_syscall_32+0x127/0x180 [ 1145.892209][T24889] do_fast_syscall_32+0x77/0xd0 [ 1145.892209][T24889] do_SYSENTER_32+0x73/0x90 [ 1145.892209][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1145.892209][T24889] RIP: 0023:0xf7f89549 [ 1145.892209][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1145.892209][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1145.892209][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1145.892209][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1145.892209][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1145.892209][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1145.892209][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1145.892209][T24889] Uninit was stored to memory at: [ 1145.892209][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1145.892209][T24889] __msan_chain_origin+0x54/0xa0 [ 1145.892209][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.172451][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.172451][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.172451][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.172451][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.172451][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.172451][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.172451][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.172451][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.172451][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.172451][T24889] [ 1146.172451][T24889] Uninit was stored to memory at: [ 1146.172451][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.172451][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.172451][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.172451][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.172451][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.172451][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.172451][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.172451][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.172451][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.172451][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.172451][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.172451][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.172451][T24889] [ 1146.172451][T24889] Uninit was stored to memory at: [ 1146.172451][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.172451][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.172451][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.172451][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.172451][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.172451][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.172451][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.172451][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.172451][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.172451][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.172451][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.172451][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.172451][T24889] [ 1146.172451][T24889] Uninit was stored to memory at: [ 1146.172451][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.172451][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.172451][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.172451][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.172451][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.172451][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.172451][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.172451][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.172451][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.172451][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.172451][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.172451][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.172451][T24889] [ 1146.172451][T24889] Uninit was stored to memory at: [ 1146.172451][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.172451][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.172451][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.172451][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.172451][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.172451][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.172451][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.172451][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.172451][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.172451][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.172451][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.172451][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.172451][T24889] [ 1146.172451][T24889] Uninit was stored to memory at: [ 1146.172451][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.172451][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.172451][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.172451][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.172451][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.172451][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.172451][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.172451][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.172451][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.172451][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.172451][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.172451][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.172451][T24889] [ 1146.172451][T24889] Uninit was stored to memory at: [ 1146.172451][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.172451][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.172451][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.172451][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.172451][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.172451][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.172451][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.172451][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.172451][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.172451][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.172451][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.172451][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.172451][T24889] [ 1146.172451][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1146.172451][T24889] do_recvmmsg+0xbf/0x22d0 [ 1146.172451][T24889] do_recvmmsg+0xbf/0x22d0 [ 1146.848474][T24889] not chained 1980000 origins [ 1146.852220][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1146.852220][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1146.852220][T24889] Call Trace: [ 1146.852220][T24889] dump_stack+0x24c/0x2e0 [ 1146.852220][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1146.852220][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1146.887317][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1146.887317][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1146.887317][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1146.887317][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1146.887317][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1146.887317][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1146.887317][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1146.887317][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1146.887317][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1146.887317][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1146.887317][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1146.887317][T24889] ? _copy_from_user+0x1fd/0x300 [ 1146.887317][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.887317][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.887317][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.887317][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.887317][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1146.887317][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1146.887317][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1146.887317][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1146.887317][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1146.887317][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.887317][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.887317][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.887317][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.887317][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.887317][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.887317][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.887317][T24889] RIP: 0023:0xf7f89549 [ 1146.887317][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1146.887317][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1146.887317][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1146.887317][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1146.887317][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1146.887317][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1146.887317][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1146.887317][T24889] Uninit was stored to memory at: [ 1146.887317][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.887317][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.887317][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.887317][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.887317][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.887317][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.887317][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.887317][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.887317][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.887317][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.887317][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.887317][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.887317][T24889] [ 1146.887317][T24889] Uninit was stored to memory at: [ 1146.887317][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.887317][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.887317][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.887317][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.887317][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.887317][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.887317][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.887317][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.887317][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.887317][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.887317][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.887317][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.887317][T24889] [ 1146.887317][T24889] Uninit was stored to memory at: [ 1146.887317][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.887317][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.887317][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.887317][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.887317][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.887317][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.887317][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.887317][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.887317][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.887317][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.887317][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.887317][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.887317][T24889] [ 1146.887317][T24889] Uninit was stored to memory at: [ 1146.887317][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.887317][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.887317][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.887317][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.887317][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.887317][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.887317][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.887317][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.887317][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.887317][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.887317][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.887317][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.887317][T24889] [ 1146.887317][T24889] Uninit was stored to memory at: [ 1146.887317][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.887317][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.887317][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.887317][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.887317][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.887317][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.887317][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.887317][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.887317][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.887317][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.887317][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.887317][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.887317][T24889] [ 1146.887317][T24889] Uninit was stored to memory at: [ 1146.887317][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.887317][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.887317][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.887317][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.887317][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.887317][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.887317][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.887317][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.887317][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.887317][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.887317][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.887317][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.887317][T24889] [ 1146.887317][T24889] Uninit was stored to memory at: [ 1146.887317][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1146.887317][T24889] __msan_chain_origin+0x54/0xa0 [ 1146.887317][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1146.887317][T24889] get_compat_msghdr+0x108/0x2b0 [ 1146.887317][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1146.887317][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1146.887317][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1146.887317][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1146.887317][T24889] __do_fast_syscall_32+0x127/0x180 [ 1146.887317][T24889] do_fast_syscall_32+0x77/0xd0 [ 1146.887317][T24889] do_SYSENTER_32+0x73/0x90 [ 1146.887317][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1146.887317][T24889] [ 1146.887317][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1146.887317][T24889] do_recvmmsg+0xbf/0x22d0 [ 1146.887317][T24889] do_recvmmsg+0xbf/0x22d0 [ 1147.815325][T24889] not chained 1990000 origins [ 1147.820023][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1147.822220][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1147.822220][T24889] Call Trace: [ 1147.822220][T24889] dump_stack+0x24c/0x2e0 [ 1147.846535][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1147.852470][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1147.852470][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1147.852470][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1147.852470][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1147.852470][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1147.879911][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1147.882341][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1147.882341][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1147.895214][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1147.902484][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1147.908751][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1147.915165][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1147.922322][T24889] ? _copy_from_user+0x1fd/0x300 [ 1147.922322][T24889] __msan_chain_origin+0x54/0xa0 [ 1147.922322][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1147.922322][T24889] get_compat_msghdr+0x108/0x2b0 [ 1147.942332][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1147.942332][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1147.942332][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1147.955294][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1147.962331][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1147.962331][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1147.971720][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1147.971720][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1147.978587][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1147.985811][T24889] __do_fast_syscall_32+0x127/0x180 [ 1147.995282][T24889] do_fast_syscall_32+0x77/0xd0 [ 1147.995282][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.002337][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.002337][T24889] RIP: 0023:0xf7f89549 [ 1148.015379][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1148.035251][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1148.042512][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1148.042512][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1148.055222][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1148.062491][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1148.077130][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1148.077130][T24889] Uninit was stored to memory at: [ 1148.085838][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1148.085838][T24889] __msan_chain_origin+0x54/0xa0 [ 1148.098860][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1148.102509][T24889] get_compat_msghdr+0x108/0x2b0 [ 1148.102509][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1148.115231][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1148.115231][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.122329][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.122329][T24889] __do_fast_syscall_32+0x127/0x180 [ 1148.135275][T24889] do_fast_syscall_32+0x77/0xd0 [ 1148.142357][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.142357][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.142357][T24889] [ 1148.155186][T24889] Uninit was stored to memory at: [ 1148.155186][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1148.162503][T24889] __msan_chain_origin+0x54/0xa0 [ 1148.162503][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1148.172592][T24889] get_compat_msghdr+0x108/0x2b0 [ 1148.182343][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1148.182343][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1148.182343][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.182343][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.198615][T24889] __do_fast_syscall_32+0x127/0x180 [ 1148.205787][T24889] do_fast_syscall_32+0x77/0xd0 [ 1148.205787][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.215152][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.222471][T24889] [ 1148.222471][T24889] Uninit was stored to memory at: [ 1148.222471][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1148.235278][T24889] __msan_chain_origin+0x54/0xa0 [ 1148.242341][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1148.242341][T24889] get_compat_msghdr+0x108/0x2b0 [ 1148.242341][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1148.255980][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1148.262367][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.262367][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.275346][T24889] __do_fast_syscall_32+0x127/0x180 [ 1148.278854][T24889] do_fast_syscall_32+0x77/0xd0 [ 1148.282566][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.282566][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.295211][T24889] [ 1148.295211][T24889] Uninit was stored to memory at: [ 1148.305906][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1148.305906][T24889] __msan_chain_origin+0x54/0xa0 [ 1148.318882][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1148.322344][T24889] get_compat_msghdr+0x108/0x2b0 [ 1148.322344][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1148.335196][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1148.335196][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.342513][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.342513][T24889] __do_fast_syscall_32+0x127/0x180 [ 1148.355178][T24889] do_fast_syscall_32+0x77/0xd0 [ 1148.362348][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.362348][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.362348][T24889] [ 1148.375271][T24889] Uninit was stored to memory at: [ 1148.382320][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1148.382320][T24889] __msan_chain_origin+0x54/0xa0 [ 1148.382320][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1148.395285][T24889] get_compat_msghdr+0x108/0x2b0 [ 1148.402480][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1148.402480][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1148.402480][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.418664][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.418664][T24889] __do_fast_syscall_32+0x127/0x180 [ 1148.425856][T24889] do_fast_syscall_32+0x77/0xd0 [ 1148.425856][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.435569][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.442362][T24889] [ 1148.442362][T24889] Uninit was stored to memory at: [ 1148.442362][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1148.455266][T24889] __msan_chain_origin+0x54/0xa0 [ 1148.462520][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1148.462520][T24889] get_compat_msghdr+0x108/0x2b0 [ 1148.475241][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1148.475241][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1148.483903][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.483903][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.495291][T24889] __do_fast_syscall_32+0x127/0x180 [ 1148.495291][T24889] do_fast_syscall_32+0x77/0xd0 [ 1148.502479][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.502479][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.515208][T24889] [ 1148.515208][T24889] Uninit was stored to memory at: [ 1148.515208][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1148.525884][T24889] __msan_chain_origin+0x54/0xa0 [ 1148.525884][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1148.538816][T24889] get_compat_msghdr+0x108/0x2b0 [ 1148.542326][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1148.542326][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1148.555339][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.555339][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.562333][T24889] __do_fast_syscall_32+0x127/0x180 [ 1148.562333][T24889] do_fast_syscall_32+0x77/0xd0 [ 1148.575294][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.582480][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.586052][T24889] [ 1148.586052][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1148.595201][T24889] do_recvmmsg+0xbf/0x22d0 [ 1148.602363][T24889] do_recvmmsg+0xbf/0x22d0 [ 1148.785103][T24889] not chained 2000000 origins [ 1148.789801][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1148.792218][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1148.792218][T24889] Call Trace: [ 1148.792218][T24889] dump_stack+0x24c/0x2e0 [ 1148.792218][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1148.792218][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1148.792218][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1148.792218][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1148.792218][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1148.792218][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1148.792218][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1148.792218][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1148.792218][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1148.792218][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1148.792218][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1148.792218][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1148.792218][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1148.792218][T24889] ? _copy_from_user+0x1fd/0x300 [ 1148.792218][T24889] __msan_chain_origin+0x54/0xa0 [ 1148.792218][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1148.792218][T24889] get_compat_msghdr+0x108/0x2b0 [ 1148.792218][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1148.792218][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1148.792218][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1148.792218][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1148.792218][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1148.792218][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1148.792218][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1148.792218][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.792218][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.792218][T24889] __do_fast_syscall_32+0x127/0x180 [ 1148.792218][T24889] do_fast_syscall_32+0x77/0xd0 [ 1148.792218][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.792218][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.792218][T24889] RIP: 0023:0xf7f89549 [ 1148.792218][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1148.792218][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1148.792218][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1148.792218][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1148.792218][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1148.792218][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1148.792218][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1148.792218][T24889] Uninit was stored to memory at: [ 1148.792218][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1148.792218][T24889] __msan_chain_origin+0x54/0xa0 [ 1148.792218][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1148.792218][T24889] get_compat_msghdr+0x108/0x2b0 [ 1148.792218][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1148.792218][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1148.792218][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.792218][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.792218][T24889] __do_fast_syscall_32+0x127/0x180 [ 1148.792218][T24889] do_fast_syscall_32+0x77/0xd0 [ 1148.792218][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.792218][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.792218][T24889] [ 1148.792218][T24889] Uninit was stored to memory at: [ 1148.792218][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1148.792218][T24889] __msan_chain_origin+0x54/0xa0 [ 1148.792218][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1148.792218][T24889] get_compat_msghdr+0x108/0x2b0 [ 1148.792218][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1148.792218][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1148.792218][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1148.792218][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1148.792218][T24889] __do_fast_syscall_32+0x127/0x180 [ 1148.792218][T24889] do_fast_syscall_32+0x77/0xd0 [ 1148.792218][T24889] do_SYSENTER_32+0x73/0x90 [ 1148.792218][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1148.792218][T24889] [ 1148.792218][T24889] Uninit was stored to memory at: [ 1148.792218][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1148.792218][T24889] __msan_chain_origin+0x54/0xa0 [ 1149.213530][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1149.213530][T24889] get_compat_msghdr+0x108/0x2b0 [ 1149.225168][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1149.225168][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1149.232496][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.232496][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.245177][T24889] __do_fast_syscall_32+0x127/0x180 [ 1149.252374][T24889] do_fast_syscall_32+0x77/0xd0 [ 1149.252374][T24889] do_SYSENTER_32+0x73/0x90 [ 1149.252374][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.265198][T24889] [ 1149.265198][T24889] Uninit was stored to memory at: [ 1149.273092][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1149.273092][T24889] __msan_chain_origin+0x54/0xa0 [ 1149.285208][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1149.285208][T24889] get_compat_msghdr+0x108/0x2b0 [ 1149.295852][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1149.295852][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1149.295852][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.312344][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.312344][T24889] __do_fast_syscall_32+0x127/0x180 [ 1149.312344][T24889] do_fast_syscall_32+0x77/0xd0 [ 1149.325195][T24889] do_SYSENTER_32+0x73/0x90 [ 1149.332396][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.332396][T24889] [ 1149.332396][T24889] Uninit was stored to memory at: [ 1149.345116][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1149.352498][T24889] __msan_chain_origin+0x54/0xa0 [ 1149.352498][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1149.352498][T24889] get_compat_msghdr+0x108/0x2b0 [ 1149.365146][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1149.372349][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1149.372349][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.385182][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.385182][T24889] __do_fast_syscall_32+0x127/0x180 [ 1149.392530][T24889] do_fast_syscall_32+0x77/0xd0 [ 1149.392530][T24889] do_SYSENTER_32+0x73/0x90 [ 1149.392530][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.411171][T24889] [ 1149.411171][T24889] Uninit was stored to memory at: [ 1149.415831][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1149.425127][T24889] __msan_chain_origin+0x54/0xa0 [ 1149.425127][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1149.434007][T24889] get_compat_msghdr+0x108/0x2b0 [ 1149.434007][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1149.445173][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1149.445173][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.452333][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.452333][T24889] __do_fast_syscall_32+0x127/0x180 [ 1149.465060][T24889] do_fast_syscall_32+0x77/0xd0 [ 1149.472481][T24889] do_SYSENTER_32+0x73/0x90 [ 1149.472481][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.485077][T24889] [ 1149.485077][T24889] Uninit was stored to memory at: [ 1149.492343][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1149.492343][T24889] __msan_chain_origin+0x54/0xa0 [ 1149.492343][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1149.507777][T24889] get_compat_msghdr+0x108/0x2b0 [ 1149.507777][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1149.515811][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1149.515811][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.528496][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.532487][T24889] __do_fast_syscall_32+0x127/0x180 [ 1149.532487][T24889] do_fast_syscall_32+0x77/0xd0 [ 1149.545084][T24889] do_SYSENTER_32+0x73/0x90 [ 1149.545084][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.552360][T24889] [ 1149.552360][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1149.565184][T24889] do_recvmmsg+0xbf/0x22d0 [ 1149.565184][T24889] do_recvmmsg+0xbf/0x22d0 [ 1149.755708][T24889] not chained 2010000 origins [ 1149.760408][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1149.762212][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1149.762212][T24889] Call Trace: [ 1149.762212][T24889] dump_stack+0x24c/0x2e0 [ 1149.762212][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1149.762212][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1149.762212][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1149.762212][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1149.762212][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1149.762212][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1149.762212][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1149.762212][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1149.762212][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1149.762212][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1149.762212][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1149.762212][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1149.762212][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1149.762212][T24889] ? _copy_from_user+0x1fd/0x300 [ 1149.762212][T24889] __msan_chain_origin+0x54/0xa0 [ 1149.762212][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1149.762212][T24889] get_compat_msghdr+0x108/0x2b0 [ 1149.762212][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1149.762212][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1149.762212][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1149.762212][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1149.762212][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1149.762212][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1149.762212][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1149.762212][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.762212][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.762212][T24889] __do_fast_syscall_32+0x127/0x180 [ 1149.762212][T24889] do_fast_syscall_32+0x77/0xd0 [ 1149.762212][T24889] do_SYSENTER_32+0x73/0x90 [ 1149.762212][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.762212][T24889] RIP: 0023:0xf7f89549 [ 1149.762212][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1149.762212][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1149.762212][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1149.762212][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1149.762212][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1149.762212][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1149.762212][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1149.762212][T24889] Uninit was stored to memory at: [ 1149.762212][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1149.762212][T24889] __msan_chain_origin+0x54/0xa0 [ 1149.762212][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1149.762212][T24889] get_compat_msghdr+0x108/0x2b0 [ 1149.762212][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1149.762212][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1149.762212][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.762212][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.762212][T24889] __do_fast_syscall_32+0x127/0x180 [ 1149.762212][T24889] do_fast_syscall_32+0x77/0xd0 [ 1149.762212][T24889] do_SYSENTER_32+0x73/0x90 [ 1149.762212][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.762212][T24889] [ 1149.762212][T24889] Uninit was stored to memory at: [ 1149.762212][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1149.762212][T24889] __msan_chain_origin+0x54/0xa0 [ 1149.762212][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1149.762212][T24889] get_compat_msghdr+0x108/0x2b0 [ 1149.762212][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1149.762212][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1149.762212][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1149.762212][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1149.762212][T24889] __do_fast_syscall_32+0x127/0x180 [ 1149.762212][T24889] do_fast_syscall_32+0x77/0xd0 [ 1149.762212][T24889] do_SYSENTER_32+0x73/0x90 [ 1149.762212][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1149.762212][T24889] [ 1149.762212][T24889] Uninit was stored to memory at: [ 1150.172448][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1150.172448][T24889] __msan_chain_origin+0x54/0xa0 [ 1150.172448][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1150.172448][T24889] get_compat_msghdr+0x108/0x2b0 [ 1150.172448][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1150.172448][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1150.172448][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1150.172448][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1150.172448][T24889] __do_fast_syscall_32+0x127/0x180 [ 1150.172448][T24889] do_fast_syscall_32+0x77/0xd0 [ 1150.172448][T24889] do_SYSENTER_32+0x73/0x90 [ 1150.172448][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1150.172448][T24889] [ 1150.172448][T24889] Uninit was stored to memory at: [ 1150.172448][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1150.172448][T24889] __msan_chain_origin+0x54/0xa0 [ 1150.172448][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1150.172448][T24889] get_compat_msghdr+0x108/0x2b0 [ 1150.172448][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1150.172448][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1150.172448][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1150.172448][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1150.172448][T24889] __do_fast_syscall_32+0x127/0x180 [ 1150.172448][T24889] do_fast_syscall_32+0x77/0xd0 [ 1150.172448][T24889] do_SYSENTER_32+0x73/0x90 [ 1150.172448][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1150.172448][T24889] [ 1150.172448][T24889] Uninit was stored to memory at: [ 1150.172448][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1150.172448][T24889] __msan_chain_origin+0x54/0xa0 [ 1150.172448][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1150.172448][T24889] get_compat_msghdr+0x108/0x2b0 [ 1150.172448][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1150.172448][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1150.172448][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1150.172448][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1150.172448][T24889] __do_fast_syscall_32+0x127/0x180 [ 1150.172448][T24889] do_fast_syscall_32+0x77/0xd0 [ 1150.172448][T24889] do_SYSENTER_32+0x73/0x90 [ 1150.172448][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1150.172448][T24889] [ 1150.172448][T24889] Uninit was stored to memory at: [ 1150.172448][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1150.172448][T24889] __msan_chain_origin+0x54/0xa0 [ 1150.172448][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1150.172448][T24889] get_compat_msghdr+0x108/0x2b0 [ 1150.172448][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1150.172448][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1150.172448][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1150.172448][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1150.172448][T24889] __do_fast_syscall_32+0x127/0x180 [ 1150.172448][T24889] do_fast_syscall_32+0x77/0xd0 [ 1150.172448][T24889] do_SYSENTER_32+0x73/0x90 [ 1150.172448][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1150.172448][T24889] [ 1150.172448][T24889] Uninit was stored to memory at: [ 1150.172448][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1150.172448][T24889] __msan_chain_origin+0x54/0xa0 [ 1150.172448][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1150.172448][T24889] get_compat_msghdr+0x108/0x2b0 [ 1150.172448][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1150.172448][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1150.172448][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1150.172448][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1150.172448][T24889] __do_fast_syscall_32+0x127/0x180 [ 1150.172448][T24889] do_fast_syscall_32+0x77/0xd0 [ 1150.172448][T24889] do_SYSENTER_32+0x73/0x90 [ 1150.172448][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1150.172448][T24889] [ 1150.172448][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1150.172448][T24889] do_recvmmsg+0xbf/0x22d0 [ 1150.172448][T24889] do_recvmmsg+0xbf/0x22d0 [ 1150.722034][T24889] not chained 2020000 origins [ 1150.722217][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1150.722217][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1150.738584][T24889] Call Trace: [ 1150.738584][T24889] dump_stack+0x24c/0x2e0 [ 1150.738584][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1150.756892][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1150.756892][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1150.756892][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1150.756892][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1150.756892][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1150.756892][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1150.756892][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1150.756892][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1150.756892][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1150.756892][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1150.813986][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1150.813986][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1150.825216][T24889] ? _copy_from_user+0x1fd/0x300 [ 1150.825216][T24889] __msan_chain_origin+0x54/0xa0 [ 1150.835942][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1150.838855][T24889] get_compat_msghdr+0x108/0x2b0 [ 1150.838855][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1150.848551][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1150.852488][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1150.852488][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1150.865207][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1150.872491][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1150.872491][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1150.872491][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1150.885147][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1150.885147][T24889] __do_fast_syscall_32+0x127/0x180 [ 1150.899687][T24889] do_fast_syscall_32+0x77/0xd0 [ 1150.905105][T24889] do_SYSENTER_32+0x73/0x90 [ 1150.908768][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1150.912487][T24889] RIP: 0023:0xf7f89549 [ 1150.912487][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1150.932648][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1150.948650][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1150.955959][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1150.955959][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1150.965237][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1150.965237][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1150.988833][T24889] Uninit was stored to memory at: [ 1150.992588][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1150.992588][T24889] __msan_chain_origin+0x54/0xa0 [ 1150.992588][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1151.005207][T24889] get_compat_msghdr+0x108/0x2b0 [ 1151.012510][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1151.012510][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1151.012510][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.025295][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.032577][T24889] __do_fast_syscall_32+0x127/0x180 [ 1151.032577][T24889] do_fast_syscall_32+0x77/0xd0 [ 1151.046633][T24889] do_SYSENTER_32+0x73/0x90 [ 1151.046633][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.046633][T24889] [ 1151.058655][T24889] Uninit was stored to memory at: [ 1151.058655][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1151.068766][T24889] __msan_chain_origin+0x54/0xa0 [ 1151.072510][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1151.072510][T24889] get_compat_msghdr+0x108/0x2b0 [ 1151.085274][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1151.085274][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1151.092524][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.092524][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.105171][T24889] __do_fast_syscall_32+0x127/0x180 [ 1151.112600][T24889] do_fast_syscall_32+0x77/0xd0 [ 1151.112600][T24889] do_SYSENTER_32+0x73/0x90 [ 1151.112600][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.125237][T24889] [ 1151.132489][T24889] Uninit was stored to memory at: [ 1151.132489][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1151.132489][T24889] __msan_chain_origin+0x54/0xa0 [ 1151.147939][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1151.152598][T24889] get_compat_msghdr+0x108/0x2b0 [ 1151.152598][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1151.152598][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1151.152598][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.168778][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.176041][T24889] __do_fast_syscall_32+0x127/0x180 [ 1151.185165][T24889] do_fast_syscall_32+0x77/0xd0 [ 1151.185165][T24889] do_SYSENTER_32+0x73/0x90 [ 1151.192604][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.192604][T24889] [ 1151.192604][T24889] Uninit was stored to memory at: [ 1151.205181][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1151.212521][T24889] __msan_chain_origin+0x54/0xa0 [ 1151.212521][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1151.225165][T24889] get_compat_msghdr+0x108/0x2b0 [ 1151.225165][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1151.232586][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1151.232586][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.245102][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.252473][T24889] __do_fast_syscall_32+0x127/0x180 [ 1151.252473][T24889] do_fast_syscall_32+0x77/0xd0 [ 1151.252473][T24889] do_SYSENTER_32+0x73/0x90 [ 1151.265296][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.265296][T24889] [ 1151.275918][T24889] Uninit was stored to memory at: [ 1151.275918][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1151.275918][T24889] __msan_chain_origin+0x54/0xa0 [ 1151.292623][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1151.292623][T24889] get_compat_msghdr+0x108/0x2b0 [ 1151.292623][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1151.305195][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1151.313211][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.313211][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.325200][T24889] __do_fast_syscall_32+0x127/0x180 [ 1151.325200][T24889] do_fast_syscall_32+0x77/0xd0 [ 1151.332556][T24889] do_SYSENTER_32+0x73/0x90 [ 1151.332556][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.345214][T24889] [ 1151.350899][T24889] Uninit was stored to memory at: [ 1151.352595][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1151.352595][T24889] __msan_chain_origin+0x54/0xa0 [ 1151.365177][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1151.372661][T24889] get_compat_msghdr+0x108/0x2b0 [ 1151.372661][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1151.372661][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1151.372661][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.388980][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.395949][T24889] __do_fast_syscall_32+0x127/0x180 [ 1151.395949][T24889] do_fast_syscall_32+0x77/0xd0 [ 1151.405336][T24889] do_SYSENTER_32+0x73/0x90 [ 1151.412656][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.412656][T24889] [ 1151.412656][T24889] Uninit was stored to memory at: [ 1151.425242][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1151.434038][T24889] __msan_chain_origin+0x54/0xa0 [ 1151.434038][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1151.434038][T24889] get_compat_msghdr+0x108/0x2b0 [ 1151.445281][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1151.453466][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1151.453466][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.465201][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.465201][T24889] __do_fast_syscall_32+0x127/0x180 [ 1151.472607][T24889] do_fast_syscall_32+0x77/0xd0 [ 1151.472607][T24889] do_SYSENTER_32+0x73/0x90 [ 1151.485243][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.485243][T24889] [ 1151.485243][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1151.495940][T24889] do_recvmmsg+0xbf/0x22d0 [ 1151.495940][T24889] do_recvmmsg+0xbf/0x22d0 [ 1151.696832][T24889] not chained 2030000 origins [ 1151.701532][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1151.702225][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1151.702225][T24889] Call Trace: [ 1151.702225][T24889] dump_stack+0x24c/0x2e0 [ 1151.702225][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1151.702225][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1151.702225][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1151.702225][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1151.702225][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1151.702225][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1151.702225][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1151.702225][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1151.772857][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1151.772857][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1151.782584][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1151.782584][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1151.792490][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1151.802330][T24889] ? _copy_from_user+0x1fd/0x300 [ 1151.802330][T24889] __msan_chain_origin+0x54/0xa0 [ 1151.812582][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1151.812582][T24889] get_compat_msghdr+0x108/0x2b0 [ 1151.812582][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1151.826549][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1151.826549][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1151.836016][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1151.842353][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1151.842353][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1151.853941][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1151.853941][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1151.862946][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1151.862946][T24889] __do_fast_syscall_32+0x127/0x180 [ 1151.872508][T24889] do_fast_syscall_32+0x77/0xd0 [ 1151.872508][T24889] do_SYSENTER_32+0x73/0x90 [ 1151.882483][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1151.892478][T24889] RIP: 0023:0xf7f89549 [ 1151.892478][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1151.913449][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1151.922591][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1151.922591][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1151.941735][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1151.945846][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1151.952545][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1151.965224][T24889] Uninit was stored to memory at: [ 1151.965224][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1151.972655][T24889] __msan_chain_origin+0x54/0xa0 [ 1151.982370][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1151.982370][T24889] get_compat_msghdr+0x108/0x2b0 [ 1151.992509][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1151.992509][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.002488][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.002488][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.002488][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.002488][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.024812][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.024812][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.032648][T24889] [ 1152.032648][T24889] Uninit was stored to memory at: [ 1152.032648][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.045838][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.045838][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.055945][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.062486][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.067555][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.072494][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.072494][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.082332][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.082332][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.095428][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.102377][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.102377][T24889] [ 1152.102377][T24889] Uninit was stored to memory at: [ 1152.112499][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.122484][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.122484][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.132481][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.132481][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.132481][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.142478][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.142478][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.155924][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.155924][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.165955][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.172598][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.172598][T24889] [ 1152.182566][T24889] Uninit was stored to memory at: [ 1152.182566][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.192560][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.192560][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.202348][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.202348][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.212645][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.212645][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.222371][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.222371][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.232488][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.242593][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.242593][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.252682][T24889] [ 1152.252682][T24889] Uninit was stored to memory at: [ 1152.252682][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.265943][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.265943][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.276044][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.282396][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.282396][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.292510][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.292510][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.302558][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.302558][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.312570][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.312570][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.322336][T24889] [ 1152.322336][T24889] Uninit was stored to memory at: [ 1152.333398][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.333398][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.342374][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.352558][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.352558][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.352558][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.362530][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.362530][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.378495][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.378495][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.385836][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.392591][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.392591][T24889] [ 1152.402323][T24889] Uninit was stored to memory at: [ 1152.402323][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.412558][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.412558][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.422525][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.422525][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.434113][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.434113][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.442364][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.442364][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.452686][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.462357][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.462357][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.472591][T24889] [ 1152.472591][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1152.477148][T24889] do_recvmmsg+0xbf/0x22d0 [ 1152.485833][T24889] do_recvmmsg+0xbf/0x22d0 [ 1152.669864][T24889] not chained 2040000 origins [ 1152.672221][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1152.672221][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1152.672221][T24889] Call Trace: [ 1152.672221][T24889] dump_stack+0x24c/0x2e0 [ 1152.672221][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1152.672221][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1152.672221][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1152.672221][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1152.672221][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1152.672221][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1152.672221][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1152.672221][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1152.672221][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1152.672221][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1152.672221][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1152.672221][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1152.672221][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1152.672221][T24889] ? _copy_from_user+0x1fd/0x300 [ 1152.672221][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.672221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.672221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.672221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.672221][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1152.672221][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1152.672221][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1152.672221][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1152.672221][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1152.672221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.672221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.672221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.672221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.672221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.672221][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.672221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.672221][T24889] RIP: 0023:0xf7f89549 [ 1152.672221][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1152.672221][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1152.672221][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1152.672221][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1152.672221][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1152.672221][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1152.672221][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1152.672221][T24889] Uninit was stored to memory at: [ 1152.672221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.672221][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.672221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.672221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.672221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.672221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.672221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.672221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.672221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.672221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.672221][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.672221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.672221][T24889] [ 1152.672221][T24889] Uninit was stored to memory at: [ 1152.672221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.672221][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.672221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.672221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.672221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.672221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.672221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.672221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.672221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.672221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.672221][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.672221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.672221][T24889] [ 1152.672221][T24889] Uninit was stored to memory at: [ 1152.672221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.672221][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.672221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.672221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.672221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.672221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.672221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.672221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.672221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.672221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.672221][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.672221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.672221][T24889] [ 1152.672221][T24889] Uninit was stored to memory at: [ 1152.672221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.672221][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.672221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.672221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.672221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.672221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.672221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.672221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.672221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.672221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.672221][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.672221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.672221][T24889] [ 1152.672221][T24889] Uninit was stored to memory at: [ 1152.672221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.672221][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.672221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.672221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.672221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.672221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.672221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.672221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.672221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.672221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.672221][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.672221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.672221][T24889] [ 1152.672221][T24889] Uninit was stored to memory at: [ 1152.672221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.672221][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.672221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.672221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.672221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.672221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.672221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.672221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.672221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.672221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.672221][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.672221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.672221][T24889] [ 1152.672221][T24889] Uninit was stored to memory at: [ 1152.672221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1152.672221][T24889] __msan_chain_origin+0x54/0xa0 [ 1152.672221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1152.672221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1152.672221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1152.672221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1152.672221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1152.672221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1152.672221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1152.672221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1152.672221][T24889] do_SYSENTER_32+0x73/0x90 [ 1152.672221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1152.672221][T24889] [ 1152.672221][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1152.672221][T24889] do_recvmmsg+0xbf/0x22d0 [ 1152.672221][T24889] do_recvmmsg+0xbf/0x22d0 [ 1153.650430][T24889] not chained 2050000 origins [ 1153.652220][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1153.652220][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1153.652220][T24889] Call Trace: [ 1153.652220][T24889] dump_stack+0x24c/0x2e0 [ 1153.652220][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1153.652220][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1153.652220][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1153.696566][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1153.706035][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1153.706035][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1153.712609][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1153.712609][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1153.724283][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1153.734345][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1153.734345][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1153.742350][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1153.752504][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1153.752504][T24889] ? _copy_from_user+0x1fd/0x300 [ 1153.762398][T24889] __msan_chain_origin+0x54/0xa0 [ 1153.762398][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1153.772552][T24889] get_compat_msghdr+0x108/0x2b0 [ 1153.772552][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1153.782449][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1153.782449][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1153.792569][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1153.792569][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1153.808676][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1153.812530][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1153.812530][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1153.822406][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1153.822406][T24889] __do_fast_syscall_32+0x127/0x180 [ 1153.834352][T24889] do_fast_syscall_32+0x77/0xd0 [ 1153.834352][T24889] do_SYSENTER_32+0x73/0x90 [ 1153.844280][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1153.852515][T24889] RIP: 0023:0xf7f89549 [ 1153.852515][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1153.872469][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1153.882339][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1153.892568][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1153.902323][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1153.911369][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1153.915866][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1153.922497][T24889] Uninit was stored to memory at: [ 1153.932467][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1153.932467][T24889] __msan_chain_origin+0x54/0xa0 [ 1153.944168][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1153.944168][T24889] get_compat_msghdr+0x108/0x2b0 [ 1153.954352][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1153.954352][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1153.962362][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1153.962362][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1153.972494][T24889] __do_fast_syscall_32+0x127/0x180 [ 1153.982490][T24889] do_fast_syscall_32+0x77/0xd0 [ 1153.982490][T24889] do_SYSENTER_32+0x73/0x90 [ 1153.992486][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1153.992486][T24889] [ 1153.992486][T24889] Uninit was stored to memory at: [ 1154.002324][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1154.002324][T24889] __msan_chain_origin+0x54/0xa0 [ 1154.002324][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1154.019546][T24889] get_compat_msghdr+0x108/0x2b0 [ 1154.025831][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1154.032492][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1154.032492][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.042473][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.042473][T24889] __do_fast_syscall_32+0x127/0x180 [ 1154.054254][T24889] do_fast_syscall_32+0x77/0xd0 [ 1154.054254][T24889] do_SYSENTER_32+0x73/0x90 [ 1154.064286][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.064286][T24889] [ 1154.072603][T24889] Uninit was stored to memory at: [ 1154.072603][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1154.082367][T24889] __msan_chain_origin+0x54/0xa0 [ 1154.082367][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1154.082367][T24889] get_compat_msghdr+0x108/0x2b0 [ 1154.082367][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1154.082367][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1154.105083][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.112547][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.115577][T24889] __do_fast_syscall_32+0x127/0x180 [ 1154.122381][T24889] do_fast_syscall_32+0x77/0xd0 [ 1154.122381][T24889] do_SYSENTER_32+0x73/0x90 [ 1154.122381][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.142367][T24889] [ 1154.142367][T24889] Uninit was stored to memory at: [ 1154.142367][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1154.152595][T24889] __msan_chain_origin+0x54/0xa0 [ 1154.152595][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1154.164491][T24889] get_compat_msghdr+0x108/0x2b0 [ 1154.164491][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1154.176919][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1154.182342][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.182342][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.192653][T24889] __do_fast_syscall_32+0x127/0x180 [ 1154.192653][T24889] do_fast_syscall_32+0x77/0xd0 [ 1154.202393][T24889] do_SYSENTER_32+0x73/0x90 [ 1154.202393][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.212525][T24889] [ 1154.217977][T24889] Uninit was stored to memory at: [ 1154.222491][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1154.222491][T24889] __msan_chain_origin+0x54/0xa0 [ 1154.232495][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1154.232495][T24889] get_compat_msghdr+0x108/0x2b0 [ 1154.245881][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1154.245881][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1154.252584][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.252584][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.262340][T24889] __do_fast_syscall_32+0x127/0x180 [ 1154.262340][T24889] do_fast_syscall_32+0x77/0xd0 [ 1154.274313][T24889] do_SYSENTER_32+0x73/0x90 [ 1154.274313][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.284210][T24889] [ 1154.284210][T24889] Uninit was stored to memory at: [ 1154.292483][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1154.302321][T24889] __msan_chain_origin+0x54/0xa0 [ 1154.302321][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1154.302321][T24889] get_compat_msghdr+0x108/0x2b0 [ 1154.312567][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1154.320359][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1154.322345][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.332570][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.332570][T24889] __do_fast_syscall_32+0x127/0x180 [ 1154.342500][T24889] do_fast_syscall_32+0x77/0xd0 [ 1154.342500][T24889] do_SYSENTER_32+0x73/0x90 [ 1154.342500][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.355955][T24889] [ 1154.362324][T24889] Uninit was stored to memory at: [ 1154.362324][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1154.362324][T24889] __msan_chain_origin+0x54/0xa0 [ 1154.373306][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1154.373306][T24889] get_compat_msghdr+0x108/0x2b0 [ 1154.384179][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1154.384179][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1154.394443][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.402511][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.402511][T24889] __do_fast_syscall_32+0x127/0x180 [ 1154.412526][T24889] do_fast_syscall_32+0x77/0xd0 [ 1154.412526][T24889] do_SYSENTER_32+0x73/0x90 [ 1154.422937][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.422937][T24889] [ 1154.432630][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1154.434127][T24889] do_recvmmsg+0xbf/0x22d0 [ 1154.442329][T24889] do_recvmmsg+0xbf/0x22d0 [ 1154.624035][T24889] not chained 2060000 origins [ 1154.628735][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1154.632223][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1154.632223][T24889] Call Trace: [ 1154.632223][T24889] dump_stack+0x24c/0x2e0 [ 1154.632223][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1154.632223][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1154.632223][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1154.632223][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1154.632223][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1154.632223][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1154.632223][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1154.632223][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1154.632223][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1154.632223][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1154.632223][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1154.632223][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1154.632223][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1154.632223][T24889] ? _copy_from_user+0x1fd/0x300 [ 1154.734052][T24889] __msan_chain_origin+0x54/0xa0 [ 1154.737398][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1154.742493][T24889] get_compat_msghdr+0x108/0x2b0 [ 1154.742493][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1154.742493][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1154.755199][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1154.762564][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1154.762564][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1154.775042][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1154.775042][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1154.782560][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.782560][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.795090][T24889] __do_fast_syscall_32+0x127/0x180 [ 1154.802474][T24889] do_fast_syscall_32+0x77/0xd0 [ 1154.802474][T24889] do_SYSENTER_32+0x73/0x90 [ 1154.802474][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.818557][T24889] RIP: 0023:0xf7f89549 [ 1154.824249][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1154.842550][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1154.842550][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1154.855310][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1154.862508][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1154.875100][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1154.883277][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1154.883277][T24889] Uninit was stored to memory at: [ 1154.896557][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1154.902486][T24889] __msan_chain_origin+0x54/0xa0 [ 1154.908762][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1154.908762][T24889] get_compat_msghdr+0x108/0x2b0 [ 1154.915226][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1154.915226][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1154.925953][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1154.925953][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1154.939461][T24889] __do_fast_syscall_32+0x127/0x180 [ 1154.944251][T24889] do_fast_syscall_32+0x77/0xd0 [ 1154.944251][T24889] do_SYSENTER_32+0x73/0x90 [ 1154.955109][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1154.962471][T24889] [ 1154.962471][T24889] Uninit was stored to memory at: [ 1154.962471][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1154.975331][T24889] __msan_chain_origin+0x54/0xa0 [ 1154.975331][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1154.982501][T24889] get_compat_msghdr+0x108/0x2b0 [ 1154.982501][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1154.995093][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1154.995093][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.002590][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.002590][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.015136][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.022475][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.022475][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.022475][T24889] [ 1155.022475][T24889] Uninit was stored to memory at: [ 1155.022475][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1155.044396][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.044396][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.044396][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.044396][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1155.063178][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1155.063178][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.074263][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.074263][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.083516][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.083516][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.094349][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.103456][T24889] [ 1155.103456][T24889] Uninit was stored to memory at: [ 1155.103456][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1155.114388][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.114388][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.123555][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.123555][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1155.123555][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1155.123555][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.123555][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.123555][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.156543][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.164321][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.164321][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.175131][T24889] [ 1155.175131][T24889] Uninit was stored to memory at: [ 1155.182614][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1155.182614][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.182614][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.195094][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.202483][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1155.202483][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1155.202483][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.217718][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.222495][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.222495][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.235250][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.235250][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.242546][T24889] [ 1155.242546][T24889] Uninit was stored to memory at: [ 1155.242546][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1155.258590][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.264237][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.264237][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.276930][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1155.276930][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1155.282483][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.282483][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.295177][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.302636][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.302636][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.302636][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.315163][T24889] [ 1155.315163][T24889] Uninit was stored to memory at: [ 1155.322496][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1155.322496][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.335329][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.335329][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.344783][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1155.344783][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1155.355105][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.355105][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.365953][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.365953][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.376829][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.384272][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.384272][T24889] [ 1155.384272][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1155.395798][T24889] do_recvmmsg+0xbf/0x22d0 [ 1155.402474][T24889] do_recvmmsg+0xbf/0x22d0 [ 1155.588038][T24889] not chained 2070000 origins [ 1155.592221][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1155.592221][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1155.592221][T24889] Call Trace: [ 1155.592221][T24889] dump_stack+0x24c/0x2e0 [ 1155.592221][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1155.592221][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1155.592221][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1155.592221][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1155.592221][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1155.592221][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1155.592221][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1155.592221][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1155.592221][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1155.592221][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1155.592221][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1155.592221][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1155.592221][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1155.592221][T24889] ? _copy_from_user+0x1fd/0x300 [ 1155.592221][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.592221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.592221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.592221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1155.592221][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1155.592221][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1155.592221][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1155.592221][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1155.592221][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1155.592221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1155.592221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.592221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.592221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.592221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.592221][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.592221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.592221][T24889] RIP: 0023:0xf7f89549 [ 1155.592221][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1155.592221][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1155.592221][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1155.592221][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1155.592221][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1155.592221][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1155.592221][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1155.592221][T24889] Uninit was stored to memory at: [ 1155.592221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1155.592221][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.592221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.592221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.592221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1155.592221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1155.592221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.592221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.592221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.592221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.592221][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.592221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.592221][T24889] [ 1155.592221][T24889] Uninit was stored to memory at: [ 1155.592221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1155.592221][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.592221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.592221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.592221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1155.592221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1155.592221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.592221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.592221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.592221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.592221][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.592221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.592221][T24889] [ 1155.592221][T24889] Uninit was stored to memory at: [ 1155.592221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1155.592221][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.592221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.592221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.592221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1155.592221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1155.592221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.592221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.592221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.592221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.592221][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.592221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.592221][T24889] [ 1155.592221][T24889] Uninit was stored to memory at: [ 1155.592221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1155.592221][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.592221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.592221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.592221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1155.592221][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1155.592221][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1155.592221][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1155.592221][T24889] __do_fast_syscall_32+0x127/0x180 [ 1155.592221][T24889] do_fast_syscall_32+0x77/0xd0 [ 1155.592221][T24889] do_SYSENTER_32+0x73/0x90 [ 1155.592221][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1155.592221][T24889] [ 1155.592221][T24889] Uninit was stored to memory at: [ 1155.592221][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1155.592221][T24889] __msan_chain_origin+0x54/0xa0 [ 1155.592221][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1155.592221][T24889] get_compat_msghdr+0x108/0x2b0 [ 1155.592221][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.172598][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.172598][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.172598][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.172598][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.172598][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.172598][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.172598][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.172598][T24889] [ 1156.172598][T24889] Uninit was stored to memory at: [ 1156.172598][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1156.172598][T24889] __msan_chain_origin+0x54/0xa0 [ 1156.172598][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1156.172598][T24889] get_compat_msghdr+0x108/0x2b0 [ 1156.172598][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.172598][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.172598][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.172598][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.172598][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.172598][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.172598][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.172598][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.172598][T24889] [ 1156.172598][T24889] Uninit was stored to memory at: [ 1156.172598][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1156.172598][T24889] __msan_chain_origin+0x54/0xa0 [ 1156.172598][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1156.172598][T24889] get_compat_msghdr+0x108/0x2b0 [ 1156.172598][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.172598][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.172598][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.172598][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.172598][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.172598][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.172598][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.172598][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.172598][T24889] [ 1156.172598][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1156.172598][T24889] do_recvmmsg+0xbf/0x22d0 [ 1156.172598][T24889] do_recvmmsg+0xbf/0x22d0 [ 1156.561963][T24889] not chained 2080000 origins [ 1156.562220][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1156.571579][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1156.580515][T24889] Call Trace: [ 1156.580515][T24889] dump_stack+0x24c/0x2e0 [ 1156.580515][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1156.580515][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1156.580515][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1156.580515][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1156.580515][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1156.580515][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1156.580515][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1156.580515][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1156.580515][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1156.580515][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1156.580515][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1156.580515][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1156.580515][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1156.580515][T24889] ? _copy_from_user+0x1fd/0x300 [ 1156.580515][T24889] __msan_chain_origin+0x54/0xa0 [ 1156.580515][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1156.580515][T24889] get_compat_msghdr+0x108/0x2b0 [ 1156.580515][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.580515][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1156.580515][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1156.580515][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1156.580515][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1156.580515][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1156.580515][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.580515][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.580515][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.580515][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.580515][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.580515][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.580515][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.580515][T24889] RIP: 0023:0xf7f89549 [ 1156.580515][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1156.580515][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1156.580515][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1156.580515][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1156.580515][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1156.580515][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1156.580515][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1156.580515][T24889] Uninit was stored to memory at: [ 1156.580515][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1156.580515][T24889] __msan_chain_origin+0x54/0xa0 [ 1156.580515][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1156.580515][T24889] get_compat_msghdr+0x108/0x2b0 [ 1156.580515][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.580515][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.580515][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.580515][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.580515][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.580515][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.580515][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.580515][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.580515][T24889] [ 1156.580515][T24889] Uninit was stored to memory at: [ 1156.580515][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1156.580515][T24889] __msan_chain_origin+0x54/0xa0 [ 1156.580515][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1156.580515][T24889] get_compat_msghdr+0x108/0x2b0 [ 1156.580515][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.580515][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.580515][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.580515][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.580515][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.580515][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.580515][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.580515][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.580515][T24889] [ 1156.580515][T24889] Uninit was stored to memory at: [ 1156.580515][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1156.580515][T24889] __msan_chain_origin+0x54/0xa0 [ 1156.580515][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1156.580515][T24889] get_compat_msghdr+0x108/0x2b0 [ 1156.580515][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.580515][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.580515][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.580515][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.580515][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.580515][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.580515][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.580515][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.580515][T24889] [ 1156.580515][T24889] Uninit was stored to memory at: [ 1156.580515][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1156.580515][T24889] __msan_chain_origin+0x54/0xa0 [ 1156.580515][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1156.580515][T24889] get_compat_msghdr+0x108/0x2b0 [ 1156.580515][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.580515][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.580515][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.580515][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.580515][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.580515][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.580515][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.580515][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.580515][T24889] [ 1156.580515][T24889] Uninit was stored to memory at: [ 1156.580515][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1156.580515][T24889] __msan_chain_origin+0x54/0xa0 [ 1156.580515][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1156.580515][T24889] get_compat_msghdr+0x108/0x2b0 [ 1156.580515][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.580515][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.580515][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.580515][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.580515][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.580515][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.580515][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.580515][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.580515][T24889] [ 1156.580515][T24889] Uninit was stored to memory at: [ 1156.580515][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1156.580515][T24889] __msan_chain_origin+0x54/0xa0 [ 1156.580515][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1156.580515][T24889] get_compat_msghdr+0x108/0x2b0 [ 1156.580515][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.580515][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.580515][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.580515][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.580515][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.580515][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.580515][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.580515][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.580515][T24889] [ 1156.580515][T24889] Uninit was stored to memory at: [ 1156.580515][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1156.580515][T24889] __msan_chain_origin+0x54/0xa0 [ 1156.580515][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1156.580515][T24889] get_compat_msghdr+0x108/0x2b0 [ 1156.580515][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1156.580515][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1156.580515][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1156.580515][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1156.580515][T24889] __do_fast_syscall_32+0x127/0x180 [ 1156.580515][T24889] do_fast_syscall_32+0x77/0xd0 [ 1156.580515][T24889] do_SYSENTER_32+0x73/0x90 [ 1156.580515][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1156.580515][T24889] [ 1156.580515][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1156.580515][T24889] do_recvmmsg+0xbf/0x22d0 [ 1156.580515][T24889] do_recvmmsg+0xbf/0x22d0 [ 1157.538535][T24889] not chained 2090000 origins [ 1157.542306][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1157.547015][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1157.547015][T24889] Call Trace: [ 1157.547015][T24889] dump_stack+0x24c/0x2e0 [ 1157.547015][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1157.547015][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1157.547015][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1157.547015][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1157.547015][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1157.598710][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1157.598710][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1157.598710][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1157.612483][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1157.622614][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1157.622614][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1157.632349][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1157.632349][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1157.642573][T24889] ? _copy_from_user+0x1fd/0x300 [ 1157.642573][T24889] __msan_chain_origin+0x54/0xa0 [ 1157.652361][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1157.658768][T24889] get_compat_msghdr+0x108/0x2b0 [ 1157.662465][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1157.662465][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1157.675819][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1157.675819][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1157.682474][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1157.692326][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1157.692326][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1157.699558][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.705918][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.712339][T24889] __do_fast_syscall_32+0x127/0x180 [ 1157.712339][T24889] do_fast_syscall_32+0x77/0xd0 [ 1157.722559][T24889] do_SYSENTER_32+0x73/0x90 [ 1157.722559][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1157.732339][T24889] RIP: 0023:0xf7f89549 [ 1157.732339][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1157.752481][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1157.762467][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1157.774562][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1157.774562][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1157.792353][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1157.792353][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1157.802442][T24889] Uninit was stored to memory at: [ 1157.802442][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1157.815817][T24889] __msan_chain_origin+0x54/0xa0 [ 1157.822549][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1157.822549][T24889] get_compat_msghdr+0x108/0x2b0 [ 1157.832343][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1157.832343][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1157.842458][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.842458][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.852486][T24889] __do_fast_syscall_32+0x127/0x180 [ 1157.852486][T24889] do_fast_syscall_32+0x77/0xd0 [ 1157.862473][T24889] do_SYSENTER_32+0x73/0x90 [ 1157.862473][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1157.872320][T24889] [ 1157.872320][T24889] Uninit was stored to memory at: [ 1157.882564][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1157.882564][T24889] __msan_chain_origin+0x54/0xa0 [ 1157.895834][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1157.895834][T24889] get_compat_msghdr+0x108/0x2b0 [ 1157.904672][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1157.904672][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1157.912504][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.912504][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.925864][T24889] __do_fast_syscall_32+0x127/0x180 [ 1157.932364][T24889] do_fast_syscall_32+0x77/0xd0 [ 1157.932364][T24889] do_SYSENTER_32+0x73/0x90 [ 1157.932364][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1157.943283][T24889] [ 1157.943283][T24889] Uninit was stored to memory at: [ 1157.962445][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1157.962445][T24889] __msan_chain_origin+0x54/0xa0 [ 1157.972502][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1157.972502][T24889] get_compat_msghdr+0x108/0x2b0 [ 1157.982446][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1157.982446][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1157.992330][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1157.992330][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1157.992330][T24889] __do_fast_syscall_32+0x127/0x180 [ 1158.008585][T24889] do_fast_syscall_32+0x77/0xd0 [ 1158.012790][T24889] do_SYSENTER_32+0x73/0x90 [ 1158.012790][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.022457][T24889] [ 1158.022457][T24889] Uninit was stored to memory at: [ 1158.022457][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1158.035803][T24889] __msan_chain_origin+0x54/0xa0 [ 1158.042462][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1158.042462][T24889] get_compat_msghdr+0x108/0x2b0 [ 1158.052337][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1158.052337][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1158.062548][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.062548][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.072337][T24889] __do_fast_syscall_32+0x127/0x180 [ 1158.082473][T24889] do_fast_syscall_32+0x77/0xd0 [ 1158.082473][T24889] do_SYSENTER_32+0x73/0x90 [ 1158.092523][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.092523][T24889] [ 1158.092523][T24889] Uninit was stored to memory at: [ 1158.102463][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1158.109338][T24889] __msan_chain_origin+0x54/0xa0 [ 1158.115929][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1158.122697][T24889] get_compat_msghdr+0x108/0x2b0 [ 1158.122697][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1158.132375][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1158.132375][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.132375][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.146002][T24889] __do_fast_syscall_32+0x127/0x180 [ 1158.152530][T24889] do_fast_syscall_32+0x77/0xd0 [ 1158.152530][T24889] do_SYSENTER_32+0x73/0x90 [ 1158.162494][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.162494][T24889] [ 1158.162494][T24889] Uninit was stored to memory at: [ 1158.162494][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1158.182585][T24889] __msan_chain_origin+0x54/0xa0 [ 1158.182585][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1158.192415][T24889] get_compat_msghdr+0x108/0x2b0 [ 1158.192415][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1158.202511][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1158.202511][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.212498][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.212498][T24889] __do_fast_syscall_32+0x127/0x180 [ 1158.225925][T24889] do_fast_syscall_32+0x77/0xd0 [ 1158.232354][T24889] do_SYSENTER_32+0x73/0x90 [ 1158.232354][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.242570][T24889] [ 1158.242570][T24889] Uninit was stored to memory at: [ 1158.242570][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1158.242570][T24889] __msan_chain_origin+0x54/0xa0 [ 1158.242570][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1158.242570][T24889] get_compat_msghdr+0x108/0x2b0 [ 1158.268019][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1158.272501][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1158.272501][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.282478][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.292353][T24889] __do_fast_syscall_32+0x127/0x180 [ 1158.292353][T24889] do_fast_syscall_32+0x77/0xd0 [ 1158.302678][T24889] do_SYSENTER_32+0x73/0x90 [ 1158.302678][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.314206][T24889] [ 1158.314206][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1158.322483][T24889] do_recvmmsg+0xbf/0x22d0 [ 1158.322483][T24889] do_recvmmsg+0xbf/0x22d0 [ 1158.569315][T24889] not chained 2100000 origins [ 1158.572223][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1158.572223][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1158.572223][T24889] Call Trace: [ 1158.572223][T24889] dump_stack+0x24c/0x2e0 [ 1158.572223][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1158.572223][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1158.572223][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1158.572223][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1158.572223][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1158.572223][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1158.572223][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1158.572223][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1158.572223][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1158.572223][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1158.572223][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1158.572223][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1158.572223][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1158.572223][T24889] ? _copy_from_user+0x1fd/0x300 [ 1158.572223][T24889] __msan_chain_origin+0x54/0xa0 [ 1158.572223][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1158.572223][T24889] get_compat_msghdr+0x108/0x2b0 [ 1158.572223][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1158.572223][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1158.572223][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1158.572223][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1158.572223][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1158.572223][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1158.572223][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1158.572223][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.572223][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.572223][T24889] __do_fast_syscall_32+0x127/0x180 [ 1158.572223][T24889] do_fast_syscall_32+0x77/0xd0 [ 1158.572223][T24889] do_SYSENTER_32+0x73/0x90 [ 1158.572223][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.572223][T24889] RIP: 0023:0xf7f89549 [ 1158.572223][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1158.572223][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1158.572223][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1158.812462][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1158.816929][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1158.830216][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1158.835125][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1158.844184][T24889] Uninit was stored to memory at: [ 1158.844184][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1158.855110][T24889] __msan_chain_origin+0x54/0xa0 [ 1158.862337][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1158.862337][T24889] get_compat_msghdr+0x108/0x2b0 [ 1158.862337][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1158.875176][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1158.882347][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.882347][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.895198][T24889] __do_fast_syscall_32+0x127/0x180 [ 1158.895198][T24889] do_fast_syscall_32+0x77/0xd0 [ 1158.902504][T24889] do_SYSENTER_32+0x73/0x90 [ 1158.902504][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.915119][T24889] [ 1158.915119][T24889] Uninit was stored to memory at: [ 1158.922354][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1158.928442][T24889] __msan_chain_origin+0x54/0xa0 [ 1158.928442][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1158.940206][T24889] get_compat_msghdr+0x108/0x2b0 [ 1158.942335][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1158.942335][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1158.942335][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1158.956886][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1158.963216][T24889] __do_fast_syscall_32+0x127/0x180 [ 1158.963216][T24889] do_fast_syscall_32+0x77/0xd0 [ 1158.975096][T24889] do_SYSENTER_32+0x73/0x90 [ 1158.975096][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1158.982331][T24889] [ 1158.982331][T24889] Uninit was stored to memory at: [ 1158.995379][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1158.995379][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.002346][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.002346][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.015112][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.015112][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.022495][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.030827][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.035097][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.035097][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.047568][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.047568][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.055334][T24889] [ 1159.055334][T24889] Uninit was stored to memory at: [ 1159.064261][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1159.064261][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.075211][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.082494][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.082494][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.082494][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.095147][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.102333][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.102333][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.115209][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.115209][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.122353][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.122353][T24889] [ 1159.122353][T24889] Uninit was stored to memory at: [ 1159.136045][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1159.142503][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.142503][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.142503][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.160228][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.162338][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.162338][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.176910][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.182384][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.182384][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.182384][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.195174][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.202492][T24889] [ 1159.202492][T24889] Uninit was stored to memory at: [ 1159.202492][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1159.202492][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.222328][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.222328][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.222328][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.222328][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.237896][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.242382][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.242382][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.255164][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.255164][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.267655][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.275129][T24889] [ 1159.275129][T24889] Uninit was stored to memory at: [ 1159.284256][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1159.284256][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.284256][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.284256][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.284256][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.308694][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.312412][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.312412][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.325231][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.332399][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.338204][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.338204][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.345315][T24889] [ 1159.352564][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1159.352564][T24889] do_recvmmsg+0xbf/0x22d0 [ 1159.352564][T24889] do_recvmmsg+0xbf/0x22d0 [ 1159.566169][T24889] not chained 2110000 origins [ 1159.570953][T24889] CPU: 1 PID: 24889 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1159.572219][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1159.572219][T24889] Call Trace: [ 1159.572219][T24889] dump_stack+0x24c/0x2e0 [ 1159.572219][T24889] kmsan_internal_chain_origin+0x6f/0x130 [ 1159.572219][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1159.572219][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1159.572219][T24889] ? __msan_instrument_asm_store+0x104/0x130 [ 1159.572219][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1159.572219][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1159.572219][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1159.572219][T24889] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1159.572219][T24889] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1159.572219][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1159.572219][T24889] ? kmsan_set_origin_checked+0xa2/0x100 [ 1159.572219][T24889] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1159.572219][T24889] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1159.572219][T24889] ? _copy_from_user+0x1fd/0x300 [ 1159.572219][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.572219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.572219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.572219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.572219][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1159.572219][T24889] ? kmsan_get_metadata+0x116/0x180 [ 1159.572219][T24889] ? kmsan_internal_set_origin+0x82/0xc0 [ 1159.572219][T24889] ? __msan_poison_alloca+0xec/0x110 [ 1159.572219][T24889] ? __sys_recvmmsg+0xb5/0x6f0 [ 1159.572219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.572219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.572219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.572219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.572219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.572219][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.572219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.572219][T24889] RIP: 0023:0xf7f89549 [ 1159.572219][T24889] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1159.572219][T24889] RSP: 002b:00000000f55835fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1159.572219][T24889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1159.572219][T24889] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1159.572219][T24889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1159.572219][T24889] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1159.572219][T24889] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1159.572219][T24889] Uninit was stored to memory at: [ 1159.572219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1159.572219][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.572219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.572219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.572219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.572219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.572219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.572219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.572219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.572219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.572219][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.572219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.572219][T24889] [ 1159.572219][T24889] Uninit was stored to memory at: [ 1159.572219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1159.572219][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.572219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.572219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.572219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.572219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.572219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.572219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.572219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.572219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.572219][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.572219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.572219][T24889] [ 1159.572219][T24889] Uninit was stored to memory at: [ 1159.572219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1159.572219][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.572219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.572219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.572219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.572219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.572219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.572219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.572219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.572219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.572219][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.572219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.572219][T24889] [ 1159.572219][T24889] Uninit was stored to memory at: [ 1159.572219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1159.572219][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.572219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.572219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.572219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.572219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.572219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.572219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.572219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.572219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.572219][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.572219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.572219][T24889] [ 1159.572219][T24889] Uninit was stored to memory at: [ 1159.572219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1159.572219][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.572219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.572219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.572219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.572219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.572219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.572219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.572219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.572219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1159.572219][T24889] do_SYSENTER_32+0x73/0x90 [ 1159.572219][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1159.572219][T24889] [ 1159.572219][T24889] Uninit was stored to memory at: [ 1159.572219][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1159.572219][T24889] __msan_chain_origin+0x54/0xa0 [ 1159.572219][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1159.572219][T24889] get_compat_msghdr+0x108/0x2b0 [ 1159.572219][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1159.572219][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1159.572219][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1159.572219][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1159.572219][T24889] __do_fast_syscall_32+0x127/0x180 [ 1159.572219][T24889] do_fast_syscall_32+0x77/0xd0 [ 1160.252596][T24889] do_SYSENTER_32+0x73/0x90 [ 1160.252596][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1160.252596][T24889] [ 1160.252596][T24889] Uninit was stored to memory at: [ 1160.252596][T24889] kmsan_internal_chain_origin+0xad/0x130 [ 1160.252596][T24889] __msan_chain_origin+0x54/0xa0 [ 1160.252596][T24889] __get_compat_msghdr+0x6db/0x9d0 [ 1160.252596][T24889] get_compat_msghdr+0x108/0x2b0 [ 1160.252596][T24889] do_recvmmsg+0xdc1/0x22d0 [ 1160.252596][T24889] __sys_recvmmsg+0x519/0x6f0 [ 1160.252596][T24889] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1160.252596][T24889] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1160.252596][T24889] __do_fast_syscall_32+0x127/0x180 [ 1160.252596][T24889] do_fast_syscall_32+0x77/0xd0 [ 1160.252596][T24889] do_SYSENTER_32+0x73/0x90 [ 1160.252596][T24889] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1160.252596][T24889] [ 1160.252596][T24889] Local variable ----msg_sys@do_recvmmsg created at: [ 1160.252596][T24889] do_recvmmsg+0xbf/0x22d0 [ 1160.252596][T24889] do_recvmmsg+0xbf/0x22d0 03:06:37 executing program 5: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) perf_event_open(&(0x7f0000001340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) write$binfmt_misc(r0, &(0x7f0000000100)=ANY=[], 0x6) recvmmsg(r0, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f00000001c0)) symlinkat(0x0, 0xffffffffffffffff, 0x0) 03:06:37 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e5277033780100", 0x1e, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:06:37 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:06:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af3010004000000000000000000", 0x36, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:06:37 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:06:37 executing program 3: preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x803, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo\x00') prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff) getdents64(r0, &(0x7f0000000140)=""/4096, 0x1000) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000001180)=ANY=[@ANYBLOB="00000000000000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000600000001000000000000000000000000000000ffff0000000000000000000000000020000000000000000000000000000000000000000000000000ff01000001000000000001000000000003000000000000000900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000b00"/470]) getpid() getpid() [ 1161.110688][T24910] loop2: detected capacity change from 0 to 4096 [ 1161.138728][T24910] EXT4-fs (loop2): unsupported descriptor size 0 [ 1161.314953][T24916] loop0: detected capacity change from 0 to 4096 03:06:38 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e5277033780100", 0x1e, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1161.423144][T24916] EXT4-fs error (device loop0): ext4_ext_check_inode:459: inode #3: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 1161.443850][T24916] EXT4-fs error (device loop0): ext4_quota_enable:6405: comm syz-executor.0: Bad quota inode # 3 [ 1161.454989][T24916] EXT4-fs warning (device loop0): ext4_enable_quotas:6445: Failed to enable quota tracking (type=0, err=-117). Please run e2fsck to fix. 03:06:38 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4010}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1161.684225][T24916] EXT4-fs (loop0): mount failed 03:06:38 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(0x0, 0x0, 0x3, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, r0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) mmap$perf(&(0x7f0000448000/0x3000)=nil, 0x3000, 0x1000000, 0x10, r1, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local}) ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local, @empty, @private1, 0x0, 0x3, 0x0, 0x0, 0x3}) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x5}, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0xc80, 0x12) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, r3, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000100)='net/dev_mcast\x00') read$FUSE(0xffffffffffffffff, &(0x7f00000028c0)={0x2020}, 0x2049) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f00000002c0)) ptrace$cont(0x7, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x2, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x7, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3cb, 0x1, @perf_config_ext={0x4, 0x8}, 0x408, 0x2b, 0x36df, 0x9, 0x9, 0x10001, 0x0, 0x0, 0x40, 0x0, 0x401}, 0x0, 0xf, 0xffffffffffffffff, 0xb) syz_open_procfs(0x0, &(0x7f0000000600)='net/snmp6\x00') sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) 03:06:38 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2700}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1161.826421][T24929] loop2: detected capacity change from 0 to 4096 [ 1161.913571][T24929] EXT4-fs (loop2): unsupported descriptor size 0 03:06:38 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af3010004000000000000000000", 0x36, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:06:38 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e5277033780100", 0x1e, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1162.627231][T24948] loop0: detected capacity change from 0 to 4096 [ 1162.727734][T24959] loop2: detected capacity change from 0 to 4096 [ 1162.744648][T24959] EXT4-fs (loop2): unsupported descriptor size 0 [ 1162.787382][T24948] EXT4-fs error (device loop0): ext4_ext_check_inode:459: inode #3: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 1162.806356][T24948] EXT4-fs error (device loop0): ext4_quota_enable:6405: comm syz-executor.0: Bad quota inode # 3 [ 1162.818972][T24948] EXT4-fs warning (device loop0): ext4_enable_quotas:6445: Failed to enable quota tracking (type=0, err=-117). Please run e2fsck to fix. [ 1163.016216][T24948] EXT4-fs (loop0): mount failed [ 1165.385233][ T654] device hsr_slave_0 left promiscuous mode [ 1165.396322][ T654] device hsr_slave_1 left promiscuous mode [ 1165.406826][ T654] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1165.415421][ T654] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1165.425025][ T654] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1165.433107][ T654] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1165.448219][ T654] device bridge_slave_1 left promiscuous mode [ 1165.454898][ T654] bridge0: port 2(bridge_slave_1) entered disabled state [ 1165.470004][ T654] device bridge_slave_0 left promiscuous mode [ 1165.476689][ T654] bridge0: port 1(bridge_slave_0) entered disabled state [ 1165.495257][ T654] device veth1_macvtap left promiscuous mode [ 1165.501500][ T654] device veth0_macvtap left promiscuous mode [ 1165.507958][ T654] device veth1_vlan left promiscuous mode [ 1165.514051][ T654] device veth0_vlan left promiscuous mode [ 1167.637391][ T654] team0 (unregistering): Port device team_slave_1 removed [ 1167.659460][ T654] team0 (unregistering): Port device team_slave_0 removed [ 1167.676277][ T654] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1167.695348][ T654] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1167.769387][ T654] bond0 (unregistering): Released all slaves [ 1167.833048][T24982] IPVS: ftp: loaded support on port[0] = 21 [ 1168.064392][T24982] chnl_net:caif_netlink_parms(): no params data found [ 1168.177432][T24982] bridge0: port 1(bridge_slave_0) entered blocking state [ 1168.185575][T24982] bridge0: port 1(bridge_slave_0) entered disabled state [ 1168.195509][T24982] device bridge_slave_0 entered promiscuous mode [ 1168.205808][T24982] bridge0: port 2(bridge_slave_1) entered blocking state [ 1168.213416][T24982] bridge0: port 2(bridge_slave_1) entered disabled state [ 1168.223003][T24982] device bridge_slave_1 entered promiscuous mode [ 1168.281373][T24982] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1168.299739][T24982] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1168.348604][T24982] team0: Port device team_slave_0 added [ 1168.361739][T24982] team0: Port device team_slave_1 added [ 1168.420240][T24982] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1168.427478][T24982] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1168.455684][T24982] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1168.475588][T24982] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1168.484002][T24982] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1168.510521][T24982] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1168.525272][T10121] Bluetooth: hci5: command 0x0409 tx timeout [ 1168.594633][T24982] device hsr_slave_0 entered promiscuous mode [ 1168.606529][T24982] device hsr_slave_1 entered promiscuous mode [ 1168.615860][T24982] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1168.623855][T24982] Cannot create hsr debugfs directory [ 1169.079101][T24982] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1169.104499][T10121] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1169.114335][T10121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1169.134232][T24982] 8021q: adding VLAN 0 to HW filter on device team0 [ 1169.158699][T10121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1169.170881][T10121] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1169.181214][T10121] bridge0: port 1(bridge_slave_0) entered blocking state [ 1169.188673][T10121] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1169.199073][T10121] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1169.215111][T20785] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1169.225610][T20785] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1169.235922][T20785] bridge0: port 2(bridge_slave_1) entered blocking state [ 1169.243374][T20785] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1169.264781][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1169.296084][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1169.307696][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1169.318659][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1169.330403][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1169.348882][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1169.360164][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1169.393649][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1169.404410][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1169.414380][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1169.424854][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1169.440288][T24982] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1169.483929][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1169.491719][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1169.515563][T24982] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1169.631587][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1169.642002][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1169.685342][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1169.696876][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1169.714386][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1169.724247][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1169.740928][T24982] device veth0_vlan entered promiscuous mode [ 1169.763979][T24982] device veth1_vlan entered promiscuous mode [ 1169.811409][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1169.821037][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1169.831115][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1169.841047][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1169.860507][T24982] device veth0_macvtap entered promiscuous mode [ 1169.879074][T24982] device veth1_macvtap entered promiscuous mode [ 1169.905167][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1169.915153][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1169.942671][T24982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1169.953357][T24982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1169.963928][T24982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1169.974906][T24982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1169.987288][T24982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1169.998529][T24982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.008821][T24982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1170.019626][T24982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.029854][T24982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1170.040636][T24982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.054408][T24982] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1170.065074][T20785] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1170.075116][T20785] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1170.096650][T24982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1170.107558][T24982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.119156][T24982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1170.129985][T24982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.140349][T24982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1170.151547][T24982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.162018][T24982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1170.172845][T24982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.183359][T24982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1170.194159][T24982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1170.207094][T24982] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1170.219016][T20785] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1170.229927][T20785] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1170.484237][ T98] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1170.492622][ T98] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1170.500722][T20785] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1170.573940][T24873] Bluetooth: hci5: command 0x041b tx timeout [ 1170.650585][ T98] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1170.659132][ T98] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1170.673795][T20785] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1171.120498][T25216] not chained 2120000 origins [ 1171.122350][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1171.122350][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1171.142461][T25216] Call Trace: [ 1171.146278][T25216] dump_stack+0x24c/0x2e0 [ 1171.146278][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1171.146278][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1171.146278][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1171.146278][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1171.146278][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1171.146278][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1171.146278][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1171.146278][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1171.146278][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1171.146278][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1171.146278][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1171.146278][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1171.146278][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1171.146278][T25216] ? _copy_from_user+0x1fd/0x300 [ 1171.146278][T25216] __msan_chain_origin+0x54/0xa0 [ 1171.146278][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1171.146278][T25216] get_compat_msghdr+0x108/0x2b0 [ 1171.146278][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1171.146278][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1171.146278][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1171.146278][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1171.146278][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1171.146278][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1171.146278][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1171.146278][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.146278][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.292791][T25216] __do_fast_syscall_32+0x127/0x180 [ 1171.292791][T25216] do_fast_syscall_32+0x77/0xd0 [ 1171.292791][T25216] do_SYSENTER_32+0x73/0x90 [ 1171.311351][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.315712][T25216] RIP: 0023:0xf7f93549 [ 1171.321321][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1171.342060][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1171.351248][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1171.359323][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1171.367366][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1171.375721][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1171.381818][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1171.391085][T25216] Uninit was stored to memory at: [ 1171.396188][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1171.401177][T25216] __msan_chain_origin+0x54/0xa0 [ 1171.407250][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1171.413350][T25216] get_compat_msghdr+0x108/0x2b0 [ 1171.417351][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1171.417351][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1171.426663][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.432848][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.439030][T25216] __do_fast_syscall_32+0x127/0x180 [ 1171.446094][T25216] do_fast_syscall_32+0x77/0xd0 [ 1171.451020][T25216] do_SYSENTER_32+0x73/0x90 [ 1171.455753][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.462022][T25216] [ 1171.462022][T25216] Uninit was stored to memory at: [ 1171.469097][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1171.475246][T25216] __msan_chain_origin+0x54/0xa0 [ 1171.480190][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1171.481420][T25216] get_compat_msghdr+0x108/0x2b0 [ 1171.489794][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1171.494765][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1171.499692][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.505838][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.511653][T25216] __do_fast_syscall_32+0x127/0x180 [ 1171.516626][T25216] do_fast_syscall_32+0x77/0xd0 [ 1171.520323][T25216] do_SYSENTER_32+0x73/0x90 [ 1171.520323][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.531065][T25216] [ 1171.535202][T25216] Uninit was stored to memory at: [ 1171.540192][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1171.546821][T25216] __msan_chain_origin+0x54/0xa0 [ 1171.552471][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1171.560406][T25216] get_compat_msghdr+0x108/0x2b0 [ 1171.561629][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1171.569956][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1171.574316][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.580574][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.587599][T25216] __do_fast_syscall_32+0x127/0x180 [ 1171.592743][T25216] do_fast_syscall_32+0x77/0xd0 [ 1171.597773][T25216] do_SYSENTER_32+0x73/0x90 [ 1171.601514][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.608679][T25216] [ 1171.611159][T25216] Uninit was stored to memory at: [ 1171.616262][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1171.620019][T25216] __msan_chain_origin+0x54/0xa0 [ 1171.620019][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1171.620019][T25216] get_compat_msghdr+0x108/0x2b0 [ 1171.620019][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1171.620019][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1171.620019][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.620019][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.620019][T25216] __do_fast_syscall_32+0x127/0x180 [ 1171.620019][T25216] do_fast_syscall_32+0x77/0xd0 [ 1171.620019][T25216] do_SYSENTER_32+0x73/0x90 [ 1171.620019][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.620019][T25216] [ 1171.620019][T25216] Uninit was stored to memory at: [ 1171.620019][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1171.620019][T25216] __msan_chain_origin+0x54/0xa0 [ 1171.620019][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1171.620019][T25216] get_compat_msghdr+0x108/0x2b0 [ 1171.620019][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1171.620019][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1171.620019][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.620019][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.620019][T25216] __do_fast_syscall_32+0x127/0x180 [ 1171.620019][T25216] do_fast_syscall_32+0x77/0xd0 [ 1171.620019][T25216] do_SYSENTER_32+0x73/0x90 [ 1171.620019][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.620019][T25216] [ 1171.620019][T25216] Uninit was stored to memory at: [ 1171.620019][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1171.620019][T25216] __msan_chain_origin+0x54/0xa0 [ 1171.620019][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1171.620019][T25216] get_compat_msghdr+0x108/0x2b0 [ 1171.620019][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1171.620019][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1171.620019][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.620019][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.620019][T25216] __do_fast_syscall_32+0x127/0x180 [ 1171.620019][T25216] do_fast_syscall_32+0x77/0xd0 [ 1171.620019][T25216] do_SYSENTER_32+0x73/0x90 [ 1171.620019][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.620019][T25216] [ 1171.620019][T25216] Uninit was stored to memory at: [ 1171.620019][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1171.620019][T25216] __msan_chain_origin+0x54/0xa0 [ 1171.620019][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1171.620019][T25216] get_compat_msghdr+0x108/0x2b0 [ 1171.620019][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1171.620019][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1171.620019][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1171.620019][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1171.620019][T25216] __do_fast_syscall_32+0x127/0x180 [ 1171.620019][T25216] do_fast_syscall_32+0x77/0xd0 [ 1171.620019][T25216] do_SYSENTER_32+0x73/0x90 [ 1171.620019][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1171.620019][T25216] [ 1171.620019][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1171.620019][T25216] do_recvmmsg+0xbf/0x22d0 [ 1171.620019][T25216] do_recvmmsg+0xbf/0x22d0 [ 1172.173629][T25216] not chained 2130000 origins [ 1172.178551][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1172.182785][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1172.182785][T25216] Call Trace: [ 1172.182785][T25216] dump_stack+0x24c/0x2e0 [ 1172.182785][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1172.182785][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1172.182785][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1172.182785][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1172.182785][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1172.182785][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1172.239995][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1172.241405][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1172.241405][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1172.241405][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1172.241405][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1172.241405][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1172.241405][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1172.241405][T25216] ? _copy_from_user+0x1fd/0x300 [ 1172.241405][T25216] __msan_chain_origin+0x54/0xa0 [ 1172.241405][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1172.241405][T25216] get_compat_msghdr+0x108/0x2b0 [ 1172.241405][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1172.241405][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1172.241405][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1172.241405][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1172.241405][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1172.241405][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1172.241405][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1172.241405][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.241405][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.241405][T25216] __do_fast_syscall_32+0x127/0x180 [ 1172.241405][T25216] do_fast_syscall_32+0x77/0xd0 [ 1172.241405][T25216] do_SYSENTER_32+0x73/0x90 [ 1172.241405][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.241405][T25216] RIP: 0023:0xf7f93549 [ 1172.241405][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1172.241405][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1172.241405][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1172.241405][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1172.241405][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1172.241405][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1172.241405][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1172.241405][T25216] Uninit was stored to memory at: [ 1172.241405][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1172.241405][T25216] __msan_chain_origin+0x54/0xa0 [ 1172.241405][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1172.241405][T25216] get_compat_msghdr+0x108/0x2b0 [ 1172.241405][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1172.241405][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1172.241405][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.241405][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.241405][T25216] __do_fast_syscall_32+0x127/0x180 [ 1172.241405][T25216] do_fast_syscall_32+0x77/0xd0 [ 1172.241405][T25216] do_SYSENTER_32+0x73/0x90 [ 1172.241405][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.241405][T25216] [ 1172.241405][T25216] Uninit was stored to memory at: [ 1172.241405][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1172.241405][T25216] __msan_chain_origin+0x54/0xa0 [ 1172.241405][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1172.241405][T25216] get_compat_msghdr+0x108/0x2b0 [ 1172.241405][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1172.241405][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1172.241405][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.241405][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.241405][T25216] __do_fast_syscall_32+0x127/0x180 [ 1172.241405][T25216] do_fast_syscall_32+0x77/0xd0 [ 1172.241405][T25216] do_SYSENTER_32+0x73/0x90 [ 1172.241405][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.241405][T25216] [ 1172.241405][T25216] Uninit was stored to memory at: [ 1172.595690][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1172.595690][T25216] __msan_chain_origin+0x54/0xa0 [ 1172.595690][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1172.595690][T25216] get_compat_msghdr+0x108/0x2b0 [ 1172.595690][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1172.595690][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1172.595690][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.595690][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.595690][T25216] __do_fast_syscall_32+0x127/0x180 [ 1172.595690][T25216] do_fast_syscall_32+0x77/0xd0 [ 1172.595690][T25216] do_SYSENTER_32+0x73/0x90 [ 1172.653918][T24873] Bluetooth: hci5: command 0x040f tx timeout [ 1172.595690][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.595690][T25216] [ 1172.595690][T25216] Uninit was stored to memory at: [ 1172.676608][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1172.676608][T25216] __msan_chain_origin+0x54/0xa0 [ 1172.676608][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1172.676608][T25216] get_compat_msghdr+0x108/0x2b0 [ 1172.676608][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1172.676608][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1172.676608][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.676608][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.676608][T25216] __do_fast_syscall_32+0x127/0x180 [ 1172.676608][T25216] do_fast_syscall_32+0x77/0xd0 [ 1172.733063][T25216] do_SYSENTER_32+0x73/0x90 [ 1172.733063][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.733063][T25216] [ 1172.733063][T25216] Uninit was stored to memory at: [ 1172.733063][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1172.733063][T25216] __msan_chain_origin+0x54/0xa0 [ 1172.733063][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1172.733063][T25216] get_compat_msghdr+0x108/0x2b0 [ 1172.733063][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1172.786004][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1172.786004][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.786004][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.786004][T25216] __do_fast_syscall_32+0x127/0x180 [ 1172.786004][T25216] do_fast_syscall_32+0x77/0xd0 [ 1172.786004][T25216] do_SYSENTER_32+0x73/0x90 [ 1172.786004][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.786004][T25216] [ 1172.786004][T25216] Uninit was stored to memory at: [ 1172.786004][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1172.786004][T25216] __msan_chain_origin+0x54/0xa0 [ 1172.786004][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1172.786004][T25216] get_compat_msghdr+0x108/0x2b0 [ 1172.786004][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1172.786004][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1172.786004][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.786004][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.786004][T25216] __do_fast_syscall_32+0x127/0x180 [ 1172.786004][T25216] do_fast_syscall_32+0x77/0xd0 [ 1172.786004][T25216] do_SYSENTER_32+0x73/0x90 [ 1172.786004][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.786004][T25216] [ 1172.786004][T25216] Uninit was stored to memory at: [ 1172.786004][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1172.786004][T25216] __msan_chain_origin+0x54/0xa0 [ 1172.786004][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1172.786004][T25216] get_compat_msghdr+0x108/0x2b0 [ 1172.786004][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1172.786004][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1172.786004][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1172.786004][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1172.786004][T25216] __do_fast_syscall_32+0x127/0x180 [ 1172.786004][T25216] do_fast_syscall_32+0x77/0xd0 [ 1172.786004][T25216] do_SYSENTER_32+0x73/0x90 [ 1172.786004][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1172.786004][T25216] [ 1172.786004][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1172.786004][T25216] do_recvmmsg+0xbf/0x22d0 [ 1172.786004][T25216] do_recvmmsg+0xbf/0x22d0 [ 1173.192070][T25216] not chained 2140000 origins [ 1173.192226][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1173.192226][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1173.192226][T25216] Call Trace: [ 1173.192226][T25216] dump_stack+0x24c/0x2e0 [ 1173.192226][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1173.192226][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1173.192226][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1173.192226][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1173.192226][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1173.192226][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1173.192226][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1173.263813][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1173.263813][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1173.263813][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1173.263813][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1173.263813][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1173.263813][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1173.263813][T25216] ? _copy_from_user+0x1fd/0x300 [ 1173.263813][T25216] __msan_chain_origin+0x54/0xa0 [ 1173.263813][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1173.263813][T25216] get_compat_msghdr+0x108/0x2b0 [ 1173.263813][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1173.263813][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1173.263813][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1173.263813][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1173.263813][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1173.263813][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1173.263813][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1173.263813][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.263813][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.263813][T25216] __do_fast_syscall_32+0x127/0x180 [ 1173.263813][T25216] do_fast_syscall_32+0x77/0xd0 [ 1173.263813][T25216] do_SYSENTER_32+0x73/0x90 [ 1173.263813][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.263813][T25216] RIP: 0023:0xf7f93549 [ 1173.263813][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1173.263813][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1173.263813][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1173.263813][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1173.263813][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1173.263813][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1173.263813][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1173.263813][T25216] Uninit was stored to memory at: [ 1173.263813][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1173.263813][T25216] __msan_chain_origin+0x54/0xa0 [ 1173.263813][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1173.263813][T25216] get_compat_msghdr+0x108/0x2b0 [ 1173.263813][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1173.263813][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1173.263813][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.263813][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.263813][T25216] __do_fast_syscall_32+0x127/0x180 [ 1173.263813][T25216] do_fast_syscall_32+0x77/0xd0 [ 1173.263813][T25216] do_SYSENTER_32+0x73/0x90 [ 1173.263813][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.263813][T25216] [ 1173.263813][T25216] Uninit was stored to memory at: [ 1173.263813][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1173.263813][T25216] __msan_chain_origin+0x54/0xa0 [ 1173.263813][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1173.263813][T25216] get_compat_msghdr+0x108/0x2b0 [ 1173.263813][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1173.263813][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1173.263813][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.263813][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.263813][T25216] __do_fast_syscall_32+0x127/0x180 [ 1173.263813][T25216] do_fast_syscall_32+0x77/0xd0 [ 1173.263813][T25216] do_SYSENTER_32+0x73/0x90 [ 1173.263813][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.263813][T25216] [ 1173.263813][T25216] Uninit was stored to memory at: [ 1173.263813][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1173.263813][T25216] __msan_chain_origin+0x54/0xa0 [ 1173.263813][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1173.263813][T25216] get_compat_msghdr+0x108/0x2b0 [ 1173.263813][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1173.263813][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1173.263813][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.263813][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.263813][T25216] __do_fast_syscall_32+0x127/0x180 [ 1173.263813][T25216] do_fast_syscall_32+0x77/0xd0 [ 1173.263813][T25216] do_SYSENTER_32+0x73/0x90 [ 1173.263813][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.263813][T25216] [ 1173.263813][T25216] Uninit was stored to memory at: [ 1173.263813][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1173.263813][T25216] __msan_chain_origin+0x54/0xa0 [ 1173.263813][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1173.263813][T25216] get_compat_msghdr+0x108/0x2b0 [ 1173.263813][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1173.263813][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1173.263813][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.263813][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.263813][T25216] __do_fast_syscall_32+0x127/0x180 [ 1173.263813][T25216] do_fast_syscall_32+0x77/0xd0 [ 1173.263813][T25216] do_SYSENTER_32+0x73/0x90 [ 1173.263813][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.263813][T25216] [ 1173.263813][T25216] Uninit was stored to memory at: [ 1173.263813][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1173.263813][T25216] __msan_chain_origin+0x54/0xa0 [ 1173.263813][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1173.263813][T25216] get_compat_msghdr+0x108/0x2b0 [ 1173.263813][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1173.263813][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1173.263813][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.263813][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.263813][T25216] __do_fast_syscall_32+0x127/0x180 [ 1173.263813][T25216] do_fast_syscall_32+0x77/0xd0 [ 1173.263813][T25216] do_SYSENTER_32+0x73/0x90 [ 1173.263813][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.263813][T25216] [ 1173.263813][T25216] Uninit was stored to memory at: [ 1173.263813][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1173.263813][T25216] __msan_chain_origin+0x54/0xa0 [ 1173.263813][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1173.263813][T25216] get_compat_msghdr+0x108/0x2b0 [ 1173.263813][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1173.263813][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1173.263813][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.263813][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.263813][T25216] __do_fast_syscall_32+0x127/0x180 [ 1173.263813][T25216] do_fast_syscall_32+0x77/0xd0 [ 1173.263813][T25216] do_SYSENTER_32+0x73/0x90 [ 1173.263813][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.263813][T25216] [ 1173.263813][T25216] Uninit was stored to memory at: [ 1173.263813][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1173.263813][T25216] __msan_chain_origin+0x54/0xa0 [ 1173.263813][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1173.263813][T25216] get_compat_msghdr+0x108/0x2b0 [ 1173.263813][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1173.263813][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1173.263813][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1173.263813][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1173.263813][T25216] __do_fast_syscall_32+0x127/0x180 [ 1173.263813][T25216] do_fast_syscall_32+0x77/0xd0 [ 1173.263813][T25216] do_SYSENTER_32+0x73/0x90 [ 1173.263813][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1173.263813][T25216] [ 1173.263813][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1173.263813][T25216] do_recvmmsg+0xbf/0x22d0 [ 1173.263813][T25216] do_recvmmsg+0xbf/0x22d0 [ 1174.195648][T25216] not chained 2150000 origins [ 1174.200354][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1174.202232][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1174.202232][T25216] Call Trace: [ 1174.202232][T25216] dump_stack+0x24c/0x2e0 [ 1174.202232][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1174.202232][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1174.202232][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1174.202232][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1174.202232][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1174.202232][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1174.202232][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1174.202232][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1174.202232][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1174.202232][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1174.202232][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1174.202232][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1174.202232][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1174.202232][T25216] ? _copy_from_user+0x1fd/0x300 [ 1174.202232][T25216] __msan_chain_origin+0x54/0xa0 [ 1174.202232][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1174.202232][T25216] get_compat_msghdr+0x108/0x2b0 [ 1174.202232][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1174.202232][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1174.202232][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1174.202232][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1174.202232][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1174.202232][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1174.202232][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1174.202232][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.202232][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.202232][T25216] __do_fast_syscall_32+0x127/0x180 [ 1174.202232][T25216] do_fast_syscall_32+0x77/0xd0 [ 1174.202232][T25216] do_SYSENTER_32+0x73/0x90 [ 1174.202232][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.202232][T25216] RIP: 0023:0xf7f93549 [ 1174.202232][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1174.202232][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1174.202232][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1174.202232][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1174.202232][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1174.202232][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1174.202232][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1174.202232][T25216] Uninit was stored to memory at: [ 1174.202232][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1174.202232][T25216] __msan_chain_origin+0x54/0xa0 [ 1174.202232][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1174.202232][T25216] get_compat_msghdr+0x108/0x2b0 [ 1174.202232][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1174.202232][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1174.202232][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.202232][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.202232][T25216] __do_fast_syscall_32+0x127/0x180 [ 1174.202232][T25216] do_fast_syscall_32+0x77/0xd0 [ 1174.202232][T25216] do_SYSENTER_32+0x73/0x90 [ 1174.202232][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.202232][T25216] [ 1174.202232][T25216] Uninit was stored to memory at: [ 1174.202232][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1174.202232][T25216] __msan_chain_origin+0x54/0xa0 [ 1174.202232][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1174.202232][T25216] get_compat_msghdr+0x108/0x2b0 [ 1174.202232][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1174.202232][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1174.202232][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.202232][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.202232][T25216] __do_fast_syscall_32+0x127/0x180 [ 1174.202232][T25216] do_fast_syscall_32+0x77/0xd0 [ 1174.202232][T25216] do_SYSENTER_32+0x73/0x90 [ 1174.202232][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.202232][T25216] [ 1174.202232][T25216] Uninit was stored to memory at: [ 1174.202232][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1174.202232][T25216] __msan_chain_origin+0x54/0xa0 [ 1174.202232][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1174.202232][T25216] get_compat_msghdr+0x108/0x2b0 [ 1174.202232][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1174.202232][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1174.202232][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.202232][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.202232][T25216] __do_fast_syscall_32+0x127/0x180 [ 1174.202232][T25216] do_fast_syscall_32+0x77/0xd0 [ 1174.202232][T25216] do_SYSENTER_32+0x73/0x90 [ 1174.202232][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.202232][T25216] [ 1174.202232][T25216] Uninit was stored to memory at: [ 1174.202232][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1174.202232][T25216] __msan_chain_origin+0x54/0xa0 [ 1174.202232][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1174.202232][T25216] get_compat_msghdr+0x108/0x2b0 [ 1174.202232][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1174.202232][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1174.202232][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.202232][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.202232][T25216] __do_fast_syscall_32+0x127/0x180 [ 1174.202232][T25216] do_fast_syscall_32+0x77/0xd0 [ 1174.202232][T25216] do_SYSENTER_32+0x73/0x90 [ 1174.202232][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.202232][T25216] [ 1174.202232][T25216] Uninit was stored to memory at: [ 1174.202232][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1174.202232][T25216] __msan_chain_origin+0x54/0xa0 [ 1174.202232][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1174.202232][T25216] get_compat_msghdr+0x108/0x2b0 [ 1174.202232][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1174.202232][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1174.202232][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.202232][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.202232][T25216] __do_fast_syscall_32+0x127/0x180 [ 1174.202232][T25216] do_fast_syscall_32+0x77/0xd0 [ 1174.202232][T25216] do_SYSENTER_32+0x73/0x90 [ 1174.202232][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.202232][T25216] [ 1174.202232][T25216] Uninit was stored to memory at: [ 1174.202232][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1174.202232][T25216] __msan_chain_origin+0x54/0xa0 [ 1174.202232][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1174.202232][T25216] get_compat_msghdr+0x108/0x2b0 [ 1174.202232][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1174.202232][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1174.202232][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.202232][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.202232][T25216] __do_fast_syscall_32+0x127/0x180 [ 1174.202232][T25216] do_fast_syscall_32+0x77/0xd0 [ 1174.202232][T25216] do_SYSENTER_32+0x73/0x90 [ 1174.202232][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.202232][T25216] [ 1174.202232][T25216] Uninit was stored to memory at: [ 1174.202232][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1174.202232][T25216] __msan_chain_origin+0x54/0xa0 [ 1174.202232][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1174.202232][T25216] get_compat_msghdr+0x108/0x2b0 [ 1174.202232][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1174.202232][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1174.202232][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1174.202232][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1174.202232][T25216] __do_fast_syscall_32+0x127/0x180 [ 1174.202232][T25216] do_fast_syscall_32+0x77/0xd0 [ 1174.202232][T25216] do_SYSENTER_32+0x73/0x90 [ 1174.202232][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1174.202232][T25216] [ 1174.202232][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1174.202232][T25216] do_recvmmsg+0xbf/0x22d0 [ 1174.202232][T25216] do_recvmmsg+0xbf/0x22d0 [ 1175.018023][T24873] Bluetooth: hci5: command 0x0419 tx timeout [ 1175.187293][T25216] not chained 2160000 origins [ 1175.192028][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1175.192238][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1175.208327][T25216] Call Trace: [ 1175.208327][T25216] dump_stack+0x24c/0x2e0 [ 1175.208327][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1175.208327][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1175.208327][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1175.236778][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1175.236778][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1175.236778][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1175.236778][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1175.236778][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1175.236778][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1175.236778][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1175.236778][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1175.236778][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1175.236778][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1175.236778][T25216] ? _copy_from_user+0x1fd/0x300 [ 1175.236778][T25216] __msan_chain_origin+0x54/0xa0 [ 1175.236778][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1175.236778][T25216] get_compat_msghdr+0x108/0x2b0 [ 1175.236778][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1175.236778][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1175.236778][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1175.236778][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1175.236778][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1175.236778][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1175.236778][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1175.236778][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.236778][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.236778][T25216] __do_fast_syscall_32+0x127/0x180 [ 1175.236778][T25216] do_fast_syscall_32+0x77/0xd0 [ 1175.236778][T25216] do_SYSENTER_32+0x73/0x90 [ 1175.236778][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.236778][T25216] RIP: 0023:0xf7f93549 [ 1175.236778][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1175.236778][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1175.236778][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1175.236778][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1175.236778][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1175.236778][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1175.236778][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1175.236778][T25216] Uninit was stored to memory at: [ 1175.236778][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1175.236778][T25216] __msan_chain_origin+0x54/0xa0 [ 1175.236778][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1175.236778][T25216] get_compat_msghdr+0x108/0x2b0 [ 1175.236778][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1175.236778][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1175.236778][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.236778][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.236778][T25216] __do_fast_syscall_32+0x127/0x180 [ 1175.236778][T25216] do_fast_syscall_32+0x77/0xd0 [ 1175.236778][T25216] do_SYSENTER_32+0x73/0x90 [ 1175.236778][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.236778][T25216] [ 1175.236778][T25216] Uninit was stored to memory at: [ 1175.236778][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1175.236778][T25216] __msan_chain_origin+0x54/0xa0 [ 1175.236778][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1175.236778][T25216] get_compat_msghdr+0x108/0x2b0 [ 1175.236778][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1175.236778][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1175.236778][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.581358][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.581358][T25216] __do_fast_syscall_32+0x127/0x180 [ 1175.581358][T25216] do_fast_syscall_32+0x77/0xd0 [ 1175.581358][T25216] do_SYSENTER_32+0x73/0x90 [ 1175.581358][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.581358][T25216] [ 1175.581358][T25216] Uninit was stored to memory at: [ 1175.581358][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1175.581358][T25216] __msan_chain_origin+0x54/0xa0 [ 1175.630746][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1175.630746][T25216] get_compat_msghdr+0x108/0x2b0 [ 1175.630746][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1175.630746][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1175.630746][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.630746][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.630746][T25216] __do_fast_syscall_32+0x127/0x180 [ 1175.630746][T25216] do_fast_syscall_32+0x77/0xd0 [ 1175.630746][T25216] do_SYSENTER_32+0x73/0x90 [ 1175.630746][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.630746][T25216] [ 1175.630746][T25216] Uninit was stored to memory at: [ 1175.630746][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1175.630746][T25216] __msan_chain_origin+0x54/0xa0 [ 1175.630746][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1175.630746][T25216] get_compat_msghdr+0x108/0x2b0 [ 1175.630746][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1175.630746][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1175.630746][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.630746][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.630746][T25216] __do_fast_syscall_32+0x127/0x180 [ 1175.630746][T25216] do_fast_syscall_32+0x77/0xd0 [ 1175.630746][T25216] do_SYSENTER_32+0x73/0x90 [ 1175.630746][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.630746][T25216] [ 1175.630746][T25216] Uninit was stored to memory at: [ 1175.630746][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1175.630746][T25216] __msan_chain_origin+0x54/0xa0 [ 1175.630746][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1175.630746][T25216] get_compat_msghdr+0x108/0x2b0 [ 1175.630746][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1175.630746][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1175.630746][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.630746][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.630746][T25216] __do_fast_syscall_32+0x127/0x180 [ 1175.630746][T25216] do_fast_syscall_32+0x77/0xd0 [ 1175.630746][T25216] do_SYSENTER_32+0x73/0x90 [ 1175.630746][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.630746][T25216] [ 1175.630746][T25216] Uninit was stored to memory at: [ 1175.630746][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1175.630746][T25216] __msan_chain_origin+0x54/0xa0 [ 1175.630746][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1175.630746][T25216] get_compat_msghdr+0x108/0x2b0 [ 1175.630746][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1175.630746][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1175.630746][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.630746][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.630746][T25216] __do_fast_syscall_32+0x127/0x180 [ 1175.630746][T25216] do_fast_syscall_32+0x77/0xd0 [ 1175.630746][T25216] do_SYSENTER_32+0x73/0x90 [ 1175.630746][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.630746][T25216] [ 1175.630746][T25216] Uninit was stored to memory at: [ 1175.630746][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1175.630746][T25216] __msan_chain_origin+0x54/0xa0 [ 1175.630746][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1175.630746][T25216] get_compat_msghdr+0x108/0x2b0 [ 1175.630746][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1175.630746][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1175.630746][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1175.630746][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1175.630746][T25216] __do_fast_syscall_32+0x127/0x180 [ 1175.630746][T25216] do_fast_syscall_32+0x77/0xd0 [ 1175.630746][T25216] do_SYSENTER_32+0x73/0x90 [ 1175.630746][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1175.630746][T25216] [ 1175.630746][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1175.630746][T25216] do_recvmmsg+0xbf/0x22d0 [ 1175.630746][T25216] do_recvmmsg+0xbf/0x22d0 [ 1176.239747][T25216] not chained 2170000 origins [ 1176.242238][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1176.242238][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1176.242238][T25216] Call Trace: [ 1176.242238][T25216] dump_stack+0x24c/0x2e0 [ 1176.242238][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1176.242238][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1176.242238][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1176.242238][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1176.242238][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1176.242238][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1176.242238][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1176.242238][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1176.242238][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1176.242238][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1176.242238][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1176.335323][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1176.335323][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1176.335323][T25216] ? _copy_from_user+0x1fd/0x300 [ 1176.335323][T25216] __msan_chain_origin+0x54/0xa0 [ 1176.335323][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1176.335323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1176.335323][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1176.335323][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1176.335323][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1176.335323][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1176.335323][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1176.335323][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1176.335323][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1176.335323][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.335323][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.335323][T25216] __do_fast_syscall_32+0x127/0x180 [ 1176.335323][T25216] do_fast_syscall_32+0x77/0xd0 [ 1176.335323][T25216] do_SYSENTER_32+0x73/0x90 [ 1176.335323][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.335323][T25216] RIP: 0023:0xf7f93549 [ 1176.335323][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1176.335323][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1176.335323][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1176.335323][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1176.335323][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1176.335323][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1176.335323][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1176.335323][T25216] Uninit was stored to memory at: [ 1176.335323][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1176.335323][T25216] __msan_chain_origin+0x54/0xa0 [ 1176.335323][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1176.335323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1176.335323][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1176.335323][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1176.335323][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.335323][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.335323][T25216] __do_fast_syscall_32+0x127/0x180 [ 1176.335323][T25216] do_fast_syscall_32+0x77/0xd0 [ 1176.335323][T25216] do_SYSENTER_32+0x73/0x90 [ 1176.335323][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.335323][T25216] [ 1176.335323][T25216] Uninit was stored to memory at: [ 1176.335323][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1176.335323][T25216] __msan_chain_origin+0x54/0xa0 [ 1176.335323][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1176.335323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1176.335323][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1176.335323][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1176.335323][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.335323][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.335323][T25216] __do_fast_syscall_32+0x127/0x180 [ 1176.335323][T25216] do_fast_syscall_32+0x77/0xd0 [ 1176.335323][T25216] do_SYSENTER_32+0x73/0x90 [ 1176.335323][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.335323][T25216] [ 1176.335323][T25216] Uninit was stored to memory at: [ 1176.335323][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1176.335323][T25216] __msan_chain_origin+0x54/0xa0 [ 1176.335323][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1176.335323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1176.335323][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1176.335323][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1176.335323][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.335323][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.335323][T25216] __do_fast_syscall_32+0x127/0x180 [ 1176.335323][T25216] do_fast_syscall_32+0x77/0xd0 [ 1176.335323][T25216] do_SYSENTER_32+0x73/0x90 [ 1176.335323][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.335323][T25216] [ 1176.335323][T25216] Uninit was stored to memory at: [ 1176.335323][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1176.335323][T25216] __msan_chain_origin+0x54/0xa0 [ 1176.335323][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1176.335323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1176.335323][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1176.335323][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1176.335323][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.335323][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.335323][T25216] __do_fast_syscall_32+0x127/0x180 [ 1176.335323][T25216] do_fast_syscall_32+0x77/0xd0 [ 1176.335323][T25216] do_SYSENTER_32+0x73/0x90 [ 1176.335323][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.335323][T25216] [ 1176.335323][T25216] Uninit was stored to memory at: [ 1176.335323][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1176.335323][T25216] __msan_chain_origin+0x54/0xa0 [ 1176.335323][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1176.335323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1176.335323][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1176.335323][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1176.335323][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.335323][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.335323][T25216] __do_fast_syscall_32+0x127/0x180 [ 1176.335323][T25216] do_fast_syscall_32+0x77/0xd0 [ 1176.335323][T25216] do_SYSENTER_32+0x73/0x90 [ 1176.335323][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.335323][T25216] [ 1176.335323][T25216] Uninit was stored to memory at: [ 1176.335323][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1176.335323][T25216] __msan_chain_origin+0x54/0xa0 [ 1176.335323][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1176.335323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1176.335323][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1176.335323][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1176.335323][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.335323][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.335323][T25216] __do_fast_syscall_32+0x127/0x180 [ 1176.335323][T25216] do_fast_syscall_32+0x77/0xd0 [ 1176.335323][T25216] do_SYSENTER_32+0x73/0x90 [ 1176.335323][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.335323][T25216] [ 1176.335323][T25216] Uninit was stored to memory at: [ 1176.335323][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1176.335323][T25216] __msan_chain_origin+0x54/0xa0 [ 1176.335323][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1176.335323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1176.335323][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1176.335323][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1176.335323][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1176.335323][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1176.335323][T25216] __do_fast_syscall_32+0x127/0x180 [ 1176.335323][T25216] do_fast_syscall_32+0x77/0xd0 [ 1176.335323][T25216] do_SYSENTER_32+0x73/0x90 [ 1176.335323][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1176.335323][T25216] [ 1176.335323][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1176.335323][T25216] do_recvmmsg+0xbf/0x22d0 [ 1176.335323][T25216] do_recvmmsg+0xbf/0x22d0 [ 1177.229418][T25216] not chained 2180000 origins [ 1177.232237][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1177.232237][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1177.232237][T25216] Call Trace: [ 1177.256413][T25216] dump_stack+0x24c/0x2e0 [ 1177.259349][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1177.259349][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1177.259349][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1177.259349][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1177.259349][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1177.259349][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1177.259349][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1177.259349][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1177.259349][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1177.259349][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1177.259349][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1177.259349][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1177.259349][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1177.259349][T25216] ? _copy_from_user+0x1fd/0x300 [ 1177.259349][T25216] __msan_chain_origin+0x54/0xa0 [ 1177.259349][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1177.259349][T25216] get_compat_msghdr+0x108/0x2b0 [ 1177.259349][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1177.259349][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1177.259349][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1177.259349][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1177.259349][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1177.259349][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1177.259349][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1177.259349][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.259349][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.259349][T25216] __do_fast_syscall_32+0x127/0x180 [ 1177.259349][T25216] do_fast_syscall_32+0x77/0xd0 [ 1177.259349][T25216] do_SYSENTER_32+0x73/0x90 [ 1177.259349][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.259349][T25216] RIP: 0023:0xf7f93549 [ 1177.259349][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1177.259349][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1177.259349][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1177.259349][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1177.259349][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1177.259349][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1177.259349][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1177.259349][T25216] Uninit was stored to memory at: [ 1177.259349][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1177.259349][T25216] __msan_chain_origin+0x54/0xa0 [ 1177.259349][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1177.259349][T25216] get_compat_msghdr+0x108/0x2b0 [ 1177.259349][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1177.259349][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1177.259349][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.259349][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.259349][T25216] __do_fast_syscall_32+0x127/0x180 [ 1177.259349][T25216] do_fast_syscall_32+0x77/0xd0 [ 1177.259349][T25216] do_SYSENTER_32+0x73/0x90 [ 1177.259349][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.259349][T25216] [ 1177.259349][T25216] Uninit was stored to memory at: [ 1177.259349][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1177.259349][T25216] __msan_chain_origin+0x54/0xa0 [ 1177.259349][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1177.259349][T25216] get_compat_msghdr+0x108/0x2b0 [ 1177.259349][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1177.259349][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1177.259349][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.259349][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.259349][T25216] __do_fast_syscall_32+0x127/0x180 [ 1177.259349][T25216] do_fast_syscall_32+0x77/0xd0 [ 1177.259349][T25216] do_SYSENTER_32+0x73/0x90 [ 1177.259349][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.259349][T25216] [ 1177.259349][T25216] Uninit was stored to memory at: [ 1177.259349][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1177.259349][T25216] __msan_chain_origin+0x54/0xa0 [ 1177.259349][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1177.259349][T25216] get_compat_msghdr+0x108/0x2b0 [ 1177.259349][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1177.259349][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1177.259349][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.259349][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.259349][T25216] __do_fast_syscall_32+0x127/0x180 [ 1177.259349][T25216] do_fast_syscall_32+0x77/0xd0 [ 1177.259349][T25216] do_SYSENTER_32+0x73/0x90 [ 1177.259349][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.259349][T25216] [ 1177.259349][T25216] Uninit was stored to memory at: [ 1177.259349][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1177.259349][T25216] __msan_chain_origin+0x54/0xa0 [ 1177.259349][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1177.259349][T25216] get_compat_msghdr+0x108/0x2b0 [ 1177.259349][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1177.259349][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1177.259349][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.259349][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.259349][T25216] __do_fast_syscall_32+0x127/0x180 [ 1177.259349][T25216] do_fast_syscall_32+0x77/0xd0 [ 1177.259349][T25216] do_SYSENTER_32+0x73/0x90 [ 1177.259349][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.259349][T25216] [ 1177.259349][T25216] Uninit was stored to memory at: [ 1177.259349][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1177.259349][T25216] __msan_chain_origin+0x54/0xa0 [ 1177.259349][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1177.259349][T25216] get_compat_msghdr+0x108/0x2b0 [ 1177.259349][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1177.259349][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1177.259349][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.259349][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.259349][T25216] __do_fast_syscall_32+0x127/0x180 [ 1177.259349][T25216] do_fast_syscall_32+0x77/0xd0 [ 1177.259349][T25216] do_SYSENTER_32+0x73/0x90 [ 1177.259349][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.259349][T25216] [ 1177.259349][T25216] Uninit was stored to memory at: [ 1177.259349][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1177.259349][T25216] __msan_chain_origin+0x54/0xa0 [ 1177.259349][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1177.259349][T25216] get_compat_msghdr+0x108/0x2b0 [ 1177.259349][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1177.259349][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1177.259349][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.259349][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.259349][T25216] __do_fast_syscall_32+0x127/0x180 [ 1177.259349][T25216] do_fast_syscall_32+0x77/0xd0 [ 1177.259349][T25216] do_SYSENTER_32+0x73/0x90 [ 1177.259349][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.259349][T25216] [ 1177.259349][T25216] Uninit was stored to memory at: [ 1177.259349][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1177.259349][T25216] __msan_chain_origin+0x54/0xa0 [ 1177.259349][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1177.259349][T25216] get_compat_msghdr+0x108/0x2b0 [ 1177.259349][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1177.259349][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1177.259349][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1177.259349][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1177.259349][T25216] __do_fast_syscall_32+0x127/0x180 [ 1177.259349][T25216] do_fast_syscall_32+0x77/0xd0 [ 1177.259349][T25216] do_SYSENTER_32+0x73/0x90 [ 1177.259349][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1177.259349][T25216] [ 1177.259349][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1177.259349][T25216] do_recvmmsg+0xbf/0x22d0 [ 1177.259349][T25216] do_recvmmsg+0xbf/0x22d0 [ 1178.238458][T25216] not chained 2190000 origins [ 1178.242243][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1178.242243][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1178.242243][T25216] Call Trace: [ 1178.242243][T25216] dump_stack+0x24c/0x2e0 [ 1178.242243][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1178.242243][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1178.281091][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1178.281091][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1178.281091][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1178.281091][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1178.281091][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1178.281091][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1178.281091][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1178.281091][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1178.281091][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1178.281091][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1178.281091][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1178.281091][T25216] ? _copy_from_user+0x1fd/0x300 [ 1178.281091][T25216] __msan_chain_origin+0x54/0xa0 [ 1178.281091][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1178.281091][T25216] get_compat_msghdr+0x108/0x2b0 [ 1178.281091][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1178.281091][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1178.281091][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1178.281091][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1178.281091][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1178.281091][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1178.281091][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1178.281091][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.281091][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.281091][T25216] __do_fast_syscall_32+0x127/0x180 [ 1178.281091][T25216] do_fast_syscall_32+0x77/0xd0 [ 1178.281091][T25216] do_SYSENTER_32+0x73/0x90 [ 1178.281091][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.281091][T25216] RIP: 0023:0xf7f93549 [ 1178.281091][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1178.281091][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1178.281091][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1178.281091][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1178.281091][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1178.281091][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1178.281091][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1178.281091][T25216] Uninit was stored to memory at: [ 1178.281091][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1178.281091][T25216] __msan_chain_origin+0x54/0xa0 [ 1178.281091][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1178.281091][T25216] get_compat_msghdr+0x108/0x2b0 [ 1178.281091][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1178.281091][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1178.281091][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.281091][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.281091][T25216] __do_fast_syscall_32+0x127/0x180 [ 1178.281091][T25216] do_fast_syscall_32+0x77/0xd0 [ 1178.281091][T25216] do_SYSENTER_32+0x73/0x90 [ 1178.281091][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.281091][T25216] [ 1178.281091][T25216] Uninit was stored to memory at: [ 1178.281091][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1178.281091][T25216] __msan_chain_origin+0x54/0xa0 [ 1178.281091][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1178.281091][T25216] get_compat_msghdr+0x108/0x2b0 [ 1178.281091][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1178.281091][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1178.281091][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.281091][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.281091][T25216] __do_fast_syscall_32+0x127/0x180 [ 1178.281091][T25216] do_fast_syscall_32+0x77/0xd0 [ 1178.281091][T25216] do_SYSENTER_32+0x73/0x90 [ 1178.281091][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.281091][T25216] [ 1178.281091][T25216] Uninit was stored to memory at: [ 1178.281091][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1178.281091][T25216] __msan_chain_origin+0x54/0xa0 [ 1178.281091][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1178.281091][T25216] get_compat_msghdr+0x108/0x2b0 [ 1178.281091][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1178.281091][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1178.281091][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.281091][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.281091][T25216] __do_fast_syscall_32+0x127/0x180 [ 1178.281091][T25216] do_fast_syscall_32+0x77/0xd0 [ 1178.281091][T25216] do_SYSENTER_32+0x73/0x90 [ 1178.281091][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.281091][T25216] [ 1178.281091][T25216] Uninit was stored to memory at: [ 1178.281091][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1178.281091][T25216] __msan_chain_origin+0x54/0xa0 [ 1178.281091][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1178.281091][T25216] get_compat_msghdr+0x108/0x2b0 [ 1178.281091][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1178.281091][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1178.281091][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.281091][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.281091][T25216] __do_fast_syscall_32+0x127/0x180 [ 1178.281091][T25216] do_fast_syscall_32+0x77/0xd0 [ 1178.281091][T25216] do_SYSENTER_32+0x73/0x90 [ 1178.281091][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.281091][T25216] [ 1178.281091][T25216] Uninit was stored to memory at: [ 1178.281091][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1178.281091][T25216] __msan_chain_origin+0x54/0xa0 [ 1178.281091][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1178.281091][T25216] get_compat_msghdr+0x108/0x2b0 [ 1178.281091][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1178.281091][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1178.281091][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.281091][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.281091][T25216] __do_fast_syscall_32+0x127/0x180 [ 1178.281091][T25216] do_fast_syscall_32+0x77/0xd0 [ 1178.281091][T25216] do_SYSENTER_32+0x73/0x90 [ 1178.281091][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.281091][T25216] [ 1178.281091][T25216] Uninit was stored to memory at: [ 1178.281091][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1178.281091][T25216] __msan_chain_origin+0x54/0xa0 [ 1178.281091][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1178.281091][T25216] get_compat_msghdr+0x108/0x2b0 [ 1178.281091][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1178.281091][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1178.281091][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.281091][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.281091][T25216] __do_fast_syscall_32+0x127/0x180 [ 1178.281091][T25216] do_fast_syscall_32+0x77/0xd0 [ 1178.281091][T25216] do_SYSENTER_32+0x73/0x90 [ 1178.281091][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.281091][T25216] [ 1178.281091][T25216] Uninit was stored to memory at: [ 1178.281091][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1178.281091][T25216] __msan_chain_origin+0x54/0xa0 [ 1178.281091][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1178.281091][T25216] get_compat_msghdr+0x108/0x2b0 [ 1178.281091][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1178.281091][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1178.281091][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1178.281091][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1178.281091][T25216] __do_fast_syscall_32+0x127/0x180 [ 1178.281091][T25216] do_fast_syscall_32+0x77/0xd0 [ 1178.281091][T25216] do_SYSENTER_32+0x73/0x90 [ 1178.281091][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1178.281091][T25216] [ 1178.281091][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1178.281091][T25216] do_recvmmsg+0xbf/0x22d0 [ 1178.281091][T25216] do_recvmmsg+0xbf/0x22d0 [ 1179.247515][T25216] not chained 2200000 origins [ 1179.252215][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1179.252215][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1179.252215][T25216] Call Trace: [ 1179.252215][T25216] dump_stack+0x24c/0x2e0 [ 1179.252215][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1179.252215][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1179.252215][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1179.252215][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1179.252215][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1179.306621][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1179.306621][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1179.306621][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1179.306621][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1179.306621][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1179.306621][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1179.306621][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1179.306621][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1179.306621][T25216] ? _copy_from_user+0x1fd/0x300 [ 1179.306621][T25216] __msan_chain_origin+0x54/0xa0 [ 1179.306621][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1179.306621][T25216] get_compat_msghdr+0x108/0x2b0 [ 1179.306621][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1179.306621][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1179.306621][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1179.306621][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1179.306621][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1179.306621][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1179.306621][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1179.306621][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.306621][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.306621][T25216] __do_fast_syscall_32+0x127/0x180 [ 1179.306621][T25216] do_fast_syscall_32+0x77/0xd0 [ 1179.306621][T25216] do_SYSENTER_32+0x73/0x90 [ 1179.306621][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.306621][T25216] RIP: 0023:0xf7f93549 [ 1179.306621][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1179.306621][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1179.306621][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1179.306621][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1179.306621][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1179.306621][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1179.306621][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1179.306621][T25216] Uninit was stored to memory at: [ 1179.306621][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1179.306621][T25216] __msan_chain_origin+0x54/0xa0 [ 1179.306621][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1179.306621][T25216] get_compat_msghdr+0x108/0x2b0 [ 1179.306621][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1179.306621][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1179.306621][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.306621][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.306621][T25216] __do_fast_syscall_32+0x127/0x180 [ 1179.306621][T25216] do_fast_syscall_32+0x77/0xd0 [ 1179.306621][T25216] do_SYSENTER_32+0x73/0x90 [ 1179.306621][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.306621][T25216] [ 1179.306621][T25216] Uninit was stored to memory at: [ 1179.306621][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1179.306621][T25216] __msan_chain_origin+0x54/0xa0 [ 1179.306621][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1179.306621][T25216] get_compat_msghdr+0x108/0x2b0 [ 1179.306621][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1179.306621][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1179.306621][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.306621][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.306621][T25216] __do_fast_syscall_32+0x127/0x180 [ 1179.306621][T25216] do_fast_syscall_32+0x77/0xd0 [ 1179.306621][T25216] do_SYSENTER_32+0x73/0x90 [ 1179.306621][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.306621][T25216] [ 1179.306621][T25216] Uninit was stored to memory at: [ 1179.306621][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1179.306621][T25216] __msan_chain_origin+0x54/0xa0 [ 1179.306621][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1179.306621][T25216] get_compat_msghdr+0x108/0x2b0 [ 1179.306621][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1179.306621][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1179.306621][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.306621][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.306621][T25216] __do_fast_syscall_32+0x127/0x180 [ 1179.306621][T25216] do_fast_syscall_32+0x77/0xd0 [ 1179.306621][T25216] do_SYSENTER_32+0x73/0x90 [ 1179.306621][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.306621][T25216] [ 1179.306621][T25216] Uninit was stored to memory at: [ 1179.306621][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1179.306621][T25216] __msan_chain_origin+0x54/0xa0 [ 1179.306621][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1179.306621][T25216] get_compat_msghdr+0x108/0x2b0 [ 1179.306621][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1179.306621][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1179.306621][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.306621][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.306621][T25216] __do_fast_syscall_32+0x127/0x180 [ 1179.306621][T25216] do_fast_syscall_32+0x77/0xd0 [ 1179.306621][T25216] do_SYSENTER_32+0x73/0x90 [ 1179.306621][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.306621][T25216] [ 1179.306621][T25216] Uninit was stored to memory at: [ 1179.306621][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1179.306621][T25216] __msan_chain_origin+0x54/0xa0 [ 1179.306621][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1179.306621][T25216] get_compat_msghdr+0x108/0x2b0 [ 1179.306621][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1179.306621][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1179.306621][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.306621][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.306621][T25216] __do_fast_syscall_32+0x127/0x180 [ 1179.306621][T25216] do_fast_syscall_32+0x77/0xd0 [ 1179.306621][T25216] do_SYSENTER_32+0x73/0x90 [ 1179.306621][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.306621][T25216] [ 1179.306621][T25216] Uninit was stored to memory at: [ 1179.306621][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1179.306621][T25216] __msan_chain_origin+0x54/0xa0 [ 1179.306621][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1179.306621][T25216] get_compat_msghdr+0x108/0x2b0 [ 1179.306621][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1179.306621][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1179.306621][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.306621][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.306621][T25216] __do_fast_syscall_32+0x127/0x180 [ 1179.932580][T25216] do_fast_syscall_32+0x77/0xd0 [ 1179.932580][T25216] do_SYSENTER_32+0x73/0x90 [ 1179.932580][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.932580][T25216] [ 1179.932580][T25216] Uninit was stored to memory at: [ 1179.932580][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1179.932580][T25216] __msan_chain_origin+0x54/0xa0 [ 1179.932580][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1179.932580][T25216] get_compat_msghdr+0x108/0x2b0 [ 1179.932580][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1179.932580][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1179.932580][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1179.932580][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1179.932580][T25216] __do_fast_syscall_32+0x127/0x180 [ 1179.932580][T25216] do_fast_syscall_32+0x77/0xd0 [ 1179.932580][T25216] do_SYSENTER_32+0x73/0x90 [ 1179.932580][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1179.932580][T25216] [ 1179.932580][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1179.932580][T25216] do_recvmmsg+0xbf/0x22d0 [ 1179.932580][T25216] do_recvmmsg+0xbf/0x22d0 [ 1180.239419][T25216] not chained 2210000 origins [ 1180.242219][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1180.252605][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1180.262342][T25216] Call Trace: [ 1180.262342][T25216] dump_stack+0x24c/0x2e0 [ 1180.262342][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1180.272527][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1180.282354][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1180.282354][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1180.294260][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1180.294260][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1180.302430][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1180.302430][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1180.312535][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1180.322349][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1180.322349][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1180.332622][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1180.332622][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1180.342347][T25216] ? _copy_from_user+0x1fd/0x300 [ 1180.342347][T25216] __msan_chain_origin+0x54/0xa0 [ 1180.352867][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1180.352867][T25216] get_compat_msghdr+0x108/0x2b0 [ 1180.362350][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1180.362350][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1180.372516][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1180.372516][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1180.382563][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1180.392566][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1180.392566][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1180.402434][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1180.404286][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1180.412515][T25216] __do_fast_syscall_32+0x127/0x180 [ 1180.412515][T25216] do_fast_syscall_32+0x77/0xd0 [ 1180.422450][T25216] do_SYSENTER_32+0x73/0x90 [ 1180.422450][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1180.433337][T25216] RIP: 0023:0xf7f93549 [ 1180.433337][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1180.452601][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1180.462328][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1180.472515][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1180.482738][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1180.492507][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1180.502323][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1180.502323][T25216] Uninit was stored to memory at: [ 1180.514272][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1180.514272][T25216] __msan_chain_origin+0x54/0xa0 [ 1180.522331][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1180.522331][T25216] get_compat_msghdr+0x108/0x2b0 [ 1180.535686][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1180.535686][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1180.542512][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1180.542512][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1180.552502][T25216] __do_fast_syscall_32+0x127/0x180 [ 1180.562322][T25216] do_fast_syscall_32+0x77/0xd0 [ 1180.562322][T25216] do_SYSENTER_32+0x73/0x90 [ 1180.562322][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1180.574404][T25216] [ 1180.582340][T25216] Uninit was stored to memory at: [ 1180.582340][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1180.592509][T25216] __msan_chain_origin+0x54/0xa0 [ 1180.592509][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1180.602492][T25216] get_compat_msghdr+0x108/0x2b0 [ 1180.602492][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1180.612805][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1180.612805][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1180.624185][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1180.624185][T25216] __do_fast_syscall_32+0x127/0x180 [ 1180.632595][T25216] do_fast_syscall_32+0x77/0xd0 [ 1180.637743][T25216] do_SYSENTER_32+0x73/0x90 [ 1180.642332][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1180.642332][T25216] [ 1180.652504][T25216] Uninit was stored to memory at: [ 1180.652504][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1180.662607][T25216] __msan_chain_origin+0x54/0xa0 [ 1180.662607][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1180.672551][T25216] get_compat_msghdr+0x108/0x2b0 [ 1180.672551][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1180.682349][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1180.682349][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1180.692640][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1180.702352][T25216] __do_fast_syscall_32+0x127/0x180 [ 1180.702352][T25216] do_fast_syscall_32+0x77/0xd0 [ 1180.712528][T25216] do_SYSENTER_32+0x73/0x90 [ 1180.712528][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1180.722497][T25216] [ 1180.722497][T25216] Uninit was stored to memory at: [ 1180.722497][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1180.734263][T25216] __msan_chain_origin+0x54/0xa0 [ 1180.742729][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1180.742729][T25216] get_compat_msghdr+0x108/0x2b0 [ 1180.752600][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1180.752600][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1180.762328][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1180.762328][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1180.772591][T25216] __do_fast_syscall_32+0x127/0x180 [ 1180.772591][T25216] do_fast_syscall_32+0x77/0xd0 [ 1180.782527][T25216] do_SYSENTER_32+0x73/0x90 [ 1180.782527][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1180.792508][T25216] [ 1180.792508][T25216] Uninit was stored to memory at: [ 1180.802329][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1180.802329][T25216] __msan_chain_origin+0x54/0xa0 [ 1180.812591][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1180.812591][T25216] get_compat_msghdr+0x108/0x2b0 [ 1180.822331][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1180.822331][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1180.832508][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1180.832508][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1180.844525][T25216] __do_fast_syscall_32+0x127/0x180 [ 1180.852529][T25216] do_fast_syscall_32+0x77/0xd0 [ 1180.852529][T25216] do_SYSENTER_32+0x73/0x90 [ 1180.862335][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1180.862335][T25216] [ 1180.862335][T25216] Uninit was stored to memory at: [ 1180.872847][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1180.882335][T25216] __msan_chain_origin+0x54/0xa0 [ 1180.882335][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1180.892512][T25216] get_compat_msghdr+0x108/0x2b0 [ 1180.892512][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1180.902557][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1180.902557][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1180.912558][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1180.912558][T25216] __do_fast_syscall_32+0x127/0x180 [ 1180.922388][T25216] do_fast_syscall_32+0x77/0xd0 [ 1180.922388][T25216] do_SYSENTER_32+0x73/0x90 [ 1180.932615][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1180.932615][T25216] [ 1180.932615][T25216] Uninit was stored to memory at: [ 1180.945263][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1180.954386][T25216] __msan_chain_origin+0x54/0xa0 [ 1180.954386][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1180.962524][T25216] get_compat_msghdr+0x108/0x2b0 [ 1180.962524][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1180.972717][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1180.972717][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1180.982391][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1180.992671][T25216] __do_fast_syscall_32+0x127/0x180 [ 1180.992671][T25216] do_fast_syscall_32+0x77/0xd0 [ 1181.002742][T25216] do_SYSENTER_32+0x73/0x90 [ 1181.002742][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1181.012525][T25216] [ 1181.012525][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1181.022516][T25216] do_recvmmsg+0xbf/0x22d0 [ 1181.022516][T25216] do_recvmmsg+0xbf/0x22d0 [ 1181.239294][T25216] not chained 2220000 origins [ 1181.242216][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1181.242216][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1181.242216][T25216] Call Trace: [ 1181.242216][T25216] dump_stack+0x24c/0x2e0 [ 1181.242216][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1181.242216][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1181.242216][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1181.242216][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1181.293069][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1181.293069][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1181.305109][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1181.305109][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1181.312500][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1181.312500][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1181.325126][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1181.332573][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1181.332573][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1181.345251][T25216] ? _copy_from_user+0x1fd/0x300 [ 1181.345251][T25216] __msan_chain_origin+0x54/0xa0 [ 1181.355107][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1181.355107][T25216] get_compat_msghdr+0x108/0x2b0 [ 1181.365119][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1181.365119][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1181.372499][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1181.372499][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1181.385194][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1181.385194][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1181.394527][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1181.394527][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1181.408869][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1181.412604][T25216] __do_fast_syscall_32+0x127/0x180 [ 1181.412604][T25216] do_fast_syscall_32+0x77/0xd0 [ 1181.425134][T25216] do_SYSENTER_32+0x73/0x90 [ 1181.425134][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1181.432565][T25216] RIP: 0023:0xf7f93549 [ 1181.432565][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1181.457034][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1181.465115][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1181.472502][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1181.485189][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1181.492556][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1181.492556][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1181.507204][T25216] Uninit was stored to memory at: [ 1181.512611][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1181.512611][T25216] __msan_chain_origin+0x54/0xa0 [ 1181.525454][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1181.525454][T25216] get_compat_msghdr+0x108/0x2b0 [ 1181.532533][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1181.532533][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1181.545298][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1181.552580][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1181.559505][T25216] __do_fast_syscall_32+0x127/0x180 [ 1181.565116][T25216] do_fast_syscall_32+0x77/0xd0 [ 1181.565116][T25216] do_SYSENTER_32+0x73/0x90 [ 1181.572592][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1181.572592][T25216] [ 1181.572592][T25216] Uninit was stored to memory at: [ 1181.585130][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1181.592492][T25216] __msan_chain_origin+0x54/0xa0 [ 1181.592492][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1181.605194][T25216] get_compat_msghdr+0x108/0x2b0 [ 1181.605194][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1181.614270][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1181.614270][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1181.625109][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1181.632588][T25216] __do_fast_syscall_32+0x127/0x180 [ 1181.632588][T25216] do_fast_syscall_32+0x77/0xd0 [ 1181.632588][T25216] do_SYSENTER_32+0x73/0x90 [ 1181.645135][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1181.652820][T25216] [ 1181.652820][T25216] Uninit was stored to memory at: [ 1181.652820][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1181.665189][T25216] __msan_chain_origin+0x54/0xa0 [ 1181.672499][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1181.672499][T25216] get_compat_msghdr+0x108/0x2b0 [ 1181.672499][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1181.685120][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1181.685120][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1181.692600][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1181.692600][T25216] __do_fast_syscall_32+0x127/0x180 [ 1181.705155][T25216] do_fast_syscall_32+0x77/0xd0 [ 1181.712487][T25216] do_SYSENTER_32+0x73/0x90 [ 1181.712487][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1181.727360][T25216] [ 1181.727360][T25216] Uninit was stored to memory at: [ 1181.732553][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1181.732553][T25216] __msan_chain_origin+0x54/0xa0 [ 1181.745124][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1181.745124][T25216] get_compat_msghdr+0x108/0x2b0 [ 1181.752655][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1181.752655][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1181.752655][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1181.772557][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1181.772557][T25216] __do_fast_syscall_32+0x127/0x180 [ 1181.772557][T25216] do_fast_syscall_32+0x77/0xd0 [ 1181.785553][T25216] do_SYSENTER_32+0x73/0x90 [ 1181.792525][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1181.792525][T25216] [ 1181.792525][T25216] Uninit was stored to memory at: [ 1181.805138][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1181.812597][T25216] __msan_chain_origin+0x54/0xa0 [ 1181.812597][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1181.812597][T25216] get_compat_msghdr+0x108/0x2b0 [ 1181.825133][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1181.825133][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1181.834279][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1181.834279][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1181.845234][T25216] __do_fast_syscall_32+0x127/0x180 [ 1181.852499][T25216] do_fast_syscall_32+0x77/0xd0 [ 1181.852499][T25216] do_SYSENTER_32+0x73/0x90 [ 1181.852499][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1181.868522][T25216] [ 1181.872638][T25216] Uninit was stored to memory at: [ 1181.872638][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1181.885209][T25216] __msan_chain_origin+0x54/0xa0 [ 1181.885209][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1181.892506][T25216] get_compat_msghdr+0x108/0x2b0 [ 1181.892506][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1181.905314][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1181.905314][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1181.912886][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1181.912886][T25216] __do_fast_syscall_32+0x127/0x180 [ 1181.925267][T25216] do_fast_syscall_32+0x77/0xd0 [ 1181.932688][T25216] do_SYSENTER_32+0x73/0x90 [ 1181.932688][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1181.932688][T25216] [ 1181.947102][T25216] Uninit was stored to memory at: [ 1181.952506][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1181.952506][T25216] __msan_chain_origin+0x54/0xa0 [ 1181.952506][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1181.969037][T25216] get_compat_msghdr+0x108/0x2b0 [ 1181.972564][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1181.972564][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1181.985226][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1181.992668][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1181.992668][T25216] __do_fast_syscall_32+0x127/0x180 [ 1182.005199][T25216] do_fast_syscall_32+0x77/0xd0 [ 1182.005199][T25216] do_SYSENTER_32+0x73/0x90 [ 1182.012710][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1182.012710][T25216] [ 1182.025293][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1182.025293][T25216] do_recvmmsg+0xbf/0x22d0 [ 1182.032520][T25216] do_recvmmsg+0xbf/0x22d0 [ 1182.306623][T25216] not chained 2230000 origins [ 1182.311756][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1182.312205][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1182.332679][T25216] Call Trace: [ 1182.332679][T25216] dump_stack+0x24c/0x2e0 [ 1182.332679][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1182.332679][T25216] ? do_user_addr_fault+0x1912/0x2650 [ 1182.332679][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1182.332679][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1182.332679][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1182.332679][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1182.332679][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1182.332679][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1182.332679][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1182.332679][T25216] ? _copy_from_user+0x1fd/0x300 [ 1182.332679][T25216] __msan_chain_origin+0x54/0xa0 [ 1182.332679][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1182.332679][T25216] get_compat_msghdr+0x108/0x2b0 [ 1182.332679][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1182.332679][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1182.332679][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1182.332679][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1182.332679][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1182.332679][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1182.332679][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1182.332679][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1182.332679][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1182.332679][T25216] __do_fast_syscall_32+0x127/0x180 [ 1182.332679][T25216] do_fast_syscall_32+0x77/0xd0 [ 1182.332679][T25216] do_SYSENTER_32+0x73/0x90 [ 1182.332679][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1182.332679][T25216] RIP: 0023:0xf7f93549 [ 1182.332679][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1182.332679][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1182.332679][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1182.332679][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1182.332679][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1182.332679][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1182.332679][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1182.332679][T25216] Uninit was stored to memory at: [ 1182.332679][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1182.332679][T25216] __msan_chain_origin+0x54/0xa0 [ 1182.332679][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1182.332679][T25216] get_compat_msghdr+0x108/0x2b0 [ 1182.332679][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1182.332679][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1182.332679][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1182.332679][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1182.332679][T25216] __do_fast_syscall_32+0x127/0x180 [ 1182.332679][T25216] do_fast_syscall_32+0x77/0xd0 [ 1182.332679][T25216] do_SYSENTER_32+0x73/0x90 [ 1182.332679][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1182.332679][T25216] [ 1182.332679][T25216] Uninit was stored to memory at: [ 1182.332679][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1182.332679][T25216] __msan_chain_origin+0x54/0xa0 [ 1182.332679][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1182.332679][T25216] get_compat_msghdr+0x108/0x2b0 [ 1182.332679][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1182.332679][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1182.332679][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1182.332679][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1182.332679][T25216] __do_fast_syscall_32+0x127/0x180 [ 1182.332679][T25216] do_fast_syscall_32+0x77/0xd0 [ 1182.332679][T25216] do_SYSENTER_32+0x73/0x90 [ 1182.332679][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1182.332679][T25216] [ 1182.332679][T25216] Uninit was stored to memory at: [ 1182.332679][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1182.332679][T25216] __msan_chain_origin+0x54/0xa0 [ 1182.332679][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1182.332679][T25216] get_compat_msghdr+0x108/0x2b0 [ 1182.332679][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1182.332679][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1182.332679][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1182.332679][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1182.332679][T25216] __do_fast_syscall_32+0x127/0x180 [ 1182.332679][T25216] do_fast_syscall_32+0x77/0xd0 [ 1182.332679][T25216] do_SYSENTER_32+0x73/0x90 [ 1182.332679][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1182.332679][T25216] [ 1182.332679][T25216] Uninit was stored to memory at: [ 1182.332679][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1182.332679][T25216] __msan_chain_origin+0x54/0xa0 [ 1182.332679][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1182.332679][T25216] get_compat_msghdr+0x108/0x2b0 [ 1182.332679][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1182.332679][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1182.332679][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1182.332679][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1182.332679][T25216] __do_fast_syscall_32+0x127/0x180 [ 1182.332679][T25216] do_fast_syscall_32+0x77/0xd0 [ 1182.332679][T25216] do_SYSENTER_32+0x73/0x90 [ 1182.332679][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1182.332679][T25216] [ 1182.332679][T25216] Uninit was stored to memory at: [ 1182.332679][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1182.332679][T25216] __msan_chain_origin+0x54/0xa0 [ 1182.332679][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1182.332679][T25216] get_compat_msghdr+0x108/0x2b0 [ 1182.332679][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1182.332679][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1182.332679][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1182.332679][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1182.332679][T25216] __do_fast_syscall_32+0x127/0x180 [ 1182.332679][T25216] do_fast_syscall_32+0x77/0xd0 [ 1182.332679][T25216] do_SYSENTER_32+0x73/0x90 [ 1182.332679][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1182.332679][T25216] [ 1182.332679][T25216] Uninit was stored to memory at: [ 1182.332679][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1182.332679][T25216] __msan_chain_origin+0x54/0xa0 [ 1182.332679][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1182.332679][T25216] get_compat_msghdr+0x108/0x2b0 [ 1182.332679][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1182.332679][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1182.332679][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1182.332679][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1182.332679][T25216] __do_fast_syscall_32+0x127/0x180 [ 1182.332679][T25216] do_fast_syscall_32+0x77/0xd0 [ 1182.332679][T25216] do_SYSENTER_32+0x73/0x90 [ 1182.332679][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1182.332679][T25216] [ 1182.332679][T25216] Uninit was stored to memory at: [ 1182.332679][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1182.332679][T25216] __msan_chain_origin+0x54/0xa0 [ 1182.332679][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1182.332679][T25216] get_compat_msghdr+0x108/0x2b0 [ 1182.332679][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1182.332679][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1182.332679][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1182.332679][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1182.332679][T25216] __do_fast_syscall_32+0x127/0x180 [ 1182.332679][T25216] do_fast_syscall_32+0x77/0xd0 [ 1182.332679][T25216] do_SYSENTER_32+0x73/0x90 [ 1182.332679][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1182.332679][T25216] [ 1182.332679][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1182.332679][T25216] do_recvmmsg+0xbf/0x22d0 [ 1182.332679][T25216] do_recvmmsg+0xbf/0x22d0 [ 1183.290858][T25216] not chained 2240000 origins [ 1183.292448][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1183.292448][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1183.311976][T25216] Call Trace: [ 1183.311976][T25216] dump_stack+0x24c/0x2e0 [ 1183.311976][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1183.311976][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1183.311976][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1183.311976][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1183.311976][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1183.311976][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1183.311976][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1183.311976][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1183.311976][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1183.311976][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1183.311976][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1183.311976][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1183.311976][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1183.311976][T25216] ? _copy_from_user+0x1fd/0x300 [ 1183.311976][T25216] __msan_chain_origin+0x54/0xa0 [ 1183.311976][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1183.311976][T25216] get_compat_msghdr+0x108/0x2b0 [ 1183.311976][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1183.311976][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1183.311976][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1183.311976][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1183.311976][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1183.311976][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1183.311976][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1183.311976][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1183.311976][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1183.311976][T25216] __do_fast_syscall_32+0x127/0x180 [ 1183.311976][T25216] do_fast_syscall_32+0x77/0xd0 [ 1183.311976][T25216] do_SYSENTER_32+0x73/0x90 [ 1183.311976][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1183.311976][T25216] RIP: 0023:0xf7f93549 [ 1183.311976][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1183.311976][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1183.311976][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1183.311976][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1183.311976][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1183.311976][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1183.311976][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1183.311976][T25216] Uninit was stored to memory at: [ 1183.311976][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1183.311976][T25216] __msan_chain_origin+0x54/0xa0 [ 1183.311976][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1183.311976][T25216] get_compat_msghdr+0x108/0x2b0 [ 1183.311976][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1183.311976][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1183.311976][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1183.311976][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1183.311976][T25216] __do_fast_syscall_32+0x127/0x180 [ 1183.311976][T25216] do_fast_syscall_32+0x77/0xd0 [ 1183.311976][T25216] do_SYSENTER_32+0x73/0x90 [ 1183.311976][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1183.311976][T25216] [ 1183.311976][T25216] Uninit was stored to memory at: [ 1183.311976][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1183.311976][T25216] __msan_chain_origin+0x54/0xa0 [ 1183.311976][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1183.311976][T25216] get_compat_msghdr+0x108/0x2b0 [ 1183.311976][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1183.311976][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1183.311976][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1183.311976][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1183.311976][T25216] __do_fast_syscall_32+0x127/0x180 [ 1183.311976][T25216] do_fast_syscall_32+0x77/0xd0 [ 1183.311976][T25216] do_SYSENTER_32+0x73/0x90 [ 1183.311976][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1183.311976][T25216] [ 1183.311976][T25216] Uninit was stored to memory at: [ 1183.311976][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1183.311976][T25216] __msan_chain_origin+0x54/0xa0 [ 1183.311976][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1183.311976][T25216] get_compat_msghdr+0x108/0x2b0 [ 1183.311976][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1183.311976][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1183.311976][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1183.311976][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1183.311976][T25216] __do_fast_syscall_32+0x127/0x180 [ 1183.311976][T25216] do_fast_syscall_32+0x77/0xd0 [ 1183.311976][T25216] do_SYSENTER_32+0x73/0x90 [ 1183.311976][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1183.311976][T25216] [ 1183.311976][T25216] Uninit was stored to memory at: [ 1183.311976][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1183.311976][T25216] __msan_chain_origin+0x54/0xa0 [ 1183.311976][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1183.311976][T25216] get_compat_msghdr+0x108/0x2b0 [ 1183.311976][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1183.311976][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1183.311976][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1183.311976][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1183.311976][T25216] __do_fast_syscall_32+0x127/0x180 [ 1183.311976][T25216] do_fast_syscall_32+0x77/0xd0 [ 1183.311976][T25216] do_SYSENTER_32+0x73/0x90 [ 1183.311976][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1183.311976][T25216] [ 1183.311976][T25216] Uninit was stored to memory at: [ 1183.311976][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1183.311976][T25216] __msan_chain_origin+0x54/0xa0 [ 1183.311976][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1183.311976][T25216] get_compat_msghdr+0x108/0x2b0 [ 1183.311976][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1183.311976][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1183.311976][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1183.311976][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1183.311976][T25216] __do_fast_syscall_32+0x127/0x180 [ 1183.311976][T25216] do_fast_syscall_32+0x77/0xd0 [ 1183.311976][T25216] do_SYSENTER_32+0x73/0x90 [ 1183.311976][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1183.311976][T25216] [ 1183.311976][T25216] Uninit was stored to memory at: [ 1183.311976][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1183.932502][T25216] __msan_chain_origin+0x54/0xa0 [ 1183.932502][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1183.932502][T25216] get_compat_msghdr+0x108/0x2b0 [ 1183.932502][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1183.932502][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1183.932502][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1183.932502][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1183.932502][T25216] __do_fast_syscall_32+0x127/0x180 [ 1183.932502][T25216] do_fast_syscall_32+0x77/0xd0 [ 1183.932502][T25216] do_SYSENTER_32+0x73/0x90 [ 1183.932502][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1183.932502][T25216] [ 1183.932502][T25216] Uninit was stored to memory at: [ 1183.932502][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1183.932502][T25216] __msan_chain_origin+0x54/0xa0 [ 1183.932502][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1183.932502][T25216] get_compat_msghdr+0x108/0x2b0 [ 1183.932502][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1183.932502][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1183.932502][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1183.932502][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1183.932502][T25216] __do_fast_syscall_32+0x127/0x180 [ 1183.932502][T25216] do_fast_syscall_32+0x77/0xd0 [ 1183.932502][T25216] do_SYSENTER_32+0x73/0x90 [ 1183.932502][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1183.932502][T25216] [ 1183.932502][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1183.932502][T25216] do_recvmmsg+0xbf/0x22d0 [ 1183.932502][T25216] do_recvmmsg+0xbf/0x22d0 [ 1184.281564][T25216] not chained 2250000 origins [ 1184.282319][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1184.291271][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1184.291271][T25216] Call Trace: [ 1184.291271][T25216] dump_stack+0x24c/0x2e0 [ 1184.291271][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1184.291271][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1184.291271][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1184.291271][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1184.332548][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1184.332548][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1184.332548][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1184.332548][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1184.332548][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1184.332548][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1184.332548][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1184.332548][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1184.332548][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1184.332548][T25216] ? _copy_from_user+0x1fd/0x300 [ 1184.332548][T25216] __msan_chain_origin+0x54/0xa0 [ 1184.332548][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1184.332548][T25216] get_compat_msghdr+0x108/0x2b0 [ 1184.332548][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1184.332548][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1184.415622][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1184.415622][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1184.432351][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1184.432351][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1184.432351][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1184.445217][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1184.452513][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1184.452513][T25216] __do_fast_syscall_32+0x127/0x180 [ 1184.465294][T25216] do_fast_syscall_32+0x77/0xd0 [ 1184.465294][T25216] do_SYSENTER_32+0x73/0x90 [ 1184.472375][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1184.472375][T25216] RIP: 0023:0xf7f93549 [ 1184.472375][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1184.505250][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1184.512354][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1184.512354][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1184.529155][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1184.532354][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1184.545202][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1184.552511][T25216] Uninit was stored to memory at: [ 1184.552511][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1184.565379][T25216] __msan_chain_origin+0x54/0xa0 [ 1184.565379][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1184.572358][T25216] get_compat_msghdr+0x108/0x2b0 [ 1184.572358][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1184.585267][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1184.585267][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1184.594187][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1184.600123][T25216] __do_fast_syscall_32+0x127/0x180 [ 1184.605164][T25216] do_fast_syscall_32+0x77/0xd0 [ 1184.612692][T25216] do_SYSENTER_32+0x73/0x90 [ 1184.612692][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1184.612692][T25216] [ 1184.625201][T25216] Uninit was stored to memory at: [ 1184.625201][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1184.632343][T25216] __msan_chain_origin+0x54/0xa0 [ 1184.632343][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1184.645937][T25216] get_compat_msghdr+0x108/0x2b0 [ 1184.645937][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1184.652724][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1184.652724][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1184.665179][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1184.672566][T25216] __do_fast_syscall_32+0x127/0x180 [ 1184.672566][T25216] do_fast_syscall_32+0x77/0xd0 [ 1184.672566][T25216] do_SYSENTER_32+0x73/0x90 [ 1184.685310][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1184.692419][T25216] [ 1184.692419][T25216] Uninit was stored to memory at: [ 1184.692419][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1184.707061][T25216] __msan_chain_origin+0x54/0xa0 [ 1184.712362][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1184.712362][T25216] get_compat_msghdr+0x108/0x2b0 [ 1184.712362][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1184.725253][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1184.725253][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1184.734250][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1184.745241][T25216] __do_fast_syscall_32+0x127/0x180 [ 1184.752497][T25216] do_fast_syscall_32+0x77/0xd0 [ 1184.752497][T25216] do_SYSENTER_32+0x73/0x90 [ 1184.765404][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1184.772427][T25216] [ 1184.772427][T25216] Uninit was stored to memory at: [ 1184.772427][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1184.785823][T25216] __msan_chain_origin+0x54/0xa0 [ 1184.785823][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1184.792653][T25216] get_compat_msghdr+0x108/0x2b0 [ 1184.792653][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1184.805198][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1184.805198][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1184.814221][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1184.825602][T25216] __do_fast_syscall_32+0x127/0x180 [ 1184.832419][T25216] do_fast_syscall_32+0x77/0xd0 [ 1184.836307][T25216] do_SYSENTER_32+0x73/0x90 [ 1184.836307][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1184.845305][T25216] [ 1184.845305][T25216] Uninit was stored to memory at: [ 1184.855368][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1184.855368][T25216] __msan_chain_origin+0x54/0xa0 [ 1184.865493][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1184.872372][T25216] get_compat_msghdr+0x108/0x2b0 [ 1184.872372][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1184.872372][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1184.885421][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1184.892419][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1184.892419][T25216] __do_fast_syscall_32+0x127/0x180 [ 1184.905349][T25216] do_fast_syscall_32+0x77/0xd0 [ 1184.912870][T25216] do_SYSENTER_32+0x73/0x90 [ 1184.912870][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1184.912870][T25216] [ 1184.912870][T25216] Uninit was stored to memory at: [ 1184.927063][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1184.932420][T25216] __msan_chain_origin+0x54/0xa0 [ 1184.939076][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1184.945867][T25216] get_compat_msghdr+0x108/0x2b0 [ 1184.952376][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1184.952376][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1184.952376][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1184.965236][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1184.972674][T25216] __do_fast_syscall_32+0x127/0x180 [ 1184.972674][T25216] do_fast_syscall_32+0x77/0xd0 [ 1184.985524][T25216] do_SYSENTER_32+0x73/0x90 [ 1184.992414][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1184.992414][T25216] [ 1184.992414][T25216] Uninit was stored to memory at: [ 1185.005549][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1185.012377][T25216] __msan_chain_origin+0x54/0xa0 [ 1185.012377][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1185.012377][T25216] get_compat_msghdr+0x108/0x2b0 [ 1185.025240][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1185.025240][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1185.034246][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1185.041100][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1185.045518][T25216] __do_fast_syscall_32+0x127/0x180 [ 1185.053780][T25216] do_fast_syscall_32+0x77/0xd0 [ 1185.053780][T25216] do_SYSENTER_32+0x73/0x90 [ 1185.065390][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1185.072436][T25216] [ 1185.072436][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1185.072436][T25216] do_recvmmsg+0xbf/0x22d0 [ 1185.085318][T25216] do_recvmmsg+0xbf/0x22d0 [ 1185.287819][T25216] not chained 2260000 origins [ 1185.292327][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1185.292327][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1185.306139][T25216] Call Trace: [ 1185.312185][T25216] dump_stack+0x24c/0x2e0 [ 1185.312185][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1185.312185][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1185.312185][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1185.312185][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1185.312185][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1185.312185][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1185.312185][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1185.312185][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1185.312185][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1185.312185][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1185.312185][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1185.312185][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1185.312185][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1185.312185][T25216] ? _copy_from_user+0x1fd/0x300 [ 1185.312185][T25216] __msan_chain_origin+0x54/0xa0 [ 1185.312185][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1185.312185][T25216] get_compat_msghdr+0x108/0x2b0 [ 1185.312185][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1185.312185][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1185.312185][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1185.312185][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1185.312185][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1185.312185][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1185.312185][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1185.312185][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1185.312185][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1185.312185][T25216] __do_fast_syscall_32+0x127/0x180 [ 1185.312185][T25216] do_fast_syscall_32+0x77/0xd0 [ 1185.312185][T25216] do_SYSENTER_32+0x73/0x90 [ 1185.312185][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1185.312185][T25216] RIP: 0023:0xf7f93549 [ 1185.312185][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1185.312185][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1185.312185][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1185.312185][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1185.312185][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1185.312185][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1185.312185][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1185.312185][T25216] Uninit was stored to memory at: [ 1185.312185][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1185.312185][T25216] __msan_chain_origin+0x54/0xa0 [ 1185.312185][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1185.312185][T25216] get_compat_msghdr+0x108/0x2b0 [ 1185.312185][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1185.312185][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1185.312185][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1185.312185][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1185.312185][T25216] __do_fast_syscall_32+0x127/0x180 [ 1185.312185][T25216] do_fast_syscall_32+0x77/0xd0 [ 1185.312185][T25216] do_SYSENTER_32+0x73/0x90 [ 1185.312185][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1185.312185][T25216] [ 1185.312185][T25216] Uninit was stored to memory at: [ 1185.312185][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1185.312185][T25216] __msan_chain_origin+0x54/0xa0 [ 1185.312185][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1185.312185][T25216] get_compat_msghdr+0x108/0x2b0 [ 1185.312185][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1185.312185][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1185.312185][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1185.312185][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1185.312185][T25216] __do_fast_syscall_32+0x127/0x180 [ 1185.312185][T25216] do_fast_syscall_32+0x77/0xd0 [ 1185.312185][T25216] do_SYSENTER_32+0x73/0x90 [ 1185.312185][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1185.312185][T25216] [ 1185.312185][T25216] Uninit was stored to memory at: [ 1185.312185][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1185.312185][T25216] __msan_chain_origin+0x54/0xa0 [ 1185.312185][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1185.312185][T25216] get_compat_msghdr+0x108/0x2b0 [ 1185.312185][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1185.312185][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1185.312185][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1185.312185][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1185.312185][T25216] __do_fast_syscall_32+0x127/0x180 [ 1185.312185][T25216] do_fast_syscall_32+0x77/0xd0 [ 1185.312185][T25216] do_SYSENTER_32+0x73/0x90 [ 1185.312185][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1185.312185][T25216] [ 1185.312185][T25216] Uninit was stored to memory at: [ 1185.312185][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1185.312185][T25216] __msan_chain_origin+0x54/0xa0 [ 1185.312185][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1185.312185][T25216] get_compat_msghdr+0x108/0x2b0 [ 1185.312185][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1185.312185][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1185.312185][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1185.312185][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1185.312185][T25216] __do_fast_syscall_32+0x127/0x180 [ 1185.312185][T25216] do_fast_syscall_32+0x77/0xd0 [ 1185.312185][T25216] do_SYSENTER_32+0x73/0x90 [ 1185.312185][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1185.312185][T25216] [ 1185.312185][T25216] Uninit was stored to memory at: [ 1185.312185][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1185.312185][T25216] __msan_chain_origin+0x54/0xa0 [ 1185.312185][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1185.312185][T25216] get_compat_msghdr+0x108/0x2b0 [ 1185.312185][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1185.312185][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1185.312185][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1185.312185][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1185.312185][T25216] __do_fast_syscall_32+0x127/0x180 [ 1185.312185][T25216] do_fast_syscall_32+0x77/0xd0 [ 1185.312185][T25216] do_SYSENTER_32+0x73/0x90 [ 1185.312185][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1185.312185][T25216] [ 1185.312185][T25216] Uninit was stored to memory at: [ 1185.312185][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1185.312185][T25216] __msan_chain_origin+0x54/0xa0 [ 1185.932534][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1185.932534][T25216] get_compat_msghdr+0x108/0x2b0 [ 1185.932534][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1185.932534][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1185.932534][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1185.932534][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1185.932534][T25216] __do_fast_syscall_32+0x127/0x180 [ 1185.932534][T25216] do_fast_syscall_32+0x77/0xd0 [ 1185.932534][T25216] do_SYSENTER_32+0x73/0x90 [ 1185.932534][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1185.932534][T25216] [ 1185.932534][T25216] Uninit was stored to memory at: [ 1185.932534][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1185.932534][T25216] __msan_chain_origin+0x54/0xa0 [ 1185.932534][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1185.932534][T25216] get_compat_msghdr+0x108/0x2b0 [ 1185.932534][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1185.932534][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1185.932534][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1185.932534][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1185.932534][T25216] __do_fast_syscall_32+0x127/0x180 [ 1185.932534][T25216] do_fast_syscall_32+0x77/0xd0 [ 1185.932534][T25216] do_SYSENTER_32+0x73/0x90 [ 1185.932534][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1185.932534][T25216] [ 1185.932534][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1185.932534][T25216] do_recvmmsg+0xbf/0x22d0 [ 1185.932534][T25216] do_recvmmsg+0xbf/0x22d0 [ 1186.103124][ T3132] ieee802154 phy0 wpan0: encryption failed: -22 [ 1186.109613][ T3132] ieee802154 phy1 wpan1: encryption failed: -22 [ 1186.290192][T25216] not chained 2270000 origins [ 1186.292220][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1186.292220][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1186.292220][T25216] Call Trace: [ 1186.292220][T25216] dump_stack+0x24c/0x2e0 [ 1186.292220][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1186.292220][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1186.292220][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1186.292220][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1186.342460][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1186.342460][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1186.342460][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1186.342460][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1186.342460][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1186.342460][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1186.342460][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1186.342460][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1186.342460][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1186.342460][T25216] ? _copy_from_user+0x1fd/0x300 [ 1186.342460][T25216] __msan_chain_origin+0x54/0xa0 [ 1186.342460][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1186.342460][T25216] get_compat_msghdr+0x108/0x2b0 [ 1186.342460][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1186.342460][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1186.342460][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1186.342460][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1186.342460][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1186.342460][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1186.342460][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1186.342460][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1186.342460][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1186.342460][T25216] __do_fast_syscall_32+0x127/0x180 [ 1186.342460][T25216] do_fast_syscall_32+0x77/0xd0 [ 1186.342460][T25216] do_SYSENTER_32+0x73/0x90 [ 1186.342460][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1186.342460][T25216] RIP: 0023:0xf7f93549 [ 1186.342460][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1186.342460][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1186.342460][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1186.342460][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1186.342460][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1186.342460][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1186.342460][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1186.342460][T25216] Uninit was stored to memory at: [ 1186.342460][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1186.342460][T25216] __msan_chain_origin+0x54/0xa0 [ 1186.342460][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1186.342460][T25216] get_compat_msghdr+0x108/0x2b0 [ 1186.342460][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1186.342460][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1186.342460][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1186.342460][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1186.342460][T25216] __do_fast_syscall_32+0x127/0x180 [ 1186.342460][T25216] do_fast_syscall_32+0x77/0xd0 [ 1186.342460][T25216] do_SYSENTER_32+0x73/0x90 [ 1186.342460][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1186.342460][T25216] [ 1186.342460][T25216] Uninit was stored to memory at: [ 1186.342460][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1186.342460][T25216] __msan_chain_origin+0x54/0xa0 [ 1186.342460][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1186.342460][T25216] get_compat_msghdr+0x108/0x2b0 [ 1186.342460][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1186.342460][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1186.342460][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1186.342460][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1186.342460][T25216] __do_fast_syscall_32+0x127/0x180 [ 1186.342460][T25216] do_fast_syscall_32+0x77/0xd0 [ 1186.342460][T25216] do_SYSENTER_32+0x73/0x90 [ 1186.342460][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1186.342460][T25216] [ 1186.342460][T25216] Uninit was stored to memory at: [ 1186.342460][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1186.342460][T25216] __msan_chain_origin+0x54/0xa0 [ 1186.342460][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1186.342460][T25216] get_compat_msghdr+0x108/0x2b0 [ 1186.342460][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1186.342460][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1186.342460][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1186.342460][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1186.342460][T25216] __do_fast_syscall_32+0x127/0x180 [ 1186.342460][T25216] do_fast_syscall_32+0x77/0xd0 [ 1186.342460][T25216] do_SYSENTER_32+0x73/0x90 [ 1186.342460][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1186.342460][T25216] [ 1186.342460][T25216] Uninit was stored to memory at: [ 1186.342460][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1186.342460][T25216] __msan_chain_origin+0x54/0xa0 [ 1186.342460][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1186.342460][T25216] get_compat_msghdr+0x108/0x2b0 [ 1186.342460][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1186.342460][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1186.342460][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1186.342460][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1186.342460][T25216] __do_fast_syscall_32+0x127/0x180 [ 1186.342460][T25216] do_fast_syscall_32+0x77/0xd0 [ 1186.342460][T25216] do_SYSENTER_32+0x73/0x90 [ 1186.342460][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1186.342460][T25216] [ 1186.342460][T25216] Uninit was stored to memory at: [ 1186.342460][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1186.342460][T25216] __msan_chain_origin+0x54/0xa0 [ 1186.342460][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1186.342460][T25216] get_compat_msghdr+0x108/0x2b0 [ 1186.342460][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1186.342460][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1186.342460][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1186.342460][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1186.342460][T25216] __do_fast_syscall_32+0x127/0x180 [ 1186.342460][T25216] do_fast_syscall_32+0x77/0xd0 [ 1186.342460][T25216] do_SYSENTER_32+0x73/0x90 [ 1186.342460][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1186.342460][T25216] [ 1186.342460][T25216] Uninit was stored to memory at: [ 1186.342460][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1186.342460][T25216] __msan_chain_origin+0x54/0xa0 [ 1186.342460][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1186.342460][T25216] get_compat_msghdr+0x108/0x2b0 [ 1186.342460][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1186.342460][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1186.342460][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1186.342460][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1186.342460][T25216] __do_fast_syscall_32+0x127/0x180 [ 1186.342460][T25216] do_fast_syscall_32+0x77/0xd0 [ 1186.342460][T25216] do_SYSENTER_32+0x73/0x90 [ 1186.342460][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1186.342460][T25216] [ 1186.342460][T25216] Uninit was stored to memory at: [ 1186.342460][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1186.342460][T25216] __msan_chain_origin+0x54/0xa0 [ 1186.342460][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1186.342460][T25216] get_compat_msghdr+0x108/0x2b0 [ 1186.342460][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1186.342460][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1186.342460][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1186.342460][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1186.342460][T25216] __do_fast_syscall_32+0x127/0x180 [ 1186.342460][T25216] do_fast_syscall_32+0x77/0xd0 [ 1186.342460][T25216] do_SYSENTER_32+0x73/0x90 [ 1186.342460][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1186.342460][T25216] [ 1186.342460][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1186.342460][T25216] do_recvmmsg+0xbf/0x22d0 [ 1186.342460][T25216] do_recvmmsg+0xbf/0x22d0 [ 1187.289772][T25216] not chained 2280000 origins [ 1187.292222][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1187.303218][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1187.311074][T25216] Call Trace: [ 1187.314311][T25216] dump_stack+0x24c/0x2e0 [ 1187.314311][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1187.323627][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1187.334498][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1187.334498][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1187.345832][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1187.345832][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1187.354642][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1187.363483][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1187.363483][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1187.363483][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1187.380152][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1187.383498][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1187.383498][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1187.397678][T25216] ? _copy_from_user+0x1fd/0x300 [ 1187.403759][T25216] __msan_chain_origin+0x54/0xa0 [ 1187.408850][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1187.414238][T25216] get_compat_msghdr+0x108/0x2b0 [ 1187.414238][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1187.423561][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1187.423561][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1187.434365][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1187.434365][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1187.443544][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1187.443544][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1187.443544][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1187.460179][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1187.463437][T25216] __do_fast_syscall_32+0x127/0x180 [ 1187.474241][T25216] do_fast_syscall_32+0x77/0xd0 [ 1187.474241][T25216] do_SYSENTER_32+0x73/0x90 [ 1187.483449][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1187.483449][T25216] RIP: 0023:0xf7f93549 [ 1187.494241][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1187.514221][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1187.523687][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1187.523687][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1187.534798][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1187.543448][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1187.554497][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1187.565361][T25216] Uninit was stored to memory at: [ 1187.565361][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1187.574279][T25216] __msan_chain_origin+0x54/0xa0 [ 1187.574279][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1187.583619][T25216] get_compat_msghdr+0x108/0x2b0 [ 1187.583619][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1187.595622][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1187.601079][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1187.603480][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1187.614441][T25216] __do_fast_syscall_32+0x127/0x180 [ 1187.614441][T25216] do_fast_syscall_32+0x77/0xd0 [ 1187.623520][T25216] do_SYSENTER_32+0x73/0x90 [ 1187.623520][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1187.634354][T25216] [ 1187.634354][T25216] Uninit was stored to memory at: [ 1187.643627][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1187.643627][T25216] __msan_chain_origin+0x54/0xa0 [ 1187.654273][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1187.654273][T25216] get_compat_msghdr+0x108/0x2b0 [ 1187.663753][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1187.663753][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1187.676293][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1187.676293][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1187.683454][T25216] __do_fast_syscall_32+0x127/0x180 [ 1187.694255][T25216] do_fast_syscall_32+0x77/0xd0 [ 1187.694255][T25216] do_SYSENTER_32+0x73/0x90 [ 1187.694255][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1187.705404][T25216] [ 1187.705404][T25216] Uninit was stored to memory at: [ 1187.714287][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1187.723443][T25216] __msan_chain_origin+0x54/0xa0 [ 1187.723443][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1187.734322][T25216] get_compat_msghdr+0x108/0x2b0 [ 1187.734322][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1187.743482][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1187.743482][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1187.754313][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1187.754313][T25216] __do_fast_syscall_32+0x127/0x180 [ 1187.763624][T25216] do_fast_syscall_32+0x77/0xd0 [ 1187.763624][T25216] do_SYSENTER_32+0x73/0x90 [ 1187.774293][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1187.774293][T25216] [ 1187.785283][T25216] Uninit was stored to memory at: [ 1187.785283][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1187.794640][T25216] __msan_chain_origin+0x54/0xa0 [ 1187.794640][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1187.806626][T25216] get_compat_msghdr+0x108/0x2b0 [ 1187.806626][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1187.814246][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1187.814246][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1187.823667][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1187.823667][T25216] __do_fast_syscall_32+0x127/0x180 [ 1187.834448][T25216] do_fast_syscall_32+0x77/0xd0 [ 1187.843447][T25216] do_SYSENTER_32+0x73/0x90 [ 1187.843447][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1187.855181][T25216] [ 1187.855181][T25216] Uninit was stored to memory at: [ 1187.855181][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1187.863449][T25216] __msan_chain_origin+0x54/0xa0 [ 1187.863449][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1187.874242][T25216] get_compat_msghdr+0x108/0x2b0 [ 1187.883516][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1187.883516][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1187.883516][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1187.896011][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1187.903434][T25216] __do_fast_syscall_32+0x127/0x180 [ 1187.908383][T25216] do_fast_syscall_32+0x77/0xd0 [ 1187.914406][T25216] do_SYSENTER_32+0x73/0x90 [ 1187.914406][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1187.923748][T25216] [ 1187.923748][T25216] Uninit was stored to memory at: [ 1187.932490][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1187.934394][T25216] __msan_chain_origin+0x54/0xa0 [ 1187.943522][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1187.943522][T25216] get_compat_msghdr+0x108/0x2b0 [ 1187.954250][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1187.954250][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1187.963442][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1187.963442][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1187.974336][T25216] __do_fast_syscall_32+0x127/0x180 [ 1187.974336][T25216] do_fast_syscall_32+0x77/0xd0 [ 1187.983438][T25216] do_SYSENTER_32+0x73/0x90 [ 1187.983438][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1187.994212][T25216] [ 1187.994212][T25216] Uninit was stored to memory at: [ 1188.005219][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1188.010622][T25216] __msan_chain_origin+0x54/0xa0 [ 1188.014368][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1188.014368][T25216] get_compat_msghdr+0x108/0x2b0 [ 1188.023429][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1188.023429][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1188.034313][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1188.034313][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1188.043567][T25216] __do_fast_syscall_32+0x127/0x180 [ 1188.043567][T25216] do_fast_syscall_32+0x77/0xd0 [ 1188.054676][T25216] do_SYSENTER_32+0x73/0x90 [ 1188.054676][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1188.063538][T25216] [ 1188.063538][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1188.074245][T25216] do_recvmmsg+0xbf/0x22d0 [ 1188.074245][T25216] do_recvmmsg+0xbf/0x22d0 [ 1188.321734][T25216] not chained 2290000 origins [ 1188.322351][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1188.333250][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1188.346559][T25216] Call Trace: [ 1188.346559][T25216] dump_stack+0x24c/0x2e0 [ 1188.352937][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1188.352937][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1188.365346][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1188.365346][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1188.373112][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1188.373112][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1188.384861][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1188.392931][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1188.392931][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1188.404954][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1188.408860][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1188.408860][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1188.424744][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1188.424744][T25216] ? _copy_from_user+0x1fd/0x300 [ 1188.432930][T25216] __msan_chain_origin+0x54/0xa0 [ 1188.432930][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1188.445104][T25216] get_compat_msghdr+0x108/0x2b0 [ 1188.445104][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1188.445104][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1188.454775][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1188.464805][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1188.464805][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1188.473044][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1188.473044][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1188.484897][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1188.484897][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1188.497003][T25216] __do_fast_syscall_32+0x127/0x180 [ 1188.497003][T25216] do_fast_syscall_32+0x77/0xd0 [ 1188.504885][T25216] do_SYSENTER_32+0x73/0x90 [ 1188.504885][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1188.513009][T25216] RIP: 0023:0xf7f93549 [ 1188.513009][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1188.533041][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1188.544762][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1188.552919][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1188.566538][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1188.573434][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1188.573434][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1188.584773][T25216] Uninit was stored to memory at: [ 1188.593001][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1188.593001][T25216] __msan_chain_origin+0x54/0xa0 [ 1188.604748][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1188.612907][T25216] get_compat_msghdr+0x108/0x2b0 [ 1188.612907][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1188.612907][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1188.627682][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1188.632911][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1188.632911][T25216] __do_fast_syscall_32+0x127/0x180 [ 1188.644748][T25216] do_fast_syscall_32+0x77/0xd0 [ 1188.644748][T25216] do_SYSENTER_32+0x73/0x90 [ 1188.653030][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1188.653030][T25216] [ 1188.664767][T25216] Uninit was stored to memory at: [ 1188.664767][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1188.674670][T25216] __msan_chain_origin+0x54/0xa0 [ 1188.674670][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1188.684842][T25216] get_compat_msghdr+0x108/0x2b0 [ 1188.684842][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1188.693113][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1188.693113][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1188.705181][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1188.713038][T25216] __do_fast_syscall_32+0x127/0x180 [ 1188.713038][T25216] do_fast_syscall_32+0x77/0xd0 [ 1188.713038][T25216] do_SYSENTER_32+0x73/0x90 [ 1188.713038][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1188.732905][T25216] [ 1188.732905][T25216] Uninit was stored to memory at: [ 1188.732905][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1188.744832][T25216] __msan_chain_origin+0x54/0xa0 [ 1188.752930][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1188.752930][T25216] get_compat_msghdr+0x108/0x2b0 [ 1188.752930][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1188.764761][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1188.773019][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1188.773019][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1188.773019][T25216] __do_fast_syscall_32+0x127/0x180 [ 1188.786614][T25216] do_fast_syscall_32+0x77/0xd0 [ 1188.792949][T25216] do_SYSENTER_32+0x73/0x90 [ 1188.792949][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1188.804829][T25216] [ 1188.804829][T25216] Uninit was stored to memory at: [ 1188.812947][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1188.812947][T25216] __msan_chain_origin+0x54/0xa0 [ 1188.824756][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1188.829856][T25216] get_compat_msghdr+0x108/0x2b0 [ 1188.833266][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1188.833266][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1188.844765][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1188.844765][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1188.855189][T25216] __do_fast_syscall_32+0x127/0x180 [ 1188.855189][T25216] do_fast_syscall_32+0x77/0xd0 [ 1188.864959][T25216] do_SYSENTER_32+0x73/0x90 [ 1188.872955][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1188.872955][T25216] [ 1188.872955][T25216] Uninit was stored to memory at: [ 1188.884784][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1188.884784][T25216] __msan_chain_origin+0x54/0xa0 [ 1188.894783][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1188.894783][T25216] get_compat_msghdr+0x108/0x2b0 [ 1188.904812][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1188.904812][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1188.912933][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1188.912933][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1188.924997][T25216] __do_fast_syscall_32+0x127/0x180 [ 1188.932962][T25216] do_fast_syscall_32+0x77/0xd0 [ 1188.932962][T25216] do_SYSENTER_32+0x73/0x90 [ 1188.932962][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1188.944783][T25216] [ 1188.953009][T25216] Uninit was stored to memory at: [ 1188.953009][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1188.953009][T25216] __msan_chain_origin+0x54/0xa0 [ 1188.965102][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1188.973102][T25216] get_compat_msghdr+0x108/0x2b0 [ 1188.973102][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1188.973102][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1188.984835][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1188.992922][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1188.992922][T25216] __do_fast_syscall_32+0x127/0x180 [ 1188.992922][T25216] do_fast_syscall_32+0x77/0xd0 [ 1189.006634][T25216] do_SYSENTER_32+0x73/0x90 [ 1189.013078][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1189.013078][T25216] [ 1189.013078][T25216] Uninit was stored to memory at: [ 1189.024860][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1189.035366][T25216] __msan_chain_origin+0x54/0xa0 [ 1189.035366][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1189.044848][T25216] get_compat_msghdr+0x108/0x2b0 [ 1189.044848][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1189.052924][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1189.052924][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1189.064851][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1189.064851][T25216] __do_fast_syscall_32+0x127/0x180 [ 1189.073040][T25216] do_fast_syscall_32+0x77/0xd0 [ 1189.073040][T25216] do_SYSENTER_32+0x73/0x90 [ 1189.084910][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1189.093276][T25216] [ 1189.093276][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1189.093276][T25216] do_recvmmsg+0xbf/0x22d0 [ 1189.104929][T25216] do_recvmmsg+0xbf/0x22d0 [ 1189.312884][T25216] not chained 2300000 origins [ 1189.317858][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1189.322500][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1189.326899][T25216] Call Trace: [ 1189.326899][T25216] dump_stack+0x24c/0x2e0 [ 1189.326899][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1189.326899][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1189.326899][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1189.326899][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1189.326899][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1189.372448][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1189.378219][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1189.385209][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1189.385209][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1189.392350][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1189.392350][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1189.408845][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1189.412341][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1189.412341][T25216] ? _copy_from_user+0x1fd/0x300 [ 1189.425191][T25216] __msan_chain_origin+0x54/0xa0 [ 1189.425191][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1189.432347][T25216] get_compat_msghdr+0x108/0x2b0 [ 1189.432347][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1189.432347][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1189.449030][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1189.449030][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1189.458360][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1189.465185][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1189.465185][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1189.472499][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1189.472499][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1189.485529][T25216] __do_fast_syscall_32+0x127/0x180 [ 1189.492372][T25216] do_fast_syscall_32+0x77/0xd0 [ 1189.492372][T25216] do_SYSENTER_32+0x73/0x90 [ 1189.492372][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1189.505373][T25216] RIP: 0023:0xf7f93549 [ 1189.512377][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1189.525280][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1189.536511][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1189.548607][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1189.554263][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1189.565327][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1189.572510][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1189.572510][T25216] Uninit was stored to memory at: [ 1189.585417][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1189.592349][T25216] __msan_chain_origin+0x54/0xa0 [ 1189.592349][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1189.592349][T25216] get_compat_msghdr+0x108/0x2b0 [ 1189.605288][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1189.612880][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1189.612880][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1189.612880][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1189.625210][T25216] __do_fast_syscall_32+0x127/0x180 [ 1189.632500][T25216] do_fast_syscall_32+0x77/0xd0 [ 1189.632500][T25216] do_SYSENTER_32+0x73/0x90 [ 1189.645176][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1189.649059][T25216] [ 1189.652343][T25216] Uninit was stored to memory at: [ 1189.652343][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1189.652343][T25216] __msan_chain_origin+0x54/0xa0 [ 1189.666964][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1189.672352][T25216] get_compat_msghdr+0x108/0x2b0 [ 1189.672352][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1189.672352][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1189.685192][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1189.692527][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1189.692527][T25216] __do_fast_syscall_32+0x127/0x180 [ 1189.705210][T25216] do_fast_syscall_32+0x77/0xd0 [ 1189.705210][T25216] do_SYSENTER_32+0x73/0x90 [ 1189.712594][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1189.712594][T25216] [ 1189.725320][T25216] Uninit was stored to memory at: [ 1189.725320][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1189.732346][T25216] __msan_chain_origin+0x54/0xa0 [ 1189.732346][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1189.746179][T25216] get_compat_msghdr+0x108/0x2b0 [ 1189.746179][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1189.752476][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1189.752476][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1189.765209][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1189.765209][T25216] __do_fast_syscall_32+0x127/0x180 [ 1189.774182][T25216] do_fast_syscall_32+0x77/0xd0 [ 1189.774182][T25216] do_SYSENTER_32+0x73/0x90 [ 1189.785288][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1189.792341][T25216] [ 1189.792341][T25216] Uninit was stored to memory at: [ 1189.792341][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1189.805350][T25216] __msan_chain_origin+0x54/0xa0 [ 1189.805350][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1189.812489][T25216] get_compat_msghdr+0x108/0x2b0 [ 1189.812489][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1189.825209][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1189.825209][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1189.832340][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1189.832340][T25216] __do_fast_syscall_32+0x127/0x180 [ 1189.845272][T25216] do_fast_syscall_32+0x77/0xd0 [ 1189.854045][T25216] do_SYSENTER_32+0x73/0x90 [ 1189.855179][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1189.855179][T25216] [ 1189.865191][T25216] Uninit was stored to memory at: [ 1189.865191][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1189.872740][T25216] __msan_chain_origin+0x54/0xa0 [ 1189.872740][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1189.886963][T25216] get_compat_msghdr+0x108/0x2b0 [ 1189.892351][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1189.892351][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1189.892351][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1189.905285][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1189.912350][T25216] __do_fast_syscall_32+0x127/0x180 [ 1189.912350][T25216] do_fast_syscall_32+0x77/0xd0 [ 1189.912350][T25216] do_SYSENTER_32+0x73/0x90 [ 1189.925159][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1189.932482][T25216] [ 1189.932482][T25216] Uninit was stored to memory at: [ 1189.932482][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1189.945187][T25216] __msan_chain_origin+0x54/0xa0 [ 1189.952337][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1189.956244][T25216] get_compat_msghdr+0x108/0x2b0 [ 1189.956244][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1189.965297][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1189.972342][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1189.972342][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1189.985193][T25216] __do_fast_syscall_32+0x127/0x180 [ 1189.985193][T25216] do_fast_syscall_32+0x77/0xd0 [ 1189.994182][T25216] do_SYSENTER_32+0x73/0x90 [ 1189.994182][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1190.005496][T25216] [ 1190.005496][T25216] Uninit was stored to memory at: [ 1190.012605][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1190.012605][T25216] __msan_chain_origin+0x54/0xa0 [ 1190.012605][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1190.025474][T25216] get_compat_msghdr+0x108/0x2b0 [ 1190.032342][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1190.032342][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1190.032342][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1190.045304][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1190.052545][T25216] __do_fast_syscall_32+0x127/0x180 [ 1190.058697][T25216] do_fast_syscall_32+0x77/0xd0 [ 1190.065293][T25216] do_SYSENTER_32+0x73/0x90 [ 1190.065293][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1190.072374][T25216] [ 1190.072374][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1190.085300][T25216] do_recvmmsg+0xbf/0x22d0 [ 1190.085300][T25216] do_recvmmsg+0xbf/0x22d0 [ 1190.297537][T25216] not chained 2310000 origins [ 1190.302220][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1190.302220][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1190.302220][T25216] Call Trace: [ 1190.302220][T25216] dump_stack+0x24c/0x2e0 [ 1190.302220][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1190.332544][T25216] ? do_user_addr_fault+0x1912/0x2650 [ 1190.332544][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1190.332544][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1190.332544][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1190.332544][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1190.332544][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1190.332544][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1190.332544][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1190.332544][T25216] ? _copy_from_user+0x1fd/0x300 [ 1190.332544][T25216] __msan_chain_origin+0x54/0xa0 [ 1190.332544][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1190.332544][T25216] get_compat_msghdr+0x108/0x2b0 [ 1190.332544][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1190.332544][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1190.332544][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1190.332544][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1190.332544][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1190.332544][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1190.332544][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1190.332544][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1190.332544][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1190.332544][T25216] __do_fast_syscall_32+0x127/0x180 [ 1190.332544][T25216] do_fast_syscall_32+0x77/0xd0 [ 1190.332544][T25216] do_SYSENTER_32+0x73/0x90 [ 1190.332544][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1190.332544][T25216] RIP: 0023:0xf7f93549 [ 1190.332544][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1190.332544][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1190.332544][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1190.332544][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1190.332544][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1190.332544][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1190.332544][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1190.332544][T25216] Uninit was stored to memory at: [ 1190.332544][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1190.332544][T25216] __msan_chain_origin+0x54/0xa0 [ 1190.332544][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1190.332544][T25216] get_compat_msghdr+0x108/0x2b0 [ 1190.332544][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1190.332544][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1190.332544][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1190.332544][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1190.332544][T25216] __do_fast_syscall_32+0x127/0x180 [ 1190.332544][T25216] do_fast_syscall_32+0x77/0xd0 [ 1190.332544][T25216] do_SYSENTER_32+0x73/0x90 [ 1190.332544][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1190.332544][T25216] [ 1190.332544][T25216] Uninit was stored to memory at: [ 1190.332544][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1190.332544][T25216] __msan_chain_origin+0x54/0xa0 [ 1190.332544][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1190.332544][T25216] get_compat_msghdr+0x108/0x2b0 [ 1190.332544][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1190.332544][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1190.332544][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1190.332544][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1190.332544][T25216] __do_fast_syscall_32+0x127/0x180 [ 1190.332544][T25216] do_fast_syscall_32+0x77/0xd0 [ 1190.332544][T25216] do_SYSENTER_32+0x73/0x90 [ 1190.332544][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1190.332544][T25216] [ 1190.332544][T25216] Uninit was stored to memory at: [ 1190.332544][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1190.332544][T25216] __msan_chain_origin+0x54/0xa0 [ 1190.332544][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1190.332544][T25216] get_compat_msghdr+0x108/0x2b0 [ 1190.332544][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1190.332544][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1190.332544][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1190.332544][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1190.332544][T25216] __do_fast_syscall_32+0x127/0x180 [ 1190.332544][T25216] do_fast_syscall_32+0x77/0xd0 [ 1190.332544][T25216] do_SYSENTER_32+0x73/0x90 [ 1190.332544][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1190.332544][T25216] [ 1190.332544][T25216] Uninit was stored to memory at: [ 1190.332544][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1190.332544][T25216] __msan_chain_origin+0x54/0xa0 [ 1190.332544][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1190.332544][T25216] get_compat_msghdr+0x108/0x2b0 [ 1190.332544][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1190.332544][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1190.332544][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1190.332544][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1190.332544][T25216] __do_fast_syscall_32+0x127/0x180 [ 1190.332544][T25216] do_fast_syscall_32+0x77/0xd0 [ 1190.332544][T25216] do_SYSENTER_32+0x73/0x90 [ 1190.332544][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1190.332544][T25216] [ 1190.332544][T25216] Uninit was stored to memory at: [ 1190.332544][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1190.332544][T25216] __msan_chain_origin+0x54/0xa0 [ 1190.332544][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1190.332544][T25216] get_compat_msghdr+0x108/0x2b0 [ 1190.332544][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1190.332544][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1190.332544][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1190.332544][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1190.332544][T25216] __do_fast_syscall_32+0x127/0x180 [ 1190.332544][T25216] do_fast_syscall_32+0x77/0xd0 [ 1190.332544][T25216] do_SYSENTER_32+0x73/0x90 [ 1190.332544][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1190.332544][T25216] [ 1190.332544][T25216] Uninit was stored to memory at: [ 1190.332544][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1190.332544][T25216] __msan_chain_origin+0x54/0xa0 [ 1190.332544][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1190.332544][T25216] get_compat_msghdr+0x108/0x2b0 [ 1190.332544][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1190.332544][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1190.332544][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1190.332544][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1190.332544][T25216] __do_fast_syscall_32+0x127/0x180 [ 1190.332544][T25216] do_fast_syscall_32+0x77/0xd0 [ 1190.332544][T25216] do_SYSENTER_32+0x73/0x90 [ 1190.332544][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1190.332544][T25216] [ 1190.332544][T25216] Uninit was stored to memory at: [ 1190.332544][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1190.332544][T25216] __msan_chain_origin+0x54/0xa0 [ 1190.332544][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1190.332544][T25216] get_compat_msghdr+0x108/0x2b0 [ 1190.332544][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1190.332544][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1190.332544][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1190.332544][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1190.332544][T25216] __do_fast_syscall_32+0x127/0x180 [ 1190.332544][T25216] do_fast_syscall_32+0x77/0xd0 [ 1190.332544][T25216] do_SYSENTER_32+0x73/0x90 [ 1190.332544][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1190.332544][T25216] [ 1190.332544][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1190.332544][T25216] do_recvmmsg+0xbf/0x22d0 [ 1190.332544][T25216] do_recvmmsg+0xbf/0x22d0 [ 1191.274881][T25216] not chained 2320000 origins [ 1191.279664][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1191.285823][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1191.285823][T25216] Call Trace: [ 1191.285823][T25216] dump_stack+0x24c/0x2e0 [ 1191.285823][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1191.285823][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1191.285823][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1191.285823][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1191.285823][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1191.285823][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1191.285823][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1191.285823][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1191.285823][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1191.285823][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1191.285823][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1191.285823][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1191.285823][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1191.285823][T25216] ? _copy_from_user+0x1fd/0x300 [ 1191.285823][T25216] __msan_chain_origin+0x54/0xa0 [ 1191.285823][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1191.285823][T25216] get_compat_msghdr+0x108/0x2b0 [ 1191.285823][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1191.285823][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1191.285823][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1191.285823][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1191.285823][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1191.285823][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1191.285823][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1191.285823][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1191.285823][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1191.285823][T25216] __do_fast_syscall_32+0x127/0x180 [ 1191.285823][T25216] do_fast_syscall_32+0x77/0xd0 [ 1191.285823][T25216] do_SYSENTER_32+0x73/0x90 [ 1191.285823][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1191.285823][T25216] RIP: 0023:0xf7f93549 [ 1191.285823][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1191.285823][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1191.285823][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1191.285823][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1191.285823][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1191.285823][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1191.285823][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1191.285823][T25216] Uninit was stored to memory at: [ 1191.285823][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1191.285823][T25216] __msan_chain_origin+0x54/0xa0 [ 1191.285823][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1191.285823][T25216] get_compat_msghdr+0x108/0x2b0 [ 1191.285823][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1191.285823][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1191.285823][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1191.285823][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1191.285823][T25216] __do_fast_syscall_32+0x127/0x180 [ 1191.285823][T25216] do_fast_syscall_32+0x77/0xd0 [ 1191.285823][T25216] do_SYSENTER_32+0x73/0x90 [ 1191.285823][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1191.285823][T25216] [ 1191.285823][T25216] Uninit was stored to memory at: [ 1191.285823][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1191.285823][T25216] __msan_chain_origin+0x54/0xa0 [ 1191.285823][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1191.285823][T25216] get_compat_msghdr+0x108/0x2b0 [ 1191.285823][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1191.285823][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1191.285823][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1191.285823][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1191.285823][T25216] __do_fast_syscall_32+0x127/0x180 [ 1191.285823][T25216] do_fast_syscall_32+0x77/0xd0 [ 1191.285823][T25216] do_SYSENTER_32+0x73/0x90 [ 1191.285823][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1191.285823][T25216] [ 1191.285823][T25216] Uninit was stored to memory at: [ 1191.285823][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1191.285823][T25216] __msan_chain_origin+0x54/0xa0 [ 1191.285823][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1191.285823][T25216] get_compat_msghdr+0x108/0x2b0 [ 1191.285823][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1191.285823][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1191.285823][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1191.285823][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1191.285823][T25216] __do_fast_syscall_32+0x127/0x180 [ 1191.285823][T25216] do_fast_syscall_32+0x77/0xd0 [ 1191.285823][T25216] do_SYSENTER_32+0x73/0x90 [ 1191.285823][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1191.285823][T25216] [ 1191.285823][T25216] Uninit was stored to memory at: [ 1191.285823][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1191.285823][T25216] __msan_chain_origin+0x54/0xa0 [ 1191.285823][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1191.285823][T25216] get_compat_msghdr+0x108/0x2b0 [ 1191.285823][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1191.285823][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1191.285823][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1191.285823][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1191.285823][T25216] __do_fast_syscall_32+0x127/0x180 [ 1191.285823][T25216] do_fast_syscall_32+0x77/0xd0 [ 1191.285823][T25216] do_SYSENTER_32+0x73/0x90 [ 1191.285823][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1191.285823][T25216] [ 1191.285823][T25216] Uninit was stored to memory at: [ 1191.285823][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1191.285823][T25216] __msan_chain_origin+0x54/0xa0 [ 1191.285823][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1191.285823][T25216] get_compat_msghdr+0x108/0x2b0 [ 1191.285823][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1191.285823][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1191.285823][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1191.285823][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1191.285823][T25216] __do_fast_syscall_32+0x127/0x180 [ 1191.285823][T25216] do_fast_syscall_32+0x77/0xd0 [ 1191.285823][T25216] do_SYSENTER_32+0x73/0x90 [ 1191.285823][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1191.285823][T25216] [ 1191.285823][T25216] Uninit was stored to memory at: [ 1191.285823][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1191.285823][T25216] __msan_chain_origin+0x54/0xa0 [ 1191.285823][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1191.285823][T25216] get_compat_msghdr+0x108/0x2b0 [ 1191.285823][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1191.285823][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1191.285823][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1191.285823][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1191.285823][T25216] __do_fast_syscall_32+0x127/0x180 [ 1191.285823][T25216] do_fast_syscall_32+0x77/0xd0 [ 1191.285823][T25216] do_SYSENTER_32+0x73/0x90 [ 1191.285823][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1191.285823][T25216] [ 1191.285823][T25216] Uninit was stored to memory at: [ 1191.285823][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1191.285823][T25216] __msan_chain_origin+0x54/0xa0 [ 1191.285823][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1191.285823][T25216] get_compat_msghdr+0x108/0x2b0 [ 1191.285823][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1191.285823][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1191.285823][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1191.285823][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1191.285823][T25216] __do_fast_syscall_32+0x127/0x180 [ 1191.285823][T25216] do_fast_syscall_32+0x77/0xd0 [ 1191.285823][T25216] do_SYSENTER_32+0x73/0x90 [ 1191.285823][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1191.285823][T25216] [ 1191.285823][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1191.285823][T25216] do_recvmmsg+0xbf/0x22d0 [ 1191.285823][T25216] do_recvmmsg+0xbf/0x22d0 [ 1192.279053][T25216] not chained 2330000 origins [ 1192.282245][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1192.282245][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1192.282245][T25216] Call Trace: [ 1192.282245][T25216] dump_stack+0x24c/0x2e0 [ 1192.309850][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1192.309850][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1192.309850][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1192.309850][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1192.309850][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1192.309850][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1192.309850][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1192.309850][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1192.309850][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1192.309850][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1192.309850][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1192.309850][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1192.309850][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1192.309850][T25216] ? _copy_from_user+0x1fd/0x300 [ 1192.309850][T25216] __msan_chain_origin+0x54/0xa0 [ 1192.309850][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1192.309850][T25216] get_compat_msghdr+0x108/0x2b0 [ 1192.309850][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1192.309850][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1192.309850][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1192.309850][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1192.309850][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1192.309850][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1192.309850][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1192.309850][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1192.309850][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1192.309850][T25216] __do_fast_syscall_32+0x127/0x180 [ 1192.309850][T25216] do_fast_syscall_32+0x77/0xd0 [ 1192.309850][T25216] do_SYSENTER_32+0x73/0x90 [ 1192.309850][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1192.309850][T25216] RIP: 0023:0xf7f93549 [ 1192.309850][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1192.309850][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1192.309850][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1192.309850][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1192.309850][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1192.309850][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1192.309850][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1192.309850][T25216] Uninit was stored to memory at: [ 1192.309850][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1192.309850][T25216] __msan_chain_origin+0x54/0xa0 [ 1192.309850][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1192.309850][T25216] get_compat_msghdr+0x108/0x2b0 [ 1192.309850][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1192.309850][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1192.309850][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1192.309850][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1192.309850][T25216] __do_fast_syscall_32+0x127/0x180 [ 1192.309850][T25216] do_fast_syscall_32+0x77/0xd0 [ 1192.309850][T25216] do_SYSENTER_32+0x73/0x90 [ 1192.309850][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1192.309850][T25216] [ 1192.309850][T25216] Uninit was stored to memory at: [ 1192.309850][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1192.309850][T25216] __msan_chain_origin+0x54/0xa0 [ 1192.309850][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1192.309850][T25216] get_compat_msghdr+0x108/0x2b0 [ 1192.309850][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1192.309850][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1192.309850][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1192.309850][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1192.309850][T25216] __do_fast_syscall_32+0x127/0x180 [ 1192.309850][T25216] do_fast_syscall_32+0x77/0xd0 [ 1192.309850][T25216] do_SYSENTER_32+0x73/0x90 [ 1192.309850][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1192.309850][T25216] [ 1192.309850][T25216] Uninit was stored to memory at: [ 1192.309850][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1192.309850][T25216] __msan_chain_origin+0x54/0xa0 [ 1192.309850][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1192.309850][T25216] get_compat_msghdr+0x108/0x2b0 [ 1192.309850][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1192.309850][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1192.309850][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1192.309850][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1192.309850][T25216] __do_fast_syscall_32+0x127/0x180 [ 1192.309850][T25216] do_fast_syscall_32+0x77/0xd0 [ 1192.309850][T25216] do_SYSENTER_32+0x73/0x90 [ 1192.309850][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1192.309850][T25216] [ 1192.309850][T25216] Uninit was stored to memory at: [ 1192.309850][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1192.309850][T25216] __msan_chain_origin+0x54/0xa0 [ 1192.309850][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1192.309850][T25216] get_compat_msghdr+0x108/0x2b0 [ 1192.309850][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1192.309850][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1192.309850][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1192.309850][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1192.309850][T25216] __do_fast_syscall_32+0x127/0x180 [ 1192.309850][T25216] do_fast_syscall_32+0x77/0xd0 [ 1192.309850][T25216] do_SYSENTER_32+0x73/0x90 [ 1192.309850][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1192.309850][T25216] [ 1192.309850][T25216] Uninit was stored to memory at: [ 1192.309850][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1192.309850][T25216] __msan_chain_origin+0x54/0xa0 [ 1192.309850][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1192.309850][T25216] get_compat_msghdr+0x108/0x2b0 [ 1192.309850][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1192.309850][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1192.309850][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1192.309850][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1192.309850][T25216] __do_fast_syscall_32+0x127/0x180 [ 1192.309850][T25216] do_fast_syscall_32+0x77/0xd0 [ 1192.309850][T25216] do_SYSENTER_32+0x73/0x90 [ 1192.309850][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1192.309850][T25216] [ 1192.309850][T25216] Uninit was stored to memory at: [ 1192.309850][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1192.309850][T25216] __msan_chain_origin+0x54/0xa0 [ 1192.309850][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1192.309850][T25216] get_compat_msghdr+0x108/0x2b0 [ 1192.309850][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1192.309850][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1192.309850][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1192.309850][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1192.309850][T25216] __do_fast_syscall_32+0x127/0x180 [ 1192.309850][T25216] do_fast_syscall_32+0x77/0xd0 [ 1192.309850][T25216] do_SYSENTER_32+0x73/0x90 [ 1192.309850][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1192.309850][T25216] [ 1192.309850][T25216] Uninit was stored to memory at: [ 1192.309850][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1192.309850][T25216] __msan_chain_origin+0x54/0xa0 [ 1192.309850][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1192.309850][T25216] get_compat_msghdr+0x108/0x2b0 [ 1192.309850][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1192.309850][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1192.309850][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1192.309850][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1192.309850][T25216] __do_fast_syscall_32+0x127/0x180 [ 1192.309850][T25216] do_fast_syscall_32+0x77/0xd0 [ 1192.309850][T25216] do_SYSENTER_32+0x73/0x90 [ 1192.309850][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1192.309850][T25216] [ 1192.309850][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1192.309850][T25216] do_recvmmsg+0xbf/0x22d0 [ 1192.309850][T25216] do_recvmmsg+0xbf/0x22d0 [ 1193.256131][T25216] not chained 2340000 origins [ 1193.261120][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1193.262237][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1193.262237][T25216] Call Trace: [ 1193.262237][T25216] dump_stack+0x24c/0x2e0 [ 1193.262237][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1193.262237][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1193.262237][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1193.262237][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1193.262237][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1193.262237][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1193.262237][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1193.262237][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1193.262237][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1193.262237][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1193.262237][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1193.262237][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1193.262237][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1193.262237][T25216] ? _copy_from_user+0x1fd/0x300 [ 1193.262237][T25216] __msan_chain_origin+0x54/0xa0 [ 1193.262237][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1193.262237][T25216] get_compat_msghdr+0x108/0x2b0 [ 1193.262237][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1193.262237][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1193.262237][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1193.262237][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1193.262237][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1193.262237][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1193.262237][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1193.262237][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1193.262237][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1193.262237][T25216] __do_fast_syscall_32+0x127/0x180 [ 1193.262237][T25216] do_fast_syscall_32+0x77/0xd0 [ 1193.262237][T25216] do_SYSENTER_32+0x73/0x90 [ 1193.262237][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1193.262237][T25216] RIP: 0023:0xf7f93549 [ 1193.262237][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1193.262237][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1193.262237][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1193.262237][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1193.262237][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1193.262237][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1193.262237][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1193.262237][T25216] Uninit was stored to memory at: [ 1193.262237][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1193.262237][T25216] __msan_chain_origin+0x54/0xa0 [ 1193.262237][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1193.262237][T25216] get_compat_msghdr+0x108/0x2b0 [ 1193.262237][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1193.262237][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1193.262237][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1193.262237][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1193.262237][T25216] __do_fast_syscall_32+0x127/0x180 [ 1193.262237][T25216] do_fast_syscall_32+0x77/0xd0 [ 1193.262237][T25216] do_SYSENTER_32+0x73/0x90 [ 1193.262237][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1193.262237][T25216] [ 1193.262237][T25216] Uninit was stored to memory at: [ 1193.262237][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1193.262237][T25216] __msan_chain_origin+0x54/0xa0 [ 1193.262237][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1193.262237][T25216] get_compat_msghdr+0x108/0x2b0 [ 1193.262237][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1193.262237][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1193.262237][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1193.262237][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1193.262237][T25216] __do_fast_syscall_32+0x127/0x180 [ 1193.262237][T25216] do_fast_syscall_32+0x77/0xd0 [ 1193.262237][T25216] do_SYSENTER_32+0x73/0x90 [ 1193.262237][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1193.262237][T25216] [ 1193.262237][T25216] Uninit was stored to memory at: [ 1193.262237][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1193.262237][T25216] __msan_chain_origin+0x54/0xa0 [ 1193.262237][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1193.262237][T25216] get_compat_msghdr+0x108/0x2b0 [ 1193.262237][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1193.262237][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1193.262237][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1193.262237][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1193.262237][T25216] __do_fast_syscall_32+0x127/0x180 [ 1193.262237][T25216] do_fast_syscall_32+0x77/0xd0 [ 1193.262237][T25216] do_SYSENTER_32+0x73/0x90 [ 1193.262237][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1193.262237][T25216] [ 1193.262237][T25216] Uninit was stored to memory at: [ 1193.262237][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1193.262237][T25216] __msan_chain_origin+0x54/0xa0 [ 1193.262237][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1193.262237][T25216] get_compat_msghdr+0x108/0x2b0 [ 1193.262237][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1193.262237][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1193.262237][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1193.262237][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1193.262237][T25216] __do_fast_syscall_32+0x127/0x180 [ 1193.262237][T25216] do_fast_syscall_32+0x77/0xd0 [ 1193.262237][T25216] do_SYSENTER_32+0x73/0x90 [ 1193.262237][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1193.262237][T25216] [ 1193.262237][T25216] Uninit was stored to memory at: [ 1193.262237][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1193.262237][T25216] __msan_chain_origin+0x54/0xa0 [ 1193.262237][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1193.262237][T25216] get_compat_msghdr+0x108/0x2b0 [ 1193.262237][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1193.262237][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1193.262237][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1193.262237][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1193.262237][T25216] __do_fast_syscall_32+0x127/0x180 [ 1193.262237][T25216] do_fast_syscall_32+0x77/0xd0 [ 1193.262237][T25216] do_SYSENTER_32+0x73/0x90 [ 1193.262237][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1193.262237][T25216] [ 1193.262237][T25216] Uninit was stored to memory at: [ 1193.262237][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1193.262237][T25216] __msan_chain_origin+0x54/0xa0 [ 1193.262237][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1193.262237][T25216] get_compat_msghdr+0x108/0x2b0 [ 1193.262237][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1193.262237][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1193.262237][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1193.262237][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1193.262237][T25216] __do_fast_syscall_32+0x127/0x180 [ 1193.262237][T25216] do_fast_syscall_32+0x77/0xd0 [ 1193.262237][T25216] do_SYSENTER_32+0x73/0x90 [ 1193.262237][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1193.262237][T25216] [ 1193.262237][T25216] Uninit was stored to memory at: [ 1193.262237][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1193.262237][T25216] __msan_chain_origin+0x54/0xa0 [ 1193.262237][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1193.262237][T25216] get_compat_msghdr+0x108/0x2b0 [ 1193.262237][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1193.262237][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1193.262237][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1193.262237][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1193.262237][T25216] __do_fast_syscall_32+0x127/0x180 [ 1193.262237][T25216] do_fast_syscall_32+0x77/0xd0 [ 1193.262237][T25216] do_SYSENTER_32+0x73/0x90 [ 1193.262237][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1193.262237][T25216] [ 1193.262237][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1193.262237][T25216] do_recvmmsg+0xbf/0x22d0 [ 1193.262237][T25216] do_recvmmsg+0xbf/0x22d0 [ 1194.250040][T25216] not chained 2350000 origins [ 1194.253217][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1194.262403][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1194.272503][T25216] Call Trace: [ 1194.272503][T25216] dump_stack+0x24c/0x2e0 [ 1194.272503][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1194.272503][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1194.292487][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1194.292487][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1194.292487][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1194.305155][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1194.312480][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1194.312480][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1194.325430][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1194.332551][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1194.332551][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1194.332551][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1194.345152][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1194.352538][T25216] ? _copy_from_user+0x1fd/0x300 [ 1194.359509][T25216] __msan_chain_origin+0x54/0xa0 [ 1194.365100][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1194.365100][T25216] get_compat_msghdr+0x108/0x2b0 [ 1194.372490][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1194.372490][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1194.385223][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1194.385223][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1194.394513][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1194.394513][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1194.405198][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1194.405198][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1194.412693][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1194.412693][T25216] __do_fast_syscall_32+0x127/0x180 [ 1194.425192][T25216] do_fast_syscall_32+0x77/0xd0 [ 1194.432498][T25216] do_SYSENTER_32+0x73/0x90 [ 1194.432498][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1194.445084][T25216] RIP: 0023:0xf7f93549 [ 1194.445084][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1194.465085][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1194.472498][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1194.485243][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1194.492519][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1194.492519][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1194.507067][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1194.512587][T25216] Uninit was stored to memory at: [ 1194.512587][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1194.525142][T25216] __msan_chain_origin+0x54/0xa0 [ 1194.532489][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1194.532489][T25216] get_compat_msghdr+0x108/0x2b0 [ 1194.532489][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1194.545204][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1194.552483][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1194.552483][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1194.552483][T25216] __do_fast_syscall_32+0x127/0x180 [ 1194.567158][T25216] do_fast_syscall_32+0x77/0xd0 [ 1194.572587][T25216] do_SYSENTER_32+0x73/0x90 [ 1194.572587][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1194.585439][T25216] [ 1194.585439][T25216] Uninit was stored to memory at: [ 1194.592497][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1194.592497][T25216] __msan_chain_origin+0x54/0xa0 [ 1194.605203][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1194.605203][T25216] get_compat_msghdr+0x108/0x2b0 [ 1194.614358][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1194.614358][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1194.625194][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1194.625194][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1194.632593][T25216] __do_fast_syscall_32+0x127/0x180 [ 1194.632593][T25216] do_fast_syscall_32+0x77/0xd0 [ 1194.645104][T25216] do_SYSENTER_32+0x73/0x90 [ 1194.652801][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1194.652801][T25216] [ 1194.652801][T25216] Uninit was stored to memory at: [ 1194.652801][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1194.672479][T25216] __msan_chain_origin+0x54/0xa0 [ 1194.672479][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1194.672479][T25216] get_compat_msghdr+0x108/0x2b0 [ 1194.685119][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1194.692584][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1194.692584][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1194.692584][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1194.705124][T25216] __do_fast_syscall_32+0x127/0x180 [ 1194.712803][T25216] do_fast_syscall_32+0x77/0xd0 [ 1194.712803][T25216] do_SYSENTER_32+0x73/0x90 [ 1194.712803][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1194.727071][T25216] [ 1194.732475][T25216] Uninit was stored to memory at: [ 1194.732475][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1194.732475][T25216] __msan_chain_origin+0x54/0xa0 [ 1194.745114][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1194.752585][T25216] get_compat_msghdr+0x108/0x2b0 [ 1194.752585][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1194.752585][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1194.769067][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1194.772494][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1194.772494][T25216] __do_fast_syscall_32+0x127/0x180 [ 1194.785215][T25216] do_fast_syscall_32+0x77/0xd0 [ 1194.785215][T25216] do_SYSENTER_32+0x73/0x90 [ 1194.792492][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1194.792492][T25216] [ 1194.792492][T25216] Uninit was stored to memory at: [ 1194.805210][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1194.812618][T25216] __msan_chain_origin+0x54/0xa0 [ 1194.812618][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1194.825136][T25216] get_compat_msghdr+0x108/0x2b0 [ 1194.825136][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1194.834286][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1194.834286][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1194.845518][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1194.852503][T25216] __do_fast_syscall_32+0x127/0x180 [ 1194.852503][T25216] do_fast_syscall_32+0x77/0xd0 [ 1194.852503][T25216] do_SYSENTER_32+0x73/0x90 [ 1194.865126][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1194.872558][T25216] [ 1194.872558][T25216] Uninit was stored to memory at: [ 1194.872558][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1194.885107][T25216] __msan_chain_origin+0x54/0xa0 [ 1194.892476][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1194.892476][T25216] get_compat_msghdr+0x108/0x2b0 [ 1194.892476][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1194.905169][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1194.912485][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1194.912485][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1194.925103][T25216] __do_fast_syscall_32+0x127/0x180 [ 1194.932579][T25216] do_fast_syscall_32+0x77/0xd0 [ 1194.932579][T25216] do_SYSENTER_32+0x73/0x90 [ 1194.932579][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1194.947030][T25216] [ 1194.947030][T25216] Uninit was stored to memory at: [ 1194.952495][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1194.952495][T25216] __msan_chain_origin+0x54/0xa0 [ 1194.965375][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1194.965375][T25216] get_compat_msghdr+0x108/0x2b0 [ 1194.974747][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1194.974747][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1194.985130][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1194.992585][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1194.992585][T25216] __do_fast_syscall_32+0x127/0x180 [ 1194.992585][T25216] do_fast_syscall_32+0x77/0xd0 [ 1195.005133][T25216] do_SYSENTER_32+0x73/0x90 [ 1195.012549][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1195.012549][T25216] [ 1195.012549][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1195.025302][T25216] do_recvmmsg+0xbf/0x22d0 [ 1195.032496][T25216] do_recvmmsg+0xbf/0x22d0 [ 1195.322975][T25216] not chained 2360000 origins [ 1195.327660][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1195.332214][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1195.332214][T25216] Call Trace: [ 1195.332214][T25216] dump_stack+0x24c/0x2e0 [ 1195.332214][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1195.332214][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1195.332214][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1195.332214][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1195.332214][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1195.332214][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1195.332214][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1195.332214][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1195.332214][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1195.332214][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1195.332214][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1195.332214][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1195.332214][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1195.332214][T25216] ? _copy_from_user+0x1fd/0x300 [ 1195.332214][T25216] __msan_chain_origin+0x54/0xa0 [ 1195.332214][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1195.332214][T25216] get_compat_msghdr+0x108/0x2b0 [ 1195.332214][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1195.332214][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1195.332214][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1195.332214][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1195.332214][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1195.332214][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1195.332214][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1195.332214][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1195.332214][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1195.332214][T25216] __do_fast_syscall_32+0x127/0x180 [ 1195.332214][T25216] do_fast_syscall_32+0x77/0xd0 [ 1195.332214][T25216] do_SYSENTER_32+0x73/0x90 [ 1195.332214][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1195.332214][T25216] RIP: 0023:0xf7f93549 [ 1195.332214][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1195.332214][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1195.332214][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1195.332214][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1195.332214][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1195.332214][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1195.332214][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1195.332214][T25216] Uninit was stored to memory at: [ 1195.332214][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1195.332214][T25216] __msan_chain_origin+0x54/0xa0 [ 1195.332214][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1195.332214][T25216] get_compat_msghdr+0x108/0x2b0 [ 1195.332214][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1195.332214][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1195.332214][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1195.332214][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1195.332214][T25216] __do_fast_syscall_32+0x127/0x180 [ 1195.332214][T25216] do_fast_syscall_32+0x77/0xd0 [ 1195.332214][T25216] do_SYSENTER_32+0x73/0x90 [ 1195.332214][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1195.332214][T25216] [ 1195.332214][T25216] Uninit was stored to memory at: [ 1195.332214][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1195.332214][T25216] __msan_chain_origin+0x54/0xa0 [ 1195.332214][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1195.332214][T25216] get_compat_msghdr+0x108/0x2b0 [ 1195.332214][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1195.332214][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1195.332214][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1195.332214][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1195.332214][T25216] __do_fast_syscall_32+0x127/0x180 [ 1195.332214][T25216] do_fast_syscall_32+0x77/0xd0 [ 1195.332214][T25216] do_SYSENTER_32+0x73/0x90 [ 1195.332214][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1195.332214][T25216] [ 1195.332214][T25216] Uninit was stored to memory at: [ 1195.332214][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1195.332214][T25216] __msan_chain_origin+0x54/0xa0 [ 1195.332214][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1195.332214][T25216] get_compat_msghdr+0x108/0x2b0 [ 1195.332214][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1195.332214][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1195.332214][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1195.332214][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1195.332214][T25216] __do_fast_syscall_32+0x127/0x180 [ 1195.332214][T25216] do_fast_syscall_32+0x77/0xd0 [ 1195.332214][T25216] do_SYSENTER_32+0x73/0x90 [ 1195.332214][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1195.332214][T25216] [ 1195.332214][T25216] Uninit was stored to memory at: [ 1195.332214][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1195.332214][T25216] __msan_chain_origin+0x54/0xa0 [ 1195.332214][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1195.332214][T25216] get_compat_msghdr+0x108/0x2b0 [ 1195.332214][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1195.332214][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1195.332214][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1195.332214][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1195.332214][T25216] __do_fast_syscall_32+0x127/0x180 [ 1195.332214][T25216] do_fast_syscall_32+0x77/0xd0 [ 1195.332214][T25216] do_SYSENTER_32+0x73/0x90 [ 1195.332214][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1195.332214][T25216] [ 1195.332214][T25216] Uninit was stored to memory at: [ 1195.332214][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1195.332214][T25216] __msan_chain_origin+0x54/0xa0 [ 1195.332214][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1195.332214][T25216] get_compat_msghdr+0x108/0x2b0 [ 1195.332214][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1195.332214][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1195.332214][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1195.332214][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1195.332214][T25216] __do_fast_syscall_32+0x127/0x180 [ 1195.332214][T25216] do_fast_syscall_32+0x77/0xd0 [ 1195.332214][T25216] do_SYSENTER_32+0x73/0x90 [ 1195.332214][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1195.332214][T25216] [ 1195.332214][T25216] Uninit was stored to memory at: [ 1195.332214][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1195.332214][T25216] __msan_chain_origin+0x54/0xa0 [ 1195.332214][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1195.332214][T25216] get_compat_msghdr+0x108/0x2b0 [ 1195.332214][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1195.332214][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1195.332214][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1195.332214][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1195.332214][T25216] __do_fast_syscall_32+0x127/0x180 [ 1195.332214][T25216] do_fast_syscall_32+0x77/0xd0 [ 1195.332214][T25216] do_SYSENTER_32+0x73/0x90 [ 1196.012476][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1196.012476][T25216] [ 1196.012476][T25216] Uninit was stored to memory at: [ 1196.012476][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1196.012476][T25216] __msan_chain_origin+0x54/0xa0 [ 1196.012476][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1196.012476][T25216] get_compat_msghdr+0x108/0x2b0 [ 1196.012476][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1196.012476][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1196.012476][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1196.012476][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1196.012476][T25216] __do_fast_syscall_32+0x127/0x180 [ 1196.012476][T25216] do_fast_syscall_32+0x77/0xd0 [ 1196.012476][T25216] do_SYSENTER_32+0x73/0x90 [ 1196.012476][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1196.012476][T25216] [ 1196.012476][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1196.012476][T25216] do_recvmmsg+0xbf/0x22d0 [ 1196.012476][T25216] do_recvmmsg+0xbf/0x22d0 [ 1196.325362][T25216] not chained 2370000 origins [ 1196.330333][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1196.337320][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1196.342390][T25216] Call Trace: [ 1196.342390][T25216] dump_stack+0x24c/0x2e0 [ 1196.355221][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1196.362333][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1196.362333][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1196.362333][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1196.377237][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1196.382339][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1196.382339][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1196.395298][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1196.402871][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1196.408814][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1196.415310][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1196.415310][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1196.422330][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1196.422330][T25216] ? _copy_from_user+0x1fd/0x300 [ 1196.435263][T25216] __msan_chain_origin+0x54/0xa0 [ 1196.442327][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1196.442327][T25216] get_compat_msghdr+0x108/0x2b0 [ 1196.442327][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1196.455276][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1196.462522][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1196.462522][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1196.462522][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1196.475246][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1196.484183][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1196.484183][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1196.484183][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1196.495377][T25216] __do_fast_syscall_32+0x127/0x180 [ 1196.502358][T25216] do_fast_syscall_32+0x77/0xd0 [ 1196.509931][T25216] do_SYSENTER_32+0x73/0x90 [ 1196.515268][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1196.522354][T25216] RIP: 0023:0xf7f93549 [ 1196.522354][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1196.542358][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1196.555455][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1196.562561][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1196.562561][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1196.575677][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1196.582342][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1196.582342][T25216] Uninit was stored to memory at: [ 1196.597066][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1196.602340][T25216] __msan_chain_origin+0x54/0xa0 [ 1196.602340][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1196.615149][T25216] get_compat_msghdr+0x108/0x2b0 [ 1196.622498][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1196.622498][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1196.622498][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1196.635393][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1196.642394][T25216] __do_fast_syscall_32+0x127/0x180 [ 1196.642394][T25216] do_fast_syscall_32+0x77/0xd0 [ 1196.655367][T25216] do_SYSENTER_32+0x73/0x90 [ 1196.655367][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1196.663424][T25216] [ 1196.663424][T25216] Uninit was stored to memory at: [ 1196.663424][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1196.675147][T25216] __msan_chain_origin+0x54/0xa0 [ 1196.682471][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1196.682471][T25216] get_compat_msghdr+0x108/0x2b0 [ 1196.682471][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1196.695187][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1196.695187][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1196.704227][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1196.704227][T25216] __do_fast_syscall_32+0x127/0x180 [ 1196.717709][T25216] do_fast_syscall_32+0x77/0xd0 [ 1196.722332][T25216] do_SYSENTER_32+0x73/0x90 [ 1196.722332][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1196.735179][T25216] [ 1196.735179][T25216] Uninit was stored to memory at: [ 1196.742477][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1196.742477][T25216] __msan_chain_origin+0x54/0xa0 [ 1196.755194][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1196.755194][T25216] get_compat_msghdr+0x108/0x2b0 [ 1196.762330][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1196.762330][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1196.762330][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1196.775475][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1196.782339][T25216] __do_fast_syscall_32+0x127/0x180 [ 1196.782339][T25216] do_fast_syscall_32+0x77/0xd0 [ 1196.795524][T25216] do_SYSENTER_32+0x73/0x90 [ 1196.795524][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1196.802474][T25216] [ 1196.802474][T25216] Uninit was stored to memory at: [ 1196.802474][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1196.820476][T25216] __msan_chain_origin+0x54/0xa0 [ 1196.822323][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1196.822323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1196.835274][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1196.835274][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1196.842318][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1196.842318][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1196.855182][T25216] __do_fast_syscall_32+0x127/0x180 [ 1196.862464][T25216] do_fast_syscall_32+0x77/0xd0 [ 1196.862464][T25216] do_SYSENTER_32+0x73/0x90 [ 1196.862464][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1196.875181][T25216] [ 1196.875181][T25216] Uninit was stored to memory at: [ 1196.882360][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1196.882360][T25216] __msan_chain_origin+0x54/0xa0 [ 1196.895325][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1196.902321][T25216] get_compat_msghdr+0x108/0x2b0 [ 1196.902321][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1196.902321][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1196.915193][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1196.919470][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1196.924426][T25216] __do_fast_syscall_32+0x127/0x180 [ 1196.924426][T25216] do_fast_syscall_32+0x77/0xd0 [ 1196.935168][T25216] do_SYSENTER_32+0x73/0x90 [ 1196.942321][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1196.942321][T25216] [ 1196.942321][T25216] Uninit was stored to memory at: [ 1196.955422][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1196.962375][T25216] __msan_chain_origin+0x54/0xa0 [ 1196.962375][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1196.975538][T25216] get_compat_msghdr+0x108/0x2b0 [ 1196.975538][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1196.982626][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1196.982626][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1196.995395][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1197.002326][T25216] __do_fast_syscall_32+0x127/0x180 [ 1197.002326][T25216] do_fast_syscall_32+0x77/0xd0 [ 1197.002326][T25216] do_SYSENTER_32+0x73/0x90 [ 1197.015273][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1197.022436][T25216] [ 1197.022436][T25216] Uninit was stored to memory at: [ 1197.022436][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1197.036959][T25216] __msan_chain_origin+0x54/0xa0 [ 1197.042480][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1197.042480][T25216] get_compat_msghdr+0x108/0x2b0 [ 1197.042480][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1197.055522][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1197.062355][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1197.062355][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1197.075409][T25216] __do_fast_syscall_32+0x127/0x180 [ 1197.075409][T25216] do_fast_syscall_32+0x77/0xd0 [ 1197.082375][T25216] do_SYSENTER_32+0x73/0x90 [ 1197.082375][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1197.095294][T25216] [ 1197.095294][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1197.102513][T25216] do_recvmmsg+0xbf/0x22d0 [ 1197.102513][T25216] do_recvmmsg+0xbf/0x22d0 [ 1197.324894][T25216] not chained 2380000 origins [ 1197.330331][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1197.332236][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1197.332236][T25216] Call Trace: [ 1197.332236][T25216] dump_stack+0x24c/0x2e0 [ 1197.332236][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1197.332236][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1197.332236][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1197.332236][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1197.332236][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1197.332236][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1197.332236][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1197.332236][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1197.332236][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1197.332236][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1197.332236][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1197.332236][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1197.332236][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1197.332236][T25216] ? _copy_from_user+0x1fd/0x300 [ 1197.332236][T25216] __msan_chain_origin+0x54/0xa0 [ 1197.332236][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1197.332236][T25216] get_compat_msghdr+0x108/0x2b0 [ 1197.332236][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1197.332236][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1197.332236][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1197.332236][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1197.332236][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1197.332236][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1197.332236][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1197.332236][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1197.332236][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1197.332236][T25216] __do_fast_syscall_32+0x127/0x180 [ 1197.332236][T25216] do_fast_syscall_32+0x77/0xd0 [ 1197.332236][T25216] do_SYSENTER_32+0x73/0x90 [ 1197.332236][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1197.332236][T25216] RIP: 0023:0xf7f93549 [ 1197.332236][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1197.332236][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1197.332236][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1197.332236][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1197.332236][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1197.332236][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1197.332236][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1197.332236][T25216] Uninit was stored to memory at: [ 1197.332236][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1197.332236][T25216] __msan_chain_origin+0x54/0xa0 [ 1197.332236][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1197.332236][T25216] get_compat_msghdr+0x108/0x2b0 [ 1197.332236][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1197.332236][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1197.332236][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1197.332236][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1197.332236][T25216] __do_fast_syscall_32+0x127/0x180 [ 1197.332236][T25216] do_fast_syscall_32+0x77/0xd0 [ 1197.332236][T25216] do_SYSENTER_32+0x73/0x90 [ 1197.332236][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1197.332236][T25216] [ 1197.332236][T25216] Uninit was stored to memory at: [ 1197.332236][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1197.332236][T25216] __msan_chain_origin+0x54/0xa0 [ 1197.332236][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1197.332236][T25216] get_compat_msghdr+0x108/0x2b0 [ 1197.332236][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1197.332236][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1197.332236][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1197.332236][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1197.332236][T25216] __do_fast_syscall_32+0x127/0x180 [ 1197.332236][T25216] do_fast_syscall_32+0x77/0xd0 [ 1197.332236][T25216] do_SYSENTER_32+0x73/0x90 [ 1197.332236][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1197.332236][T25216] [ 1197.332236][T25216] Uninit was stored to memory at: [ 1197.332236][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1197.332236][T25216] __msan_chain_origin+0x54/0xa0 [ 1197.332236][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1197.332236][T25216] get_compat_msghdr+0x108/0x2b0 [ 1197.332236][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1197.332236][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1197.332236][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1197.332236][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1197.332236][T25216] __do_fast_syscall_32+0x127/0x180 [ 1197.332236][T25216] do_fast_syscall_32+0x77/0xd0 [ 1197.332236][T25216] do_SYSENTER_32+0x73/0x90 [ 1197.332236][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1197.332236][T25216] [ 1197.332236][T25216] Uninit was stored to memory at: [ 1197.332236][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1197.332236][T25216] __msan_chain_origin+0x54/0xa0 [ 1197.332236][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1197.332236][T25216] get_compat_msghdr+0x108/0x2b0 [ 1197.332236][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1197.332236][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1197.332236][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1197.332236][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1197.332236][T25216] __do_fast_syscall_32+0x127/0x180 [ 1197.332236][T25216] do_fast_syscall_32+0x77/0xd0 [ 1197.332236][T25216] do_SYSENTER_32+0x73/0x90 [ 1197.332236][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1197.332236][T25216] [ 1197.332236][T25216] Uninit was stored to memory at: [ 1197.332236][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1197.332236][T25216] __msan_chain_origin+0x54/0xa0 [ 1197.332236][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1197.332236][T25216] get_compat_msghdr+0x108/0x2b0 [ 1197.332236][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1197.332236][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1197.332236][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1197.332236][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1197.332236][T25216] __do_fast_syscall_32+0x127/0x180 [ 1197.332236][T25216] do_fast_syscall_32+0x77/0xd0 [ 1197.332236][T25216] do_SYSENTER_32+0x73/0x90 [ 1197.332236][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1197.332236][T25216] [ 1197.332236][T25216] Uninit was stored to memory at: [ 1197.332236][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1197.332236][T25216] __msan_chain_origin+0x54/0xa0 [ 1197.332236][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1197.332236][T25216] get_compat_msghdr+0x108/0x2b0 [ 1197.332236][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1197.332236][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1197.332236][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1197.332236][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1197.332236][T25216] __do_fast_syscall_32+0x127/0x180 [ 1197.332236][T25216] do_fast_syscall_32+0x77/0xd0 [ 1197.332236][T25216] do_SYSENTER_32+0x73/0x90 [ 1197.332236][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1197.332236][T25216] [ 1197.332236][T25216] Uninit was stored to memory at: [ 1197.332236][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1197.332236][T25216] __msan_chain_origin+0x54/0xa0 [ 1197.332236][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1197.332236][T25216] get_compat_msghdr+0x108/0x2b0 [ 1197.332236][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1197.332236][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1197.332236][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1197.332236][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1197.332236][T25216] __do_fast_syscall_32+0x127/0x180 [ 1197.332236][T25216] do_fast_syscall_32+0x77/0xd0 [ 1197.332236][T25216] do_SYSENTER_32+0x73/0x90 [ 1197.332236][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1197.332236][T25216] [ 1197.332236][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1197.332236][T25216] do_recvmmsg+0xbf/0x22d0 [ 1197.332236][T25216] do_recvmmsg+0xbf/0x22d0 [ 1198.323068][T25216] not chained 2390000 origins [ 1198.328017][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1198.332212][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1198.332212][T25216] Call Trace: [ 1198.332212][T25216] dump_stack+0x24c/0x2e0 [ 1198.351731][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1198.357619][T25216] ? do_user_addr_fault+0x1912/0x2650 [ 1198.357619][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1198.357619][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1198.357619][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1198.357619][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1198.357619][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1198.357619][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1198.357619][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1198.357619][T25216] ? _copy_from_user+0x1fd/0x300 [ 1198.357619][T25216] __msan_chain_origin+0x54/0xa0 [ 1198.412579][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1198.412579][T25216] get_compat_msghdr+0x108/0x2b0 [ 1198.412579][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1198.412579][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1198.412579][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1198.412579][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1198.412579][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1198.412579][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1198.454972][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1198.458428][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1198.458428][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1198.458428][T25216] __do_fast_syscall_32+0x127/0x180 [ 1198.458428][T25216] do_fast_syscall_32+0x77/0xd0 [ 1198.458428][T25216] do_SYSENTER_32+0x73/0x90 [ 1198.458428][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1198.458428][T25216] RIP: 0023:0xf7f93549 [ 1198.458428][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1198.458428][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1198.458428][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1198.458428][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1198.458428][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1198.458428][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1198.458428][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1198.458428][T25216] Uninit was stored to memory at: [ 1198.458428][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1198.458428][T25216] __msan_chain_origin+0x54/0xa0 [ 1198.458428][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1198.458428][T25216] get_compat_msghdr+0x108/0x2b0 [ 1198.458428][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1198.458428][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1198.458428][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1198.458428][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1198.458428][T25216] __do_fast_syscall_32+0x127/0x180 [ 1198.458428][T25216] do_fast_syscall_32+0x77/0xd0 [ 1198.458428][T25216] do_SYSENTER_32+0x73/0x90 [ 1198.458428][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1198.458428][T25216] [ 1198.458428][T25216] Uninit was stored to memory at: [ 1198.458428][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1198.458428][T25216] __msan_chain_origin+0x54/0xa0 [ 1198.458428][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1198.458428][T25216] get_compat_msghdr+0x108/0x2b0 [ 1198.458428][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1198.458428][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1198.458428][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1198.458428][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1198.458428][T25216] __do_fast_syscall_32+0x127/0x180 [ 1198.458428][T25216] do_fast_syscall_32+0x77/0xd0 [ 1198.458428][T25216] do_SYSENTER_32+0x73/0x90 [ 1198.458428][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1198.458428][T25216] [ 1198.458428][T25216] Uninit was stored to memory at: [ 1198.458428][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1198.458428][T25216] __msan_chain_origin+0x54/0xa0 [ 1198.458428][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1198.458428][T25216] get_compat_msghdr+0x108/0x2b0 [ 1198.458428][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1198.458428][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1198.458428][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1198.458428][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1198.458428][T25216] __do_fast_syscall_32+0x127/0x180 [ 1198.458428][T25216] do_fast_syscall_32+0x77/0xd0 [ 1198.458428][T25216] do_SYSENTER_32+0x73/0x90 [ 1198.458428][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1198.458428][T25216] [ 1198.458428][T25216] Uninit was stored to memory at: [ 1198.458428][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1198.458428][T25216] __msan_chain_origin+0x54/0xa0 [ 1198.458428][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1198.458428][T25216] get_compat_msghdr+0x108/0x2b0 [ 1198.458428][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1198.458428][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1198.458428][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1198.458428][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1198.458428][T25216] __do_fast_syscall_32+0x127/0x180 [ 1198.458428][T25216] do_fast_syscall_32+0x77/0xd0 [ 1198.458428][T25216] do_SYSENTER_32+0x73/0x90 [ 1198.458428][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1198.458428][T25216] [ 1198.458428][T25216] Uninit was stored to memory at: [ 1198.458428][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1198.458428][T25216] __msan_chain_origin+0x54/0xa0 [ 1198.458428][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1198.458428][T25216] get_compat_msghdr+0x108/0x2b0 [ 1198.458428][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1198.458428][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1198.458428][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1198.458428][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1198.458428][T25216] __do_fast_syscall_32+0x127/0x180 [ 1198.458428][T25216] do_fast_syscall_32+0x77/0xd0 [ 1198.458428][T25216] do_SYSENTER_32+0x73/0x90 [ 1198.458428][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1198.458428][T25216] [ 1198.458428][T25216] Uninit was stored to memory at: [ 1198.458428][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1198.458428][T25216] __msan_chain_origin+0x54/0xa0 [ 1198.458428][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1198.458428][T25216] get_compat_msghdr+0x108/0x2b0 [ 1198.458428][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1198.458428][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1198.458428][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1198.458428][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1198.458428][T25216] __do_fast_syscall_32+0x127/0x180 [ 1198.458428][T25216] do_fast_syscall_32+0x77/0xd0 [ 1198.458428][T25216] do_SYSENTER_32+0x73/0x90 [ 1198.458428][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1198.458428][T25216] [ 1198.458428][T25216] Uninit was stored to memory at: [ 1198.458428][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1198.458428][T25216] __msan_chain_origin+0x54/0xa0 [ 1198.458428][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1198.458428][T25216] get_compat_msghdr+0x108/0x2b0 [ 1198.458428][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1198.458428][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1198.458428][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1198.458428][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1198.458428][T25216] __do_fast_syscall_32+0x127/0x180 [ 1198.458428][T25216] do_fast_syscall_32+0x77/0xd0 [ 1198.458428][T25216] do_SYSENTER_32+0x73/0x90 [ 1198.458428][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1198.458428][T25216] [ 1198.458428][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1198.458428][T25216] do_recvmmsg+0xbf/0x22d0 [ 1198.458428][T25216] do_recvmmsg+0xbf/0x22d0 [ 1199.290310][T25216] not chained 2400000 origins [ 1199.294517][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1199.294517][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1199.312364][T25216] Call Trace: [ 1199.312364][T25216] dump_stack+0x24c/0x2e0 [ 1199.312364][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1199.325396][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1199.332393][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1199.332393][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1199.332393][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1199.352402][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1199.352402][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1199.352402][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1199.365286][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1199.372811][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1199.377196][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1199.385424][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1199.392394][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1199.392394][T25216] ? _copy_from_user+0x1fd/0x300 [ 1199.392394][T25216] __msan_chain_origin+0x54/0xa0 [ 1199.405458][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1199.412401][T25216] get_compat_msghdr+0x108/0x2b0 [ 1199.412401][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1199.412401][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1199.425495][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1199.432881][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1199.432881][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1199.445228][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1199.445228][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1199.454203][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1199.454203][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1199.465197][T25216] __do_fast_syscall_32+0x127/0x180 [ 1199.472351][T25216] do_fast_syscall_32+0x77/0xd0 [ 1199.472351][T25216] do_SYSENTER_32+0x73/0x90 [ 1199.479490][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1199.485169][T25216] RIP: 0023:0xf7f93549 [ 1199.492349][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1199.512351][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1199.512351][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1199.525204][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1199.532502][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1199.545166][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1199.552360][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1199.552360][T25216] Uninit was stored to memory at: [ 1199.567228][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1199.572353][T25216] __msan_chain_origin+0x54/0xa0 [ 1199.572353][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1199.581859][T25216] get_compat_msghdr+0x108/0x2b0 [ 1199.585162][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1199.592495][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1199.595632][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1199.595632][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1199.605187][T25216] __do_fast_syscall_32+0x127/0x180 [ 1199.612344][T25216] do_fast_syscall_32+0x77/0xd0 [ 1199.612344][T25216] do_SYSENTER_32+0x73/0x90 [ 1199.625278][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1199.625278][T25216] [ 1199.632340][T25216] Uninit was stored to memory at: [ 1199.632340][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1199.632340][T25216] __msan_chain_origin+0x54/0xa0 [ 1199.645397][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1199.653178][T25216] get_compat_msghdr+0x108/0x2b0 [ 1199.653178][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1199.653178][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1199.665220][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1199.674191][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1199.674191][T25216] __do_fast_syscall_32+0x127/0x180 [ 1199.674191][T25216] do_fast_syscall_32+0x77/0xd0 [ 1199.687302][T25216] do_SYSENTER_32+0x73/0x90 [ 1199.692730][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1199.692730][T25216] [ 1199.705171][T25216] Uninit was stored to memory at: [ 1199.705171][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1199.712539][T25216] __msan_chain_origin+0x54/0xa0 [ 1199.712539][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1199.725241][T25216] get_compat_msghdr+0x108/0x2b0 [ 1199.732357][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1199.732357][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1199.732357][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1199.745275][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1199.752348][T25216] __do_fast_syscall_32+0x127/0x180 [ 1199.752348][T25216] do_fast_syscall_32+0x77/0xd0 [ 1199.752348][T25216] do_SYSENTER_32+0x73/0x90 [ 1199.765310][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1199.773087][T25216] [ 1199.773087][T25216] Uninit was stored to memory at: [ 1199.773087][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1199.773087][T25216] __msan_chain_origin+0x54/0xa0 [ 1199.792347][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1199.792347][T25216] get_compat_msghdr+0x108/0x2b0 [ 1199.792347][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1199.805308][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1199.812360][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1199.812360][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1199.812360][T25216] __do_fast_syscall_32+0x127/0x180 [ 1199.825511][T25216] do_fast_syscall_32+0x77/0xd0 [ 1199.832487][T25216] do_SYSENTER_32+0x73/0x90 [ 1199.832487][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1199.845185][T25216] [ 1199.845185][T25216] Uninit was stored to memory at: [ 1199.852353][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1199.855198][T25216] __msan_chain_origin+0x54/0xa0 [ 1199.855198][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1199.865479][T25216] get_compat_msghdr+0x108/0x2b0 [ 1199.872348][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1199.872348][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1199.872348][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1199.889011][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1199.894183][T25216] __do_fast_syscall_32+0x127/0x180 [ 1199.894183][T25216] do_fast_syscall_32+0x77/0xd0 [ 1199.905173][T25216] do_SYSENTER_32+0x73/0x90 [ 1199.905173][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1199.912347][T25216] [ 1199.912347][T25216] Uninit was stored to memory at: [ 1199.912347][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1199.925291][T25216] __msan_chain_origin+0x54/0xa0 [ 1199.932346][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1199.932346][T25216] get_compat_msghdr+0x108/0x2b0 [ 1199.945197][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1199.945197][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1199.952746][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1199.952746][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1199.965203][T25216] __do_fast_syscall_32+0x127/0x180 [ 1199.972356][T25216] do_fast_syscall_32+0x77/0xd0 [ 1199.972356][T25216] do_SYSENTER_32+0x73/0x90 [ 1199.972356][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1199.985516][T25216] [ 1199.985516][T25216] Uninit was stored to memory at: [ 1199.992337][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1199.992337][T25216] __msan_chain_origin+0x54/0xa0 [ 1200.007221][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1200.012617][T25216] get_compat_msghdr+0x108/0x2b0 [ 1200.012617][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1200.012617][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1200.025192][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1200.032359][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1200.032359][T25216] __do_fast_syscall_32+0x127/0x180 [ 1200.045270][T25216] do_fast_syscall_32+0x77/0xd0 [ 1200.045270][T25216] do_SYSENTER_32+0x73/0x90 [ 1200.052349][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1200.052349][T25216] [ 1200.052349][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1200.065184][T25216] do_recvmmsg+0xbf/0x22d0 [ 1200.072493][T25216] do_recvmmsg+0xbf/0x22d0 [ 1200.285909][T25216] not chained 2410000 origins [ 1200.290827][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1200.292228][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1200.292228][T25216] Call Trace: [ 1200.292228][T25216] dump_stack+0x24c/0x2e0 [ 1200.292228][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1200.292228][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1200.292228][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1200.332413][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1200.335687][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1200.345204][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1200.345204][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1200.352727][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1200.352727][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1200.365196][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1200.372352][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1200.372352][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1200.385189][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1200.385189][T25216] ? _copy_from_user+0x1fd/0x300 [ 1200.392369][T25216] __msan_chain_origin+0x54/0xa0 [ 1200.401074][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1200.405178][T25216] get_compat_msghdr+0x108/0x2b0 [ 1200.408984][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1200.414340][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1200.414340][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1200.425406][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1200.432385][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1200.432385][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1200.432385][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1200.447049][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1200.452506][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1200.452506][T25216] __do_fast_syscall_32+0x127/0x180 [ 1200.465193][T25216] do_fast_syscall_32+0x77/0xd0 [ 1200.465193][T25216] do_SYSENTER_32+0x73/0x90 [ 1200.472347][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1200.472347][T25216] RIP: 0023:0xf7f93549 [ 1200.485518][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1200.492345][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1200.512349][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1200.512349][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1200.525183][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1200.532492][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1200.545360][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1200.545360][T25216] Uninit was stored to memory at: [ 1200.554217][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1200.565273][T25216] __msan_chain_origin+0x54/0xa0 [ 1200.565273][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1200.572386][T25216] get_compat_msghdr+0x108/0x2b0 [ 1200.572386][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1200.585195][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1200.585195][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1200.592575][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1200.592575][T25216] __do_fast_syscall_32+0x127/0x180 [ 1200.608395][T25216] do_fast_syscall_32+0x77/0xd0 [ 1200.612735][T25216] do_SYSENTER_32+0x73/0x90 [ 1200.612735][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1200.612735][T25216] [ 1200.625312][T25216] Uninit was stored to memory at: [ 1200.632354][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1200.632354][T25216] __msan_chain_origin+0x54/0xa0 [ 1200.632354][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1200.645247][T25216] get_compat_msghdr+0x108/0x2b0 [ 1200.652523][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1200.652523][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1200.652523][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1200.667076][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1200.673111][T25216] __do_fast_syscall_32+0x127/0x180 [ 1200.673111][T25216] do_fast_syscall_32+0x77/0xd0 [ 1200.685387][T25216] do_SYSENTER_32+0x73/0x90 [ 1200.685387][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1200.692369][T25216] [ 1200.692369][T25216] Uninit was stored to memory at: [ 1200.692369][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1200.708643][T25216] __msan_chain_origin+0x54/0xa0 [ 1200.712508][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1200.712508][T25216] get_compat_msghdr+0x108/0x2b0 [ 1200.725312][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1200.725312][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1200.732360][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1200.732360][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1200.745559][T25216] __do_fast_syscall_32+0x127/0x180 [ 1200.752414][T25216] do_fast_syscall_32+0x77/0xd0 [ 1200.752414][T25216] do_SYSENTER_32+0x73/0x90 [ 1200.752414][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1200.765604][T25216] [ 1200.765604][T25216] Uninit was stored to memory at: [ 1200.774244][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1200.774244][T25216] __msan_chain_origin+0x54/0xa0 [ 1200.785377][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1200.792369][T25216] get_compat_msghdr+0x108/0x2b0 [ 1200.792369][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1200.792369][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1200.805344][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1200.812347][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1200.812347][T25216] __do_fast_syscall_32+0x127/0x180 [ 1200.825241][T25216] do_fast_syscall_32+0x77/0xd0 [ 1200.825241][T25216] do_SYSENTER_32+0x73/0x90 [ 1200.832572][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1200.832572][T25216] [ 1200.832572][T25216] Uninit was stored to memory at: [ 1200.845312][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1200.855218][T25216] __msan_chain_origin+0x54/0xa0 [ 1200.855218][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1200.865409][T25216] get_compat_msghdr+0x108/0x2b0 [ 1200.865409][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1200.872751][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1200.872751][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1200.872751][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1200.892519][T25216] __do_fast_syscall_32+0x127/0x180 [ 1200.892519][T25216] do_fast_syscall_32+0x77/0xd0 [ 1200.892519][T25216] do_SYSENTER_32+0x73/0x90 [ 1200.905221][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1200.913305][T25216] [ 1200.913305][T25216] Uninit was stored to memory at: [ 1200.913305][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1200.925361][T25216] __msan_chain_origin+0x54/0xa0 [ 1200.932356][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1200.932356][T25216] get_compat_msghdr+0x108/0x2b0 [ 1200.932356][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1200.945238][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1200.945238][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1200.952507][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1200.952507][T25216] __do_fast_syscall_32+0x127/0x180 [ 1200.965223][T25216] do_fast_syscall_32+0x77/0xd0 [ 1200.972586][T25216] do_SYSENTER_32+0x73/0x90 [ 1200.972586][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1200.972586][T25216] [ 1200.985481][T25216] Uninit was stored to memory at: [ 1200.985481][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1200.994195][T25216] __msan_chain_origin+0x54/0xa0 [ 1200.994195][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1201.005519][T25216] get_compat_msghdr+0x108/0x2b0 [ 1201.005519][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1201.015804][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1201.015804][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1201.025232][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1201.032357][T25216] __do_fast_syscall_32+0x127/0x180 [ 1201.032357][T25216] do_fast_syscall_32+0x77/0xd0 [ 1201.032357][T25216] do_SYSENTER_32+0x73/0x90 [ 1201.045301][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1201.045301][T25216] [ 1201.058233][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1201.058233][T25216] do_recvmmsg+0xbf/0x22d0 [ 1201.066199][T25216] do_recvmmsg+0xbf/0x22d0 [ 1201.289887][T25216] not chained 2420000 origins [ 1201.292472][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1201.302477][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1201.312492][T25216] Call Trace: [ 1201.312492][T25216] dump_stack+0x24c/0x2e0 [ 1201.312492][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1201.312492][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1201.332612][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1201.332612][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1201.345229][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1201.345229][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1201.352502][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1201.365103][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1201.365103][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1201.372526][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1201.372526][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1201.385108][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1201.392515][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1201.392515][T25216] ? _copy_from_user+0x1fd/0x300 [ 1201.392515][T25216] __msan_chain_origin+0x54/0xa0 [ 1201.408822][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1201.412473][T25216] get_compat_msghdr+0x108/0x2b0 [ 1201.412473][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1201.412473][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1201.427968][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1201.434388][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1201.434388][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1201.445143][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1201.445143][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1201.452805][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1201.452805][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1201.465328][T25216] __do_fast_syscall_32+0x127/0x180 [ 1201.472531][T25216] do_fast_syscall_32+0x77/0xd0 [ 1201.472531][T25216] do_SYSENTER_32+0x73/0x90 [ 1201.472531][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1201.485207][T25216] RIP: 0023:0xf7f93549 [ 1201.492489][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1201.512471][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1201.512471][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1201.528430][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1201.532856][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1201.532856][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1201.552573][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1201.552573][T25216] Uninit was stored to memory at: [ 1201.565106][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1201.572486][T25216] __msan_chain_origin+0x54/0xa0 [ 1201.572486][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1201.572486][T25216] get_compat_msghdr+0x108/0x2b0 [ 1201.585332][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1201.585332][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1201.592496][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1201.592496][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1201.605107][T25216] __do_fast_syscall_32+0x127/0x180 [ 1201.612781][T25216] do_fast_syscall_32+0x77/0xd0 [ 1201.612781][T25216] do_SYSENTER_32+0x73/0x90 [ 1201.612781][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1201.629875][T25216] [ 1201.629875][T25216] Uninit was stored to memory at: [ 1201.632485][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1201.632485][T25216] __msan_chain_origin+0x54/0xa0 [ 1201.645321][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1201.645321][T25216] get_compat_msghdr+0x108/0x2b0 [ 1201.654284][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1201.654284][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1201.665427][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1201.672588][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1201.672588][T25216] __do_fast_syscall_32+0x127/0x180 [ 1201.685087][T25216] do_fast_syscall_32+0x77/0xd0 [ 1201.685087][T25216] do_SYSENTER_32+0x73/0x90 [ 1201.694393][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1201.694393][T25216] [ 1201.694393][T25216] Uninit was stored to memory at: [ 1201.705233][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1201.712487][T25216] __msan_chain_origin+0x54/0xa0 [ 1201.712487][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1201.712487][T25216] get_compat_msghdr+0x108/0x2b0 [ 1201.725080][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1201.732593][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1201.732593][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1201.745095][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1201.745095][T25216] __do_fast_syscall_32+0x127/0x180 [ 1201.752481][T25216] do_fast_syscall_32+0x77/0xd0 [ 1201.752481][T25216] do_SYSENTER_32+0x73/0x90 [ 1201.752481][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1201.772487][T25216] [ 1201.772487][T25216] Uninit was stored to memory at: [ 1201.772487][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1201.785109][T25216] __msan_chain_origin+0x54/0xa0 [ 1201.785109][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1201.792829][T25216] get_compat_msghdr+0x108/0x2b0 [ 1201.792829][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1201.805084][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1201.805084][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1201.812487][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1201.812487][T25216] __do_fast_syscall_32+0x127/0x180 [ 1201.825192][T25216] do_fast_syscall_32+0x77/0xd0 [ 1201.825192][T25216] do_SYSENTER_32+0x73/0x90 [ 1201.835011][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1201.835011][T25216] [ 1201.845245][T25216] Uninit was stored to memory at: [ 1201.845245][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1201.855204][T25216] __msan_chain_origin+0x54/0xa0 [ 1201.855204][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1201.865321][T25216] get_compat_msghdr+0x108/0x2b0 [ 1201.865321][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1201.874359][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1201.874359][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1201.885223][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1201.892501][T25216] __do_fast_syscall_32+0x127/0x180 [ 1201.892501][T25216] do_fast_syscall_32+0x77/0xd0 [ 1201.892501][T25216] do_SYSENTER_32+0x73/0x90 [ 1201.905160][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1201.912592][T25216] [ 1201.912592][T25216] Uninit was stored to memory at: [ 1201.912592][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1201.925391][T25216] __msan_chain_origin+0x54/0xa0 [ 1201.932482][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1201.937291][T25216] get_compat_msghdr+0x108/0x2b0 [ 1201.937291][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1201.945221][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1201.945221][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1201.952499][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1201.952499][T25216] __do_fast_syscall_32+0x127/0x180 [ 1201.965105][T25216] do_fast_syscall_32+0x77/0xd0 [ 1201.972580][T25216] do_SYSENTER_32+0x73/0x90 [ 1201.972580][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1201.972580][T25216] [ 1201.986894][T25216] Uninit was stored to memory at: [ 1201.992483][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1201.992483][T25216] __msan_chain_origin+0x54/0xa0 [ 1201.992483][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1202.005205][T25216] get_compat_msghdr+0x108/0x2b0 [ 1202.012689][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1202.012689][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1202.012689][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1202.025134][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1202.032596][T25216] __do_fast_syscall_32+0x127/0x180 [ 1202.039480][T25216] do_fast_syscall_32+0x77/0xd0 [ 1202.045117][T25216] do_SYSENTER_32+0x73/0x90 [ 1202.045117][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1202.052807][T25216] [ 1202.052807][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1202.065345][T25216] do_recvmmsg+0xbf/0x22d0 [ 1202.065345][T25216] do_recvmmsg+0xbf/0x22d0 [ 1202.280087][T25216] not chained 2430000 origins [ 1202.284048][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1202.284048][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1202.284048][T25216] Call Trace: [ 1202.284048][T25216] dump_stack+0x24c/0x2e0 [ 1202.284048][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1202.284048][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1202.284048][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1202.284048][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1202.284048][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1202.284048][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1202.284048][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1202.284048][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1202.284048][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1202.284048][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1202.284048][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1202.284048][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1202.284048][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1202.284048][T25216] ? _copy_from_user+0x1fd/0x300 [ 1202.284048][T25216] __msan_chain_origin+0x54/0xa0 [ 1202.284048][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1202.284048][T25216] get_compat_msghdr+0x108/0x2b0 [ 1202.284048][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1202.413292][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1202.413292][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1202.413292][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1202.413292][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1202.413292][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1202.413292][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1202.413292][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1202.413292][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1202.413292][T25216] __do_fast_syscall_32+0x127/0x180 [ 1202.413292][T25216] do_fast_syscall_32+0x77/0xd0 [ 1202.413292][T25216] do_SYSENTER_32+0x73/0x90 [ 1202.413292][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1202.413292][T25216] RIP: 0023:0xf7f93549 [ 1202.413292][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1202.413292][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1202.413292][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1202.413292][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1202.413292][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1202.413292][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1202.413292][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1202.413292][T25216] Uninit was stored to memory at: [ 1202.413292][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1202.413292][T25216] __msan_chain_origin+0x54/0xa0 [ 1202.413292][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1202.413292][T25216] get_compat_msghdr+0x108/0x2b0 [ 1202.413292][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1202.413292][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1202.413292][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1202.413292][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1202.413292][T25216] __do_fast_syscall_32+0x127/0x180 [ 1202.413292][T25216] do_fast_syscall_32+0x77/0xd0 [ 1202.413292][T25216] do_SYSENTER_32+0x73/0x90 [ 1202.413292][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1202.413292][T25216] [ 1202.413292][T25216] Uninit was stored to memory at: [ 1202.413292][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1202.413292][T25216] __msan_chain_origin+0x54/0xa0 [ 1202.413292][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1202.413292][T25216] get_compat_msghdr+0x108/0x2b0 [ 1202.413292][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1202.413292][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1202.413292][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1202.413292][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1202.413292][T25216] __do_fast_syscall_32+0x127/0x180 [ 1202.413292][T25216] do_fast_syscall_32+0x77/0xd0 [ 1202.413292][T25216] do_SYSENTER_32+0x73/0x90 [ 1202.413292][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1202.413292][T25216] [ 1202.413292][T25216] Uninit was stored to memory at: [ 1202.413292][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1202.413292][T25216] __msan_chain_origin+0x54/0xa0 [ 1202.413292][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1202.413292][T25216] get_compat_msghdr+0x108/0x2b0 [ 1202.413292][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1202.413292][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1202.413292][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1202.413292][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1202.413292][T25216] __do_fast_syscall_32+0x127/0x180 [ 1202.413292][T25216] do_fast_syscall_32+0x77/0xd0 [ 1202.413292][T25216] do_SYSENTER_32+0x73/0x90 [ 1202.413292][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1202.413292][T25216] [ 1202.413292][T25216] Uninit was stored to memory at: [ 1202.413292][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1202.413292][T25216] __msan_chain_origin+0x54/0xa0 [ 1202.413292][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1202.413292][T25216] get_compat_msghdr+0x108/0x2b0 [ 1202.413292][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1202.413292][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1202.413292][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1202.413292][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1202.413292][T25216] __do_fast_syscall_32+0x127/0x180 [ 1202.413292][T25216] do_fast_syscall_32+0x77/0xd0 [ 1202.413292][T25216] do_SYSENTER_32+0x73/0x90 [ 1202.413292][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1202.413292][T25216] [ 1202.413292][T25216] Uninit was stored to memory at: [ 1202.413292][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1202.413292][T25216] __msan_chain_origin+0x54/0xa0 [ 1202.413292][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1202.413292][T25216] get_compat_msghdr+0x108/0x2b0 [ 1202.413292][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1202.413292][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1202.413292][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1202.413292][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1202.413292][T25216] __do_fast_syscall_32+0x127/0x180 [ 1202.413292][T25216] do_fast_syscall_32+0x77/0xd0 [ 1202.413292][T25216] do_SYSENTER_32+0x73/0x90 [ 1202.413292][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1202.413292][T25216] [ 1202.413292][T25216] Uninit was stored to memory at: [ 1202.413292][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1202.413292][T25216] __msan_chain_origin+0x54/0xa0 [ 1202.413292][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1202.413292][T25216] get_compat_msghdr+0x108/0x2b0 [ 1202.413292][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1202.413292][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1202.413292][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1202.413292][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1202.413292][T25216] __do_fast_syscall_32+0x127/0x180 [ 1202.413292][T25216] do_fast_syscall_32+0x77/0xd0 [ 1202.413292][T25216] do_SYSENTER_32+0x73/0x90 [ 1202.413292][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1202.413292][T25216] [ 1202.413292][T25216] Uninit was stored to memory at: [ 1202.413292][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1202.413292][T25216] __msan_chain_origin+0x54/0xa0 [ 1202.413292][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1202.413292][T25216] get_compat_msghdr+0x108/0x2b0 [ 1202.413292][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1202.413292][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1202.413292][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1202.413292][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1202.413292][T25216] __do_fast_syscall_32+0x127/0x180 [ 1202.413292][T25216] do_fast_syscall_32+0x77/0xd0 [ 1202.413292][T25216] do_SYSENTER_32+0x73/0x90 [ 1202.413292][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1202.413292][T25216] [ 1202.413292][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1202.413292][T25216] do_recvmmsg+0xbf/0x22d0 [ 1202.413292][T25216] do_recvmmsg+0xbf/0x22d0 [ 1203.268792][T25216] not chained 2440000 origins [ 1203.272216][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1203.272216][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1203.272216][T25216] Call Trace: [ 1203.272216][T25216] dump_stack+0x24c/0x2e0 [ 1203.272216][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1203.272216][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1203.272216][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1203.272216][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1203.272216][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1203.272216][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1203.272216][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1203.272216][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1203.272216][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1203.272216][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1203.272216][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1203.372654][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1203.382400][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1203.392702][T25216] ? _copy_from_user+0x1fd/0x300 [ 1203.392702][T25216] __msan_chain_origin+0x54/0xa0 [ 1203.402395][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1203.412560][T25216] get_compat_msghdr+0x108/0x2b0 [ 1203.412560][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1203.424335][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1203.424335][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1203.432623][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1203.442378][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1203.442378][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1203.452579][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1203.452579][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1203.462335][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1203.462335][T25216] __do_fast_syscall_32+0x127/0x180 [ 1203.473316][T25216] do_fast_syscall_32+0x77/0xd0 [ 1203.473316][T25216] do_SYSENTER_32+0x73/0x90 [ 1203.482737][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1203.482737][T25216] RIP: 0023:0xf7f93549 [ 1203.492585][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1203.512482][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1203.522469][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1203.522469][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1203.534477][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1203.542326][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1203.552575][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1203.562321][T25216] Uninit was stored to memory at: [ 1203.562321][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1203.562321][T25216] __msan_chain_origin+0x54/0xa0 [ 1203.575738][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1203.582487][T25216] get_compat_msghdr+0x108/0x2b0 [ 1203.582487][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1203.592475][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1203.592475][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1203.602319][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1203.602319][T25216] __do_fast_syscall_32+0x127/0x180 [ 1203.613412][T25216] do_fast_syscall_32+0x77/0xd0 [ 1203.613412][T25216] do_SYSENTER_32+0x73/0x90 [ 1203.622329][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1203.622329][T25216] [ 1203.633207][T25216] Uninit was stored to memory at: [ 1203.633207][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1203.644182][T25216] __msan_chain_origin+0x54/0xa0 [ 1203.644182][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1203.652672][T25216] get_compat_msghdr+0x108/0x2b0 [ 1203.652672][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1203.662330][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1203.662330][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1203.672584][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1203.682348][T25216] __do_fast_syscall_32+0x127/0x180 [ 1203.682348][T25216] do_fast_syscall_32+0x77/0xd0 [ 1203.692493][T25216] do_SYSENTER_32+0x73/0x90 [ 1203.692493][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1203.702498][T25216] [ 1203.702498][T25216] Uninit was stored to memory at: [ 1203.702498][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1203.712479][T25216] __msan_chain_origin+0x54/0xa0 [ 1203.712479][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1203.722323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1203.722323][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1203.732581][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1203.732581][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1203.742679][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1203.742679][T25216] __do_fast_syscall_32+0x127/0x180 [ 1203.754275][T25216] do_fast_syscall_32+0x77/0xd0 [ 1203.762481][T25216] do_SYSENTER_32+0x73/0x90 [ 1203.762481][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1203.772482][T25216] [ 1203.772482][T25216] Uninit was stored to memory at: [ 1203.782321][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1203.782321][T25216] __msan_chain_origin+0x54/0xa0 [ 1203.792581][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1203.792581][T25216] get_compat_msghdr+0x108/0x2b0 [ 1203.802337][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1203.802337][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1203.812478][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1203.812478][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1203.822470][T25216] __do_fast_syscall_32+0x127/0x180 [ 1203.822470][T25216] do_fast_syscall_32+0x77/0xd0 [ 1203.832490][T25216] do_SYSENTER_32+0x73/0x90 [ 1203.832490][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1203.842314][T25216] [ 1203.842314][T25216] Uninit was stored to memory at: [ 1203.852559][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1203.855237][T25216] __msan_chain_origin+0x54/0xa0 [ 1203.864169][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1203.864169][T25216] get_compat_msghdr+0x108/0x2b0 [ 1203.872778][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1203.872778][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1203.882784][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1203.882784][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1203.892492][T25216] __do_fast_syscall_32+0x127/0x180 [ 1203.892492][T25216] do_fast_syscall_32+0x77/0xd0 [ 1203.902326][T25216] do_SYSENTER_32+0x73/0x90 [ 1203.902326][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1203.912555][T25216] [ 1203.912555][T25216] Uninit was stored to memory at: [ 1203.922316][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1203.922316][T25216] __msan_chain_origin+0x54/0xa0 [ 1203.932468][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1203.932468][T25216] get_compat_msghdr+0x108/0x2b0 [ 1203.942465][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1203.942465][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1203.952464][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1203.952464][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1203.962327][T25216] __do_fast_syscall_32+0x127/0x180 [ 1203.962327][T25216] do_fast_syscall_32+0x77/0xd0 [ 1203.974293][T25216] do_SYSENTER_32+0x73/0x90 [ 1203.974293][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1203.985189][T25216] [ 1203.985189][T25216] Uninit was stored to memory at: [ 1203.992485][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1203.992485][T25216] __msan_chain_origin+0x54/0xa0 [ 1204.002707][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1204.002707][T25216] get_compat_msghdr+0x108/0x2b0 [ 1204.012681][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1204.012681][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1204.022322][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1204.022322][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1204.032563][T25216] __do_fast_syscall_32+0x127/0x180 [ 1204.042310][T25216] do_fast_syscall_32+0x77/0xd0 [ 1204.042310][T25216] do_SYSENTER_32+0x73/0x90 [ 1204.052503][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1204.052503][T25216] [ 1204.052503][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1204.062486][T25216] do_recvmmsg+0xbf/0x22d0 [ 1204.072622][T25216] do_recvmmsg+0xbf/0x22d0 [ 1204.273540][T25216] not chained 2450000 origins [ 1204.278241][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1204.282220][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1204.282220][T25216] Call Trace: [ 1204.282220][T25216] dump_stack+0x24c/0x2e0 [ 1204.282220][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1204.282220][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1204.282220][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1204.282220][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1204.282220][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1204.282220][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1204.282220][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1204.282220][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1204.282220][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1204.282220][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1204.282220][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1204.282220][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1204.282220][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1204.282220][T25216] ? _copy_from_user+0x1fd/0x300 [ 1204.282220][T25216] __msan_chain_origin+0x54/0xa0 [ 1204.282220][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1204.282220][T25216] get_compat_msghdr+0x108/0x2b0 [ 1204.282220][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1204.282220][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1204.412480][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1204.412480][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1204.412480][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1204.412480][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1204.412480][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1204.412480][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1204.412480][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1204.412480][T25216] __do_fast_syscall_32+0x127/0x180 [ 1204.412480][T25216] do_fast_syscall_32+0x77/0xd0 [ 1204.412480][T25216] do_SYSENTER_32+0x73/0x90 [ 1204.412480][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1204.412480][T25216] RIP: 0023:0xf7f93549 [ 1204.412480][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1204.412480][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1204.412480][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1204.412480][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1204.412480][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1204.412480][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1204.412480][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1204.412480][T25216] Uninit was stored to memory at: [ 1204.412480][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1204.412480][T25216] __msan_chain_origin+0x54/0xa0 [ 1204.412480][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1204.412480][T25216] get_compat_msghdr+0x108/0x2b0 [ 1204.412480][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1204.412480][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1204.412480][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1204.412480][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1204.412480][T25216] __do_fast_syscall_32+0x127/0x180 [ 1204.412480][T25216] do_fast_syscall_32+0x77/0xd0 [ 1204.412480][T25216] do_SYSENTER_32+0x73/0x90 [ 1204.412480][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1204.412480][T25216] [ 1204.412480][T25216] Uninit was stored to memory at: [ 1204.412480][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1204.412480][T25216] __msan_chain_origin+0x54/0xa0 [ 1204.412480][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1204.412480][T25216] get_compat_msghdr+0x108/0x2b0 [ 1204.412480][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1204.412480][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1204.412480][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1204.412480][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1204.412480][T25216] __do_fast_syscall_32+0x127/0x180 [ 1204.412480][T25216] do_fast_syscall_32+0x77/0xd0 [ 1204.412480][T25216] do_SYSENTER_32+0x73/0x90 [ 1204.412480][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1204.412480][T25216] [ 1204.412480][T25216] Uninit was stored to memory at: [ 1204.412480][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1204.412480][T25216] __msan_chain_origin+0x54/0xa0 [ 1204.412480][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1204.412480][T25216] get_compat_msghdr+0x108/0x2b0 [ 1204.412480][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1204.412480][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1204.412480][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1204.412480][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1204.412480][T25216] __do_fast_syscall_32+0x127/0x180 [ 1204.412480][T25216] do_fast_syscall_32+0x77/0xd0 [ 1204.412480][T25216] do_SYSENTER_32+0x73/0x90 [ 1204.412480][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1204.412480][T25216] [ 1204.412480][T25216] Uninit was stored to memory at: [ 1204.412480][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1204.412480][T25216] __msan_chain_origin+0x54/0xa0 [ 1204.412480][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1204.412480][T25216] get_compat_msghdr+0x108/0x2b0 [ 1204.412480][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1204.412480][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1204.412480][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1204.412480][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1204.412480][T25216] __do_fast_syscall_32+0x127/0x180 [ 1204.412480][T25216] do_fast_syscall_32+0x77/0xd0 [ 1204.412480][T25216] do_SYSENTER_32+0x73/0x90 [ 1204.412480][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1204.412480][T25216] [ 1204.412480][T25216] Uninit was stored to memory at: [ 1204.412480][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1204.412480][T25216] __msan_chain_origin+0x54/0xa0 [ 1204.412480][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1204.412480][T25216] get_compat_msghdr+0x108/0x2b0 [ 1204.412480][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1204.412480][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1204.412480][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1204.412480][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1204.412480][T25216] __do_fast_syscall_32+0x127/0x180 [ 1204.412480][T25216] do_fast_syscall_32+0x77/0xd0 [ 1204.412480][T25216] do_SYSENTER_32+0x73/0x90 [ 1204.412480][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1204.412480][T25216] [ 1204.412480][T25216] Uninit was stored to memory at: [ 1204.412480][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1204.412480][T25216] __msan_chain_origin+0x54/0xa0 [ 1204.412480][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1204.412480][T25216] get_compat_msghdr+0x108/0x2b0 [ 1204.412480][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1204.412480][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1204.412480][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1204.412480][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1204.412480][T25216] __do_fast_syscall_32+0x127/0x180 [ 1204.412480][T25216] do_fast_syscall_32+0x77/0xd0 [ 1204.412480][T25216] do_SYSENTER_32+0x73/0x90 [ 1204.412480][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1204.412480][T25216] [ 1204.412480][T25216] Uninit was stored to memory at: [ 1204.412480][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1204.412480][T25216] __msan_chain_origin+0x54/0xa0 [ 1204.412480][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1204.412480][T25216] get_compat_msghdr+0x108/0x2b0 [ 1204.412480][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1204.412480][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1204.412480][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1204.412480][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1204.412480][T25216] __do_fast_syscall_32+0x127/0x180 [ 1204.412480][T25216] do_fast_syscall_32+0x77/0xd0 [ 1204.412480][T25216] do_SYSENTER_32+0x73/0x90 [ 1204.412480][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1204.412480][T25216] [ 1204.412480][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1204.412480][T25216] do_recvmmsg+0xbf/0x22d0 [ 1204.412480][T25216] do_recvmmsg+0xbf/0x22d0 [ 1205.253543][T25216] not chained 2460000 origins [ 1205.258346][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1205.262221][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1205.275519][T25216] Call Trace: [ 1205.275519][T25216] dump_stack+0x24c/0x2e0 [ 1205.275519][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1205.275519][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1205.292512][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1205.301460][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1205.303305][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1205.303305][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1205.318083][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1205.322995][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1205.322995][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1205.336491][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1205.343107][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1205.343107][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1205.354679][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1205.354679][T25216] ? _copy_from_user+0x1fd/0x300 [ 1205.363002][T25216] __msan_chain_origin+0x54/0xa0 [ 1205.363002][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1205.374829][T25216] get_compat_msghdr+0x108/0x2b0 [ 1205.374829][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1205.383026][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1205.383026][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1205.394677][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1205.394677][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1205.403033][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1205.408827][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1205.414740][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1205.418710][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1205.422980][T25216] __do_fast_syscall_32+0x127/0x180 [ 1205.422980][T25216] do_fast_syscall_32+0x77/0xd0 [ 1205.434961][T25216] do_SYSENTER_32+0x73/0x90 [ 1205.434961][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1205.444805][T25216] RIP: 0023:0xf7f93549 [ 1205.444805][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1205.463133][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1205.474847][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1205.483033][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1205.494649][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1205.503094][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1205.503094][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1205.521134][T25216] Uninit was stored to memory at: [ 1205.522987][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1205.522987][T25216] __msan_chain_origin+0x54/0xa0 [ 1205.534789][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1205.543003][T25216] get_compat_msghdr+0x108/0x2b0 [ 1205.543003][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1205.543003][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1205.556505][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1205.563374][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1205.563374][T25216] __do_fast_syscall_32+0x127/0x180 [ 1205.574682][T25216] do_fast_syscall_32+0x77/0xd0 [ 1205.574682][T25216] do_SYSENTER_32+0x73/0x90 [ 1205.583012][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1205.583012][T25216] [ 1205.583012][T25216] Uninit was stored to memory at: [ 1205.595578][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1205.603008][T25216] __msan_chain_origin+0x54/0xa0 [ 1205.603008][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1205.603008][T25216] get_compat_msghdr+0x108/0x2b0 [ 1205.614950][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1205.614950][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1205.624334][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1205.634881][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1205.634881][T25216] __do_fast_syscall_32+0x127/0x180 [ 1205.643064][T25216] do_fast_syscall_32+0x77/0xd0 [ 1205.643064][T25216] do_SYSENTER_32+0x73/0x90 [ 1205.654837][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1205.654837][T25216] [ 1205.664806][T25216] Uninit was stored to memory at: [ 1205.664806][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1205.675355][T25216] __msan_chain_origin+0x54/0xa0 [ 1205.675355][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1205.683104][T25216] get_compat_msghdr+0x108/0x2b0 [ 1205.683104][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1205.695172][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1205.695172][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1205.703013][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1205.703013][T25216] __do_fast_syscall_32+0x127/0x180 [ 1205.714819][T25216] do_fast_syscall_32+0x77/0xd0 [ 1205.714819][T25216] do_SYSENTER_32+0x73/0x90 [ 1205.726246][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1205.726246][T25216] [ 1205.734640][T25216] Uninit was stored to memory at: [ 1205.734640][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1205.743099][T25216] __msan_chain_origin+0x54/0xa0 [ 1205.743099][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1205.754657][T25216] get_compat_msghdr+0x108/0x2b0 [ 1205.754657][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1205.763007][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1205.763007][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1205.776422][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1205.783002][T25216] __do_fast_syscall_32+0x127/0x180 [ 1205.783002][T25216] do_fast_syscall_32+0x77/0xd0 [ 1205.794629][T25216] do_SYSENTER_32+0x73/0x90 [ 1205.794629][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1205.803101][T25216] [ 1205.803101][T25216] Uninit was stored to memory at: [ 1205.803101][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1205.814668][T25216] __msan_chain_origin+0x54/0xa0 [ 1205.823370][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1205.828265][T25216] get_compat_msghdr+0x108/0x2b0 [ 1205.828265][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1205.834762][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1205.843333][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1205.843333][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1205.855360][T25216] __do_fast_syscall_32+0x127/0x180 [ 1205.855360][T25216] do_fast_syscall_32+0x77/0xd0 [ 1205.863088][T25216] do_SYSENTER_32+0x73/0x90 [ 1205.863088][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1205.874943][T25216] [ 1205.874943][T25216] Uninit was stored to memory at: [ 1205.874943][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1205.884770][T25216] __msan_chain_origin+0x54/0xa0 [ 1205.894712][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1205.894712][T25216] get_compat_msghdr+0x108/0x2b0 [ 1205.903002][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1205.903002][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1205.903002][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1205.914959][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1205.923078][T25216] __do_fast_syscall_32+0x127/0x180 [ 1205.930644][T25216] do_fast_syscall_32+0x77/0xd0 [ 1205.934608][T25216] do_SYSENTER_32+0x73/0x90 [ 1205.934608][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1205.942992][T25216] [ 1205.942992][T25216] Uninit was stored to memory at: [ 1205.954724][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1205.954724][T25216] __msan_chain_origin+0x54/0xa0 [ 1205.963323][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1205.963323][T25216] get_compat_msghdr+0x108/0x2b0 [ 1205.974757][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1205.974757][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1205.983127][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1205.983127][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1205.996409][T25216] __do_fast_syscall_32+0x127/0x180 [ 1205.996409][T25216] do_fast_syscall_32+0x77/0xd0 [ 1206.003032][T25216] do_SYSENTER_32+0x73/0x90 [ 1206.003032][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1206.014829][T25216] [ 1206.014829][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1206.023312][T25216] do_recvmmsg+0xbf/0x22d0 [ 1206.023312][T25216] do_recvmmsg+0xbf/0x22d0 [ 1206.228678][T25216] not chained 2470000 origins [ 1206.232218][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1206.236237][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1206.247358][T25216] Call Trace: [ 1206.254152][T25216] dump_stack+0x24c/0x2e0 [ 1206.254152][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1206.262846][T25216] ? do_user_addr_fault+0x1912/0x2650 [ 1206.262846][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1206.272474][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1206.282521][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1206.282521][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1206.292351][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1206.292351][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1206.302559][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1206.302559][T25216] ? _copy_from_user+0x1fd/0x300 [ 1206.312349][T25216] __msan_chain_origin+0x54/0xa0 [ 1206.312349][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1206.324315][T25216] get_compat_msghdr+0x108/0x2b0 [ 1206.324315][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1206.324315][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1206.324315][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1206.346799][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1206.352356][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1206.352356][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1206.362866][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1206.362866][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1206.372372][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1206.372372][T25216] __do_fast_syscall_32+0x127/0x180 [ 1206.382519][T25216] do_fast_syscall_32+0x77/0xd0 [ 1206.382519][T25216] do_SYSENTER_32+0x73/0x90 [ 1206.392485][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1206.402491][T25216] RIP: 0023:0xf7f93549 [ 1206.402491][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1206.422471][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1206.434235][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1206.434235][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1206.442948][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1206.452350][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1206.462592][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1206.472733][T25216] Uninit was stored to memory at: [ 1206.472733][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1206.482493][T25216] __msan_chain_origin+0x54/0xa0 [ 1206.492479][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1206.492479][T25216] get_compat_msghdr+0x108/0x2b0 [ 1206.502468][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1206.502468][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1206.502468][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1206.512323][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1206.522565][T25216] __do_fast_syscall_32+0x127/0x180 [ 1206.522565][T25216] do_fast_syscall_32+0x77/0xd0 [ 1206.532357][T25216] do_SYSENTER_32+0x73/0x90 [ 1206.532357][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1206.532357][T25216] [ 1206.547217][T25216] Uninit was stored to memory at: [ 1206.552498][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1206.552498][T25216] __msan_chain_origin+0x54/0xa0 [ 1206.562479][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1206.562479][T25216] get_compat_msghdr+0x108/0x2b0 [ 1206.573019][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1206.573019][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1206.582591][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1206.582591][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1206.592682][T25216] __do_fast_syscall_32+0x127/0x180 [ 1206.592682][T25216] do_fast_syscall_32+0x77/0xd0 [ 1206.602491][T25216] do_SYSENTER_32+0x73/0x90 [ 1206.602491][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1206.612463][T25216] [ 1206.612463][T25216] Uninit was stored to memory at: [ 1206.622477][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1206.622477][T25216] __msan_chain_origin+0x54/0xa0 [ 1206.632325][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1206.632325][T25216] get_compat_msghdr+0x108/0x2b0 [ 1206.642568][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1206.647497][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1206.654419][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1206.654419][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1206.662538][T25216] __do_fast_syscall_32+0x127/0x180 [ 1206.672488][T25216] do_fast_syscall_32+0x77/0xd0 [ 1206.672488][T25216] do_SYSENTER_32+0x73/0x90 [ 1206.672488][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1206.682564][T25216] [ 1206.682564][T25216] Uninit was stored to memory at: [ 1206.692361][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1206.692361][T25216] __msan_chain_origin+0x54/0xa0 [ 1206.703326][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1206.703326][T25216] get_compat_msghdr+0x108/0x2b0 [ 1206.712585][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1206.712585][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1206.722822][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1206.722822][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1206.732481][T25216] __do_fast_syscall_32+0x127/0x180 [ 1206.742486][T25216] do_fast_syscall_32+0x77/0xd0 [ 1206.742486][T25216] do_SYSENTER_32+0x73/0x90 [ 1206.752327][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1206.752327][T25216] [ 1206.752327][T25216] Uninit was stored to memory at: [ 1206.764321][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1206.772332][T25216] __msan_chain_origin+0x54/0xa0 [ 1206.772332][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1206.782501][T25216] get_compat_msghdr+0x108/0x2b0 [ 1206.782501][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1206.792562][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1206.792562][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1206.802551][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1206.802551][T25216] __do_fast_syscall_32+0x127/0x180 [ 1206.812340][T25216] do_fast_syscall_32+0x77/0xd0 [ 1206.812340][T25216] do_SYSENTER_32+0x73/0x90 [ 1206.822674][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1206.822674][T25216] [ 1206.832345][T25216] Uninit was stored to memory at: [ 1206.832345][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1206.842491][T25216] __msan_chain_origin+0x54/0xa0 [ 1206.842491][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1206.852799][T25216] get_compat_msghdr+0x108/0x2b0 [ 1206.855175][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1206.862482][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1206.862482][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1206.874286][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1206.874286][T25216] __do_fast_syscall_32+0x127/0x180 [ 1206.882655][T25216] do_fast_syscall_32+0x77/0xd0 [ 1206.882655][T25216] do_SYSENTER_32+0x73/0x90 [ 1206.892329][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1206.902491][T25216] [ 1206.902491][T25216] Uninit was stored to memory at: [ 1206.902491][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1206.912466][T25216] __msan_chain_origin+0x54/0xa0 [ 1206.912466][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1206.922472][T25216] get_compat_msghdr+0x108/0x2b0 [ 1206.922472][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1206.932317][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1206.932317][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1206.942573][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1206.942573][T25216] __do_fast_syscall_32+0x127/0x180 [ 1206.954930][T25216] do_fast_syscall_32+0x77/0xd0 [ 1206.962500][T25216] do_SYSENTER_32+0x73/0x90 [ 1206.962500][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1206.972565][T25216] [ 1206.972565][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1206.972565][T25216] do_recvmmsg+0xbf/0x22d0 [ 1206.984494][T25216] do_recvmmsg+0xbf/0x22d0 [ 1207.180636][T25216] not chained 2480000 origins [ 1207.182220][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1207.182220][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1207.182220][T25216] Call Trace: [ 1207.182220][T25216] dump_stack+0x24c/0x2e0 [ 1207.182220][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1207.212455][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1207.212455][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1207.223600][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1207.234782][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1207.234782][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1207.243304][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1207.243304][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1207.254701][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1207.262903][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1207.262903][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1207.274699][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1207.274699][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1207.283035][T25216] ? _copy_from_user+0x1fd/0x300 [ 1207.283035][T25216] __msan_chain_origin+0x54/0xa0 [ 1207.295955][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1207.302936][T25216] get_compat_msghdr+0x108/0x2b0 [ 1207.302936][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1207.302936][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1207.316423][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1207.316423][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1207.322939][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1207.322939][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1207.334736][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1207.342930][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1207.342930][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1207.354630][T25216] __do_fast_syscall_32+0x127/0x180 [ 1207.354630][T25216] do_fast_syscall_32+0x77/0xd0 [ 1207.364997][T25216] do_SYSENTER_32+0x73/0x90 [ 1207.364997][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1207.364997][T25216] RIP: 0023:0xf7f93549 [ 1207.381387][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1207.394716][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1207.408832][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1207.414630][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1207.424704][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1207.434647][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1207.442926][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1207.442926][T25216] Uninit was stored to memory at: [ 1207.455478][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1207.455478][T25216] __msan_chain_origin+0x54/0xa0 [ 1207.466660][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1207.466660][T25216] get_compat_msghdr+0x108/0x2b0 [ 1207.474667][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1207.474667][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1207.483000][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1207.483000][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1207.494641][T25216] __do_fast_syscall_32+0x127/0x180 [ 1207.503229][T25216] do_fast_syscall_32+0x77/0xd0 [ 1207.503229][T25216] do_SYSENTER_32+0x73/0x90 [ 1207.503229][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1207.514717][T25216] [ 1207.514717][T25216] Uninit was stored to memory at: [ 1207.522912][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1207.522912][T25216] __msan_chain_origin+0x54/0xa0 [ 1207.536411][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1207.536411][T25216] get_compat_msghdr+0x108/0x2b0 [ 1207.542985][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1207.542985][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1207.554629][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1207.562895][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1207.569100][T25216] __do_fast_syscall_32+0x127/0x180 [ 1207.574723][T25216] do_fast_syscall_32+0x77/0xd0 [ 1207.574723][T25216] do_SYSENTER_32+0x73/0x90 [ 1207.582997][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1207.582997][T25216] [ 1207.594644][T25216] Uninit was stored to memory at: [ 1207.594644][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1207.603002][T25216] __msan_chain_origin+0x54/0xa0 [ 1207.603002][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1207.614642][T25216] get_compat_msghdr+0x108/0x2b0 [ 1207.614642][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1207.622904][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1207.622904][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1207.634942][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1207.634942][T25216] __do_fast_syscall_32+0x127/0x180 [ 1207.644697][T25216] do_fast_syscall_32+0x77/0xd0 [ 1207.644697][T25216] do_SYSENTER_32+0x73/0x90 [ 1207.654651][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1207.663030][T25216] [ 1207.663030][T25216] Uninit was stored to memory at: [ 1207.671450][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1207.674784][T25216] __msan_chain_origin+0x54/0xa0 [ 1207.682900][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1207.682900][T25216] get_compat_msghdr+0x108/0x2b0 [ 1207.682900][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1207.694932][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1207.694932][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1207.702914][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1207.714649][T25216] __do_fast_syscall_32+0x127/0x180 [ 1207.714649][T25216] do_fast_syscall_32+0x77/0xd0 [ 1207.722995][T25216] do_SYSENTER_32+0x73/0x90 [ 1207.722995][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1207.735453][T25216] [ 1207.735453][T25216] Uninit was stored to memory at: [ 1207.742959][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1207.742959][T25216] __msan_chain_origin+0x54/0xa0 [ 1207.742959][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1207.756518][T25216] get_compat_msghdr+0x108/0x2b0 [ 1207.763232][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1207.763232][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1207.763232][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1207.776321][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1207.783010][T25216] __do_fast_syscall_32+0x127/0x180 [ 1207.783010][T25216] do_fast_syscall_32+0x77/0xd0 [ 1207.794753][T25216] do_SYSENTER_32+0x73/0x90 [ 1207.794753][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1207.802978][T25216] [ 1207.802978][T25216] Uninit was stored to memory at: [ 1207.814842][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1207.814842][T25216] __msan_chain_origin+0x54/0xa0 [ 1207.822930][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1207.822930][T25216] get_compat_msghdr+0x108/0x2b0 [ 1207.834629][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1207.834629][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1207.843005][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1207.843005][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1207.855336][T25216] __do_fast_syscall_32+0x127/0x180 [ 1207.855336][T25216] do_fast_syscall_32+0x77/0xd0 [ 1207.864704][T25216] do_SYSENTER_32+0x73/0x90 [ 1207.864704][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1207.878055][T25216] [ 1207.878055][T25216] Uninit was stored to memory at: [ 1207.882945][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1207.882945][T25216] __msan_chain_origin+0x54/0xa0 [ 1207.895098][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1207.895098][T25216] get_compat_msghdr+0x108/0x2b0 [ 1207.903011][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1207.903011][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1207.914637][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1207.914637][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1207.922916][T25216] __do_fast_syscall_32+0x127/0x180 [ 1207.922916][T25216] do_fast_syscall_32+0x77/0xd0 [ 1207.934719][T25216] do_SYSENTER_32+0x73/0x90 [ 1207.942901][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1207.942901][T25216] [ 1207.942901][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1207.954638][T25216] do_recvmmsg+0xbf/0x22d0 [ 1207.963027][T25216] do_recvmmsg+0xbf/0x22d0 [ 1208.166153][T25216] not chained 2490000 origins [ 1208.170833][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1208.174041][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1208.183653][T25216] Call Trace: [ 1208.192327][T25216] dump_stack+0x24c/0x2e0 [ 1208.192327][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1208.192327][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1208.204285][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1208.212481][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1208.212481][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1208.222590][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1208.232410][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1208.232410][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1208.243495][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1208.243495][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1208.243495][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1208.259767][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1208.262566][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1208.272328][T25216] ? _copy_from_user+0x1fd/0x300 [ 1208.272328][T25216] __msan_chain_origin+0x54/0xa0 [ 1208.272328][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1208.286242][T25216] get_compat_msghdr+0x108/0x2b0 [ 1208.292342][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1208.292342][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1208.302491][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1208.302491][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1208.302491][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1208.314189][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1208.322499][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1208.322499][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1208.333203][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1208.333203][T25216] __do_fast_syscall_32+0x127/0x180 [ 1208.342659][T25216] do_fast_syscall_32+0x77/0xd0 [ 1208.342659][T25216] do_SYSENTER_32+0x73/0x90 [ 1208.352339][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1208.362507][T25216] RIP: 0023:0xf7f93549 [ 1208.362507][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1208.382494][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1208.392341][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1208.402551][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1208.408844][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1208.419369][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1208.424284][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1208.432334][T25216] Uninit was stored to memory at: [ 1208.432334][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1208.442657][T25216] __msan_chain_origin+0x54/0xa0 [ 1208.452373][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1208.452373][T25216] get_compat_msghdr+0x108/0x2b0 [ 1208.462507][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1208.462507][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1208.462507][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1208.472477][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1208.482480][T25216] __do_fast_syscall_32+0x127/0x180 [ 1208.482480][T25216] do_fast_syscall_32+0x77/0xd0 [ 1208.492482][T25216] do_SYSENTER_32+0x73/0x90 [ 1208.492482][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1208.502575][T25216] [ 1208.502575][T25216] Uninit was stored to memory at: [ 1208.512315][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1208.512315][T25216] __msan_chain_origin+0x54/0xa0 [ 1208.522470][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1208.522470][T25216] get_compat_msghdr+0x108/0x2b0 [ 1208.522470][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1208.534199][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1208.542809][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1208.542809][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1208.552404][T25216] __do_fast_syscall_32+0x127/0x180 [ 1208.552404][T25216] do_fast_syscall_32+0x77/0xd0 [ 1208.562623][T25216] do_SYSENTER_32+0x73/0x90 [ 1208.562623][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1208.572380][T25216] [ 1208.572380][T25216] Uninit was stored to memory at: [ 1208.582507][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1208.582507][T25216] __msan_chain_origin+0x54/0xa0 [ 1208.593409][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1208.601367][T25216] get_compat_msghdr+0x108/0x2b0 [ 1208.602470][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1208.602470][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1208.612323][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1208.612323][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1208.622577][T25216] __do_fast_syscall_32+0x127/0x180 [ 1208.632337][T25216] do_fast_syscall_32+0x77/0xd0 [ 1208.632337][T25216] do_SYSENTER_32+0x73/0x90 [ 1208.632337][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1208.644291][T25216] [ 1208.644291][T25216] Uninit was stored to memory at: [ 1208.653313][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1208.662491][T25216] __msan_chain_origin+0x54/0xa0 [ 1208.662491][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1208.672697][T25216] get_compat_msghdr+0x108/0x2b0 [ 1208.672697][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1208.672697][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1208.682594][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1208.682594][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1208.695742][T25216] __do_fast_syscall_32+0x127/0x180 [ 1208.702497][T25216] do_fast_syscall_32+0x77/0xd0 [ 1208.702497][T25216] do_SYSENTER_32+0x73/0x90 [ 1208.712471][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1208.712471][T25216] [ 1208.722481][T25216] Uninit was stored to memory at: [ 1208.722481][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1208.722481][T25216] __msan_chain_origin+0x54/0xa0 [ 1208.734798][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1208.742579][T25216] get_compat_msghdr+0x108/0x2b0 [ 1208.742579][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1208.742579][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1208.755021][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1208.762484][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1208.762484][T25216] __do_fast_syscall_32+0x127/0x180 [ 1208.772465][T25216] do_fast_syscall_32+0x77/0xd0 [ 1208.772465][T25216] do_SYSENTER_32+0x73/0x90 [ 1208.782469][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1208.792331][T25216] [ 1208.792331][T25216] Uninit was stored to memory at: [ 1208.797915][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1208.802818][T25216] __msan_chain_origin+0x54/0xa0 [ 1208.802818][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1208.812316][T25216] get_compat_msghdr+0x108/0x2b0 [ 1208.812316][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1208.822481][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1208.822481][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1208.832465][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1208.842471][T25216] __do_fast_syscall_32+0x127/0x180 [ 1208.842471][T25216] do_fast_syscall_32+0x77/0xd0 [ 1208.852321][T25216] do_SYSENTER_32+0x73/0x90 [ 1208.855590][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1208.855590][T25216] [ 1208.864295][T25216] Uninit was stored to memory at: [ 1208.864295][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1208.872341][T25216] __msan_chain_origin+0x54/0xa0 [ 1208.872341][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1208.882490][T25216] get_compat_msghdr+0x108/0x2b0 [ 1208.892471][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1208.892471][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1208.900259][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1208.902479][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1208.912357][T25216] __do_fast_syscall_32+0x127/0x180 [ 1208.912357][T25216] do_fast_syscall_32+0x77/0xd0 [ 1208.922610][T25216] do_SYSENTER_32+0x73/0x90 [ 1208.922610][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1208.932700][T25216] [ 1208.932700][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1208.942486][T25216] do_recvmmsg+0xbf/0x22d0 [ 1208.942486][T25216] do_recvmmsg+0xbf/0x22d0 [ 1209.150882][T25216] not chained 2500000 origins [ 1209.152254][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1209.152254][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1209.152254][T25216] Call Trace: [ 1209.152254][T25216] dump_stack+0x24c/0x2e0 [ 1209.152254][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1209.152254][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1209.152254][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1209.152254][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1209.152254][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1209.207722][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1209.216561][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1209.222391][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1209.222391][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1209.222391][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1209.235331][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1209.242389][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1209.242389][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1209.255250][T25216] ? _copy_from_user+0x1fd/0x300 [ 1209.255250][T25216] __msan_chain_origin+0x54/0xa0 [ 1209.263399][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1209.263399][T25216] get_compat_msghdr+0x108/0x2b0 [ 1209.275224][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1209.282357][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1209.282357][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1209.282357][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1209.282357][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1209.302656][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1209.302656][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1209.310021][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1209.316611][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1209.323283][T25216] __do_fast_syscall_32+0x127/0x180 [ 1209.323283][T25216] do_fast_syscall_32+0x77/0xd0 [ 1209.334922][T25216] do_SYSENTER_32+0x73/0x90 [ 1209.342981][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1209.342981][T25216] RIP: 0023:0xf7f93549 [ 1209.342981][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1209.363008][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1209.382908][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1209.382908][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1209.394799][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1209.402940][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1209.414991][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1209.414991][T25216] Uninit was stored to memory at: [ 1209.424729][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1209.424729][T25216] __msan_chain_origin+0x54/0xa0 [ 1209.434838][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1209.442939][T25216] get_compat_msghdr+0x108/0x2b0 [ 1209.442939][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1209.442939][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1209.442939][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1209.462908][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1209.462908][T25216] __do_fast_syscall_32+0x127/0x180 [ 1209.474850][T25216] do_fast_syscall_32+0x77/0xd0 [ 1209.474850][T25216] do_SYSENTER_32+0x73/0x90 [ 1209.483127][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1209.483127][T25216] [ 1209.494756][T25216] Uninit was stored to memory at: [ 1209.494756][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1209.502910][T25216] __msan_chain_origin+0x54/0xa0 [ 1209.502910][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1209.502910][T25216] get_compat_msghdr+0x108/0x2b0 [ 1209.517280][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1209.522972][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1209.522972][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1209.522972][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1209.536607][T25216] __do_fast_syscall_32+0x127/0x180 [ 1209.543026][T25216] do_fast_syscall_32+0x77/0xd0 [ 1209.543026][T25216] do_SYSENTER_32+0x73/0x90 [ 1209.554719][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1209.562934][T25216] [ 1209.562934][T25216] Uninit was stored to memory at: [ 1209.562934][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1209.574821][T25216] __msan_chain_origin+0x54/0xa0 [ 1209.574821][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1209.583233][T25216] get_compat_msghdr+0x108/0x2b0 [ 1209.583233][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1209.594736][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1209.594736][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1209.603010][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1209.603010][T25216] __do_fast_syscall_32+0x127/0x180 [ 1209.618209][T25216] do_fast_syscall_32+0x77/0xd0 [ 1209.622934][T25216] do_SYSENTER_32+0x73/0x90 [ 1209.622934][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1209.622934][T25216] [ 1209.634978][T25216] Uninit was stored to memory at: [ 1209.634978][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1209.644714][T25216] __msan_chain_origin+0x54/0xa0 [ 1209.644714][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1209.654742][T25216] get_compat_msghdr+0x108/0x2b0 [ 1209.663000][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1209.663000][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1209.663000][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1209.674746][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1209.682900][T25216] __do_fast_syscall_32+0x127/0x180 [ 1209.682900][T25216] do_fast_syscall_32+0x77/0xd0 [ 1209.694830][T25216] do_SYSENTER_32+0x73/0x90 [ 1209.694830][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1209.702902][T25216] [ 1209.702902][T25216] Uninit was stored to memory at: [ 1209.702902][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1209.715064][T25216] __msan_chain_origin+0x54/0xa0 [ 1209.722992][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1209.722992][T25216] get_compat_msghdr+0x108/0x2b0 [ 1209.722992][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1209.734750][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1209.742901][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1209.742901][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1209.742901][T25216] __do_fast_syscall_32+0x127/0x180 [ 1209.756535][T25216] do_fast_syscall_32+0x77/0xd0 [ 1209.762916][T25216] do_SYSENTER_32+0x73/0x90 [ 1209.762916][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1209.775913][T25216] [ 1209.775913][T25216] Uninit was stored to memory at: [ 1209.783083][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1209.783083][T25216] __msan_chain_origin+0x54/0xa0 [ 1209.794734][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1209.794734][T25216] get_compat_msghdr+0x108/0x2b0 [ 1209.802913][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1209.802913][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1209.802913][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1209.814833][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1209.822891][T25216] __do_fast_syscall_32+0x127/0x180 [ 1209.822891][T25216] do_fast_syscall_32+0x77/0xd0 [ 1209.834716][T25216] do_SYSENTER_32+0x73/0x90 [ 1209.834716][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1209.843257][T25216] [ 1209.843257][T25216] Uninit was stored to memory at: [ 1209.843257][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1209.855525][T25216] __msan_chain_origin+0x54/0xa0 [ 1209.864658][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1209.864658][T25216] get_compat_msghdr+0x108/0x2b0 [ 1209.874807][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1209.874807][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1209.882895][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1209.882895][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1209.894717][T25216] __do_fast_syscall_32+0x127/0x180 [ 1209.903008][T25216] do_fast_syscall_32+0x77/0xd0 [ 1209.903008][T25216] do_SYSENTER_32+0x73/0x90 [ 1209.903008][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1209.914872][T25216] [ 1209.914872][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1209.925011][T25216] do_recvmmsg+0xbf/0x22d0 [ 1209.925011][T25216] do_recvmmsg+0xbf/0x22d0 [ 1210.138235][T25216] not chained 2510000 origins [ 1210.142214][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1210.142214][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1210.142214][T25216] Call Trace: [ 1210.142214][T25216] dump_stack+0x24c/0x2e0 [ 1210.142214][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1210.142214][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1210.142214][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1210.142214][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1210.142214][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1210.142214][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1210.142214][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1210.142214][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1210.142214][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1210.142214][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1210.142214][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1210.142214][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1210.142214][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1210.142214][T25216] ? _copy_from_user+0x1fd/0x300 [ 1210.142214][T25216] __msan_chain_origin+0x54/0xa0 [ 1210.142214][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1210.142214][T25216] get_compat_msghdr+0x108/0x2b0 [ 1210.142214][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1210.142214][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1210.142214][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1210.142214][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1210.142214][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1210.142214][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1210.142214][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1210.142214][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1210.142214][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1210.142214][T25216] __do_fast_syscall_32+0x127/0x180 [ 1210.142214][T25216] do_fast_syscall_32+0x77/0xd0 [ 1210.142214][T25216] do_SYSENTER_32+0x73/0x90 [ 1210.142214][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1210.142214][T25216] RIP: 0023:0xf7f93549 [ 1210.142214][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1210.142214][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1210.142214][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1210.142214][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1210.142214][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1210.142214][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1210.142214][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1210.142214][T25216] Uninit was stored to memory at: [ 1210.142214][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1210.142214][T25216] __msan_chain_origin+0x54/0xa0 [ 1210.142214][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1210.142214][T25216] get_compat_msghdr+0x108/0x2b0 [ 1210.142214][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1210.142214][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1210.142214][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1210.142214][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1210.142214][T25216] __do_fast_syscall_32+0x127/0x180 [ 1210.142214][T25216] do_fast_syscall_32+0x77/0xd0 [ 1210.142214][T25216] do_SYSENTER_32+0x73/0x90 [ 1210.142214][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1210.142214][T25216] [ 1210.142214][T25216] Uninit was stored to memory at: [ 1210.142214][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1210.142214][T25216] __msan_chain_origin+0x54/0xa0 [ 1210.492645][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1210.492645][T25216] get_compat_msghdr+0x108/0x2b0 [ 1210.499843][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1210.504861][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1210.504861][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1210.513027][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1210.513027][T25216] __do_fast_syscall_32+0x127/0x180 [ 1210.526515][T25216] do_fast_syscall_32+0x77/0xd0 [ 1210.532910][T25216] do_SYSENTER_32+0x73/0x90 [ 1210.538657][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1210.544921][T25216] [ 1210.544921][T25216] Uninit was stored to memory at: [ 1210.552963][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1210.552963][T25216] __msan_chain_origin+0x54/0xa0 [ 1210.552963][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1210.564804][T25216] get_compat_msghdr+0x108/0x2b0 [ 1210.572999][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1210.572999][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1210.572999][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1210.584886][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1210.592946][T25216] __do_fast_syscall_32+0x127/0x180 [ 1210.592946][T25216] do_fast_syscall_32+0x77/0xd0 [ 1210.604883][T25216] do_SYSENTER_32+0x73/0x90 [ 1210.604883][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1210.612911][T25216] [ 1210.612911][T25216] Uninit was stored to memory at: [ 1210.612911][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1210.625182][T25216] __msan_chain_origin+0x54/0xa0 [ 1210.634770][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1210.634770][T25216] get_compat_msghdr+0x108/0x2b0 [ 1210.644779][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1210.644779][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1210.653895][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1210.653895][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1210.664853][T25216] __do_fast_syscall_32+0x127/0x180 [ 1210.664853][T25216] do_fast_syscall_32+0x77/0xd0 [ 1210.672893][T25216] do_SYSENTER_32+0x73/0x90 [ 1210.672893][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1210.684778][T25216] [ 1210.684778][T25216] Uninit was stored to memory at: [ 1210.692966][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1210.692966][T25216] __msan_chain_origin+0x54/0xa0 [ 1210.704797][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1210.704797][T25216] get_compat_msghdr+0x108/0x2b0 [ 1210.712884][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1210.712884][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1210.724954][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1210.724954][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1210.733766][T25216] __do_fast_syscall_32+0x127/0x180 [ 1210.733766][T25216] do_fast_syscall_32+0x77/0xd0 [ 1210.747646][T25216] do_SYSENTER_32+0x73/0x90 [ 1210.753252][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1210.753252][T25216] [ 1210.753252][T25216] Uninit was stored to memory at: [ 1210.764758][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1210.764758][T25216] __msan_chain_origin+0x54/0xa0 [ 1210.772891][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1210.772891][T25216] get_compat_msghdr+0x108/0x2b0 [ 1210.784843][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1210.784843][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1210.793711][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1210.793711][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1210.804767][T25216] __do_fast_syscall_32+0x127/0x180 [ 1210.813186][T25216] do_fast_syscall_32+0x77/0xd0 [ 1210.813186][T25216] do_SYSENTER_32+0x73/0x90 [ 1210.813186][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1210.824769][T25216] [ 1210.832900][T25216] Uninit was stored to memory at: [ 1210.832900][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1210.832900][T25216] __msan_chain_origin+0x54/0xa0 [ 1210.848051][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1210.848051][T25216] get_compat_msghdr+0x108/0x2b0 [ 1210.855434][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1210.855434][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1210.864869][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1210.873002][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1210.873002][T25216] __do_fast_syscall_32+0x127/0x180 [ 1210.885059][T25216] do_fast_syscall_32+0x77/0xd0 [ 1210.885059][T25216] do_SYSENTER_32+0x73/0x90 [ 1210.892891][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1210.892891][T25216] [ 1210.892891][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1210.904859][T25216] do_recvmmsg+0xbf/0x22d0 [ 1210.912886][T25216] do_recvmmsg+0xbf/0x22d0 [ 1211.107696][T25216] not chained 2520000 origins [ 1211.112332][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1211.112332][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1211.127095][T25216] Call Trace: [ 1211.133242][T25216] dump_stack+0x24c/0x2e0 [ 1211.133242][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1211.145099][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1211.145099][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1211.153328][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1211.153328][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1211.164893][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1211.172605][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1211.172605][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1211.186556][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1211.192490][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1211.192490][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1211.204794][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1211.204794][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1211.213836][T25216] ? _copy_from_user+0x1fd/0x300 [ 1211.213836][T25216] __msan_chain_origin+0x54/0xa0 [ 1211.224786][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1211.224786][T25216] get_compat_msghdr+0x108/0x2b0 [ 1211.232542][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1211.232542][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1211.244755][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1211.244755][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1211.255902][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1211.255902][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1211.264693][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1211.272957][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1211.272957][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1211.284884][T25216] __do_fast_syscall_32+0x127/0x180 [ 1211.284884][T25216] do_fast_syscall_32+0x77/0xd0 [ 1211.294381][T25216] do_SYSENTER_32+0x73/0x90 [ 1211.294381][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1211.305529][T25216] RIP: 0023:0xf7f93549 [ 1211.305529][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1211.324665][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1211.332582][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1211.344783][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1211.357871][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1211.364709][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1211.364709][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1211.364709][T25216] Uninit was stored to memory at: [ 1211.386482][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1211.392498][T25216] __msan_chain_origin+0x54/0xa0 [ 1211.392498][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1211.392498][T25216] get_compat_msghdr+0x108/0x2b0 [ 1211.408844][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1211.412480][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1211.412480][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1211.424790][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1211.424790][T25216] __do_fast_syscall_32+0x127/0x180 [ 1211.432592][T25216] do_fast_syscall_32+0x77/0xd0 [ 1211.432592][T25216] do_SYSENTER_32+0x73/0x90 [ 1211.444706][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1211.444706][T25216] [ 1211.453176][T25216] Uninit was stored to memory at: [ 1211.453176][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1211.464772][T25216] __msan_chain_origin+0x54/0xa0 [ 1211.464772][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1211.472485][T25216] get_compat_msghdr+0x108/0x2b0 [ 1211.472485][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1211.484705][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1211.484705][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1211.492716][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1211.492716][T25216] __do_fast_syscall_32+0x127/0x180 [ 1211.504678][T25216] do_fast_syscall_32+0x77/0xd0 [ 1211.504678][T25216] do_SYSENTER_32+0x73/0x90 [ 1211.514268][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1211.514268][T25216] [ 1211.524782][T25216] Uninit was stored to memory at: [ 1211.524782][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1211.524782][T25216] __msan_chain_origin+0x54/0xa0 [ 1211.539339][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1211.544679][T25216] get_compat_msghdr+0x108/0x2b0 [ 1211.544679][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1211.552626][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1211.552626][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1211.565222][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1211.572551][T25216] __do_fast_syscall_32+0x127/0x180 [ 1211.572551][T25216] do_fast_syscall_32+0x77/0xd0 [ 1211.584862][T25216] do_SYSENTER_32+0x73/0x90 [ 1211.584862][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1211.592491][T25216] [ 1211.592491][T25216] Uninit was stored to memory at: [ 1211.599543][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1211.604818][T25216] __msan_chain_origin+0x54/0xa0 [ 1211.612587][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1211.612587][T25216] get_compat_msghdr+0x108/0x2b0 [ 1211.612587][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1211.626528][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1211.632494][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1211.632494][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1211.644789][T25216] __do_fast_syscall_32+0x127/0x180 [ 1211.644789][T25216] do_fast_syscall_32+0x77/0xd0 [ 1211.652556][T25216] do_SYSENTER_32+0x73/0x90 [ 1211.652556][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1211.652556][T25216] [ 1211.668303][T25216] Uninit was stored to memory at: [ 1211.672613][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1211.672613][T25216] __msan_chain_origin+0x54/0xa0 [ 1211.684769][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1211.684769][T25216] get_compat_msghdr+0x108/0x2b0 [ 1211.692484][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1211.692484][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1211.704758][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1211.712474][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1211.712474][T25216] __do_fast_syscall_32+0x127/0x180 [ 1211.724762][T25216] do_fast_syscall_32+0x77/0xd0 [ 1211.724762][T25216] do_SYSENTER_32+0x73/0x90 [ 1211.734307][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1211.734307][T25216] [ 1211.734307][T25216] Uninit was stored to memory at: [ 1211.744715][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1211.752490][T25216] __msan_chain_origin+0x54/0xa0 [ 1211.752490][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1211.752490][T25216] get_compat_msghdr+0x108/0x2b0 [ 1211.768203][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1211.772500][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1211.772500][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1211.772500][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1211.784815][T25216] __do_fast_syscall_32+0x127/0x180 [ 1211.792837][T25216] do_fast_syscall_32+0x77/0xd0 [ 1211.792837][T25216] do_SYSENTER_32+0x73/0x90 [ 1211.804799][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1211.804799][T25216] [ 1211.813391][T25216] Uninit was stored to memory at: [ 1211.813391][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1211.813391][T25216] __msan_chain_origin+0x54/0xa0 [ 1211.824991][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1211.832494][T25216] get_compat_msghdr+0x108/0x2b0 [ 1211.832494][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1211.832494][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1211.846489][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1211.855034][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1211.855034][T25216] __do_fast_syscall_32+0x127/0x180 [ 1211.864673][T25216] do_fast_syscall_32+0x77/0xd0 [ 1211.869848][T25216] do_SYSENTER_32+0x73/0x90 [ 1211.872471][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1211.872471][T25216] [ 1211.885226][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1211.892609][T25216] do_recvmmsg+0xbf/0x22d0 [ 1211.892609][T25216] do_recvmmsg+0xbf/0x22d0 [ 1212.192416][T25216] not chained 2530000 origins [ 1212.197288][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1212.202456][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1212.202456][T25216] Call Trace: [ 1212.202456][T25216] dump_stack+0x24c/0x2e0 [ 1212.202456][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1212.202456][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1212.202456][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1212.202456][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1212.202456][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1212.202456][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1212.202456][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1212.202456][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1212.202456][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1212.202456][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1212.278105][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1212.278105][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1212.278105][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1212.278105][T25216] ? _copy_from_user+0x1fd/0x300 [ 1212.278105][T25216] __msan_chain_origin+0x54/0xa0 [ 1212.278105][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1212.278105][T25216] get_compat_msghdr+0x108/0x2b0 [ 1212.278105][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1212.278105][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1212.278105][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1212.278105][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1212.278105][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1212.278105][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1212.278105][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1212.278105][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1212.278105][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1212.278105][T25216] __do_fast_syscall_32+0x127/0x180 [ 1212.278105][T25216] do_fast_syscall_32+0x77/0xd0 [ 1212.278105][T25216] do_SYSENTER_32+0x73/0x90 [ 1212.380302][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1212.380302][T25216] RIP: 0023:0xf7f93549 [ 1212.380302][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1212.380302][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1212.380302][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1212.380302][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1212.436029][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1212.436029][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1212.436029][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1212.436029][T25216] Uninit was stored to memory at: [ 1212.436029][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1212.436029][T25216] __msan_chain_origin+0x54/0xa0 [ 1212.436029][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1212.482835][T25216] get_compat_msghdr+0x108/0x2b0 [ 1212.482835][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1212.482835][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1212.482835][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1212.482835][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1212.482835][T25216] __do_fast_syscall_32+0x127/0x180 [ 1212.482835][T25216] do_fast_syscall_32+0x77/0xd0 [ 1212.482835][T25216] do_SYSENTER_32+0x73/0x90 [ 1212.482835][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1212.482835][T25216] [ 1212.482835][T25216] Uninit was stored to memory at: [ 1212.482835][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1212.482835][T25216] __msan_chain_origin+0x54/0xa0 [ 1212.482835][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1212.482835][T25216] get_compat_msghdr+0x108/0x2b0 [ 1212.482835][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1212.482835][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1212.482835][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1212.482835][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1212.482835][T25216] __do_fast_syscall_32+0x127/0x180 [ 1212.585191][T25216] do_fast_syscall_32+0x77/0xd0 [ 1212.585191][T25216] do_SYSENTER_32+0x73/0x90 [ 1212.585191][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1212.585191][T25216] [ 1212.585191][T25216] Uninit was stored to memory at: [ 1212.585191][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1212.585191][T25216] __msan_chain_origin+0x54/0xa0 [ 1212.585191][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1212.585191][T25216] get_compat_msghdr+0x108/0x2b0 [ 1212.585191][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1212.585191][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1212.585191][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1212.585191][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1212.585191][T25216] __do_fast_syscall_32+0x127/0x180 [ 1212.585191][T25216] do_fast_syscall_32+0x77/0xd0 [ 1212.585191][T25216] do_SYSENTER_32+0x73/0x90 [ 1212.585191][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1212.585191][T25216] [ 1212.585191][T25216] Uninit was stored to memory at: [ 1212.585191][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1212.585191][T25216] __msan_chain_origin+0x54/0xa0 [ 1212.687581][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1212.687581][T25216] get_compat_msghdr+0x108/0x2b0 [ 1212.687581][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1212.687581][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1212.687581][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1212.687581][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1212.687581][T25216] __do_fast_syscall_32+0x127/0x180 [ 1212.687581][T25216] do_fast_syscall_32+0x77/0xd0 [ 1212.687581][T25216] do_SYSENTER_32+0x73/0x90 [ 1212.687581][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1212.687581][T25216] [ 1212.687581][T25216] Uninit was stored to memory at: [ 1212.687581][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1212.687581][T25216] __msan_chain_origin+0x54/0xa0 [ 1212.687581][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1212.687581][T25216] get_compat_msghdr+0x108/0x2b0 [ 1212.687581][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1212.687581][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1212.687581][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1212.687581][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1212.790031][T25216] __do_fast_syscall_32+0x127/0x180 [ 1212.790031][T25216] do_fast_syscall_32+0x77/0xd0 [ 1212.790031][T25216] do_SYSENTER_32+0x73/0x90 [ 1212.790031][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1212.790031][T25216] [ 1212.790031][T25216] Uninit was stored to memory at: [ 1212.790031][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1212.790031][T25216] __msan_chain_origin+0x54/0xa0 [ 1212.790031][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1212.790031][T25216] get_compat_msghdr+0x108/0x2b0 [ 1212.790031][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1212.790031][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1212.790031][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1212.790031][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1212.790031][T25216] __do_fast_syscall_32+0x127/0x180 [ 1212.790031][T25216] do_fast_syscall_32+0x77/0xd0 [ 1212.790031][T25216] do_SYSENTER_32+0x73/0x90 [ 1212.790031][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1212.790031][T25216] [ 1212.790031][T25216] Uninit was stored to memory at: [ 1212.892516][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1212.892516][T25216] __msan_chain_origin+0x54/0xa0 [ 1212.892516][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1212.892516][T25216] get_compat_msghdr+0x108/0x2b0 [ 1212.892516][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1212.892516][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1212.892516][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1212.892516][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1212.892516][T25216] __do_fast_syscall_32+0x127/0x180 [ 1212.892516][T25216] do_fast_syscall_32+0x77/0xd0 [ 1212.892516][T25216] do_SYSENTER_32+0x73/0x90 [ 1212.892516][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1212.892516][T25216] [ 1212.892516][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1212.892516][T25216] do_recvmmsg+0xbf/0x22d0 [ 1212.892516][T25216] do_recvmmsg+0xbf/0x22d0 [ 1213.186752][T25216] not chained 2540000 origins [ 1213.191639][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1213.199456][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1213.199456][T25216] Call Trace: [ 1213.199456][T25216] dump_stack+0x24c/0x2e0 [ 1213.199456][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1213.199456][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1213.199456][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1213.199456][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1213.199456][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1213.199456][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1213.199456][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1213.199456][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1213.199456][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1213.199456][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1213.199456][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1213.199456][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1213.199456][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1213.199456][T25216] ? _copy_from_user+0x1fd/0x300 [ 1213.199456][T25216] __msan_chain_origin+0x54/0xa0 [ 1213.199456][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1213.199456][T25216] get_compat_msghdr+0x108/0x2b0 [ 1213.199456][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1213.199456][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1213.199456][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1213.199456][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1213.199456][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1213.199456][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1213.199456][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1213.199456][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1213.199456][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1213.199456][T25216] __do_fast_syscall_32+0x127/0x180 [ 1213.199456][T25216] do_fast_syscall_32+0x77/0xd0 [ 1213.199456][T25216] do_SYSENTER_32+0x73/0x90 [ 1213.199456][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1213.199456][T25216] RIP: 0023:0xf7f93549 [ 1213.199456][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1213.199456][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1213.199456][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1213.199456][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1213.199456][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1213.199456][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1213.199456][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1213.199456][T25216] Uninit was stored to memory at: [ 1213.199456][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1213.199456][T25216] __msan_chain_origin+0x54/0xa0 [ 1213.199456][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1213.199456][T25216] get_compat_msghdr+0x108/0x2b0 [ 1213.199456][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1213.199456][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1213.199456][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1213.199456][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1213.199456][T25216] __do_fast_syscall_32+0x127/0x180 [ 1213.199456][T25216] do_fast_syscall_32+0x77/0xd0 [ 1213.199456][T25216] do_SYSENTER_32+0x73/0x90 [ 1213.199456][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1213.199456][T25216] [ 1213.199456][T25216] Uninit was stored to memory at: [ 1213.199456][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1213.199456][T25216] __msan_chain_origin+0x54/0xa0 [ 1213.199456][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1213.199456][T25216] get_compat_msghdr+0x108/0x2b0 [ 1213.199456][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1213.199456][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1213.199456][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1213.199456][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1213.199456][T25216] __do_fast_syscall_32+0x127/0x180 [ 1213.199456][T25216] do_fast_syscall_32+0x77/0xd0 [ 1213.199456][T25216] do_SYSENTER_32+0x73/0x90 [ 1213.199456][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1213.199456][T25216] [ 1213.199456][T25216] Uninit was stored to memory at: [ 1213.199456][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1213.199456][T25216] __msan_chain_origin+0x54/0xa0 [ 1213.199456][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1213.199456][T25216] get_compat_msghdr+0x108/0x2b0 [ 1213.199456][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1213.199456][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1213.199456][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1213.199456][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1213.199456][T25216] __do_fast_syscall_32+0x127/0x180 [ 1213.199456][T25216] do_fast_syscall_32+0x77/0xd0 [ 1213.199456][T25216] do_SYSENTER_32+0x73/0x90 [ 1213.199456][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1213.199456][T25216] [ 1213.199456][T25216] Uninit was stored to memory at: [ 1213.199456][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1213.199456][T25216] __msan_chain_origin+0x54/0xa0 [ 1213.199456][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1213.199456][T25216] get_compat_msghdr+0x108/0x2b0 [ 1213.199456][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1213.199456][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1213.199456][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1213.199456][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1213.199456][T25216] __do_fast_syscall_32+0x127/0x180 [ 1213.199456][T25216] do_fast_syscall_32+0x77/0xd0 [ 1213.199456][T25216] do_SYSENTER_32+0x73/0x90 [ 1213.199456][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1213.199456][T25216] [ 1213.199456][T25216] Uninit was stored to memory at: [ 1213.199456][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1213.199456][T25216] __msan_chain_origin+0x54/0xa0 [ 1213.199456][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1213.199456][T25216] get_compat_msghdr+0x108/0x2b0 [ 1213.199456][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1213.199456][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1213.199456][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1213.199456][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1213.199456][T25216] __do_fast_syscall_32+0x127/0x180 [ 1213.199456][T25216] do_fast_syscall_32+0x77/0xd0 [ 1213.199456][T25216] do_SYSENTER_32+0x73/0x90 [ 1213.199456][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1213.199456][T25216] [ 1213.199456][T25216] Uninit was stored to memory at: [ 1213.199456][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1213.199456][T25216] __msan_chain_origin+0x54/0xa0 [ 1213.199456][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1213.199456][T25216] get_compat_msghdr+0x108/0x2b0 [ 1213.199456][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1213.199456][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1213.199456][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1213.199456][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1213.199456][T25216] __do_fast_syscall_32+0x127/0x180 [ 1213.199456][T25216] do_fast_syscall_32+0x77/0xd0 [ 1213.199456][T25216] do_SYSENTER_32+0x73/0x90 [ 1213.199456][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1213.199456][T25216] [ 1213.199456][T25216] Uninit was stored to memory at: [ 1213.199456][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1213.199456][T25216] __msan_chain_origin+0x54/0xa0 [ 1213.199456][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1213.199456][T25216] get_compat_msghdr+0x108/0x2b0 [ 1213.199456][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1213.199456][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1213.199456][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1213.199456][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1213.199456][T25216] __do_fast_syscall_32+0x127/0x180 [ 1213.199456][T25216] do_fast_syscall_32+0x77/0xd0 [ 1213.199456][T25216] do_SYSENTER_32+0x73/0x90 [ 1213.199456][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1213.199456][T25216] [ 1213.199456][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1213.199456][T25216] do_recvmmsg+0xbf/0x22d0 [ 1213.199456][T25216] do_recvmmsg+0xbf/0x22d0 [ 1214.202652][T25216] not chained 2550000 origins [ 1214.207549][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1214.212259][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1214.223725][T25216] Call Trace: [ 1214.223725][T25216] dump_stack+0x24c/0x2e0 [ 1214.223725][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1214.223725][T25216] ? do_user_addr_fault+0x1912/0x2650 [ 1214.223725][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1214.223725][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1214.223725][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1214.223725][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1214.223725][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1214.223725][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1214.223725][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1214.223725][T25216] ? _copy_from_user+0x1fd/0x300 [ 1214.223725][T25216] __msan_chain_origin+0x54/0xa0 [ 1214.223725][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1214.223725][T25216] get_compat_msghdr+0x108/0x2b0 [ 1214.223725][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1214.223725][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1214.223725][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1214.223725][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1214.223725][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1214.223725][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1214.223725][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1214.223725][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1214.223725][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1214.223725][T25216] __do_fast_syscall_32+0x127/0x180 [ 1214.223725][T25216] do_fast_syscall_32+0x77/0xd0 [ 1214.223725][T25216] do_SYSENTER_32+0x73/0x90 [ 1214.223725][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1214.223725][T25216] RIP: 0023:0xf7f93549 [ 1214.223725][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1214.223725][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1214.223725][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1214.223725][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1214.223725][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1214.223725][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1214.223725][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1214.223725][T25216] Uninit was stored to memory at: [ 1214.223725][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1214.223725][T25216] __msan_chain_origin+0x54/0xa0 [ 1214.223725][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1214.223725][T25216] get_compat_msghdr+0x108/0x2b0 [ 1214.223725][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1214.223725][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1214.223725][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1214.223725][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1214.223725][T25216] __do_fast_syscall_32+0x127/0x180 [ 1214.223725][T25216] do_fast_syscall_32+0x77/0xd0 [ 1214.223725][T25216] do_SYSENTER_32+0x73/0x90 [ 1214.223725][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1214.223725][T25216] [ 1214.223725][T25216] Uninit was stored to memory at: [ 1214.223725][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1214.223725][T25216] __msan_chain_origin+0x54/0xa0 [ 1214.223725][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1214.223725][T25216] get_compat_msghdr+0x108/0x2b0 [ 1214.223725][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1214.223725][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1214.223725][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1214.223725][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1214.223725][T25216] __do_fast_syscall_32+0x127/0x180 [ 1214.223725][T25216] do_fast_syscall_32+0x77/0xd0 [ 1214.223725][T25216] do_SYSENTER_32+0x73/0x90 [ 1214.223725][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1214.223725][T25216] [ 1214.223725][T25216] Uninit was stored to memory at: [ 1214.223725][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1214.223725][T25216] __msan_chain_origin+0x54/0xa0 [ 1214.223725][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1214.223725][T25216] get_compat_msghdr+0x108/0x2b0 [ 1214.223725][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1214.223725][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1214.223725][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1214.223725][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1214.223725][T25216] __do_fast_syscall_32+0x127/0x180 [ 1214.223725][T25216] do_fast_syscall_32+0x77/0xd0 [ 1214.223725][T25216] do_SYSENTER_32+0x73/0x90 [ 1214.223725][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1214.223725][T25216] [ 1214.223725][T25216] Uninit was stored to memory at: [ 1214.223725][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1214.223725][T25216] __msan_chain_origin+0x54/0xa0 [ 1214.223725][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1214.223725][T25216] get_compat_msghdr+0x108/0x2b0 [ 1214.223725][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1214.223725][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1214.223725][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1214.223725][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1214.223725][T25216] __do_fast_syscall_32+0x127/0x180 [ 1214.223725][T25216] do_fast_syscall_32+0x77/0xd0 [ 1214.223725][T25216] do_SYSENTER_32+0x73/0x90 [ 1214.223725][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1214.223725][T25216] [ 1214.223725][T25216] Uninit was stored to memory at: [ 1214.223725][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1214.223725][T25216] __msan_chain_origin+0x54/0xa0 [ 1214.223725][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1214.223725][T25216] get_compat_msghdr+0x108/0x2b0 [ 1214.223725][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1214.223725][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1214.223725][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1214.223725][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1214.223725][T25216] __do_fast_syscall_32+0x127/0x180 [ 1214.223725][T25216] do_fast_syscall_32+0x77/0xd0 [ 1214.223725][T25216] do_SYSENTER_32+0x73/0x90 [ 1214.223725][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1214.223725][T25216] [ 1214.223725][T25216] Uninit was stored to memory at: [ 1214.223725][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1214.223725][T25216] __msan_chain_origin+0x54/0xa0 [ 1214.223725][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1214.223725][T25216] get_compat_msghdr+0x108/0x2b0 [ 1214.223725][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1214.223725][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1214.223725][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1214.223725][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1214.223725][T25216] __do_fast_syscall_32+0x127/0x180 [ 1214.223725][T25216] do_fast_syscall_32+0x77/0xd0 [ 1214.223725][T25216] do_SYSENTER_32+0x73/0x90 [ 1214.223725][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1214.223725][T25216] [ 1214.223725][T25216] Uninit was stored to memory at: [ 1214.223725][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1214.223725][T25216] __msan_chain_origin+0x54/0xa0 [ 1214.223725][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1214.223725][T25216] get_compat_msghdr+0x108/0x2b0 [ 1214.223725][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1214.223725][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1214.223725][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1214.223725][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1214.223725][T25216] __do_fast_syscall_32+0x127/0x180 [ 1214.223725][T25216] do_fast_syscall_32+0x77/0xd0 [ 1214.223725][T25216] do_SYSENTER_32+0x73/0x90 [ 1214.223725][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1214.223725][T25216] [ 1214.223725][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1214.223725][T25216] do_recvmmsg+0xbf/0x22d0 [ 1214.223725][T25216] do_recvmmsg+0xbf/0x22d0 [ 1215.180691][T25216] not chained 2560000 origins [ 1215.182212][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1215.182212][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1215.182212][T25216] Call Trace: [ 1215.182212][T25216] dump_stack+0x24c/0x2e0 [ 1215.212523][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1215.215977][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1215.224368][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1215.224368][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1215.233499][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1215.244216][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1215.249072][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1215.253435][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1215.253435][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1215.264676][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1215.264676][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1215.273615][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1215.284265][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1215.284265][T25216] ? _copy_from_user+0x1fd/0x300 [ 1215.293441][T25216] __msan_chain_origin+0x54/0xa0 [ 1215.293441][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1215.304294][T25216] get_compat_msghdr+0x108/0x2b0 [ 1215.304294][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1215.313462][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1215.313462][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1215.313462][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1215.326050][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1215.333864][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1215.333864][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1215.344271][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1215.351605][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1215.353428][T25216] __do_fast_syscall_32+0x127/0x180 [ 1215.364297][T25216] do_fast_syscall_32+0x77/0xd0 [ 1215.364297][T25216] do_SYSENTER_32+0x73/0x90 [ 1215.373548][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1215.373548][T25216] RIP: 0023:0xf7f93549 [ 1215.384212][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1215.393471][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1215.404294][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1215.413751][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1215.424226][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1215.435187][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1215.444316][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1215.444316][T25216] Uninit was stored to memory at: [ 1215.455063][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1215.464231][T25216] __msan_chain_origin+0x54/0xa0 [ 1215.464231][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1215.473441][T25216] get_compat_msghdr+0x108/0x2b0 [ 1215.473441][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1215.484295][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1215.484295][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1215.493486][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1215.493486][T25216] __do_fast_syscall_32+0x127/0x180 [ 1215.504539][T25216] do_fast_syscall_32+0x77/0xd0 [ 1215.504539][T25216] do_SYSENTER_32+0x73/0x90 [ 1215.513513][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1215.513513][T25216] [ 1215.524211][T25216] Uninit was stored to memory at: [ 1215.524211][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1215.533438][T25216] __msan_chain_origin+0x54/0xa0 [ 1215.533438][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1215.533438][T25216] get_compat_msghdr+0x108/0x2b0 [ 1215.546049][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1215.546049][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1215.556844][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1215.564217][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1215.564217][T25216] __do_fast_syscall_32+0x127/0x180 [ 1215.573537][T25216] do_fast_syscall_32+0x77/0xd0 [ 1215.573537][T25216] do_SYSENTER_32+0x73/0x90 [ 1215.584209][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1215.593423][T25216] [ 1215.593423][T25216] Uninit was stored to memory at: [ 1215.593423][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1215.604555][T25216] __msan_chain_origin+0x54/0xa0 [ 1215.604555][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1215.613431][T25216] get_compat_msghdr+0x108/0x2b0 [ 1215.613431][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1215.624241][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1215.624241][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1215.633518][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1215.644226][T25216] __do_fast_syscall_32+0x127/0x180 [ 1215.644226][T25216] do_fast_syscall_32+0x77/0xd0 [ 1215.644226][T25216] do_SYSENTER_32+0x73/0x90 [ 1215.658613][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1215.664424][T25216] [ 1215.664424][T25216] Uninit was stored to memory at: [ 1215.673491][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1215.673491][T25216] __msan_chain_origin+0x54/0xa0 [ 1215.684196][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1215.684196][T25216] get_compat_msghdr+0x108/0x2b0 [ 1215.693536][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1215.693536][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1215.693536][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1215.704228][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1215.713800][T25216] __do_fast_syscall_32+0x127/0x180 [ 1215.713800][T25216] do_fast_syscall_32+0x77/0xd0 [ 1215.724383][T25216] do_SYSENTER_32+0x73/0x90 [ 1215.724383][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1215.733468][T25216] [ 1215.733468][T25216] Uninit was stored to memory at: [ 1215.744262][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1215.744262][T25216] __msan_chain_origin+0x54/0xa0 [ 1215.753617][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1215.753617][T25216] get_compat_msghdr+0x108/0x2b0 [ 1215.761083][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1215.765969][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1215.773565][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1215.773565][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1215.784310][T25216] __do_fast_syscall_32+0x127/0x180 [ 1215.784310][T25216] do_fast_syscall_32+0x77/0xd0 [ 1215.793431][T25216] do_SYSENTER_32+0x73/0x90 [ 1215.793431][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1215.804223][T25216] [ 1215.804223][T25216] Uninit was stored to memory at: [ 1215.813524][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1215.813524][T25216] __msan_chain_origin+0x54/0xa0 [ 1215.824209][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1215.824209][T25216] get_compat_msghdr+0x108/0x2b0 [ 1215.833743][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1215.833743][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1215.844327][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1215.844327][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1215.853436][T25216] __do_fast_syscall_32+0x127/0x180 [ 1215.853436][T25216] do_fast_syscall_32+0x77/0xd0 [ 1215.865364][T25216] do_SYSENTER_32+0x73/0x90 [ 1215.865364][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1215.875252][T25216] [ 1215.875252][T25216] Uninit was stored to memory at: [ 1215.884342][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1215.884342][T25216] __msan_chain_origin+0x54/0xa0 [ 1215.893620][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1215.893620][T25216] get_compat_msghdr+0x108/0x2b0 [ 1215.904369][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1215.904369][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1215.913448][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1215.913448][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1215.924247][T25216] __do_fast_syscall_32+0x127/0x180 [ 1215.933537][T25216] do_fast_syscall_32+0x77/0xd0 [ 1215.933537][T25216] do_SYSENTER_32+0x73/0x90 [ 1215.944288][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1215.944288][T25216] [ 1215.944288][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1215.953472][T25216] do_recvmmsg+0xbf/0x22d0 [ 1215.953472][T25216] do_recvmmsg+0xbf/0x22d0 [ 1216.151206][T25216] not chained 2570000 origins [ 1216.152528][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1216.152528][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1216.152528][T25216] Call Trace: [ 1216.152528][T25216] dump_stack+0x24c/0x2e0 [ 1216.183210][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1216.183210][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1216.183210][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1216.199980][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1216.204175][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1216.204175][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1216.215282][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1216.222731][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1216.222731][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1216.235228][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1216.235228][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1216.242375][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1216.242375][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1216.257952][T25216] ? _copy_from_user+0x1fd/0x300 [ 1216.262340][T25216] __msan_chain_origin+0x54/0xa0 [ 1216.262340][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1216.262340][T25216] get_compat_msghdr+0x108/0x2b0 [ 1216.276044][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1216.282330][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1216.282330][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1216.282330][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1216.295311][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1216.302335][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1216.302335][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1216.302335][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1216.317120][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1216.322469][T25216] __do_fast_syscall_32+0x127/0x180 [ 1216.322469][T25216] do_fast_syscall_32+0x77/0xd0 [ 1216.335334][T25216] do_SYSENTER_32+0x73/0x90 [ 1216.335334][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1216.342347][T25216] RIP: 0023:0xf7f93549 [ 1216.342347][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1216.362325][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1216.378433][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1216.382328][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1216.395175][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1216.402417][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1216.402417][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1216.419082][T25216] Uninit was stored to memory at: [ 1216.424197][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1216.424197][T25216] __msan_chain_origin+0x54/0xa0 [ 1216.435291][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1216.442331][T25216] get_compat_msghdr+0x108/0x2b0 [ 1216.442331][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1216.442331][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1216.455283][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1216.462542][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1216.462542][T25216] __do_fast_syscall_32+0x127/0x180 [ 1216.462542][T25216] do_fast_syscall_32+0x77/0xd0 [ 1216.478541][T25216] do_SYSENTER_32+0x73/0x90 [ 1216.482716][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1216.482716][T25216] [ 1216.492605][T25216] Uninit was stored to memory at: [ 1216.495353][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1216.503087][T25216] __msan_chain_origin+0x54/0xa0 [ 1216.503087][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1216.515169][T25216] get_compat_msghdr+0x108/0x2b0 [ 1216.515169][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1216.522487][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1216.522487][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1216.522487][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1216.542329][T25216] __do_fast_syscall_32+0x127/0x180 [ 1216.542329][T25216] do_fast_syscall_32+0x77/0xd0 [ 1216.542329][T25216] do_SYSENTER_32+0x73/0x90 [ 1216.555406][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1216.562332][T25216] [ 1216.562332][T25216] Uninit was stored to memory at: [ 1216.562332][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1216.575261][T25216] __msan_chain_origin+0x54/0xa0 [ 1216.580284][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1216.582487][T25216] get_compat_msghdr+0x108/0x2b0 [ 1216.582487][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1216.595209][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1216.595209][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1216.602332][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1216.615516][T25216] __do_fast_syscall_32+0x127/0x180 [ 1216.615516][T25216] do_fast_syscall_32+0x77/0xd0 [ 1216.622343][T25216] do_SYSENTER_32+0x73/0x90 [ 1216.622343][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1216.635190][T25216] [ 1216.635190][T25216] Uninit was stored to memory at: [ 1216.644202][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1216.644202][T25216] __msan_chain_origin+0x54/0xa0 [ 1216.655173][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1216.655173][T25216] get_compat_msghdr+0x108/0x2b0 [ 1216.662326][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1216.662326][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1216.662326][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1216.675250][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1216.682798][T25216] __do_fast_syscall_32+0x127/0x180 [ 1216.682798][T25216] do_fast_syscall_32+0x77/0xd0 [ 1216.695204][T25216] do_SYSENTER_32+0x73/0x90 [ 1216.695204][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1216.702509][T25216] [ 1216.702509][T25216] Uninit was stored to memory at: [ 1216.715214][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1216.715214][T25216] __msan_chain_origin+0x54/0xa0 [ 1216.722326][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1216.722326][T25216] get_compat_msghdr+0x108/0x2b0 [ 1216.735260][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1216.735260][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1216.742705][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1216.742705][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1216.757068][T25216] __do_fast_syscall_32+0x127/0x180 [ 1216.762485][T25216] do_fast_syscall_32+0x77/0xd0 [ 1216.762485][T25216] do_SYSENTER_32+0x73/0x90 [ 1216.762485][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1216.775225][T25216] [ 1216.775225][T25216] Uninit was stored to memory at: [ 1216.785288][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1216.785288][T25216] __msan_chain_origin+0x54/0xa0 [ 1216.795351][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1216.802327][T25216] get_compat_msghdr+0x108/0x2b0 [ 1216.802327][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1216.802327][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1216.815261][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1216.822505][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1216.822505][T25216] __do_fast_syscall_32+0x127/0x180 [ 1216.835359][T25216] do_fast_syscall_32+0x77/0xd0 [ 1216.835359][T25216] do_SYSENTER_32+0x73/0x90 [ 1216.842333][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1216.842333][T25216] [ 1216.842333][T25216] Uninit was stored to memory at: [ 1216.855266][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1216.864334][T25216] __msan_chain_origin+0x54/0xa0 [ 1216.864334][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1216.875559][T25216] get_compat_msghdr+0x108/0x2b0 [ 1216.882498][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1216.882498][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1216.887483][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1216.895189][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1216.902334][T25216] __do_fast_syscall_32+0x127/0x180 [ 1216.902334][T25216] do_fast_syscall_32+0x77/0xd0 [ 1216.902334][T25216] do_SYSENTER_32+0x73/0x90 [ 1216.915373][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1216.922339][T25216] [ 1216.922339][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1216.922339][T25216] do_recvmmsg+0xbf/0x22d0 [ 1216.935212][T25216] do_recvmmsg+0xbf/0x22d0 [ 1217.141474][T25216] not chained 2580000 origins [ 1217.142991][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1217.154937][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1217.162929][T25216] Call Trace: [ 1217.162929][T25216] dump_stack+0x24c/0x2e0 [ 1217.162929][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1217.174767][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1217.182933][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1217.182933][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1217.182933][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1217.198915][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1217.202907][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1217.202907][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1217.202907][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1217.202907][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1217.227521][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1217.232367][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1217.232367][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1217.245112][T25216] ? _copy_from_user+0x1fd/0x300 [ 1217.252503][T25216] __msan_chain_origin+0x54/0xa0 [ 1217.252503][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1217.252503][T25216] get_compat_msghdr+0x108/0x2b0 [ 1217.265423][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1217.272367][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1217.272367][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1217.272367][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1217.285140][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1217.285140][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1217.297360][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1217.297360][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1217.307013][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1217.312374][T25216] __do_fast_syscall_32+0x127/0x180 [ 1217.312374][T25216] do_fast_syscall_32+0x77/0xd0 [ 1217.325184][T25216] do_SYSENTER_32+0x73/0x90 [ 1217.332359][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1217.332359][T25216] RIP: 0023:0xf7f93549 [ 1217.332359][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1217.352575][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1217.365126][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1217.372355][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1217.385268][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1217.392752][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1217.399443][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1217.408832][T25216] Uninit was stored to memory at: [ 1217.414235][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1217.414235][T25216] __msan_chain_origin+0x54/0xa0 [ 1217.425142][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1217.432474][T25216] get_compat_msghdr+0x108/0x2b0 [ 1217.432474][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1217.432474][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1217.445323][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1217.452398][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1217.452398][T25216] __do_fast_syscall_32+0x127/0x180 [ 1217.465228][T25216] do_fast_syscall_32+0x77/0xd0 [ 1217.465228][T25216] do_SYSENTER_32+0x73/0x90 [ 1217.472560][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1217.472560][T25216] [ 1217.472560][T25216] Uninit was stored to memory at: [ 1217.485217][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1217.492351][T25216] __msan_chain_origin+0x54/0xa0 [ 1217.492351][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1217.505168][T25216] get_compat_msghdr+0x108/0x2b0 [ 1217.505168][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1217.512348][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1217.512348][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1217.512348][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1217.527824][T25216] __do_fast_syscall_32+0x127/0x180 [ 1217.532505][T25216] do_fast_syscall_32+0x77/0xd0 [ 1217.532505][T25216] do_SYSENTER_32+0x73/0x90 [ 1217.545130][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1217.552363][T25216] [ 1217.552363][T25216] Uninit was stored to memory at: [ 1217.552363][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1217.565318][T25216] __msan_chain_origin+0x54/0xa0 [ 1217.565318][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1217.572359][T25216] get_compat_msghdr+0x108/0x2b0 [ 1217.572359][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1217.585203][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1217.585203][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1217.592518][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1217.592518][T25216] __do_fast_syscall_32+0x127/0x180 [ 1217.607224][T25216] do_fast_syscall_32+0x77/0xd0 [ 1217.612366][T25216] do_SYSENTER_32+0x73/0x90 [ 1217.612366][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1217.612366][T25216] [ 1217.625312][T25216] Uninit was stored to memory at: [ 1217.625312][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1217.634194][T25216] __msan_chain_origin+0x54/0xa0 [ 1217.634194][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1217.645150][T25216] get_compat_msghdr+0x108/0x2b0 [ 1217.652743][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1217.652743][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1217.652743][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1217.665163][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1217.672353][T25216] __do_fast_syscall_32+0x127/0x180 [ 1217.672353][T25216] do_fast_syscall_32+0x77/0xd0 [ 1217.685180][T25216] do_SYSENTER_32+0x73/0x90 [ 1217.685180][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1217.692512][T25216] [ 1217.692512][T25216] Uninit was stored to memory at: [ 1217.692512][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1217.708820][T25216] __msan_chain_origin+0x54/0xa0 [ 1217.712551][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1217.712551][T25216] get_compat_msghdr+0x108/0x2b0 [ 1217.712551][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1217.725152][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1217.732358][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1217.732358][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1217.747003][T25216] __do_fast_syscall_32+0x127/0x180 [ 1217.752409][T25216] do_fast_syscall_32+0x77/0xd0 [ 1217.752409][T25216] do_SYSENTER_32+0x73/0x90 [ 1217.752409][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1217.765233][T25216] [ 1217.765233][T25216] Uninit was stored to memory at: [ 1217.772521][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1217.772521][T25216] __msan_chain_origin+0x54/0xa0 [ 1217.785479][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1217.792354][T25216] get_compat_msghdr+0x108/0x2b0 [ 1217.792354][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1217.792354][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1217.805180][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1217.812358][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1217.812358][T25216] __do_fast_syscall_32+0x127/0x180 [ 1217.825316][T25216] do_fast_syscall_32+0x77/0xd0 [ 1217.825316][T25216] do_SYSENTER_32+0x73/0x90 [ 1217.832543][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1217.832543][T25216] [ 1217.832543][T25216] Uninit was stored to memory at: [ 1217.845208][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1217.854180][T25216] __msan_chain_origin+0x54/0xa0 [ 1217.854180][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1217.865199][T25216] get_compat_msghdr+0x108/0x2b0 [ 1217.865199][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1217.872347][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1217.872347][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1217.885245][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1217.885245][T25216] __do_fast_syscall_32+0x127/0x180 [ 1217.892538][T25216] do_fast_syscall_32+0x77/0xd0 [ 1217.892538][T25216] do_SYSENTER_32+0x73/0x90 [ 1217.905121][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1217.912707][T25216] [ 1217.912707][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1217.912707][T25216] do_recvmmsg+0xbf/0x22d0 [ 1217.925387][T25216] do_recvmmsg+0xbf/0x22d0 [ 1218.130810][T25216] not chained 2590000 origins [ 1218.132216][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1218.132216][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1218.132216][T25216] Call Trace: [ 1218.132216][T25216] dump_stack+0x24c/0x2e0 [ 1218.132216][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1218.132216][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1218.172623][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1218.175942][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1218.184320][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1218.192400][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1218.192400][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1218.202488][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1218.202488][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1218.212342][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1218.218757][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1218.222517][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1218.232384][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1218.232384][T25216] ? _copy_from_user+0x1fd/0x300 [ 1218.242635][T25216] __msan_chain_origin+0x54/0xa0 [ 1218.242635][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1218.242635][T25216] get_compat_msghdr+0x108/0x2b0 [ 1218.242635][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1218.264234][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1218.264234][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1218.272593][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1218.282484][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1218.282484][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1218.282484][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1218.294182][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1218.302804][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1218.302804][T25216] __do_fast_syscall_32+0x127/0x180 [ 1218.312346][T25216] do_fast_syscall_32+0x77/0xd0 [ 1218.321162][T25216] do_SYSENTER_32+0x73/0x90 [ 1218.322467][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1218.322467][T25216] RIP: 0023:0xf7f93549 [ 1218.333900][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1218.352348][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1218.362557][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1218.372499][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1218.382539][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1218.382539][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1218.392391][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1218.404315][T25216] Uninit was stored to memory at: [ 1218.412342][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1218.412342][T25216] __msan_chain_origin+0x54/0xa0 [ 1218.412342][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1218.423721][T25216] get_compat_msghdr+0x108/0x2b0 [ 1218.432764][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1218.432764][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1218.442474][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1218.442474][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1218.452374][T25216] __do_fast_syscall_32+0x127/0x180 [ 1218.452374][T25216] do_fast_syscall_32+0x77/0xd0 [ 1218.462561][T25216] do_SYSENTER_32+0x73/0x90 [ 1218.462561][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1218.472394][T25216] [ 1218.472394][T25216] Uninit was stored to memory at: [ 1218.482490][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1218.482490][T25216] __msan_chain_origin+0x54/0xa0 [ 1218.492597][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1218.492597][T25216] get_compat_msghdr+0x108/0x2b0 [ 1218.502496][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1218.502496][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1218.514200][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1218.514200][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1218.525789][T25216] __do_fast_syscall_32+0x127/0x180 [ 1218.532360][T25216] do_fast_syscall_32+0x77/0xd0 [ 1218.532360][T25216] do_SYSENTER_32+0x73/0x90 [ 1218.532360][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1218.542484][T25216] [ 1218.552514][T25216] Uninit was stored to memory at: [ 1218.552514][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1218.562905][T25216] __msan_chain_origin+0x54/0xa0 [ 1218.562905][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1218.572406][T25216] get_compat_msghdr+0x108/0x2b0 [ 1218.572406][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1218.582656][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1218.582656][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1218.592403][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1218.592403][T25216] __do_fast_syscall_32+0x127/0x180 [ 1218.602511][T25216] do_fast_syscall_32+0x77/0xd0 [ 1218.602511][T25216] do_SYSENTER_32+0x73/0x90 [ 1218.612515][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1218.612515][T25216] [ 1218.612515][T25216] Uninit was stored to memory at: [ 1218.628252][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1218.632363][T25216] __msan_chain_origin+0x54/0xa0 [ 1218.632363][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1218.642632][T25216] get_compat_msghdr+0x108/0x2b0 [ 1218.642632][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1218.652380][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1218.652380][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1218.662498][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1218.672526][T25216] __do_fast_syscall_32+0x127/0x180 [ 1218.672526][T25216] do_fast_syscall_32+0x77/0xd0 [ 1218.682484][T25216] do_SYSENTER_32+0x73/0x90 [ 1218.682484][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1218.692731][T25216] [ 1218.692731][T25216] Uninit was stored to memory at: [ 1218.692731][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1218.702582][T25216] __msan_chain_origin+0x54/0xa0 [ 1218.712360][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1218.712360][T25216] get_compat_msghdr+0x108/0x2b0 [ 1218.722486][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1218.722486][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1218.730732][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1218.734173][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1218.742534][T25216] __do_fast_syscall_32+0x127/0x180 [ 1218.742534][T25216] do_fast_syscall_32+0x77/0xd0 [ 1218.752409][T25216] do_SYSENTER_32+0x73/0x90 [ 1218.752409][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1218.762610][T25216] [ 1218.762610][T25216] Uninit was stored to memory at: [ 1218.772356][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1218.772356][T25216] __msan_chain_origin+0x54/0xa0 [ 1218.782477][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1218.782477][T25216] get_compat_msghdr+0x108/0x2b0 [ 1218.792504][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1218.792504][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1218.802465][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1218.802465][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1218.812400][T25216] __do_fast_syscall_32+0x127/0x180 [ 1218.812400][T25216] do_fast_syscall_32+0x77/0xd0 [ 1218.822923][T25216] do_SYSENTER_32+0x73/0x90 [ 1218.822923][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1218.833290][T25216] [ 1218.833290][T25216] Uninit was stored to memory at: [ 1218.844353][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1218.844353][T25216] __msan_chain_origin+0x54/0xa0 [ 1218.852577][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1218.852577][T25216] get_compat_msghdr+0x108/0x2b0 [ 1218.862489][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1218.862489][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1218.872344][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1218.882569][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1218.882569][T25216] __do_fast_syscall_32+0x127/0x180 [ 1218.892349][T25216] do_fast_syscall_32+0x77/0xd0 [ 1218.892349][T25216] do_SYSENTER_32+0x73/0x90 [ 1218.902463][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1218.902463][T25216] [ 1218.902463][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1218.912511][T25216] do_recvmmsg+0xbf/0x22d0 [ 1218.922505][T25216] do_recvmmsg+0xbf/0x22d0 [ 1219.129203][T25216] not chained 2600000 origins [ 1219.132229][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1219.138711][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1219.138711][T25216] Call Trace: [ 1219.138711][T25216] dump_stack+0x24c/0x2e0 [ 1219.138711][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1219.138711][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1219.138711][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1219.138711][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1219.138711][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1219.138711][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1219.138711][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1219.138711][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1219.138711][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1219.138711][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1219.138711][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1219.138711][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1219.138711][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1219.138711][T25216] ? _copy_from_user+0x1fd/0x300 [ 1219.138711][T25216] __msan_chain_origin+0x54/0xa0 [ 1219.138711][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1219.138711][T25216] get_compat_msghdr+0x108/0x2b0 [ 1219.138711][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1219.138711][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1219.138711][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1219.138711][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1219.138711][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1219.138711][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1219.138711][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1219.138711][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1219.138711][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1219.138711][T25216] __do_fast_syscall_32+0x127/0x180 [ 1219.138711][T25216] do_fast_syscall_32+0x77/0xd0 [ 1219.138711][T25216] do_SYSENTER_32+0x73/0x90 [ 1219.138711][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1219.138711][T25216] RIP: 0023:0xf7f93549 [ 1219.138711][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1219.343624][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1219.343624][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1219.343624][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1219.343624][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1219.343624][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1219.343624][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1219.343624][T25216] Uninit was stored to memory at: [ 1219.343624][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1219.343624][T25216] __msan_chain_origin+0x54/0xa0 [ 1219.343624][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1219.343624][T25216] get_compat_msghdr+0x108/0x2b0 [ 1219.343624][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1219.343624][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1219.343624][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1219.343624][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1219.343624][T25216] __do_fast_syscall_32+0x127/0x180 [ 1219.343624][T25216] do_fast_syscall_32+0x77/0xd0 [ 1219.343624][T25216] do_SYSENTER_32+0x73/0x90 [ 1219.343624][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1219.343624][T25216] [ 1219.343624][T25216] Uninit was stored to memory at: [ 1219.343624][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1219.343624][T25216] __msan_chain_origin+0x54/0xa0 [ 1219.343624][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1219.343624][T25216] get_compat_msghdr+0x108/0x2b0 [ 1219.343624][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1219.343624][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1219.343624][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1219.343624][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1219.343624][T25216] __do_fast_syscall_32+0x127/0x180 [ 1219.343624][T25216] do_fast_syscall_32+0x77/0xd0 [ 1219.343624][T25216] do_SYSENTER_32+0x73/0x90 [ 1219.343624][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1219.343624][T25216] [ 1219.343624][T25216] Uninit was stored to memory at: [ 1219.343624][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1219.343624][T25216] __msan_chain_origin+0x54/0xa0 [ 1219.343624][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1219.343624][T25216] get_compat_msghdr+0x108/0x2b0 [ 1219.343624][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1219.343624][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1219.343624][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1219.343624][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1219.343624][T25216] __do_fast_syscall_32+0x127/0x180 [ 1219.343624][T25216] do_fast_syscall_32+0x77/0xd0 [ 1219.343624][T25216] do_SYSENTER_32+0x73/0x90 [ 1219.343624][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1219.343624][T25216] [ 1219.343624][T25216] Uninit was stored to memory at: [ 1219.343624][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1219.343624][T25216] __msan_chain_origin+0x54/0xa0 [ 1219.343624][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1219.343624][T25216] get_compat_msghdr+0x108/0x2b0 [ 1219.343624][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1219.343624][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1219.343624][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1219.343624][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1219.343624][T25216] __do_fast_syscall_32+0x127/0x180 [ 1219.343624][T25216] do_fast_syscall_32+0x77/0xd0 [ 1219.343624][T25216] do_SYSENTER_32+0x73/0x90 [ 1219.343624][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1219.343624][T25216] [ 1219.343624][T25216] Uninit was stored to memory at: [ 1219.343624][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1219.343624][T25216] __msan_chain_origin+0x54/0xa0 [ 1219.343624][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1219.343624][T25216] get_compat_msghdr+0x108/0x2b0 [ 1219.343624][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1219.343624][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1219.343624][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1219.343624][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1219.343624][T25216] __do_fast_syscall_32+0x127/0x180 [ 1219.343624][T25216] do_fast_syscall_32+0x77/0xd0 [ 1219.343624][T25216] do_SYSENTER_32+0x73/0x90 [ 1219.343624][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1219.343624][T25216] [ 1219.343624][T25216] Uninit was stored to memory at: [ 1219.343624][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1219.343624][T25216] __msan_chain_origin+0x54/0xa0 [ 1219.343624][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1219.343624][T25216] get_compat_msghdr+0x108/0x2b0 [ 1219.343624][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1219.343624][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1219.343624][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1219.343624][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1219.343624][T25216] __do_fast_syscall_32+0x127/0x180 [ 1219.343624][T25216] do_fast_syscall_32+0x77/0xd0 [ 1219.343624][T25216] do_SYSENTER_32+0x73/0x90 [ 1219.343624][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1219.343624][T25216] [ 1219.343624][T25216] Uninit was stored to memory at: [ 1219.343624][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1219.343624][T25216] __msan_chain_origin+0x54/0xa0 [ 1219.343624][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1219.343624][T25216] get_compat_msghdr+0x108/0x2b0 [ 1219.343624][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1219.343624][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1219.343624][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1219.343624][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1219.343624][T25216] __do_fast_syscall_32+0x127/0x180 [ 1219.343624][T25216] do_fast_syscall_32+0x77/0xd0 [ 1219.343624][T25216] do_SYSENTER_32+0x73/0x90 [ 1219.343624][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1219.343624][T25216] [ 1219.343624][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1219.343624][T25216] do_recvmmsg+0xbf/0x22d0 [ 1219.343624][T25216] do_recvmmsg+0xbf/0x22d0 [ 1220.135732][T25216] not chained 2610000 origins [ 1220.140417][T25216] CPU: 1 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1220.142257][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1220.142257][T25216] Call Trace: [ 1220.142257][T25216] dump_stack+0x24c/0x2e0 [ 1220.142257][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1220.142257][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1220.142257][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1220.142257][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1220.142257][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1220.142257][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1220.142257][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1220.142257][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1220.142257][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1220.142257][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1220.142257][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1220.142257][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1220.142257][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1220.142257][T25216] ? _copy_from_user+0x1fd/0x300 [ 1220.142257][T25216] __msan_chain_origin+0x54/0xa0 [ 1220.142257][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1220.142257][T25216] get_compat_msghdr+0x108/0x2b0 [ 1220.142257][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1220.142257][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1220.142257][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1220.142257][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1220.142257][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1220.142257][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1220.142257][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1220.142257][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1220.142257][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1220.142257][T25216] __do_fast_syscall_32+0x127/0x180 [ 1220.142257][T25216] do_fast_syscall_32+0x77/0xd0 [ 1220.142257][T25216] do_SYSENTER_32+0x73/0x90 [ 1220.142257][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1220.142257][T25216] RIP: 0023:0xf7f93549 [ 1220.142257][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1220.142257][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1220.142257][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1220.142257][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1220.142257][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1220.142257][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1220.142257][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1220.142257][T25216] Uninit was stored to memory at: [ 1220.142257][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1220.142257][T25216] __msan_chain_origin+0x54/0xa0 [ 1220.142257][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1220.142257][T25216] get_compat_msghdr+0x108/0x2b0 [ 1220.142257][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1220.142257][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1220.142257][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1220.142257][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1220.142257][T25216] __do_fast_syscall_32+0x127/0x180 [ 1220.142257][T25216] do_fast_syscall_32+0x77/0xd0 [ 1220.142257][T25216] do_SYSENTER_32+0x73/0x90 [ 1220.142257][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1220.142257][T25216] [ 1220.142257][T25216] Uninit was stored to memory at: [ 1220.142257][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1220.142257][T25216] __msan_chain_origin+0x54/0xa0 [ 1220.142257][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1220.142257][T25216] get_compat_msghdr+0x108/0x2b0 [ 1220.142257][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1220.142257][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1220.142257][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1220.142257][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1220.142257][T25216] __do_fast_syscall_32+0x127/0x180 [ 1220.142257][T25216] do_fast_syscall_32+0x77/0xd0 [ 1220.142257][T25216] do_SYSENTER_32+0x73/0x90 [ 1220.142257][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1220.142257][T25216] [ 1220.142257][T25216] Uninit was stored to memory at: [ 1220.142257][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1220.142257][T25216] __msan_chain_origin+0x54/0xa0 [ 1220.142257][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1220.142257][T25216] get_compat_msghdr+0x108/0x2b0 [ 1220.142257][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1220.142257][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1220.142257][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1220.142257][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1220.142257][T25216] __do_fast_syscall_32+0x127/0x180 [ 1220.142257][T25216] do_fast_syscall_32+0x77/0xd0 [ 1220.142257][T25216] do_SYSENTER_32+0x73/0x90 [ 1220.142257][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1220.142257][T25216] [ 1220.142257][T25216] Uninit was stored to memory at: [ 1220.142257][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1220.142257][T25216] __msan_chain_origin+0x54/0xa0 [ 1220.142257][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1220.142257][T25216] get_compat_msghdr+0x108/0x2b0 [ 1220.142257][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1220.142257][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1220.142257][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1220.142257][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1220.142257][T25216] __do_fast_syscall_32+0x127/0x180 [ 1220.142257][T25216] do_fast_syscall_32+0x77/0xd0 [ 1220.142257][T25216] do_SYSENTER_32+0x73/0x90 [ 1220.142257][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1220.142257][T25216] [ 1220.142257][T25216] Uninit was stored to memory at: [ 1220.142257][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1220.142257][T25216] __msan_chain_origin+0x54/0xa0 [ 1220.142257][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1220.142257][T25216] get_compat_msghdr+0x108/0x2b0 [ 1220.142257][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1220.142257][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1220.142257][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1220.142257][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1220.142257][T25216] __do_fast_syscall_32+0x127/0x180 [ 1220.142257][T25216] do_fast_syscall_32+0x77/0xd0 [ 1220.142257][T25216] do_SYSENTER_32+0x73/0x90 [ 1220.142257][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1220.142257][T25216] [ 1220.142257][T25216] Uninit was stored to memory at: [ 1220.142257][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1220.142257][T25216] __msan_chain_origin+0x54/0xa0 [ 1220.142257][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1220.142257][T25216] get_compat_msghdr+0x108/0x2b0 [ 1220.142257][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1220.142257][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1220.142257][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1220.142257][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1220.142257][T25216] __do_fast_syscall_32+0x127/0x180 [ 1220.142257][T25216] do_fast_syscall_32+0x77/0xd0 [ 1220.142257][T25216] do_SYSENTER_32+0x73/0x90 [ 1220.142257][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1220.142257][T25216] [ 1220.142257][T25216] Uninit was stored to memory at: [ 1220.142257][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1220.142257][T25216] __msan_chain_origin+0x54/0xa0 [ 1220.142257][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1220.142257][T25216] get_compat_msghdr+0x108/0x2b0 [ 1220.142257][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1220.142257][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1220.142257][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1220.142257][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1220.142257][T25216] __do_fast_syscall_32+0x127/0x180 [ 1220.142257][T25216] do_fast_syscall_32+0x77/0xd0 [ 1220.142257][T25216] do_SYSENTER_32+0x73/0x90 [ 1220.142257][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1220.142257][T25216] [ 1220.142257][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1220.142257][T25216] do_recvmmsg+0xbf/0x22d0 [ 1220.142257][T25216] do_recvmmsg+0xbf/0x22d0 [ 1221.127696][T25216] not chained 2620000 origins [ 1221.132206][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1221.133066][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1221.145488][T25216] Call Trace: [ 1221.152357][T25216] dump_stack+0x24c/0x2e0 [ 1221.152357][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1221.152357][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1221.166995][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1221.172345][T25216] ? __msan_instrument_asm_store+0x104/0x130 [ 1221.172345][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1221.172345][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1221.192364][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1221.192364][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1221.205496][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1221.205496][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1221.212494][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1221.212494][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1221.225281][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1221.232413][T25216] ? _copy_from_user+0x1fd/0x300 [ 1221.232413][T25216] __msan_chain_origin+0x54/0xa0 [ 1221.232413][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1221.245267][T25216] get_compat_msghdr+0x108/0x2b0 [ 1221.252374][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1221.252374][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1221.252374][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1221.265351][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1221.274250][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1221.274250][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1221.274250][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1221.285245][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1221.293750][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1221.293750][T25216] __do_fast_syscall_32+0x127/0x180 [ 1221.305186][T25216] do_fast_syscall_32+0x77/0xd0 [ 1221.305186][T25216] do_SYSENTER_32+0x73/0x90 [ 1221.312496][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1221.312496][T25216] RIP: 0023:0xf7f93549 [ 1221.325212][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1221.345254][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1221.352388][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1221.352388][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1221.365416][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1221.372355][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1221.386951][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1221.393200][T25216] Uninit was stored to memory at: [ 1221.393200][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1221.405244][T25216] __msan_chain_origin+0x54/0xa0 [ 1221.412526][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1221.412526][T25216] get_compat_msghdr+0x108/0x2b0 [ 1221.412526][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1221.425263][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1221.432401][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1221.432401][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1221.432401][T25216] __do_fast_syscall_32+0x127/0x180 [ 1221.445355][T25216] do_fast_syscall_32+0x77/0xd0 [ 1221.445355][T25216] do_SYSENTER_32+0x73/0x90 [ 1221.456410][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1221.465507][T25216] [ 1221.465507][T25216] Uninit was stored to memory at: [ 1221.472503][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1221.472503][T25216] __msan_chain_origin+0x54/0xa0 [ 1221.485171][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1221.485171][T25216] get_compat_msghdr+0x108/0x2b0 [ 1221.485171][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1221.497450][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1221.505272][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1221.505272][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1221.512352][T25216] __do_fast_syscall_32+0x127/0x180 [ 1221.512352][T25216] do_fast_syscall_32+0x77/0xd0 [ 1221.525218][T25216] do_SYSENTER_32+0x73/0x90 [ 1221.532747][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1221.532747][T25216] [ 1221.532747][T25216] Uninit was stored to memory at: [ 1221.545221][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1221.552353][T25216] __msan_chain_origin+0x54/0xa0 [ 1221.552353][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1221.552353][T25216] get_compat_msghdr+0x108/0x2b0 [ 1221.565281][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1221.565281][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1221.572353][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1221.572353][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1221.585439][T25216] __do_fast_syscall_32+0x127/0x180 [ 1221.592740][T25216] do_fast_syscall_32+0x77/0xd0 [ 1221.597928][T25216] do_SYSENTER_32+0x73/0x90 [ 1221.597928][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1221.606953][T25216] [ 1221.612350][T25216] Uninit was stored to memory at: [ 1221.612350][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1221.612350][T25216] __msan_chain_origin+0x54/0xa0 [ 1221.625287][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1221.632357][T25216] get_compat_msghdr+0x108/0x2b0 [ 1221.632357][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1221.632357][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1221.645257][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1221.652504][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1221.652504][T25216] __do_fast_syscall_32+0x127/0x180 [ 1221.665220][T25216] do_fast_syscall_32+0x77/0xd0 [ 1221.665220][T25216] do_SYSENTER_32+0x73/0x90 [ 1221.672361][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1221.672361][T25216] [ 1221.685315][T25216] Uninit was stored to memory at: [ 1221.685315][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1221.692385][T25216] __msan_chain_origin+0x54/0xa0 [ 1221.700324][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1221.705174][T25216] get_compat_msghdr+0x108/0x2b0 [ 1221.705174][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1221.714181][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1221.714181][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1221.725468][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1221.732352][T25216] __do_fast_syscall_32+0x127/0x180 [ 1221.732352][T25216] do_fast_syscall_32+0x77/0xd0 [ 1221.732352][T25216] do_SYSENTER_32+0x73/0x90 [ 1221.745246][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1221.752346][T25216] [ 1221.752346][T25216] Uninit was stored to memory at: [ 1221.752346][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1221.765178][T25216] __msan_chain_origin+0x54/0xa0 [ 1221.772503][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1221.772503][T25216] get_compat_msghdr+0x108/0x2b0 [ 1221.785164][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1221.785164][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1221.792341][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1221.792341][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1221.805763][T25216] __do_fast_syscall_32+0x127/0x180 [ 1221.812346][T25216] do_fast_syscall_32+0x77/0xd0 [ 1221.812346][T25216] do_SYSENTER_32+0x73/0x90 [ 1221.812346][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1221.826931][T25216] [ 1221.826931][T25216] Uninit was stored to memory at: [ 1221.832484][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1221.832484][T25216] __msan_chain_origin+0x54/0xa0 [ 1221.845146][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1221.852719][T25216] get_compat_msghdr+0x108/0x2b0 [ 1221.852719][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1221.852719][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1221.865248][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1221.872340][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1221.872340][T25216] __do_fast_syscall_32+0x127/0x180 [ 1221.872340][T25216] do_fast_syscall_32+0x77/0xd0 [ 1221.885169][T25216] do_SYSENTER_32+0x73/0x90 [ 1221.892508][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1221.892508][T25216] [ 1221.892508][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1221.907992][T25216] do_recvmmsg+0xbf/0x22d0 [ 1221.912361][T25216] do_recvmmsg+0xbf/0x22d0 [ 1222.112130][T25216] not chained 2630000 origins [ 1222.112222][T25216] CPU: 0 PID: 25216 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1222.112222][T25216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1222.112222][T25216] Call Trace: [ 1222.112222][T25216] dump_stack+0x24c/0x2e0 [ 1222.112222][T25216] kmsan_internal_chain_origin+0x6f/0x130 [ 1222.112222][T25216] ? do_user_addr_fault+0x1912/0x2650 [ 1222.112222][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1222.112222][T25216] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1222.112222][T25216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1222.172730][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1222.172730][T25216] ? kmsan_set_origin_checked+0xa2/0x100 [ 1222.172730][T25216] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1222.172730][T25216] ? kmsan_unpoison_shadow+0x74/0xa0 [ 1222.172730][T25216] ? _copy_from_user+0x1fd/0x300 [ 1222.172730][T25216] __msan_chain_origin+0x54/0xa0 [ 1222.172730][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1222.172730][T25216] get_compat_msghdr+0x108/0x2b0 [ 1222.172730][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1222.172730][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1222.172730][T25216] ? kmsan_get_metadata+0x116/0x180 [ 1222.172730][T25216] ? kmsan_internal_set_origin+0x82/0xc0 [ 1222.172730][T25216] ? __msan_poison_alloca+0xec/0x110 [ 1222.172730][T25216] ? __sys_recvmmsg+0xb5/0x6f0 [ 1222.172730][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1222.172730][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1222.172730][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1222.172730][T25216] __do_fast_syscall_32+0x127/0x180 [ 1222.172730][T25216] do_fast_syscall_32+0x77/0xd0 [ 1222.172730][T25216] do_SYSENTER_32+0x73/0x90 [ 1222.172730][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1222.172730][T25216] RIP: 0023:0xf7f93549 [ 1222.172730][T25216] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1222.172730][T25216] RSP: 002b:00000000f558d5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1222.172730][T25216] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 1222.172730][T25216] RDX: 00000000cb88ff8b RSI: 0000000000000002 RDI: 0000000000000000 [ 1222.172730][T25216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1222.172730][T25216] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1222.172730][T25216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1222.172730][T25216] Uninit was stored to memory at: [ 1222.172730][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1222.172730][T25216] __msan_chain_origin+0x54/0xa0 [ 1222.172730][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1222.172730][T25216] get_compat_msghdr+0x108/0x2b0 [ 1222.172730][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1222.172730][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1222.172730][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1222.172730][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1222.172730][T25216] __do_fast_syscall_32+0x127/0x180 [ 1222.172730][T25216] do_fast_syscall_32+0x77/0xd0 [ 1222.172730][T25216] do_SYSENTER_32+0x73/0x90 [ 1222.172730][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1222.172730][T25216] [ 1222.172730][T25216] Uninit was stored to memory at: [ 1222.172730][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1222.172730][T25216] __msan_chain_origin+0x54/0xa0 [ 1222.172730][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1222.172730][T25216] get_compat_msghdr+0x108/0x2b0 [ 1222.172730][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1222.172730][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1222.172730][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1222.172730][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1222.172730][T25216] __do_fast_syscall_32+0x127/0x180 [ 1222.172730][T25216] do_fast_syscall_32+0x77/0xd0 [ 1222.172730][T25216] do_SYSENTER_32+0x73/0x90 [ 1222.492494][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1222.492494][T25216] [ 1222.492494][T25216] Uninit was stored to memory at: [ 1222.492494][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1222.492494][T25216] __msan_chain_origin+0x54/0xa0 [ 1222.492494][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1222.492494][T25216] get_compat_msghdr+0x108/0x2b0 [ 1222.492494][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1222.492494][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1222.492494][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1222.492494][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1222.492494][T25216] __do_fast_syscall_32+0x127/0x180 [ 1222.492494][T25216] do_fast_syscall_32+0x77/0xd0 [ 1222.492494][T25216] do_SYSENTER_32+0x73/0x90 [ 1222.492494][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1222.492494][T25216] [ 1222.492494][T25216] Uninit was stored to memory at: [ 1222.492494][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1222.492494][T25216] __msan_chain_origin+0x54/0xa0 [ 1222.492494][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1222.492494][T25216] get_compat_msghdr+0x108/0x2b0 [ 1222.492494][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1222.492494][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1222.492494][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1222.492494][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1222.492494][T25216] __do_fast_syscall_32+0x127/0x180 [ 1222.492494][T25216] do_fast_syscall_32+0x77/0xd0 [ 1222.492494][T25216] do_SYSENTER_32+0x73/0x90 [ 1222.492494][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1222.492494][T25216] [ 1222.492494][T25216] Uninit was stored to memory at: [ 1222.492494][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1222.492494][T25216] __msan_chain_origin+0x54/0xa0 [ 1222.492494][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1222.492494][T25216] get_compat_msghdr+0x108/0x2b0 [ 1222.492494][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1222.492494][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1222.492494][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1222.492494][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1222.492494][T25216] __do_fast_syscall_32+0x127/0x180 [ 1222.492494][T25216] do_fast_syscall_32+0x77/0xd0 [ 1222.492494][T25216] do_SYSENTER_32+0x73/0x90 [ 1222.492494][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1222.492494][T25216] [ 1222.492494][T25216] Uninit was stored to memory at: [ 1222.492494][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1222.492494][T25216] __msan_chain_origin+0x54/0xa0 [ 1222.492494][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1222.492494][T25216] get_compat_msghdr+0x108/0x2b0 [ 1222.492494][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1222.492494][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1222.492494][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1222.492494][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1222.492494][T25216] __do_fast_syscall_32+0x127/0x180 [ 1222.492494][T25216] do_fast_syscall_32+0x77/0xd0 [ 1222.492494][T25216] do_SYSENTER_32+0x73/0x90 [ 1222.492494][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1222.492494][T25216] [ 1222.492494][T25216] Uninit was stored to memory at: [ 1222.492494][T25216] kmsan_internal_chain_origin+0xad/0x130 [ 1222.492494][T25216] __msan_chain_origin+0x54/0xa0 [ 1222.492494][T25216] __get_compat_msghdr+0x6db/0x9d0 [ 1222.492494][T25216] get_compat_msghdr+0x108/0x2b0 [ 1222.492494][T25216] do_recvmmsg+0xdc1/0x22d0 [ 1222.492494][T25216] __sys_recvmmsg+0x519/0x6f0 [ 1222.492494][T25216] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1222.492494][T25216] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1222.492494][T25216] __do_fast_syscall_32+0x127/0x180 [ 1222.492494][T25216] do_fast_syscall_32+0x77/0xd0 [ 1222.492494][T25216] do_SYSENTER_32+0x73/0x90 [ 1222.492494][T25216] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1222.492494][T25216] [ 1222.492494][T25216] Local variable ----msg_sys@do_recvmmsg created at: [ 1222.492494][T25216] do_recvmmsg+0xbf/0x22d0 [ 1222.492494][T25216] do_recvmmsg+0xbf/0x22d0 03:07:40 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2f00}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:40 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:40 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:40 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200", 0x3a, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:07:40 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000140), 0x6) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0) 03:07:40 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000), 0x6) write$bt_hci(r0, &(0x7f0000000040)={0x1, @le_set_scan_rsp_data={{}, {0x0, "79272bbf74abdbffcc069caf0382c1bc5d5907f7ca1f6c078728eea300"}}}, 0x12) [ 1223.681096][T25233] loop2: detected capacity change from 0 to 4096 [ 1223.807240][T25233] EXT4-fs (loop2): unsupported descriptor size 0 [ 1223.821288][T25241] loop0: detected capacity change from 0 to 4096 03:07:40 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4c00}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:40 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3f00}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:40 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:41 executing program 3: perf_event_open(&(0x7f0000000000)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfff}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x0, @local, 0x0, 0x2, 'rr\x00'}, 0x2c) mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f0000000000)) 03:07:41 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200", 0x3a, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) [ 1224.844087][T25263] loop2: detected capacity change from 0 to 4096 [ 1224.982516][T25263] EXT4-fs (loop2): unsupported descriptor size 0 03:07:41 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1225.034441][T25270] loop0: detected capacity change from 0 to 4096 03:07:41 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1225.130732][T25270] EXT4-fs error (device loop0): ext4_ext_check_inode:459: inode #3: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 1225.151631][T25270] EXT4-fs error (device loop0): ext4_quota_enable:6405: comm syz-executor.0: Bad quota inode # 3 [ 1225.162890][T25270] EXT4-fs warning (device loop0): ext4_enable_quotas:6445: Failed to enable quota tracking (type=0, err=-117). Please run e2fsck to fix. 03:07:41 executing program 3: recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f0000002400)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, 0x0) preadv(r0, &(0x7f00000017c0), 0x315, 0x800000, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) 03:07:42 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1225.541158][T25270] EXT4-fs (loop0): mount failed 03:07:42 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200", 0x3a, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:07:42 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1225.984228][T25289] loop2: detected capacity change from 0 to 4096 [ 1226.019562][T25289] EXT4-fs (loop2): unsupported descriptor size 0 [ 1226.448710][T25295] loop0: detected capacity change from 0 to 4096 [ 1226.529061][T25295] EXT4-fs error (device loop0): ext4_ext_check_inode:459: inode #3: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 1226.548244][T25295] EXT4-fs error (device loop0): ext4_quota_enable:6405: comm syz-executor.0: Bad quota inode # 3 [ 1226.561467][T25295] EXT4-fs warning (device loop0): ext4_enable_quotas:6445: Failed to enable quota tracking (type=0, err=-117). Please run e2fsck to fix. [ 1226.585338][T25295] EXT4-fs (loop0): mount failed [ 1227.761826][ T305] device hsr_slave_0 left promiscuous mode [ 1227.771445][ T305] device hsr_slave_1 left promiscuous mode [ 1227.781289][ T305] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1227.789697][ T305] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1227.804281][ T305] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1227.811988][ T305] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1227.834730][ T305] device bridge_slave_1 left promiscuous mode [ 1227.843113][ T305] bridge0: port 2(bridge_slave_1) entered disabled state [ 1227.864433][ T305] device bridge_slave_0 left promiscuous mode [ 1227.871346][ T305] bridge0: port 1(bridge_slave_0) entered disabled state [ 1227.903351][ T305] device veth1_macvtap left promiscuous mode [ 1227.909608][ T305] device veth0_macvtap left promiscuous mode [ 1227.916542][ T305] device veth1_vlan left promiscuous mode [ 1227.922677][ T305] device veth0_vlan left promiscuous mode [ 1231.459095][ T305] team0 (unregistering): Port device team_slave_1 removed [ 1231.480912][ T305] team0 (unregistering): Port device team_slave_0 removed [ 1231.500176][ T305] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1231.520959][ T305] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1231.611521][ T305] bond0 (unregistering): Released all slaves [ 1231.671834][T25325] IPVS: ftp: loaded support on port[0] = 21 [ 1231.862576][ T8870] Bluetooth: hci5: command 0x0409 tx timeout [ 1231.890913][T25325] chnl_net:caif_netlink_parms(): no params data found [ 1232.005474][T25325] bridge0: port 1(bridge_slave_0) entered blocking state [ 1232.013528][T25325] bridge0: port 1(bridge_slave_0) entered disabled state [ 1232.023495][T25325] device bridge_slave_0 entered promiscuous mode [ 1232.051332][T25325] bridge0: port 2(bridge_slave_1) entered blocking state [ 1232.059026][T25325] bridge0: port 2(bridge_slave_1) entered disabled state [ 1232.069724][T25325] device bridge_slave_1 entered promiscuous mode [ 1232.118253][T25325] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1232.136973][T25325] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1232.195912][T25325] team0: Port device team_slave_0 added [ 1232.210195][T25325] team0: Port device team_slave_1 added [ 1232.258383][T25325] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1232.266125][T25325] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1232.293924][T25325] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1232.317098][T25325] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1232.324648][T25325] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1232.352901][T25325] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1232.418122][T25325] device hsr_slave_0 entered promiscuous mode [ 1232.436971][T25325] device hsr_slave_1 entered promiscuous mode [ 1232.445806][T25325] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1232.455372][T25325] Cannot create hsr debugfs directory [ 1232.897096][T25325] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1232.922157][T24214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1232.931335][T24214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1232.950251][T25325] 8021q: adding VLAN 0 to HW filter on device team0 [ 1232.971717][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1232.981866][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1232.991471][ T775] bridge0: port 1(bridge_slave_0) entered blocking state [ 1232.999074][ T775] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1233.009867][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1233.027130][T24214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1233.037444][T24214] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1233.047361][T24214] bridge0: port 2(bridge_slave_1) entered blocking state [ 1233.054953][T24214] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1233.080221][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1233.101926][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1233.124391][T24214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1233.135773][T24214] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1233.147838][ T9443] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1233.164272][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1233.177288][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1233.199543][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1233.209518][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1233.236518][T25325] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1233.250236][T25325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1233.261448][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1233.274840][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1233.307854][ T9443] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1233.316044][ T9443] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1233.344164][T25325] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1233.449458][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1233.461325][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1233.503915][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1233.513864][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1233.527091][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1233.535890][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1233.556131][T25325] device veth0_vlan entered promiscuous mode [ 1233.580846][T25325] device veth1_vlan entered promiscuous mode [ 1233.630949][T24214] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1233.640536][T24214] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1233.650773][T24214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1233.661387][T24214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1233.686610][T25325] device veth0_macvtap entered promiscuous mode [ 1233.711205][T25325] device veth1_macvtap entered promiscuous mode [ 1233.742044][T25325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1233.753354][T25325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1233.763972][T25325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1233.775176][T25325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1233.785761][T25325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1233.796605][T25325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1233.806923][T25325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1233.817682][T25325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1233.832734][T25325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 1233.843856][T25325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1233.858859][T25325] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1233.868243][ T9443] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1233.878689][ T9443] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1233.888512][ T9443] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1233.898905][ T9443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1233.926016][T25325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1233.937659][T25325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1233.947881][T25325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1233.958577][T25325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1233.968853][T25325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1233.980776][T25325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1233.991993][T25325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1234.002979][T25325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.013199][T25325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1234.024263][T25325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1234.039003][T25325] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1234.047532][ T775] Bluetooth: hci5: command 0x041b tx timeout [ 1234.057758][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1234.068616][ T775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1234.363122][ T98] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1234.371164][ T98] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1234.382934][T24204] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1234.480655][ T654] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1234.489270][ T654] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1234.498046][ T9443] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 03:07:51 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) r2 = socket$kcm(0xa, 0x2, 0x11) setsockopt$sock_attach_bpf(r2, 0x29, 0x43, &(0x7f00000001c0), 0x4) 03:07:51 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4010}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:51 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:51 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000200008000f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x4000}], 0x0, &(0x7f0000011100)) socket$key(0xf, 0x3, 0x2) open(&(0x7f0000000500)='./file0/file0\x00', 0x40240, 0x0) 03:07:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af3010004000000000000000000000002000000", 0x3c, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:07:51 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6c00}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1234.835153][T25564] loop2: detected capacity change from 0 to 4096 [ 1234.905387][T25568] loop0: detected capacity change from 0 to 4096 [ 1234.918902][T25570] loop3: detected capacity change from 0 to 64 [ 1234.977449][T25564] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 1235.020990][T25568] EXT4-fs error (device loop0): ext4_ext_check_inode:459: inode #3: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 1235.040009][T25568] EXT4-fs error (device loop0): ext4_quota_enable:6405: comm syz-executor.0: Bad quota inode # 3 [ 1235.047546][T25570] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1235.050896][T25568] EXT4-fs warning (device loop0): ext4_enable_quotas:6445: Failed to enable quota tracking (type=0, err=-117). Please run e2fsck to fix. 03:07:51 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6e00}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:52 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:52 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1235.484484][T25568] EXT4-fs (loop0): mount failed 03:07:52 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x78) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa70}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000140)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4, &(0x7f0000000940)=ANY=[], 0x0, 0x0, 0xf3, &(0x7f00000006c0)=""/243, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000800)={0x1, 0xa, 0x8000}, 0x10}, 0x78) gettid() perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0x0, 0x6, 0x2f, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x5, 0x1, 0x0, @perf_config_ext={0x0, 0x1}, 0x40002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xe, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x2000000003, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1, 0xb, &(0x7f0000000d40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x81}, @jmp={0x5, 0x1, 0x3, 0x3, 0x4, 0xffffffffffffffff, 0xfffffffffffffff0}, @ldst={0x2, 0x3, 0x3, 0x2, 0x1, 0x80, 0xfffffffffffffffc}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}]}, 0x0, 0x401, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x8, &(0x7f0000000e00)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000e40)={0x0, 0x0, 0x4, 0x17}, 0x10, 0x0, r0}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x13, 0xa, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffff81, 0x0, 0x0, 0x0, 0x3e}, [@exit, @generic={0xff, 0x8, 0x8, 0x4, 0x10f}, @generic={0x7, 0x8, 0x2, 0x7, 0x5}, @alu={0x7, 0x0, 0xb, 0x0, 0x4, 0x18}, @map={0x18, 0x9, 0x1, 0x0, 0x1}, @exit]}, &(0x7f0000000680)='GPL\x00', 0xef, 0xd0, &(0x7f00000009c0)=""/208, 0x40f00, 0x2, '\x00', 0x0, 0x39, 0xffffffffffffffff, 0x8, &(0x7f00000007c0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000ac0)={0x4, 0x7, 0x9, 0x1}, 0x10, 0x0, r3}, 0x78) sendmsg$kcm(r2, &(0x7f0000000500)={&(0x7f0000000240)=@ipx={0x4, 0x8, 0x7, "d7a90fb8449e", 0x1}, 0x80, &(0x7f00000004c0)=[{&(0x7f00000003c0)="a1ba00d059b7a6c053503db8e24038f0fff3c65011a93843360f10150c5df9c6fc3c2caff7c5ed4aace561e420fe4dda8871f29a86d527fda56c8e31352a77f919ec206e324a65707860b2f0386eccc2979410a1b8aa1e5470245058561806d777a42fe9792b707839986a3b393a9fe3bc4fdb2612695f780911a4f8b7bada1577b6c813545a26edf3f4f554462067bf045466bfec1bf1d9951c61dc40de6a73b7d49a53207bc4d4d3b611c8e455bee206bb17bd202550187112d6f73bf4070eff6a776114de", 0xc6}], 0x1, &(0x7f00000008c0)=[{0xe8, 0x10a, 0x7ff, "cb16ce0b006ed2714d3da704172c739809049bf6aeab146737097f012bb12d92532802642333577508e6a75986d7ec8c38c7d7e5b01a18f57ada01c9219474414c14ad7664b3d1e49188de11db31f367efcc3d738d04202e07d7d261df2563ad1d72bade6b5150b207fbf58bdbba2d854e348e35cacfb960097f39dbe4f3d73e7224b3adc02729989b4231cea016a29d723aed1579ef8782e43f44d5bc3f1c4181e5a212f5b172d17eb2c455d2aa739730df140bbd4a9722727b2ab8637c80f3b39ad92a999a4ce1a5f4f9260361509bb12520d6"}], 0xe8}, 0x81) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) gettid() r4 = gettid() perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xff, 0x0, 0x20, 0x7, 0x0, 0x8000, 0xa0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x10000000, 0x0, @perf_config_ext={0x3ff, 0x3ff}, 0x4408, 0xf929, 0xffffffc1, 0x7, 0xffff, 0x90, 0x80, 0x0, 0xffff, 0x0, 0x3de9}, 0x0, 0xd, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000340)={0x3, 0x80, 0x6, 0x5, 0xdf, 0x0, 0x0, 0xc0f1, 0x8000, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4fe0, 0x1, @perf_config_ext={0x101, 0x7f00000}, 0x10066, 0x20, 0x6, 0x4, 0x400, 0x2, 0x1, 0x0, 0x0, 0x0, 0x5}, r4, 0xf, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000000)='ip6gre0\x00') socketpair(0x0, 0x2000000003, 0x0, &(0x7f00000005c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f2, &(0x7f0000000000)='ip6gre0\x00') [ 1235.677499][ T654] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 03:07:52 executing program 5: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) bpf$BPF_PROG_GET_NEXT_ID(0xb, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000001640), 0xff5f) perf_event_open(&(0x7f0000000000)={0x4, 0x70, 0x0, 0x0, 0x1f}, 0xffffffffffffffff, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x29, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0xfffffffffffffce8}, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x33005) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e24, @empty}, 0x0, 0x3, 0x1, 0x1}}, 0x80, &(0x7f0000000c40)=[{&(0x7f0000000780)="281a271747e48cbcf2eac6848c0040d71c0d9bcaa95c24823422545a166a16898141ad158b2d148987d74b36282e25557b184feeb63a97de04ed4cd7ef89734a628e93e5f5e50ba65c6d2dd95b67afbd96b71cb643be85df72a212eafbcefaf099dfff696ca22cd3794b204b0976ba64ec8ec60d4da4017c6dfccb86278595512cf6c3a1f3bd5d9adb0eaaba9006", 0x8e}, {&(0x7f0000000280)="412a9448611ff8597808d39f89eb2d4055809be7fdc411", 0x17}, {&(0x7f0000000b00)="6b82e24edc976d7a7989ddeee55b2a0ce477c5e2762525e7183fa5dd75894f204a3a88ab47e7f2e9eb7d5e6b76a09beac50132fdde21004689efcad2e24c04f3f0b0360ab9e2142644f0a3253bdfc4549c7bd90df1fa293216051e8381c5edfff47f669823795058268f36fec12045297fcf7bbb5fe75676998b17879f0c26cb90b8cc4faa40cfb737c78b97df091f6653145365b3dc39ab343e5e00f60f1bb489e5dc1ff0e2ba7c34f27e2eec0121ccae6d65b8b0234c6da4dbeeba74456fbd4c9387d9fcea1e8c51426f64592acf1742c44269", 0xd4}, {0x0}, {&(0x7f0000000c00)}], 0x5, &(0x7f0000001340)=[{0xb0, 0x109, 0xfffb, "61f6f7cf5268fa230a9b249caaefd958c94d37ad59e75f882d79b47395dde6c300ac7e560cceef9b0f3c819983618b0fc4f18b130b838029c630d964d64fb24fcbc5a4834ad51bd45a3ba0fa0c2e32ee07c064a3034b3c89109b6467de12806e5949ae32ecbb62cea100fc6df7b2f9950b05d184bdbd568315191b96ae7db0354243ec13c2fe01f861371b9a2418846a8a99eee52df2b696a70c3dcd577cbf"}, {0xb0, 0x88, 0x3, "7fa3030a9f4abb3d9980154d89695a7d431ccbd105fb8916e961cbda969bbeb783ca24a9773603bf0fb6c6ea896e35089d4cfcf37b29bd97d7718e79db138ebba608d18f0ee0267b305771f6fe833742e9e5f478e9ec9516b1cefc55f7c4ced0ac1607cf0e4ddc7759edfe88868c85c278c0623aa1bb34d4170ea32223135f260c50dee03bbaf4c6a6172b18f5cc1ddd39d1c9faa25ae587cdc42b"}], 0x160}, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f1, &(0x7f0000000580)='ip6_vti0\x00') perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x4050}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000880)={0x3, 0x70, 0x0, 0x2, 0x7, 0x1d, 0x0, 0x8001, 0x0, 0x4, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0xae8, 0x1, 0x0, 0x40c, 0x9d, 0x5, 0x8, 0xffff, 0xee3, 0xff}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0) 03:07:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af3010004000000000000000000000002000000", 0x3c, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:07:52 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1236.018423][T25596] loop2: detected capacity change from 0 to 4096 [ 1236.092564][ T775] Bluetooth: hci5: command 0x040f tx timeout [ 1236.100657][T25596] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 1236.312043][T25611] loop0: detected capacity change from 0 to 4096 03:07:53 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4c00}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:53 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1236.467058][T25611] EXT4-fs error (device loop0): ext4_ext_check_inode:459: inode #3: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 1236.486368][T25611] EXT4-fs error (device loop0): ext4_quota_enable:6405: comm syz-executor.0: Bad quota inode # 3 [ 1236.497752][T25611] EXT4-fs warning (device loop0): ext4_enable_quotas:6445: Failed to enable quota tracking (type=0, err=-117). Please run e2fsck to fix. [ 1236.653281][T20785] Bluetooth: hci0: command 0x2009 tx timeout 03:07:53 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, &(0x7f0000000280)=""/158, 0x26, 0x9e, 0x1}, 0x20) 03:07:53 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7102}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1236.828393][T25611] EXT4-fs (loop0): mount failed 03:07:53 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x78) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa70}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000140)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4, &(0x7f0000000940)=ANY=[], 0x0, 0x0, 0xf3, &(0x7f00000006c0)=""/243, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000800)={0x1, 0xa, 0x8000}, 0x10}, 0x78) gettid() perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0x0, 0x6, 0x2f, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x5, 0x1, 0x0, @perf_config_ext={0x0, 0x1}, 0x40002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xe, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x2000000003, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1, 0xb, &(0x7f0000000d40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x81}, @jmp={0x5, 0x1, 0x3, 0x3, 0x4, 0xffffffffffffffff, 0xfffffffffffffff0}, @ldst={0x2, 0x3, 0x3, 0x2, 0x1, 0x80, 0xfffffffffffffffc}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}]}, 0x0, 0x401, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x8, &(0x7f0000000e00)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000e40)={0x0, 0x0, 0x4, 0x17}, 0x10, 0x0, r0}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x13, 0xa, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffff81, 0x0, 0x0, 0x0, 0x3e}, [@exit, @generic={0xff, 0x8, 0x8, 0x4, 0x10f}, @generic={0x7, 0x8, 0x2, 0x7, 0x5}, @alu={0x7, 0x0, 0xb, 0x0, 0x4, 0x18}, @map={0x18, 0x9, 0x1, 0x0, 0x1}, @exit]}, &(0x7f0000000680)='GPL\x00', 0xef, 0xd0, &(0x7f00000009c0)=""/208, 0x40f00, 0x2, '\x00', 0x0, 0x39, 0xffffffffffffffff, 0x8, &(0x7f00000007c0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000ac0)={0x4, 0x7, 0x9, 0x1}, 0x10, 0x0, r3}, 0x78) sendmsg$kcm(r2, &(0x7f0000000500)={&(0x7f0000000240)=@ipx={0x4, 0x8, 0x7, "d7a90fb8449e", 0x1}, 0x80, &(0x7f00000004c0)=[{&(0x7f00000003c0)="a1ba00d059b7a6c053503db8e24038f0fff3c65011a93843360f10150c5df9c6fc3c2caff7c5ed4aace561e420fe4dda8871f29a86d527fda56c8e31352a77f919ec206e324a65707860b2f0386eccc2979410a1b8aa1e5470245058561806d777a42fe9792b707839986a3b393a9fe3bc4fdb2612695f780911a4f8b7bada1577b6c813545a26edf3f4f554462067bf045466bfec1bf1d9951c61dc40de6a73b7d49a53207bc4d4d3b611c8e455bee206bb17bd202550187112d6f73bf4070eff6a776114de", 0xc6}], 0x1, &(0x7f00000008c0)=[{0xe8, 0x10a, 0x7ff, "cb16ce0b006ed2714d3da704172c739809049bf6aeab146737097f012bb12d92532802642333577508e6a75986d7ec8c38c7d7e5b01a18f57ada01c9219474414c14ad7664b3d1e49188de11db31f367efcc3d738d04202e07d7d261df2563ad1d72bade6b5150b207fbf58bdbba2d854e348e35cacfb960097f39dbe4f3d73e7224b3adc02729989b4231cea016a29d723aed1579ef8782e43f44d5bc3f1c4181e5a212f5b172d17eb2c455d2aa739730df140bbd4a9722727b2ab8637c80f3b39ad92a999a4ce1a5f4f9260361509bb12520d6"}], 0xe8}, 0x81) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) gettid() r4 = gettid() perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xff, 0x0, 0x20, 0x7, 0x0, 0x8000, 0xa0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x10000000, 0x0, @perf_config_ext={0x3ff, 0x3ff}, 0x4408, 0xf929, 0xffffffc1, 0x7, 0xffff, 0x90, 0x80, 0x0, 0xffff, 0x0, 0x3de9}, 0x0, 0xd, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000340)={0x3, 0x80, 0x6, 0x5, 0xdf, 0x0, 0x0, 0xc0f1, 0x8000, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4fe0, 0x1, @perf_config_ext={0x101, 0x7f00000}, 0x10066, 0x20, 0x6, 0x4, 0x400, 0x2, 0x1, 0x0, 0x0, 0x0, 0x5}, r4, 0xf, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000000)='ip6gre0\x00') socketpair(0x0, 0x2000000003, 0x0, &(0x7f00000005c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f2, &(0x7f0000000000)='ip6gre0\x00') [ 1236.943478][T25627] loop2: detected capacity change from 0 to 4096 [ 1236.987861][T25627] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 03:07:53 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af3010004000000000000000000000002000000", 0x3c, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:07:54 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:54 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:54 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1237.536234][T25647] loop0: detected capacity change from 0 to 4096 03:07:54 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, &(0x7f0000000280)=""/158, 0x26, 0x9e, 0x1}, 0x20) [ 1237.762646][T25655] loop2: detected capacity change from 0 to 4096 [ 1237.797484][T25655] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 03:07:54 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x78) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa70}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000140)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4, &(0x7f0000000940)=ANY=[], 0x0, 0x0, 0xf3, &(0x7f00000006c0)=""/243, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000800)={0x1, 0xa, 0x8000}, 0x10}, 0x78) gettid() perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0x0, 0x6, 0x2f, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x5, 0x1, 0x0, @perf_config_ext={0x0, 0x1}, 0x40002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xe, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x2000000003, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1, 0xb, &(0x7f0000000d40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x81}, @jmp={0x5, 0x1, 0x3, 0x3, 0x4, 0xffffffffffffffff, 0xfffffffffffffff0}, @ldst={0x2, 0x3, 0x3, 0x2, 0x1, 0x80, 0xfffffffffffffffc}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}]}, 0x0, 0x401, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x8, &(0x7f0000000e00)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000e40)={0x0, 0x0, 0x4, 0x17}, 0x10, 0x0, r0}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x13, 0xa, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffff81, 0x0, 0x0, 0x0, 0x3e}, [@exit, @generic={0xff, 0x8, 0x8, 0x4, 0x10f}, @generic={0x7, 0x8, 0x2, 0x7, 0x5}, @alu={0x7, 0x0, 0xb, 0x0, 0x4, 0x18}, @map={0x18, 0x9, 0x1, 0x0, 0x1}, @exit]}, &(0x7f0000000680)='GPL\x00', 0xef, 0xd0, &(0x7f00000009c0)=""/208, 0x40f00, 0x2, '\x00', 0x0, 0x39, 0xffffffffffffffff, 0x8, &(0x7f00000007c0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000ac0)={0x4, 0x7, 0x9, 0x1}, 0x10, 0x0, r3}, 0x78) sendmsg$kcm(r2, &(0x7f0000000500)={&(0x7f0000000240)=@ipx={0x4, 0x8, 0x7, "d7a90fb8449e", 0x1}, 0x80, &(0x7f00000004c0)=[{&(0x7f00000003c0)="a1ba00d059b7a6c053503db8e24038f0fff3c65011a93843360f10150c5df9c6fc3c2caff7c5ed4aace561e420fe4dda8871f29a86d527fda56c8e31352a77f919ec206e324a65707860b2f0386eccc2979410a1b8aa1e5470245058561806d777a42fe9792b707839986a3b393a9fe3bc4fdb2612695f780911a4f8b7bada1577b6c813545a26edf3f4f554462067bf045466bfec1bf1d9951c61dc40de6a73b7d49a53207bc4d4d3b611c8e455bee206bb17bd202550187112d6f73bf4070eff6a776114de", 0xc6}], 0x1, &(0x7f00000008c0)=[{0xe8, 0x10a, 0x7ff, "cb16ce0b006ed2714d3da704172c739809049bf6aeab146737097f012bb12d92532802642333577508e6a75986d7ec8c38c7d7e5b01a18f57ada01c9219474414c14ad7664b3d1e49188de11db31f367efcc3d738d04202e07d7d261df2563ad1d72bade6b5150b207fbf58bdbba2d854e348e35cacfb960097f39dbe4f3d73e7224b3adc02729989b4231cea016a29d723aed1579ef8782e43f44d5bc3f1c4181e5a212f5b172d17eb2c455d2aa739730df140bbd4a9722727b2ab8637c80f3b39ad92a999a4ce1a5f4f9260361509bb12520d6"}], 0xe8}, 0x81) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) gettid() r4 = gettid() perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xff, 0x0, 0x20, 0x7, 0x0, 0x8000, 0xa0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x10000000, 0x0, @perf_config_ext={0x3ff, 0x3ff}, 0x4408, 0xf929, 0xffffffc1, 0x7, 0xffff, 0x90, 0x80, 0x0, 0xffff, 0x0, 0x3de9}, 0x0, 0xd, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000340)={0x3, 0x80, 0x6, 0x5, 0xdf, 0x0, 0x0, 0xc0f1, 0x8000, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4fe0, 0x1, @perf_config_ext={0x101, 0x7f00000}, 0x10066, 0x20, 0x6, 0x4, 0x400, 0x2, 0x1, 0x0, 0x0, 0x0, 0x5}, r4, 0xf, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000000)='ip6gre0\x00') socketpair(0x0, 0x2000000003, 0x0, &(0x7f00000005c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f2, &(0x7f0000000000)='ip6gre0\x00') 03:07:54 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:07:54 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:54 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1238.173850][T20785] Bluetooth: hci5: command 0x0419 tx timeout 03:07:54 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7a00}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:54 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, &(0x7f0000000280)=""/158, 0x26, 0x9e, 0x1}, 0x20) [ 1238.336600][T25671] loop0: detected capacity change from 0 to 4096 [ 1238.423131][T25671] EXT4-fs error (device loop0): ext4_quota_enable:6405: comm syz-executor.0: Bad quota inode # 3 [ 1238.434147][T25671] EXT4-fs warning (device loop0): ext4_enable_quotas:6445: Failed to enable quota tracking (type=0, err=-116). Please run e2fsck to fix. [ 1238.461772][T25671] EXT4-fs (loop0): mount failed [ 1238.509545][T25681] loop2: detected capacity change from 0 to 4096 [ 1238.583007][T25681] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 1238.733540][T24204] Bluetooth: hci0: command 0x2009 tx timeout 03:07:55 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:07:55 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x78) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa70}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000140)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4, &(0x7f0000000940)=ANY=[], 0x0, 0x0, 0xf3, &(0x7f00000006c0)=""/243, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000800)={0x1, 0xa, 0x8000}, 0x10}, 0x78) gettid() perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0x0, 0x6, 0x2f, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x5, 0x1, 0x0, @perf_config_ext={0x0, 0x1}, 0x40002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xe, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x2000000003, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1, 0xb, &(0x7f0000000d40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x81}, @jmp={0x5, 0x1, 0x3, 0x3, 0x4, 0xffffffffffffffff, 0xfffffffffffffff0}, @ldst={0x2, 0x3, 0x3, 0x2, 0x1, 0x80, 0xfffffffffffffffc}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}]}, 0x0, 0x401, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x8, &(0x7f0000000e00)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000e40)={0x0, 0x0, 0x4, 0x17}, 0x10, 0x0, r0}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x13, 0xa, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffff81, 0x0, 0x0, 0x0, 0x3e}, [@exit, @generic={0xff, 0x8, 0x8, 0x4, 0x10f}, @generic={0x7, 0x8, 0x2, 0x7, 0x5}, @alu={0x7, 0x0, 0xb, 0x0, 0x4, 0x18}, @map={0x18, 0x9, 0x1, 0x0, 0x1}, @exit]}, &(0x7f0000000680)='GPL\x00', 0xef, 0xd0, &(0x7f00000009c0)=""/208, 0x40f00, 0x2, '\x00', 0x0, 0x39, 0xffffffffffffffff, 0x8, &(0x7f00000007c0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000ac0)={0x4, 0x7, 0x9, 0x1}, 0x10, 0x0, r3}, 0x78) sendmsg$kcm(r2, &(0x7f0000000500)={&(0x7f0000000240)=@ipx={0x4, 0x8, 0x7, "d7a90fb8449e", 0x1}, 0x80, &(0x7f00000004c0)=[{&(0x7f00000003c0)="a1ba00d059b7a6c053503db8e24038f0fff3c65011a93843360f10150c5df9c6fc3c2caff7c5ed4aace561e420fe4dda8871f29a86d527fda56c8e31352a77f919ec206e324a65707860b2f0386eccc2979410a1b8aa1e5470245058561806d777a42fe9792b707839986a3b393a9fe3bc4fdb2612695f780911a4f8b7bada1577b6c813545a26edf3f4f554462067bf045466bfec1bf1d9951c61dc40de6a73b7d49a53207bc4d4d3b611c8e455bee206bb17bd202550187112d6f73bf4070eff6a776114de", 0xc6}], 0x1, &(0x7f00000008c0)=[{0xe8, 0x10a, 0x7ff, "cb16ce0b006ed2714d3da704172c739809049bf6aeab146737097f012bb12d92532802642333577508e6a75986d7ec8c38c7d7e5b01a18f57ada01c9219474414c14ad7664b3d1e49188de11db31f367efcc3d738d04202e07d7d261df2563ad1d72bade6b5150b207fbf58bdbba2d854e348e35cacfb960097f39dbe4f3d73e7224b3adc02729989b4231cea016a29d723aed1579ef8782e43f44d5bc3f1c4181e5a212f5b172d17eb2c455d2aa739730df140bbd4a9722727b2ab8637c80f3b39ad92a999a4ce1a5f4f9260361509bb12520d6"}], 0xe8}, 0x81) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) gettid() r4 = gettid() perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xff, 0x0, 0x20, 0x7, 0x0, 0x8000, 0xa0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x10000000, 0x0, @perf_config_ext={0x3ff, 0x3ff}, 0x4408, 0xf929, 0xffffffc1, 0x7, 0xffff, 0x90, 0x80, 0x0, 0xffff, 0x0, 0x3de9}, 0x0, 0xd, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000340)={0x3, 0x80, 0x6, 0x5, 0xdf, 0x0, 0x0, 0xc0f1, 0x8000, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4fe0, 0x1, @perf_config_ext={0x101, 0x7f00000}, 0x10066, 0x20, 0x6, 0x4, 0x400, 0x2, 0x1, 0x0, 0x0, 0x0, 0x5}, r4, 0xf, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000000)='ip6gre0\x00') socketpair(0x0, 0x2000000003, 0x0, &(0x7f00000005c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f2, &(0x7f0000000000)='ip6gre0\x00') 03:07:55 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6c00}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:55 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xda03}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:55 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:55 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, &(0x7f0000000280)=""/158, 0x26, 0x9e, 0x1}, 0x20) [ 1239.309433][T25702] loop0: detected capacity change from 0 to 4096 [ 1239.369368][T25713] loop2: detected capacity change from 0 to 4096 [ 1239.386770][T25713] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 1239.509856][T25702] EXT4-fs error (device loop0): ext4_quota_enable:6405: comm syz-executor.0: Bad quota inode # 3 [ 1239.522525][T25702] EXT4-fs warning (device loop0): ext4_enable_quotas:6445: Failed to enable quota tracking (type=0, err=-116). Please run e2fsck to fix. 03:07:56 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1239.752740][T25702] EXT4-fs (loop0): mount failed 03:07:56 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6e00}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:56 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xff07}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:56 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{0x0, 0x1}]}]}}, &(0x7f00000005c0)=""/135, 0x32, 0x87, 0x1}, 0x20) [ 1239.917548][T25723] loop2: detected capacity change from 0 to 4096 [ 1239.937773][T25723] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 03:07:56 executing program 5: bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 03:07:56 executing program 3: perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1c60c}, 0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r1, &(0x7f0000000140)={&(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, 0x0}, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) write$cgroup_int(r2, &(0x7f0000000000), 0x20000) 03:07:56 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000", 0x1e, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:07:56 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:57 executing program 5: bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 03:07:57 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x15180}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:57 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1240.686861][T25746] loop2: detected capacity change from 0 to 4096 [ 1240.707044][T25745] loop0: detected capacity change from 0 to 4096 [ 1240.793233][T25746] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 03:07:57 executing program 3: socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[{0x0}, {&(0x7f0000000100)="98", 0x1}], 0x2}, 0x0) 03:07:57 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:07:57 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:57 executing program 5: bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 03:07:58 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x20000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:58 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1241.551369][T25770] loop0: detected capacity change from 0 to 4096 [ 1241.680073][T25770] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1241.694441][T25770] EXT4-fs (loop0): get root inode failed [ 1241.700280][T25770] EXT4-fs (loop0): mount failed 03:07:58 executing program 3: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000780)={&(0x7f0000000740)='./file0\x00', 0x0, 0x8}, 0x10) [ 1241.747924][T25780] loop2: detected capacity change from 0 to 4096 [ 1241.786914][T25780] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 03:07:58 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x40000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:58 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={0x0, &(0x7f0000000280)=""/158, 0x0, 0x9e, 0x1}, 0x20) 03:07:58 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf465", 0x33, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:58 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:07:58 executing program 3: openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cpuset.memory_pressure\x00', 0x26e1, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000200)='ns/mnt\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f00000002c0)=0x4, 0x12) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) openat$cgroup_subtree(r1, &(0x7f0000000380), 0x2, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xe, &(0x7f0000001380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000001a000000b7000000000000009500000000000000abb140172c26b1954b26c933f7ffffffffffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da48b55004cd4bf901115e17392ac66ad029d1c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e57f9b0760a94ff3ecbca40d23f668bab52548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a67081d337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b217369c8eb6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacdefc5f9094fa737c2bf8c4bc79d4528cacceaede3faedc51d29a47fc813ce3d32cfc7a53ac271d6d6f4ea6bf97f2f33e2ea2e3b4300bcb3fdc4b4861004eefbda7f54f52a804d4a69bf9bc5fa774dcec08f2a72956a488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b8496da787e814c4fd21a18986252a70f8f92eb6f0e8c7db3503680e5e5971ff4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa909ac06b57479321a0574fb304bc2a1681989328c8ddc20ea011bf5742e0ef94234db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af378cf531fff722e07427cd3053326f37f3e2c25a61ec45c3af97a4aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc61e058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde0745db06753a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f619b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55d000abcdb040f6266e548b01623258a141bd587cc9da818b560507acd75ed46de56ef907b059b90b8aa49afb9a79ae5498f6000080ed6e657b9c670012be05e7e00940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d87cbb54e588fe5d6944ee4de5c183c960119451c31539b22009e1d7f0cda06a9fa87d64cb77872a0aa9a104e16bb1a2bacf13464ca03aff14b9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33267425962b9c0e153b28b21c98247d55d4410572bc45b9d3fa02208d304d455c363000000000223201780200c6ed79547dbf8b497adda7000800001d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c026ab7f4a5c81921f0100000054642b49b747f3bf2c01808b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee938a836804ed3a1079b0282a12043408cd61b687dcff910700000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb78192544157837e646aaddea394cd8fff71c2710a7ea8ae0dc214e1cc275b26adfa892e6de9200000000e50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab50fe82d5a96b09c68c73de2fea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d189fad98c308e39bd5ffb6151d79c1cee1cdfba05e2bbf9ec5499f79650f2e33bc3633be3f00000015762e5f5a3a0bc33fdbe28a5fdcfc5a807c48cd792fe7f7919309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535437dc0fc9d5f98a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d310ab16bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14f7d45071fc4308ea9e200000000d8ca84c03f859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4000000000000000749efd37636555dd334bae8e580000b0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419a5c16e2055b850580994484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baee000000004bca5b5452b79d7b574a2437514a0c7f6f19715d88e2bdaf7f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0a2e9120be61e57d278888901d44bf77ff246605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f3101987602688888ccb85c86b4f8ffffff5f000000002c331fca5224550346115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77a23b0000e49666c464d35ca9b50f3ed3b3dc8c17a23692759ccf8b6f5311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a2102fa1296dfff4a979369b0e8ebc62887aa46e820a98e353047dbf0686d147357024eb3cb94f0489cb5ba0a56aa046b4dc521a3d9356b4b8b5817c4c8604000040e80086bde261fd00000000007271e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d1b8b90bc0df4cfb0b9c8c80158b4418dd46989136961de6d9ecae9420654f7016b0aac117087406d343e27b372d6027ab2aec8f2bcad7fe6bb932bc5751d2974e95455a277f9a9aeb29aa185d7fe74b25a3b472bc7bbdd2ac5a1ea608e8137ace03361607cc1a84d7659355629ab13ad49008c3fcfa2423439acbf537801d3b384d63b95a3607961d5b59da48a0155e8e42cc13c702cc40c89cf86c2021d72f9f4ab1b0e0a755a5a39593c93871ff7eb5ecadb64837a2d887236cedaa5152e3d5864e57581b61f2b0960600000000000000265f091e7bce17d20604c5ab751773a5cf2ed6c94682ebf13548209b8a719a7abc06ed03832bf274707c7c970edc20d2cb639ecd58709b05a20097208d03f7a146a69019136160644a149619596fae997eecfa0dc3dcec19d3d901fe75c8710470d9eb6f62c5c721883f15448fbade7716f159af1c8dab05a933746c16b6e93294b561c6715a32a394ed1e6c014e0c931bfa52c58c6f34d64e758a7a7f7dcbcc55257215c8ae719dc1c232fc6699ef83f85887d04a543030b4328ab48744ac23ff56fd2da52eb9f92eefddd2d92d73ac1b111ea8b1e1fec36a3579879acfe366d393f1fa9cbe08d9ba57a443643e9cd2519c88e91a5e458e66ea26822d27a45e0a9c10a127fed19e36b5264660665dfdbeab3ec99495639bc57155d4dd919a956b4c25a08cb6e1a9b4d6813a0fd07a4ad9df661ab8b86a932db0df838b178540d88be2983200703864a3b9e1482cb479dad6d34d211b05267eb1355520e9ec0c5014b0832f7fb35782fdbfcbf5e23a7f5d51ea480371748d18d8e10608ab8261fe058d1732f28814a9981d84a04a2bb36c89bdd245e3293a14df1ac567300000514f103abd387d6ef2d9d94508ac0f6135c8921279573e9ef585980789a92b9848906f545559d32112b5040f0776703363249ca98499efbb9e7362e4999594c1086d8954e9469db01d010000003148663e9ea2e755d96c2986712d25a9a32565e947d03c42215118426d5451c262985bd571c363d260faea1db53e4ff3427c90aefa2662a1c2b28b0e020e872bda1d39da508de5dbc37d03ee056b257988c76799589a265ba6ae3ece8887c5daca000000009f404918086388a0176440666ec79a69822c9fba4500b1f640671f1ffc483528000000000000b9a4d370302b12101dab71d3e31160a40250ef0cbf09ded601dce47f40f96e4646787cef5ad6ad4ee2d3966f9cf50e45d021a81ba62340c4c352581163c48938000000000000a8268a8247adcd7165421170bfdf5df908f207498ccfed607b10c54a68ef02194a231060b0bb2a0ef1a496db598a95838d842d777684f9c82797237d7e56595e5d9e0c6bf104d3a04b23f9b73aa9d09a26e5af68e5e368381f28327c1e24d740612930680742cb8925bb3d377a9d02654a0fef31d2ffd02cbe197cd718ae25458975dc762d29b843069c2ea1ed94c713570286e5478e01409b844e16f1a74c005f05caf5322736aabb89970c0ae3c55a54974da7ebe936692b1e982908703989dc439f33b81551c2b0b11dfa2dfbf4d5005ec5f05c6e556fe62f09484dd64d3b8c2dd5c578bb338c7914ab5550816ed0f7105dc4051f7c7030e6fc5fcbf1d5113f9a01455f5a8cfe8ddf1ad331841835f34980297cbdfb53d4c602695ae07e5fcbd8a14094c24218dcb6aa801754bb7055b7379588a5a5644f4ad79d0000dbd90cacf0a5265ba015854a2b045d0000000000006a8d41869cedb5124730b1000000000000bf5cff0edde1453054be226b250b7f8266ee75482f01f56c5fbeba596ae088e38c2c97fc7ddcfe1df9c5ab84628cc7fa3389c19110305845f8c34b3e7974f0102055f3a2689eed27304090f868654e8e816000000000000000000042e649c1a7a12d9f172289e47002ac9de8aed1626d4e8dc62e597ed6149b66581fed488b42a7c17fb41b6b5f7c6c473611bd7ab101ee2855797e91852121bbb04e9d588e99b6322eeda25aea3ad2e1ebbdeb58c11b7ec4aaa143978f3b1f05c698e6ec7afdcddd396b9696d90000000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000480)={@cgroup=r2, r3, 0x0, 0x2}, 0x14) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_all\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40286608, &(0x7f0000000080)) close(r4) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='mem_return_failed\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_REFRESH(r5, 0x2402, 0x80000000) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000400)={0x7, 0x80, 0xfb, 0x6, 0x5, 0x6, 0x0, 0x4, 0x80480, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, @perf_config_ext={0x2, 0x3}, 0x8184, 0x7fffffff, 0xffffffc1, 0x2, 0x1e, 0x3, 0x1, 0x0, 0x6, 0x0, 0x3f}) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={r6, 0x0, 0x1, 0x0, 0x0}, 0x20) 03:07:59 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7a00}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:59 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x100000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1242.713768][T25803] loop2: detected capacity change from 0 to 4096 [ 1242.758074][T25804] loop0: detected capacity change from 0 to 4096 [ 1242.817101][T25803] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 1242.845399][T25804] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1242.858246][T25804] EXT4-fs (loop0): get root inode failed [ 1242.864608][T25804] EXT4-fs (loop0): mount failed 03:07:59 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={0x0, &(0x7f0000000280)=""/158, 0x0, 0x9e, 0x1}, 0x20) 03:07:59 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xb001}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:59 executing program 3: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001400)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c00000000000000000d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e6473c18632a0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb236414921510833371bdb41fb3edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87f1bfeda7be586602d985430cea0162ab3fcf4591314ff47e521a9abaafa425d5c926abfb076719237c8d0e60b0eea24492a660583eecdbf5acd3de3a83209da17a0f2f60fd6ad9b97aa5fa68480354d11185b45952837ea41df8ac1ca2660000000000000003926b81e3b59c0700000000000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a708000000000000004da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bbc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b8a6fccbd6c712053b0207ab04e96eac2dbe9822340d872d9cca0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000003a38030000000000000000000000000010008bc0d9559711e6e8b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656b7addaedab25b30002abbc07fa725f38400be03f8a6ef2cd317902f19e385be9e48dc003913653282830689da6b53b263339863297771429d120000003341bf4a00fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bbff0000001f94e6932c1b6a17bc3c4cee391a1f0cfd3467decb05cfd9fcb32c8ed1dbd9d10a64c108285e71b556451768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b030082571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ffecd05560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6d9558cbd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000063ab6b047600d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486701737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63696ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bdea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1513a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1f9759d4f21137abf9a40000de7750898b1bd627e87306703be8672d70d1ab5b075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893372750d1a8fe64680b0a3fc22dd704e4212ce5946912d6c98c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) r2 = socket$kcm(0xa, 0x2, 0x73) sendmsg(r2, &(0x7f0000000800)={&(0x7f00000000c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[{0x10, 0x29, 0x5}], 0x10}, 0x0) 03:07:59 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf465", 0x33, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:07:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:00 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x17f200}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:00 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={0x0, &(0x7f0000000280)=""/158, 0x0, 0x9e, 0x1}, 0x20) [ 1243.596017][T25832] loop2: detected capacity change from 0 to 4096 [ 1243.642589][T25832] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 03:08:00 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xb003}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:00 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf465", 0x33, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:00 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcd0cdfa146ec56175037958e271f60d25b7937f02c8695e5a7f24df41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d018d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a2d7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4ad11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc04b82d2789cb132b8667c21476619f28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fbce841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b82b4e54861d0227dbfd2e6d7f715a7f3dea36303767d2e24f29e5dad9796edb697a6ea0182babc18cae2ed4b4390af9a9ceafd07ed00b0000002cab154ad029a119ca3c972780870014601c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f4b39501aafe205870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee6569080e34cde6a7343dd51b47683db01a469398685211bbae3e2ed0a5670e7313bff5d4c39101000080c772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcdcc22ee17476d738992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a08707671315c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415eeadcd9f130f5011e48455b588b90dfae158b94f50adc7988dd8e12baf5cc9398c88607a67e18c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859ac8e3c177b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c18a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517c04edc01e73835d5a3e1a9e90d767671414c99d4894ee7f8249dc1e3428d2129369ee1b85afa1a5be5f6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd61a0bb04c1d1cc40c6fbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f754dcde5a27bac1fdf81d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3b854b1c8c768c001496fa99ce5b5040be959096ea948cfa8e7194123e918914a71ad5a8539fb956dbc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef1ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc10bfa32c418cef2235b49e299d177a1bcd1e30e9280bc586e79a5dd8076c248e6d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fccf363361dcdba10c1547053453d0e4aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6826c777f5bb739756871de0e1cb933f6e2b23410f20d956517f1ccd327164e8735f499a4028c16c77dbc867ab1c5903bc0625c1112821ec41674f799d98dc33aea7eb5013c3b02006817efb693912cbe674d7da7f11da54dbf1abc54dba18df90e3f18004c0fe7db0770444791b4b95b921187130cb518cc0fc41297cee468ac42fae57ea93b99d3999c33252860810dfff86d96513f74bc1cc0f9465d8aaf754c65a26aceff144b7b5b33f95af7a5aff4e4e5cf45704306eddf0bc3d491bfad10aa1ad5768ffab2aec92409dab74378437e06f712a3dddd076bd2cc4ab56f3e5c4cc500148a2f5499eceeea9a3d9023a4f040767bc01e0d28511e9fbba3b1dce63e72eaf913b990f49621ef049703e5d34abd7fda1baa91b9b5c471d5fe2d7207111b9f041fb8531c195432893c09770f5b15d268ecf65624f420684a9c3097054e545bfe1b0d9146af670e614a00c565047649587ef139ffcb6b4ca40572adfaaded940278c5f7db8af27ab7c7499f2d1bf78701b7d1336972c5cf519d3a2bbe6bb13bac53f2681644b06dd33ada3f351557cc1e1e332d976a62ae5ba22bad3364a9fb97c9c2bd74c6416d0ca07efb8257374e287e6474ce0c1d538dc290e3b031ae6d0c7ab30b7dfb56741a71afd045201f58add034a350442668217d4bc55f45b94ec3a4d6e804eacf0ed0adac79643d8dd6e860297d96167922baab45fb9495788a79c444e9802d91fca2ba42b3f2b4638d022f31e0f3137630a92b261d0b32b67cf8d06e8a2727c327ceb84d0e4609fc8561893369bc2748407263df4d10882df134ea1dd85b0f44a04418b99a2f96593f862671d144"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xfe, 0x0, &(0x7f0000000100)="b9ff03006044238cb89e14f008001bffffff00004000630677fbac141431e934a0a662079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x1c, 0x60000000}, 0x2c) [ 1243.866526][T25840] loop0: detected capacity change from 0 to 4096 [ 1243.947060][T25840] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1243.959592][T25840] EXT4-fs (loop0): get root inode failed [ 1243.965654][T25840] EXT4-fs (loop0): mount failed 03:08:00 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:00 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {0x0, 0x0, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:00 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000280)=""/158, 0x1a, 0x9e, 0x1}, 0x20) [ 1244.384224][T25855] loop2: detected capacity change from 0 to 4096 [ 1244.425673][T25855] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 03:08:01 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xcc02}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:01 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:01 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1244.953162][T25870] loop0: detected capacity change from 0 to 4096 [ 1245.053659][T25870] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1245.066357][T25870] EXT4-fs (loop0): get root inode failed [ 1245.072558][T25870] EXT4-fs (loop0): mount failed 03:08:01 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000280)=""/158, 0x1a, 0x9e, 0x1}, 0x20) 03:08:02 executing program 3: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@union={0x1}]}, {0x0, [0x61]}}, &(0x7f00000001c0)=""/145, 0x27, 0x91, 0x1}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000140)=@framed, &(0x7f0000000200)='syzkaller\x00', 0x5, 0xe2, &(0x7f0000000240)=""/226, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x0, 0x5}, 0x10}, 0x78) 03:08:02 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {0x0, 0x0, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:02 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400001}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1245.538947][T25885] loop2: detected capacity change from 0 to 4096 03:08:02 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xff07}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1245.609570][T25885] EXT4-fs (loop2): invalid first ino: 0 03:08:02 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1245.835186][T25897] loop0: detected capacity change from 0 to 4096 03:08:02 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x15180}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1246.007623][T25897] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1246.021187][T25897] EXT4-fs (loop0): get root inode failed [ 1246.027191][T25897] EXT4-fs (loop0): mount failed 03:08:02 executing program 3: mkdir(&(0x7f0000000140)='./file0\x00', 0x4) 03:08:02 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000280)=""/158, 0x1a, 0x9e, 0x1}, 0x20) 03:08:02 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x80ffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1246.350031][T25910] loop2: detected capacity change from 0 to 4096 [ 1246.438287][T25910] EXT4-fs (loop2): invalid first ino: 0 03:08:03 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x5, 0xf1, &(0x7f0000000100)=""/241, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='devlink_hwmsg\x00', r0}, 0x10) bpf$ITER_CREATE(0x21, &(0x7f00000002c0)={r1}, 0x8) 03:08:03 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x20000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {0x0, 0x0, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:03 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, 0x0, 0x26, 0x0, 0x1}, 0x20) 03:08:03 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:03 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xf21700}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1247.017912][T25932] loop0: detected capacity change from 0 to 4096 [ 1247.138103][ T3132] ieee802154 phy0 wpan0: encryption failed: -22 [ 1247.144822][ T3132] ieee802154 phy1 wpan1: encryption failed: -22 03:08:03 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r0, &(0x7f0000004580)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002200)=[{0x1010, 0x0, 0x0, "36a2c154d1e39275c0e679af7c1df4c8c3b5afc36dd79acef0cb52ba77a84bc0eeffaf5f410582454ac98be7731318d64740eae66a64897d32abc65a9cfe13f7f143cd82f103a78a988b5dc053b586a5403ae97596ceeb874073c109690aa97339635e47daf02924cb2b0915b34d93bfb396a67daa3e11b76691aefb01e7bff93aac57656ea66149fecd932a9e1deaa2f9456491bbb41d87d50297d830ce2cf8d9fe004d2f8503e643ea7c1952f0d9085bda4b7622454ab1ebd93ac6fe3ab0d715ca6b3de97d8cea4dd74281282603148f38a04f0d88177c4dc89d12da3d775d6c5926f77027e35a8e8b0fd15304d8c21e4ce61a4c4d3f8bc8f22d351288ffb76c1eeba725e34f7a3574de0e63cfa0210aca5187bf864c5594d489a832b8da1bf01935668e85ade1b4fd691dac59b5fe73e47456deda831b7e0161460d553311170820ebb796fbf24ca3011571f7d7ae119a06773f26f796399badfa818459f7c0c6da209e1ad92da9095f06b834669103a7e821daeff3ae91f4e105a4e4ff0ba777ea515ff302eb117ee013789ead8fd2e261401a97e2b0e914b778fc299c0c752d9d8fc612678c012e5cbe3b12df5428591af50e03c13e0b96fa5d0ee2c0bc446ac6c88209764a673e473bebc0f5d2e7a3f29dd03cd1e0b7756c9b288f84a52149fbc08128d1e597ca5227aaa04b64b3f440ff091bd4be0711c24867f69f0039357c29d89763a45d363872f02bf27cda3ef0597a7706cddf4183edd225e19c1ab7fb95c3db8862a8fdf5405b8dc5bc9de8d986e8f36b60a7a1a20b448119052edd06c3ceb279b055110814aabac38323f974cda21aef19a76ca972d5fdf80e50d3efd85ad19bb77db24b2a18764c1cac6f8947f839e9caf8fbc4d7ae04f45491b30629275c343e771ddc5518bdba474c925e55b5e9713496d7d97c128c959ed3a0645343c1227b3b47d50a2e83cedd465fa3345db29aa800c338c6c9e48519b786a1f5e537288d6a15acadaaa2a27353eae7700793c0dddb153a4823aab9307e3e0860443186d0ad4a9f0bb813327eea86dbb7749eafa6e82fa282f5d7982563b4416f840c0118a8832a143840fefbda84ab9e6f23494e7d98fd37ada1020746467bd9d6066154a522c2ab13d53a71d5ba07091ddb58d62b4610d07dd2ea3116c3df49aecb4efaebb772f5101d43375214f753100e3d42a382461b9ca97230a10fa09ab0f194248d867a0d42751f03d9a25aaf5ea6262f8b065b7de2f2913d36e1d517cda51a9dc762197131630268380509e504aa78b33fd864eaaa4bced1506c7e15ebb1dbbdd897ed4a74e93aa639d917a4793a585b16e942568f877a8fa3207f424e37df44b260c9f0fa2f7688c0a0a87be5d9e6b9824c1a5092aaae49eb3d3b4764097fd15cbb28b3e7d0398c13df7f22f827e26fe564c39c34551fa7ac8715a1c9dc2bb1d545eedd95d52bc17e7ea95072464a0dafa2e039f6f8fd4365a04d2ea7e56db08dc5d3e8f7a273e9ab39e34c16a8e719c912bdeb3b987b5cbad17b8831efc1f0a07d6dba71c9369e2556c2e864838a550cae00d9ecb01d7d6dcf3ed0eb73b29a79dcf537468f264c6f92681a11b7bf746611734d32231239bbd4371d8be708cf2d8147b60ba8af2e260f67bd0b3805c23e6a6d5ef34a6930463fc8d8977d5bcdc448ed0ea46ecff2cbc43a202fdaca8329810ac2476cf78a7929b2727514f2d50d62135acddca426fe2d68787b3701d740763877f4ef84073bc7c9cfd71a175dd75ea1320d4cf2fadc4992f130d63d15a835383a407c6f0c2d7832c3e41aa21eb6ba6ff21f033366064fbb735364842c740d0bb7c21aeee3471f738f889bd4b4225b508bdc986c502d4d1154c267c349c5c80ef792b1d3f228b499287e9c789564691d76fe6d1665e29588f026e095aa1f430062920aee995267c547f4659b32d837c2381aebabf802196dadf334c22f337613a2d848976d92ea6c3f21720b659628bc86236d94e8f4c2de55f9e3bd34153d52c588f5dac6f2055916895933f179b0607e7b3782bb453d93d9e6d5bfff4f0b638ab8169e70016b5eea12c4ff5809a48e4c386670d02dd4d811189c447edc68dff64d5e19db07d444351d95d4c93959e869dbf758bd0d45accd7a4fcd57363b484c7edc1e42675a5e7da20c9315ad957fac247a23a9e6451cacfe3c75b907f811fe7a9993d68786920aaa32a8368c3efd06e638a3af83ef9a59686e5456003cabe2368ae2578d6995765d41391f04ee7cf5c7cc3ee6d2a7d6914f600c5df9270652cb1e14c2edf73752cc52916bf00d209538becb6d17fbb7388e3f724bd5b970b931172e11994f47159361e450f5065e0b444c3242a6763782e7088bd5775314f71e9ec94fb96f4a0f44bbd35eb182f8c38fbe94001cb4eebd9913ae3f9f7a8a4c2e98b4f08a830e7e4d986f38db4442a919de630d026a856fa1d23865697cf2c1704aa02ba564f263f8216c71ff241fea9efd8d40ea6f91506e23581333a7b8dbb444279efcd51d444ad61d929f2449edba4dcfe906a17a8e586d8fbd97b757c7191c059cd299b792c0f012831b1b53deda1ec09104effe0d41ab0ae9adc5b5f2f56b40df764dbf727380cc2bb5a16eb92f2884bea0205ac54c9b57e2553d29bc7137d96b5e056abaacf17ec318691a2556fe841a12a96b8bb7517e0578fcc4e3af27a2128c8b8b40d362f495a626444c519d685c5faaa40a7d57aaaa1803fef0bd183e5af63f9fb51f5f9eef3e94c912643404abe5426071f0da65f2a1b1e58acd7e57e667e2fce3233546877662b2a438da90b609f83102b20fc8a2aeefe61af2b04bf6f86ea9a7e2ad37cf8e2502152e043394ee83b9eb46b65581af52eaa7e079c37f4543861baaa115d2c49326331237006ddc90ae04190ad56c9e02ae010459bdd055658c8c5358c598622604902e8aed3270aaaad02f046eeeecfb11a13df4fac76549241ca316754442962f91e94d284d24231a3ac241d70367feeeec954e6aeb19ff9efcd2e0b10577d5e94d3694e0c0b07bb168f721aa86bc296894bfe9d50ba1a4b315be60870b437602ab1c53d6260227e4f4ae28b9f4d152097ad634f5f6c5f420024cb677af9895f9c5bcfbff1102cdd1ee162cbd981745e6953179f7f2a31d942cc4814556ffc2461d4998eb6fe21f1b8a2296801b40e71be4bc66eb2a06510ec563975fbda90dfa2b6724f2f16c30f190b06d82ae23a21d21b3f754ed043993fea61a150704a71579657579e0343301202f58e1b54c4ee054ccc7278bf0ea0efb9c8943b0b1e0acc7e06767c03bdad52e5e8cbe2e1454e774daceb59297620ea3f19b766e130be6b09ecb34e437f799933ffb2aa9ecfb71e4d511eb252342676510dfd47727b0eba83a6437718d938ef769619e48bdcf9c03693c31b259680e715909a5c6a1100742b37f7ad9fa9fb1f5c1c84935d0f968f7165c324c73c19957747b546e96400b38a35bf395161fba6d9da398ccecc1516afd96665e166c887de094f0d501316a3d93b594099b0ea84b7d4287bd52c4a5f644ebab77fa6d60efed162b274285346d8125c24bd4aa5c8c1c0e4178c1a8fdb844a67fe9310be511f04e5dc143ecb58256b8a3392f64aa83d80c0cb6b8e932e3f7bd5be1c33117255575e05717fef3182e5d7e318422edc10b652cf29f98fb9f782b5d602fe482b7db965b4d54176916790e63a416514e555a471d25c0fdb2c729624b7a28be13433454cdee3d122e841bd67ec7b5d1478170e54c727ad5b2ef02f8358cd71a20e1502ff9006ec15fcb8d566ea25d03393d76c8f791c1b2b14537ad47e0221fbb540c370d8ccbff8b52453eaa576f8dfc5c984c7ebb6d842da1860d470c95b41c8c4d4ea910a2d60f88ffdd5617d9c7d57f9f8b1bacfe69c6292669c135ad4f2466ab054dcb34546fc1491b11ad9edf610f18a70bfd794b000ba2771b883ff5aca84394bdda0eba6ebab343b781b602fafc3eaee675062a82e7fb4daa4756c4916f041d620c79ff077b7be32d3d01debc3abbd691203f33e3b07f1a87848393e750596b22d6ff9ac462c46a1dca90217532255e457ef071391d0ecdfb68dda94ff56f6f4e21cdd676183ca34280ae29de429c160a193d1d66fb4c43626fb2c4cde30bb396fd52269d925769b97167ac487f6e0e5d0e5556363a9943e905056ba72ad9ed370b9ca76250106c927fd8bcb2fa5036e0f9873de361643163cd9ad7f30c3b6cc3a66c582d6706be7fd49f23ac86edeb9766e03fda79c43190b080e7392f884451bcbd06ac7aa9a143bcd45f45e62ff53a1ec59c4c861e7c67846f3836d68a6d16a23d8484a366950d31a7f9634a4cdc60aa9c60256b511aa1cdee3f80da912e83e7a67167169c90564656ff0f0fb18cdbb4d01ef54c66275a28ab61cea951e7fed3a673a064d542655c2fdf1f045f9ae4e47efd52080843544fd676336680821f886ba6f48fd6b1072acd882d27027b25070affb96ed6978405b1c54e34b87c6d211831369558ca75e6919f86d94838a535964ec615beb4c9e856e9632415c95bb126be6caf48fde7005654c00172f612f8084f6e8cb35ce6ba3deb00e74f1d251d0cb5c1ff37e2f9199fe15963f188df3e7b1e48305f3c4b56eec005fcb5e7ec0528400a67d033d4edb3b925b0f880d5126e6e4ce328f08166db8fb4511d3c81051d50ef91c4c9d4d7126b94cf23092883276a260bb1ada1a2e6c485b098f5ed0381abe82549a7327b95c4be1f65acda82506d9b8d7f5ec503957a65bb14ff580f093fe03f6777d4f9070d70e6515ce4771fa77e42dcf0caa451db8862981d75f29eecb8064cc0c50a52d072711466f726b2ed8df0dc80f85eee5ef7324564879f06127b345103d586e46dff0a0b4a9dac54fbe2b5afdf4ef87979f0df446b0fa5d05ab08a80db7f590acb1b88825b484c235fdc7a7d4465c5aaa6492f70c117e0ce7f67aa2ff5dc95e41b2e9dfd5937623a73b00d439951acdd6dc565168785316519b1a09a18adb2023740730a12f6415b5e7ba4abb939d9595be4fe9d2f8c72bad1bf5c50ba6f59238e8a0488fd36084201b153c328966faf0577d03ce7af95dc55d22cc9308241c6924a739c305ccd425b25ad56d957b263cff34764b6689788fde7442ec21a9a63db6194b04e1d1dac55c5ffbccffc44323ee3fb5367ff22fca34ae5d8e922719eb425d43ef9c71152c3580920ed8db34ad2aa039f984d9e971a032a8032c64e5dfe6da9be211957bdfc5ee25cac2b81e7b21750f1091e4420f560b8f7143b7dd8987d507a294f8da22363b9ced42a55cf3d329b0ba2e3b3f217eeb22c856e334dd7cd4bab96c822df87ed3d42b4fb8d5a3350e61a6b7b4f94700809d8b980e34b63460e9dbcbd1c802b2e6f546301039c665b563d66c41d00c70ec3a192ba902e195c57f5af2794c1285e72b83775ad452376da21ad1a42be0401e935bc413550086869591b252bb32585316915877101cc8eff5b8935840e4cc2f5e12ac70b6c887fecc839c9d706d4e10f34b029f529172c7ed031543b6e9be78ac890a60eb0c70d06047cea268c22aefc93798b08362465beca2bfc48bd3be9a1b05269237809f210af791a9e0c32a8838846365cc9c3ba82a8163022979e3cc65a30a6338e589968add6803deb9e383ca9c1b98d5960fb166def1bee7a5a29af7994df7c2542ae470103c896a17f08cb3324e45d91440913b03235cf345bbc3f41183adffa5a3e5b30b818cf4b"}, {0xa0, 0x0, 0x0, "7630b6ae4ad3bd0bcfb8efdeb185b2e77cdd428b07075864367849cc180d90f61329d38d6895cc5ac873c17334581055b56f12458387681fa2166d7ff1df4d8a4465c51f4a16c78aa8423f991251cb91e289f06eaf1a04206650871c1b54ac83a8c63131caa40a4c84b41bb57c073a973d1feeaab35f00561428984aedb311c77c5e4f782d15ba529b"}, {0x60, 0x0, 0x0, "56c71811a29bf476d746a2e099372a576ad1c634dd775d9ef8955675d8717253eccfadf87ce136841025cb3358427f353a1035016eb2d2634a9d0748294fd0454ddf4fa260b1a5a988"}, {0xef8, 0x0, 0x0, "eb6d99219112ab2f644efc38c5ab2f1dcc24a48a92da8cbdb4c93a03b1d9ea858375298d490153fb819439a4ff6b906e11763aa53c04c3f463e02f6f7e016716426322278d1859dbdfafa8a4c6bd78eafe036bb483e9240b3baefbcdb672d41a834b1964f004987dffd76ecc59f14c920169ab333ac2a77ccc43e96dac0639ea683f514f6ffa8e3d629649f89b3f092467f595505f7d91f16512dec5ec0190b88db487bc1e2980f38b24aa078b67d7ca6a431371557158199090ef18777c03ab876f9809b164a9289c2501a2785fe866893c6525a07f795769bad4859f9033178ab1d4697ca83eff660c7ebfaa9b74149c062ac03241e0f5c7f9edae92592831ce34553d04168196df65eb22920859974992a1287a2b7a5906e48ce8d7fde8d8de86b2fdeb8ef1faadcfb8b55ddb88641962f24ecff74955fe492bdb240836c393f5d4ccea4618742799b064cb3a40a82e7c431d81cb748a93f77ff31bec756110b0fcc8f1c6749eb89c3c71fe6c211fee4057e91ce0e34903b2bfeba99b7d549a59cee1ab838fc0895c39fc968094a17f35991ac3316ec29672ecfe67ad848cacd0143867cdfc83d0b39d222ab121dbce553f2ffe5ec3934456b68d907cd587e56f637ac2dd8e736d3c1497dea9aece5092bb1cbdcd19252fd7bc3fc2670a9bc68a92794e38c9660b7a8150e4ee08602c44036fea14aa2d255f4b22a193dbef1ca2d21c2c8397a70dd99c89a209306ed3afce8d685c81535c134363803001eeeebf6a129ace174906fe616d1f5b0e0ea312def57d20c8012faf3e6a88c125266b618c411e154528a4a0aadc80cd9134bd073730ccd80e4c3db28c7cf808532c16c89ed52f2dfbd8d99030449f4a094286b53b8fa27e842868f2a0ee4be9f2a49417cea0eb70db64de3c57be56390a8ecbd5fe0ae66e78f3a1b9ccb7fefd96d605a25c27331d0c4d723e17b2bce097838f178597218cd83831cc805395fecba427e8ba303497dbc36ab3220f7edd0fd6f090a29e3c69595bb757a9c09e1793170ea2e12b164c0a7bbb79d0587ecb8c71905bdbf1f6e02a2f79ea3f6d5175a69615b30121996a073651d067d689795e46323013288e859c2738fcf11405a6b5b8de6bb87ff111851e785eb5bcc368968b2b53e50b9213268003da8400fd527398bf787b5a9dbb1f2e0dad6ee806fcd5c22c9522bf82ff0a0c22924f3d35a8fe606812443c464e6eedb229d41e8451a09dbeb7f01800aa8601bd667908428822e8c839b2271d937831f821a8fecad44d0b0786659e9834c6daae0a177cc78dfd9d839fa2e850fee39f8c511e98f23fa6c45348c0def3a7a7a044f132339f3241a8348cdf775e952a90d46e3d7fc0b71eb9e57ed1d61018e1de75299eccabfb32a92fbe724d22cc29e3b8f053404033b9134ca7bca55c840fa0eea877370503573842a59342bff263fbe3170d6a1e735075eb54e3007f5cfd4c8d075df7525f0144b596aad5051cf90a634c94d0bdb474054a9987764c0a36b4f5359d7723cd045d15bdcc33435c7a31fb842a68ef06b29fddc2e8656e48e8458e59d0107be1ecf165ffb24f421aa617e6be1bf1476617d20f379fad98c8a1cb01f58d554e85408e5c29ca8be617f38c001ed498645096c6faa62e2f47e595a7e1368c30bff0fab86d94c884b3dd5c6a7b58e6974958c1baa4bacf6ec05e4b205118cd16a0466bbc8cf11ef00bee8081317536d27ea974c75d701b82f5e2bd9383755d8968b25cb2d1b41fbc47ec7cbf1bcde8f506b58afd7f2ec959bc9abfca9d84a8523ed70abfb6a9cff0c269d181df065b34179d87e750c73cb4ce972a94c7636aa269ea17775ea58418975a1f68ffb017dcd56135f1d45835e73f5f77b0620d0d33e851cb82a82cc49ec35786f22ec58d1c43b03f95b8f0afc3136d8bf41b3bf17cdd969cc853dee481d0767e3a15f52f598ada271e21782840d4df42df13d7d32198fc1ef53ec8b790be1de61a29b7b250bde5106be141355c9f0c98f766841fd2ebd7e8553f7601cceb6714a3554f1f922c94b3274e8f534b83bdea7ffdcb961c4048b829cde9f616bc2f4cfe4a2637516740e32a747d0a1e9a92f03de7aa7d785aa1923d00109739166d14b6b42b73275db5bd64393652b8f10dc72bc93249af8203520d9d211719579f3a4b1cbb1c9b91e59b5d077688c297690916721239fa665945bb73303f9b4af928ff0305e32a5a87a4fdf6307c9530783995919e7cc2d8070b65b047a657b369432fa1b54e4e66a165172a65d12123d2f8749aa5fd93209ae8813a4b326eb676686e0b29a510ef2e0c881c37df64decec20c4273ed82b98b1eddb5cb4e2d5dcdeaa62ba8a891d50d02688fc63e049bf5d2dc4fc72fd51dc2422629ae7478b81a3e937b91ed0ed89e77c51827dc7014d3ada3fc25609b741986182600df96652ad5d03e19bddd82581bc7616d968fde5dfa4ef4d77b85d7a8cf40543e08f1368d1ef05cbb43e1c9f1678de42f40de1fab15f5ec415c3217586e2bf802bb05954d784383b0ca930743bdf7c86d8fd778a2c08c64e9d1bde1fda2284f256793b017eb3a8ba8e5b8a4db21a32c8fb2347d078cac74608e4bdcb63a75b116edc382ad3854627a93837762048a9379a063f27334e0b449088d2571601cc1fa55938af453d77bf6da1530a881394977000106e00b30d275cb0ffb06a56a2da14f77bffd36c1bc594fc2e4ee7df336eab28e8cd47d4cb339db90e2a090aa945464025b21e700a1dde472865c57fb16d97188e6440e5ace6d0dcba57566caa4fda8ace6930ec2982c7fea759c37a7914e41b375a709e9a8113a55d9a14d598f18fe55adc5772405a628396be813b0818a9ba8fdce8585757b8d2eb8b247a603e5fb2b46344f6b450cd388c7ca7fbdbb4b4d3ec380cd750e1acc0bdbc06d8be1bf834b07c5a00bb39b3b39fec42816a659440126a055d2e509213f59361821b3c3c9c9a192be41d8e887ec009a1a74ac03ceded04ad80287ac2a1686ca70a2acaa93f8022dbf509cd1e49972c1ce689349bcedfd930bc6eab5f1416e7664f56988124afa2fe00e35b5a02696a0049b9aaa3780f0f893c860391b27caf0542d3bdc4266f7d0041e020287423248b8bb0f667588d4539682a69f70050c6fde9246484827fe4fb31983747efcf9b1fd83028361877aa99f503586ae3875937aed73df7c9e80604d359151a21062dc09dc1fce1c994a80a1c7ec347c46fbae0e3d5ef60254c23c620016628a66cc2f785fcedf5610fff3d74b90a5a748a24de3a5bd9ae1b26998500b8fcbf74f63f687cef8784e62a9021394e32e2113e1cd057d55ae4a7a8f4491b18e29eaeb31c0c3fc51f3a2e875b788aa82341a9f446fc613766709632c498d5cb2523f325944c1380f3b820b9bc3b9233a6d8fc69714e91e8efadd6d05e8ce976ecf6d951c8f1990841cbc905287db556ec3017cdcd016b5b1886dba2d284cf643f4bc9389cf7ae7a7db3f34da2bb0b9680a90adb3936479b565f9ff7d272b117881b4a1ad8ea8270947494e08097f868f4f837a039e1c2b2552fa2084b16b5baa85499327f286b0d7266d0973fead016e6ce185b0f3879e3084d077ba318142a5d0a602a353a92517d07ee998d096316e232d30db32fa1c5d768c3da40db6707710901ce4d9f474f4ff4d575a7281f91dc921d1f0b15017e7f6cdfc272126193a0b688cfcf57d8607f057484914c9062d1c57a39d7867c7e24d1fe81cc422cdb656bde16ac32c815ec3a6cce3f9bf9c767f5d1bf2c7cfa2f792878ad03cce6cbf75a78d8bbf2b8f77d2fc030e5abbb4a0900fc6cb35b1cd534de65e2210c8b33df6af0217f745c3b880663e04052ad4a26d0a425dfa7126923ad44262997c4d8b4da4026e82fbf7c27152f69388ed16c769c22318118311b01c91447de817b53c2f751a1b073ab7d55cd2eb181879cb94c6ac13837b20c28c1a8c65d9781db004f5ae14ce69ae9704a60ca4cb50b428e116d6b37181e5f06d5ff77d394cea19a6ed1f26e1d9b6fca0befe07e6435eecf6264905b05fc76753709eceb8a8a7134abfd984adfa8d70e5038f177cc8e9124db751643b0a32dc7d0a441985ab15e069b88224d215d835a7395e1edcf410b3725e9f5f2e4d69ea1c4076106434044e676dcec1127996c71b46f5308ce4d0b19be089885a903c803ec24d8b479f0c4add8b7c40878f3203c1f5365b15aabb4be75895f471dd0abb2bc1e392879261dd26e29f63871e32806215456f051bbdb6ba1a133b1758a08af1a0df57df62205ce634fedfb232a1072e6cace3cb593e86783dac52eb31bcec3f42170013650ebcbf515936e2fe63c79dcb4f67918a3185bb94a262a732e263fcfea689ccf7622ca996b7834219a8ef37b7aeff86b8d37a692a6723c5fd04db4e9bdf82b8529f08713fb971f8370f9f8ec17911cc66a9157f2c458a773498bef5b57b4a49fd0b8ee3f4b9f5b7e42f4aacfcf3ddea1bdd840396e85e57cc3235ac3377022b926487c4027a843923c15de96998d182e62e2117893ebf7262907dbee8421c52b2fd0bbd036d857dd8174471950b96a011a63966352e19b9ef561550e0de5220387872a2a43affb79e5e697fd28ec78b462fd75c84fd912b57c12a13e99f16abd4887c2c61a79efb43e8185ceea3edb19b16c1edf6fbca1464fff45514cbcff4940c7c7c2840c34930f5756ca5811c053e3ab12ac993b7305324f601720db1000dd7bdd35f9610e4a32aa5d54ef53912b90d29966cb9cf95c52b590bc8fc2ce89e6d0faade44832affb4d9382186f89b321d34ce1d533ced19f99bb91b27538ae916ad0b2e4013f325cb9d64025a479bfe25eda4baa82a769dd49da9a4792c2ad435837123bdca370dc9d3f4ab3a5e468a7f5bae0e082be3008b15ce873751792af979e1f10decb900d376804d00bee43bc54bc20f67a990b0b5944eb5af9042b6f10ff1e959012f9125fd4eaeffbb4730ebebd04104694c20887aaaf5e2f3fc909597442b45100bc11edc71081a2bfa7c85235db5ea022f38c427daa979eb8cbde5f34d693782594767c1ea8b70e17aafe0f4d4121cb1a154eb2037503709af671b6093c92d1bd563d3870b47e113ccbdc392d7e79bae69842d1c45b4a5d49c3316f45e954b6c0237cd59c5b8acc7852725e64d56302fb5e6ecf41c4f219a5ea9efdd852854353a51e097670882b8ddbb6fd141ad91e746d688c79b0b8c263efd2bcf835c3dea431f8d0b5558a300e5fd4f9eadd94682c83ce9186fd32ef2b0e592f09b677f0162f29f19d6489904b7224079a5277b842052bfc82bfc974abcf0c9a93f7c041f8dbffa6290419399ac1f3af5a5da48b0ce62c6d231"}], 0x2008}, 0x0) 03:08:03 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, 0x0, 0x26, 0x0, 0x1}, 0x20) [ 1247.249888][T25932] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1247.262691][T25932] EXT4-fs (loop0): get root inode failed [ 1247.268555][T25932] EXT4-fs (loop0): mount failed [ 1247.313109][T25942] loop2: detected capacity change from 0 to 4096 03:08:04 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x40000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1247.507185][T25942] EXT4-fs (loop2): invalid first ino: 0 03:08:04 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600), 0x0, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:04 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004", 0x5a, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:04 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, 0x0, 0x26, 0x0, 0x1}, 0x20) 03:08:04 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x100000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1248.239684][T25967] loop0: detected capacity change from 0 to 4096 03:08:04 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1004000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:05 executing program 3: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece0200c70d0f13905ea23c22624c9f87f9f93f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef8096060d3212c56fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb236414921510482f719acd0224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5acd3de3a83209da17a0faf60fd6ad9b97aa5fa6848036600000000b8d20003926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a5a04dff0024cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af79fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be03f8a6ef2cd317902f19e385be9e48dc003913653282830689da6b53b263339863297771429d120000003341bf4a00fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94e6932c1b6a17bc0cfd3467decb05cfd9fcb32c8ed1dbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affefd7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ffecd05560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000063ab6b047600d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191aeb1f6a4fe144ed2954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1501006bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bdea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1513a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1f9f59d4f21137abf9a404abde7750898b1bd627e87306703be8672d70d1ab5b075228a9f46ed9afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c0000af30235b928a31d2eca50200000041f61f2d5b308cf0d031b056237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4906001a8df211d40000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ce1adf6a60b1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d493bc19f810049209b085f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431cd97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c4ff000000745a868404a0bf35f0eee00e6f32508c20121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a397dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83186c1526af6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c0000000000378a921c7f7f8433c2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c1fb2d4b205aa00b6d713acebc5b014e61a543a5a194f9ac1cd76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f9360984b5c2d4523497e4d64f95398493564a1df87111c9bf3194fef97dcecc467add45feeb685c5870d05f88a0f463db88d377442e49acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0efecb0f477db103463af2847e6a065ec0d0ba58fedae5f08818fca475b169469f9efd131925d98c34b3cb26fe26796dd43b87e1cd2a39f5cf21d2e80a64ac97e71cafc29bfb78db090dd12225efeda2e93bf7f6ba7865e9c375a780929dfa5a210bf5858e2a4ff8e8d1e8c9cceed07c6312b734c72510d335acc94f76e7078ce4066f1e0ac9429f8013683301277a11e25b248b61180cb6207a0e26757f3f1bfc6c27f3720d1fb74afb17f3b5239bc224381fcf234afb05ed6024e94dee34666c5b5522b54cb433efa54b4e9022533e6a4598b453c9e549847c89bdee957dfa9ded9f16fdcd1b681e4c72f32fa3334313e334cc140daec7dcb22f463457a1a5ac230bbded8625832a2b6dbf837704aa89a7543208debe71d934cedaf85f1bf44d23baa07ab0ca27cf51342ab9651cc11d9b8b7e68e931ca4795a720797959d07a0fd82c770a0c0a2b1924bc8dca0c4ca73f4e8ca2de4a1689b1717d9d008131206bb60c09ffbd2b5bdb327f45a583073d0e2045ab7b9dacefd8921f9078fcc568aa1f9c419115c2042f506b50aef369859f67fe4044a6943d7c2b028146743512f45f76bdbf5d5dabd3e8b9f9729caf7f85c826842fea43486e2bead62a2ed63f484f677dd4dd00b3a39010aa9baddee202b1ea070e44b59d396a3a280379bec2d22cda1f4d3fd6768326578dad0e36b505c117ee65ab8f4dab871a0f19da9cf1cf2e4606c1d1761d6709e05483f2632dc94c7d0d5a64529bd8244f7849f559d31723263828419495ccd94a0e7f4d7393f0fcdc2b208665eba3ff4576b7a630c49c0c4490dd1ad354a5330a68b559ffa9ba4a2aeaefbbf2670d4b42246bd2cd088abca23528c19ca0310000000000000000000000000000000000000000000000b7548ab4acda49b43cba2f5a00297571804d1ba60dccc123f9299cd805a86ba037d83ed22f1a3fd2c1dd6f5611a2bfd4e8d6ab0ced838dbf3c116ee881988bc7f346def734d39d027e274918567d0e3459b067ec94dab1dd846353c7e2e8a8671ee124b389d3e3d8230b2e586f3cbb480000000000000000000000000000695f2305ac82faab3ab89aa1a6ca88a5e4bfa1f66dde9926d9fadd27b13fce909bd25a815b7fe6d52df39a9fac5ea8aa4a07f142e08b26061266fe98fbe1d95c836bb436e3ac8f8a051571d712afe4b11351e9f807a14e30758be72b5dd3414b5a8835a2b6127696e1b88c949d797a4d74abdc692f418109e6016dbf9d071bdd5671a819c1f07689ed9488bb030fdbc5b135a291bf2308abbca01d94407fff2abfcc420fdf68c301fd2907afef9e1ebe197ea39ee61d1fd3e69091c1e69ac73a5b821c71e4a8a3160a4e213cb4cca9de89b2f88c6ca4ce9e73e4bfba317e78acb1fb8d03f11caa1e69801c6388e22a8b1672e943754e8ba5b7947ea662d376fef4f7fe11dc0a8f5fe04c94f0ef4a0c2a7cdb50c0856551ed0a595257d5d8a21167fb1e099a952c0b65c0fc21b6f1542fe26ea726b9000000d1806e04d388aee405bd07f29712c183290f960b02a2bfad2bf5914a762fedf380f6216f9d7e1128e03e38c881aaa91cf855af202991a36c012c7e6d1ad569245361444e214606823ed8f12744c3f4d7081f29518fbd1dd276a88f05ed2ea5a12b2c9056049561b0910afd53cc85e9760653641a0e7e6800544e0308fd29d9575545daa4c01347a914eb000000000000000000000000000000000000000000ab1c3fa14e9ec179e254ee31ae9564000000000d9f08a647e171f07bea070453d086db3c3b1f4caa94f3d652af5db08082d5df1190000cec1dd485f17c110850cec5249db51ae6b432becff6b72e8ecdf74fd7ea69b61e79b5234e8cb29ad5a01ed954a10af81a1980c55291f69269bc87a2f99643e1df17b9fe020a20e5eb326c0aaa2f86bb3f846627e39fb69b4d438383fef7658d455404c28c98f3de7087cdaab48950750389c7a92c143a2e32d9021fe231028b792e898bf19bf9d616ac0e3b8079136f4fcea7"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x5, 0x3, 0x2, 0x1}, 0x40) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000023c0)={0x0, 0x0, 0x0, 0x0, 0x0, r2}, 0x38) [ 1248.364114][T25970] loop2: detected capacity change from 0 to 4096 [ 1248.385869][T25967] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1248.399017][T25967] EXT4-fs (loop0): get root inode failed [ 1248.405123][T25967] EXT4-fs (loop0): mount failed [ 1248.437393][T25970] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) 03:08:05 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x17f200}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600), 0x0, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:05 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004", 0x5a, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:05 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, &(0x7f0000000280)=""/158, 0x26, 0x9e}, 0x20) 03:08:05 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001240)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a453bb92304f242b416ae9eeefc0e9510c40eb000081b72b100d0682fd0a0c4a06b29e220dc28dac72599456d464419e5b2fc70b72c0bb8e90f61cc4e6f3000000002ef638ac947b5e026b3287c84ccc727d6ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb398dff1db3df9858837458a4ca03767c69cee1b6be484e4c9507af216bd8ed1eaefba477ffa49dec273e3042f7dd5adb8e49f4a94615e49c08c9a20819e02cc22e6b652b1673773ae3cab8d7674cc1162136dda7c21d1c771b6c4dca2f1b4d745fd95c41f9d441d42f49db6d4a4762e5cc23dfc1adafd1e5a3e7f2e888961cb43e438c4e41ae43ea118e1407a601dae4b8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa2285b6e4afd8c1e43eb215ba22f43115f4d39dc7beedb130d9f2be90133a0e3ed34258b8c9370634060105baa664953514605fba3973aa021945b985b8a66e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd9b5a759a7044f15d792e604a4f279b3bd6621bdf2c17bc0400000000000000ff8dc4006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11a755761fe46169b2b5b8cdedb695cc425fe203d2f2655a76865c2cb4e2470fcfb1248c0add5431a7fbcb0ef4f66809af93a09fab1daae4b518d7a5d95a017864487366d6d7ee7bb00200000000000000c60fca2e29c1b22d08f874e0a9cb6fca78d6f1b1cfe380df4bf024f120bd505dad66514413ab79e00d773294e097e293db58df6fda1783e8ab5fe7003af92d11de48e8b4d32972cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2278a03bf7700b06fa191ebd3a0c2156edc4ef81f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f83074192c48c63384f52b8eeb70571e5bbb3e6d2b5eba52bee6f81968981811f832d064048c0e0bbe46984b2f0d0504255c22ee8674053d0e160e525536edf56a93d0a7a6f088925e872ef8b4f31e6f57ba631baa729031aae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875858e083144c642f71cdc8e5634c1360c056430f677ee7ed7ac5b9735786b2fb8d0fcfcc3d36c75230b7b059bc295aa0e38b1c3edc349ab96e73d2060acfd8145e4a5851bc46d312dd40e534f8cfa19ca4fb9b20020a51ab87068468d3ba396d6fd6741fce0834c65c5ad939d7795f3879baa88bd0c84892c97c80987e5c7954e9f3694d116b01ce0b8ef953de70e7ce0311c8b018956f8a42ca26ab295f1ecf617a8dc38e525f415a1bd46b38845ebca04061bacbf627f798c7f520078fee48f83b5989543729e57a9e1d686bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc02137ed1fb4b21c13b9a2c5e3f7c9ef9c45a314a6f063b1aa5264cb4a82cf083de3b4ab6368e95dd4fdf6710cd4a79651dc3e1e056c3ecd6b51f30663cc251e58b730fc176d907f6094c840662e09ab836627601b7bae9aec6d7259250016795cf91f12dbb72fc321c3dfb5f9181529906b43f9d6b8ce9fad13e1085cafd41183908173e16e40037681835ae937f34b87bba0be276340295062f671e933292e32036cbd03f9a4cd660a94e34b013e9f32a6bfb65417b537cd8f67f975358140384a1ca0537fd3a2a2c37006e4b30ffe469bba4251aa3ba4626acd9b0000000000000000ee37c63f7f295579f542b12f248f1854659448abab540fb7d98a081f3d3c946455d61734855005bcc876bd15a76dd552f9bfeb091a4e82a5d11033e528b133103f5592d5684a57dd70556818ea30e03dc2a6eb69423e4f27034351809da4e5002aa346d4d3e0e2a5a9ba1130b4fe983fc344c1de9f536cff0618418cd8c0ecdc3dddc2d11d5db7712be71c0d74a5ae4e8ff6e65238bb23ea2a979d3e8ab8e2f37a4c402ede13dc4fd2f61b02dffe994544721ef2ad1ab2dcdd2d93f5e6f1c05519e6724456a03ac62be6004d84e1fd09a29377ed65d65ab765393c977832b9599a1aa84c6af6ae5c0b9afecfae9a337c485a1c1fadc95dec3235f545c18a2bc7c97ee69e252375303de339346df3d4b4a335dec2d6f795f74f60da05c2a16e45681a8898f3ba2d0f6108892ec3be1dbae800000000000000000000000054de8689680f4c235f9b94ce32204eba977f0dbda8d619ca6dd7d4cb4750d7c6b697cca4e43f88f28e4949d97110fd930063bd9e5e0c7cd73265967283ab369df11653f5eeba93b227b8fbf61fc0024b2cd0377dfbd9a16e66b5881588f51d425b2ba5b37c0d6f88b6f3e76fc1d82a5cfe5ecb07e3c10d23c357a6eb5513711c82540eb75a5d16b03288ba6bd5059b3523a6a18830a7ef0b48d12607bb3ceae481c6220588be954cb0901ff7cead431b3c5128e7162f14d763e16379bb4d74c59dc6ee7ee4712adf510e6c1a5e996e17ffe945a3c855f31f3c76addc81757530c9a49ff1e82deb3e0ed7b1738057c6ee7b3ae09cb4447c677ff0022c8550bf9ab1e3b9d3981136fa91436c7fc7d135afa4e875886a26f621e8eb120aca2dd7edfc274c242b67077092ca80063966bb6575d58b1ebc5df90d088aa57d7ff6e29bd099948bb758474794c0e239d55f39c9c5046fe1ecf43f1686d050cbf8d4f81b18d4b9731a0fe159cd86a6bffa7ac4c1d99ad6af0e5a7fbc43b9afd85bdd532ef8bba6b7a2d9efa3be11f4b07513bc42fcef33e11da9b0c96167d14c261b34a90ca527a6fd806397f61b5a0376b39b12d3ff225cac2d27f00a4be9148343643195d57e9413bb20afc9b49ab694afe48459d397ac8aa00253894a6b211bac652290653d4ba39e1363b16218cd6ba918563de4966d47a7cc7ffae4b96dd66ea6c48b648d61ecb4e3dcd1d8ae52f0a98aa7d85b75bb95379056cbc9fc650212d7610ffeed4d36c01d6fadd5a49e8f57891aff0fc6399ad8f15fafdfba837b7bbca203c70e334bc9ff437934f6541772cdee6242d00d959b66886fd9b309c6e525025a4a2f9d065921b00f1a0c1e82bde8b9842a72e3e345af6435c84e46c3196919f02aaa818cf3b8c7a5f7108b83b932de97d2c2966b448e6626283c393bade6b43a4c3819ba7d9fc96608001ae8424f00"/2383], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x228}, 0x48) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0xfffffffe, &(0x7f00000000c0)="b9ff04c6630d698cb89e0bf088ca1fffffff0e000000633a77fbac14143fe0", 0x0, 0x2f, 0xa0054aa8, 0x4000, 0xfffffffffffffe2a}, 0x28) 03:08:05 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1249.156431][T25997] loop0: detected capacity change from 0 to 4096 [ 1249.266389][T26001] loop2: detected capacity change from 0 to 4096 03:08:06 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1249.475287][T26001] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) 03:08:06 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, &(0x7f0000000280)=""/158, 0x26, 0x9e}, 0x20) 03:08:06 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600), 0x0, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:06 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004", 0x5a, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:06 executing program 3: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x13, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x22, 0x36}, [@call={0xf}]}, &(0x7f0000000140)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x1e}, 0x64) 03:08:06 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:06 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1250.106597][T26022] loop0: detected capacity change from 0 to 4096 [ 1250.201722][T26027] loop2: detected capacity change from 0 to 4096 [ 1250.220274][T26022] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1250.233390][T26022] EXT4-fs (loop0): get root inode failed [ 1250.239232][T26022] EXT4-fs (loop0): mount failed 03:08:07 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, &(0x7f0000000280)=""/158, 0x26, 0x9e}, 0x20) [ 1250.330247][T26027] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) 03:08:07 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000", 0x60, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:07 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x17, 0x0, 0x9e7, 0xd4, 0x0, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, 0x0}, 0x20) 03:08:07 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:07 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf465", 0xf, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:07 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400001}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:07 executing program 5: r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001740)) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a0, &(0x7f0000000000)='&@[\x00') bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a1, &(0x7f0000000680)='&@[\x00') bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=0xffffffffffffffff, 0x4) [ 1251.068416][T26050] loop2: detected capacity change from 0 to 4096 [ 1251.099748][T26050] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) [ 1251.281212][T26062] loop0: detected capacity change from 0 to 4096 03:08:08 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000", 0x60, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1251.357064][T26062] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1251.370386][T26062] EXT4-fs (loop0): get root inode failed [ 1251.376662][T26062] EXT4-fs (loop0): mount failed 03:08:08 executing program 3: bpf$OBJ_GET_PROG(0x7, &(0x7f0000000400)={0x0, 0x0, 0x18}, 0x10) 03:08:08 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x5000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:08 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf465", 0xf, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) [ 1251.616908][T26074] loop2: detected capacity change from 0 to 4096 03:08:08 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xe, &(0x7f0000001380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000001a000000b7000000000000009500000000000000abb140172c26b1954b26c933f7ffffffffffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da48b55004cd4bf901115e17392ac66ad029d1c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e57f9b0760a94ff3ecbca40d23f668bab52548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a67081d337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b217369c8eb6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacdefc5f9094fa737c2bf8c4bc79d4528cacceaede3faedc51d29a47fc813ce3d32cfc7a53ac271d6d6f4ea6bf97f2f33e2ea2e3b4300bcb3fdc4b4861004eefbda7f54f52a804d4a69bf9bc5fa774dcec08f2a72956a488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b8496da787e814c4fd21a18986252a70f8f92eb6f0e8c7db3503680e5e5971ff4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa909ac06b57479321a0574fb304bc2a1681989328c8ddc20ea011bf5742e0ef94234db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af378cf531fff722e07427cd3053326f37f3e2c25a61ec45c3af97a4aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc61e058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde0745db06753a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f619b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55d000abcdb040f6266e548b01623258a141bd587cc9da818b560507acd75ed46de56ef907b059b90b8aa49afb9a79ae5498f6000080ed6e657b9c670012be05e7e00940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d87cbb54e588fe5d6944ee4de5c183c960119451c31539b22009e1d7f0cda06a9fa87d64cb77872a0aa9a104e16bb1a2bacf13464ca03aff14b9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33267425962b9c0e153b28b21c98247d55d4410572bc45b9d3fa02208d304d455c363000000000223201780200c6ed79547dbf8b497adda7000800001d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c026ab7f4a5c81921f0100000054642b49b747f3bf2c01808b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee938a836804ed3a1079b0282a12043408cd61b687dcff910700000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb78192544157837e646aaddea394cd8fff71c2710a7ea8ae0dc214e1cc275b26adfa892e6de9200000000e50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab50fe82d5a96b09c68c73de2fea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d189fad98c308e39bd5ffb6151d79c1cee1cdfba05e2bbf9ec5499f79650f2e33bc3633be3f00000015762e5f5a3a0bc33fdbe28a5fdcfc5a807c48cd792fe7f7919309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535437dc0fc9d5f98a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d310ab16bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14f7d45071fc4308ea9e200000000d8ca84c03f859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4000000000000000749efd37636555dd334bae8e580000b0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419a5c16e2055b850580994484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baee000000004bca5b5452b79d7b574a2437514a0c7f6f19715d88e2bdaf7f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0a2e9120be61e57d278888901d44bf77ff246605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f3101987602688888ccb85c86b4f8ffffff5f000000002c331fca5224550346115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77a23b0000e49666c464d35ca9b50f3ed3b3dc8c17a23692759ccf8b6f5311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a2102fa1296dfff4a979369b0e8ebc62887aa46e820a98e353047dbf0686d147357024eb3cb94f0489cb5ba0a56aa046b4dc521a3d9356b4b8b5817c4c8604000040e80086bde261fd00000000007271e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d1b8b90bc0df4cfb0b9c8c80158b4418dd46989136961de6d9ecae9420654f7016b0aac117087406d343e27b372d6027ab2aec8f2bcad7fe6bb932bc5751d2974e95455a277f9a9aeb29aa185d7fe74b25a3b472bc7bbdd2ac5a1ea608e8137ace03361607cc1a84d7659355629ab13ad49008c3fcfa2423439acbf537801d3b384d63b95a3607961d5b59da48a0155e8e42cc13c702cc40c89cf86c2021d72f9f4ab1b0e0a755a5a39593c93871ff7eb5ecadb64837a2d887236cedaa5152e3d5864e57581b61f2b0960600000000000000265f091e7bce17d20604c5ab751773a5cf2ed6c94682ebf13548209b8a719a7abc06ed03832bf274707c7c970edc20d2cb639ecd58709b05a20097208d03f7a146a69019136160644a149619596fae997eecfa0dc3dcec19d3d901fe75c8710470d9eb6f62c5c721883f15448fbade7716f159af1c8dab05a933746c16b6e93294b561c6715a32a394ed1e6c014e0c931bfa52c58c6f34d64e758a7a7f7dcbcc55257215c8ae719dc1c232fc6699ef83f85887d04a543030b4328ab48744ac23ff56fd2da52eb9f92eefddd2d92d73ac1b111ea8b1e1fec36a3579879acfe366d393f1fa9cbe08d9ba57a443643e9cd2519c88e91a5e458e66ea26822d27a45e0a9c10a127fed19e36b5264660665dfdbeab3ec99495639bc57155d4dd919a956b4c25a08cb6e1a9b4d6813a0fd07a4ad9df661ab8b86a932db0df838b178540d88be2983200703864a3b9e1482cb479dad6d34d211b05267eb1355520e9ec0c5014b0832f7fb35782fdbfcbf5e23a7f5d51ea480371748d18d8e10608ab8261fe058d1732f28814a9981d84a04a2bb36c89bdd245e3293a14df1ac567300000514f103abd387d6ef2d9d94508ac0f6135c8921279573e9ef585980789a92b9848906f545559d32112b5040f0776703363249ca98499efbb9e7362e4999594c1086d8954e9469db01d010000003148663e9ea2e755d96c2986712d25a9a32565e947d03c42215118426d5451c262985bd571c363d260faea1db53e4ff3427c90aefa2662a1c2b28b0e020e872bda1d39da508de5dbc37d03ee056b257988c76799589a265ba6ae3ece8887c5daca000000009f404918086388a0176440666ec79a69822c9fba4500b1f640671f1ffc483528000000000000b9a4d370302b12101dab71d3e31160a40250ef0cbf09ded601dce47f40f96e4646787cef5ad6ad4ee2d3966f9cf50e45d021a81ba62340c4c352581163c48938000000000000a8268a8247adcd7165421170bfdf5df908f207498ccfed607b10c54a68ef02194a231060b0bb2a0ef1a496db598a95838d842d777684f9c82797237d7e56595e5d9e0c6bf104d3a04b23f9b73aa9d09a26e5af68e5e368381f28327c1e24d740612930680742cb8925bb3d377a9d02654a0fef31d2ffd02cbe197cd718ae25458975dc762d29b843069c2ea1ed94c713570286e5478e01409b844e16f1a74c005f05caf5322736aabb89970c0ae3c55a54974da7ebe936692b1e982908703989dc439f33b81551c2b0b11dfa2dfbf4d5005ec5f05c6e556fe62f09484dd64d3b8c2dd5c578bb338c7914ab5550816ed0f7105dc4051f7c7030e6fc5fcbf1d5113f9a01455f5a8cfe8ddf1ad331841835f34980297cbdfb53d4c602695ae07e5fcbd8a14094c24218dcb6aa801754bb7055b7379588a5a5644f4ad79d0000dbd90cacf0a5265ba015854a2b045d0000000000006a8d41869cedb5124730b1000000000000bf5cff0edde1453054be226b250b7f8266ee75482f01f56c5fbeba596ae088e38c2c97fc7ddcfe1df9c5ab84628cc7fa3389c19110305845f8c34b3e7974f0102055f3a2689eed27304090f868654e8e816000000000000000000042e649c1a7a12d9f172289e47002ac9de8aed1626d4e8dc62e597ed6149b66581fed488b42a7c17fb41b6b5f7c6c473611bd7ab101ee2855797e91852121bbb04e9d588e99b6322eeda25aea3ad2e1ebbdeb58c11b7ec4aaa143978f3b1f05c698e6ec7afdcddd396b9696d90000000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000480)={@cgroup=r0, r1, 0x0, 0x6}, 0x14) 03:08:08 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x80ffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1251.676431][T26074] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) 03:08:08 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000", 0x60, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1252.100570][T26087] loop0: detected capacity change from 0 to 4096 [ 1252.150184][T26087] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1252.162690][T26087] EXT4-fs (loop0): get root inode failed [ 1252.168532][T26087] EXT4-fs (loop0): mount failed 03:08:09 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = socket$kcm(0x11, 0x3, 0x300) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x4) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) sendmsg$kcm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000003900)=[{&(0x7f0000000400)="f5ac871088161308110188f640743e19a72f8112d601bd01c0bd0526b16ffcee982e4bd8028dfb4736ea47ef26612b9b998b166cb14d897bcb5f18ffea30d0d82f26d501cb9d6b3fbe313bde1a8a5c7f38f8013d087f56e55b42d8bf611c73b6b0bdf954799b1095830613535ddef45381b227224a1e012a65e70947edc58f9c9e5931238869c7327ee05af92fc6a841830939ffe212302bbdddb370ebaf16f9ab0a288495ed3df61d6fb2f78d05743e9e7904bffa32aa0b508bf2fadf68055090c55f81224cdad187483f40d46801f36b04d5959792f589f76e2ec28140044f46345463c2319139d998a3d5b64c76d07f2aef0e8007b837da14d4a030a6a348e8234361ebf020db6473a6925b143595068fbdd4ae26ae055432ddcfec30bc5f6982ff916b4ea3f3995155dce228a2b8b4de0c78fc39cb3254766de088ba07c8e252f66330e6e9ea7f18502212939de339e789a9f74ba6ab7fe9e709a445ef03e858ac8ddd7a0bcc78ab9542c4fe12cb1eea4f4efb09d97afce0246d5adf1f9f232d6991678197b8d6c0ac7156364e054f8277c672bb581e6d99e571706dfe49c799dc9d4ed6f9c143e3dbfe694b3417314467cc354ff97cec8a1154e61e80fa5c43973033849e92df5c5c561adacbe129bdf1372cdff5186677a4fda9efc7662a792ab75e1c1fe98ffdef91e749ec4d5a73437682b7d679d6f34167e40f2bc4fbddf307e57e2d2c74ebc69686e3097001b38ae53c0505673cb3fb658cbb1709ae1b8037dd1ddd93239dbd91dc8c665adf0a59258d05629f868fde944923e34eee04f688a5f61d5946935d5b23230d4cd5ccf2737c9dc0c05398083c1677109390c1f712c00b54b8ad07df277de35e9633696b828f9a7bcc897ed147b2c1edaaf96ac352dbf650106544cf4ace867bb82a399a1adff1fd6217eebf96a2270e7e2c25834264ddfa174fa97800fcccec3742c8d6e51ca5bc54031ba33d1bdc01e5d52b98e16746e57c83ffde6e32db7102ad8465e24e35af047ae8a44a1ca9766a3a5ae079a1f31174f9c171d3c452314a6f64790dc98e47ddc7436eda41fd43985882f8d864c0aef3e988ebce6d594dca3dff9cee398f897db866e6a5ff8c3499356034ac3117d68cb07cf3d0ce8eae820e83b117cad2a7d40151603ed2e0dcac8f346e1b561f3e3b37296494e1bff36279de13778f5e2df86d1a348d02c76cf670182ddd639d792434fa2a64504c0d16224d96a6396e10a9ea8ad7cc573a43c81932fad6d0328e141ddf5ab4705479a18905e3c08ba729a586d2245704d64e5d0a219dca00c8dc7c7b6711d229400a4866b5ce7b8e0a89790037b31c45ecd0d490ee56b45f287134ff995d683b2da820d0257a93ea40c1e15da76c384e517a94301616cd64e6ee85c5265afa816aafc6ecb1215235fa127f0edf32e141c39bf8e44c01c8e4c2508bc1a341d725751574ddbf4e2d285d3d9a7efbddd1ecee54a90dd52fd072d82268da15bd007fca6d5e562798618c272f3d0455799dc095f5d9fc393b1034eabc36d2f1e34788be2d3620d2aaf0d32d98152f789149a40d83ee3f6de5f9f5bd8aa1e333b1ba710b376da9fafd6ae36904b5d7305fb71f6855bb32a28573c417023447a71cb358bd9523d2725888db32d114a4fb73a4d753a268a67f8e88b6a9007038e32e487b1223242afc951968c1892f1483a4274a3ad39a095dc88e87e3c33681e05e31ffa382043efb70e54fdbf4fbb3d0e00f2929d8a18a937756893a5026252cf23bbeca09a5ceca31f5bf6148057384bdfd2290e9dbeb70f485302f11622986df2fad2dfaddc0ba311d6da01754a764e05cb4275beaa075a0b6740ddac0995c6a0fac5df0012d73b77e0621dd9d517f60d9aaf635a7b937a139559d9b29fe75293ef0f1e0653d7546049e7cc7837940cb2445cb5785b818ab0eb08121829d1a47ffa2f1d7c1eedc5b1f887e3a4308cad8b046a5a56dcedea72f81baf6b531cb002e46ceea643fe4ba50466beb03", 0x598}], 0x1}, 0x400c800) write$cgroup_subtree(r2, 0x0, 0xfa38) 03:08:09 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:09 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf465", 0xf, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:09 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xf21700}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:09 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000003ec0)) [ 1252.625102][T26102] loop2: detected capacity change from 0 to 4096 [ 1252.675696][T26102] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) 03:08:09 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:09 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200", 0x63, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1253.027318][T26117] loop0: detected capacity change from 0 to 4096 [ 1253.193499][T26117] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1253.206317][T26117] EXT4-fs (loop0): get root inode failed [ 1253.212092][T26117] EXT4-fs (loop0): mount failed 03:08:09 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f0000000040)=@framed={{}, [@alu={0x4, 0x1, 0x0, 0x0, 0xa}]}, &(0x7f0000000200)='syzkaller\x00', 0x5, 0xf0, &(0x7f0000000100)=""/240, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 03:08:10 executing program 5: bpf$BPF_PROG_QUERY(0x17, 0x0, 0x0) 03:08:10 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:10 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:10 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000", 0x17, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) [ 1253.823996][T26132] loop2: detected capacity change from 0 to 4096 [ 1253.891690][T26132] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) 03:08:10 executing program 3: sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)}, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f0, &(0x7f0000000300)='gre0\x00') openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cpuacct.usage_all\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f3, &(0x7f0000000300)='gre0\x00') 03:08:10 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = socket$kcm(0x2, 0x1, 0x84) sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x801, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x11524}], 0x1, 0x0, 0x0, 0xf00}, 0xfc) close(r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 03:08:10 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1004000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:10 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200", 0x63, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1254.266605][T26147] loop0: detected capacity change from 0 to 4096 [ 1254.357354][T26155] loop2: detected capacity change from 0 to 4096 [ 1254.376608][T26155] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) [ 1254.458651][T26147] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1254.474896][T26147] EXT4-fs (loop0): get root inode failed [ 1254.480802][T26147] EXT4-fs (loop0): mount failed 03:08:11 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:11 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200", 0x63, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:11 executing program 3: openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x214080, 0x0) 03:08:11 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000", 0x17, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:11 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1255.025523][T26173] loop2: detected capacity change from 0 to 4096 [ 1255.050342][T26173] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) 03:08:11 executing program 5: socketpair(0x2b, 0x0, 0x0, &(0x7f00000000c0)) 03:08:12 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c2000012", 0x65, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:12 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xa000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:12 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1880000000000000000002000000000063110400f3a628bd97a992ac10000000009500000000007841c0e1d3ac4d04851018f13a53b00000d726a520a54db2910169dc72b4496eb7bd825aa2500c2636a6b7bd8ff832f0d0096b8d31dbe1899d9f2c9b257d155ad51c84a733ae01a49e1ea8826acdc068852d7217217644c623a3214c9e609d1aacf45e834cd15afa65483d1b48f05bf22c4a2f857421ea730628f12d7d9c2a8fd2e2943f7e80697d3a2e06264d5cc3f4ad97bbecfc508a63f20c67f440b0e74751fdd550922c398ab996e6899d8d8ce26ab374c791b4623327fe6fa384a2c5361b9287d8617f8f04dd90a1eb3c6c04cd4c23bda4ecee1f4a692a3ceff80876"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xac, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 1255.388604][T26183] loop0: detected capacity change from 0 to 4096 [ 1255.578759][T26183] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1255.593642][T26183] EXT4-fs (loop0): get root inode failed [ 1255.599399][T26183] EXT4-fs (loop0): mount failed 03:08:12 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:12 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000", 0x17, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) [ 1255.909448][T26197] loop2: detected capacity change from 0 to 4096 03:08:12 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece0200c70d0f13905ea23c22624c9f87f9793f50bbeffb40677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a1b241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd0224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5acd3de3a83209da17a0faf60fd6ad9b97aa5fa684803660000000000000003926b818aa3ca6108855e267f89316acea443e3b59c9b081d6a08000000ea2b1a52496d00af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea0000008000000000c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad89eef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be03f8a6ef2cd317902f19e385653282830689da6b53b263339863297771429d120000003341bf4a00fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94e6932c1b6a17bc0cfd3467decb05cfd9fcb32c8ed1dbd9d10a64c108285e71b5565b1768ee58969c4159ff030000000000004021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72660700006df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1f4db39f9f69dcb209e5877050c91301bb997316dbf17866fb84d4173731efe895ffecd05560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c5ed113c8198ca8ec18409b8950804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e47a391e358c3b377327ac9ecc34f24c9ae153ec60700694dc55bff9f5f4df90400000000000063ab6b047600d6b2c5ea1393fdf24285bfc6c057244300ee16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bdea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1513a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1f9f59d4f21137abf9a404abde7750898b1bd627e87306703be8672d70d1ab5b075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b928a31d2eca55f74a23641f61f2d5b308cf0d031b056237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4906000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d493bc19f810049209b085f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c4ff000000745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83186c1526af6fbb869604d51a36a54c832e45b2569dc0d90b077225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c0000000000378a921c7f7f8433c2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c1fb2d4b205aa00b6d713acebc5b014e61a543a5a194f9ac1cd76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f9360984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e49acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0efecb0f477db103463af2847e6ade5b9e065ec0d0ba58fedae5f08818fca475b169469f9efd131925d98c34b3cb26fe26796dd43b87e1cd2a39f5cf21d2e80a64ac97e71cafc29bfb78db090dd12225efeda2e93bf7f6ba7865e9c375a780929dfa5a210bf5858e2a4ff8e8d1e8c9cceed0d335acc94f76e7078ce4066f1e0ac9429f8013683301277a11e25b248b61180cb6207a0e26757f3f1bfc6c27f3720d1fb74afb17f3b5239bc2243853d5234afb05ed6024e94dee34666c5b5522b54cb433efa54b4e9022533e6a4598b453c9e549847c89bdee957dfa9ded9f16fdcd1b681e4c72f32fa3334313e334cc140daec7dcb22f463457a1a5ac230bbded8625832a2b6dbf837704aa89a7543208debe71d934cedaf85f1bf43f23baa076b051342ab9651cc11d9b8b7e68e931ca4795a720797959d07a0fd82c770a0c0a2b1924bc8dca0c4ca73f4e8ca2de4a1689b1717d9d008131206bb60c09ffbd2b5bdb327f45a583073d0e2045ab7b9dacefd8921f9078fcc568aa1f9c419115c2042f506b50aef369859f67fe4044a6943d7c2b028146743512d95f76bdbf5d5dabd3e8b9f9729caf7f85c826842fea43486e2bead66fdded6184965168ada42a2ed63f484f677dd4dd00b3a39010aa9baddee202b1ea070e44b59d396a3a280379bec2d22cda1f4d3fd6768326578dad0e36b505c117ee65ab8f4dab871a0f19da9cf1cf2e4606c1d1761d6709e05483f2632dc94c7d0d96c9bd349f5a64529bd8244f7849f559d31723263828419495ccd94a0e7f4d7393f0fcdc2b208665eba3ff4576b7a630c49c0c4490dd1ad354a5330a68b559ffa9ba4a2aeaefbbf2670d4b42246bd2cd088abca23528c19ca0310000000000000000000000000000000000000000000000b7548ab4acda49b43cba2f5a00297571804d1ba60dccc1d6ab9123f9299cd805a86ba037d83ed22f1a3fd2c1dd6f5611a2bfd4e8d6ab0ced838dbf3c116ee881988bc7f346def734d39d027e274918567d0e3459b067ec94dab1dd846353c7e2e8a8671ee124b389d3e3d8230b2e586f3cbb480000000000000000000000000000695f2305ac82faab3ab89aa1a6ca88a5e4bfa1f66dde9926d9fadd27b13fce909bd25a815b7fe6d52df39a9fac5ea8aa4a07f142e04b6e63d88b26061266fe98fbe1d95c836bb436e3ac8f8a051571d712afe4b11351e9f807a14e30758be72b5dd3414b5a8835a2b6127696e1b88c949d797a4d74abdc692f418109e6016dbf9d071bdd5671a819c1f07689ed9488bb030fdbc5b135a291bf2308a9bda01d94407fff2abfcc420fdf68c301fd2916afef9e1ebe197ea39ee61d1fd3e69091c1e69ac73a5b821c71e4a8a3160a4e213cb4cca9de89b2f88c6ca4ce9e73e4bfba317e78acb1fb8d03f11caa1e69801c6388e22a8b1672e943754e8ba5b7947ea662d376fef4f7fe11dc0a8f5fe04c94f0ef4a0c2a7cdb50c0856551ed0a595257d5d8a21167fb1e099a952c0b84c0fc21b6f1542fe26ebb7acd82a2e438c9aaea630f528e3b40a6a4ed6fd32d9647385797e6d1462344383aeafafecdd02cb15d5729720baae63e4b99381d23fe7f45490ab782be6ba358fda8e6fe8f036973a1dab36a36fd8359829e60511c74e55a9b29b871007eb954f95763edbb427a89e7cdd5a5fc4ea004d98a380f9914b0d506925acadc0a401949494b1e7377ffcbdcee9df8c0beda57aded440d1de329206498b81ecea7b356"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x4}, 0x38) [ 1256.065370][T26197] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) 03:08:12 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xb000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1256.338154][T26212] loop0: detected capacity change from 0 to 4096 [ 1256.412975][T26212] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1256.425685][T26212] EXT4-fs (loop0): get root inode failed [ 1256.431548][T26212] EXT4-fs (loop0): mount failed 03:08:13 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c2000012", 0x65, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:13 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004", 0x1b, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) [ 1256.710696][T26228] loop2: detected capacity change from 0 to 4096 03:08:13 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:13 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1880000000000000000002000000000063110400f3a628bd97a992ac10000000009500000000007841c0e1d3ac4d04851018f13a53b00000d726a520a54db2910169dc72b4496eb7bd825aa2500c2636a6b7bd8ff832f0d0096b8d31dbe1899d9f2c9b257d155ad51c84a733ae01a49e1ea8826acdc068852d7217217644c623a3214c9e609d1aacf45e834cd15afa65483d1b48f05bf22c4a2f857421ea730628f12d7d9c2a8fd2e2943f7e80697d3a2e06264d5cc3f4ad97bbecfc508a63f20c67f440b0e74751fdd550922c398ab996e6899d8d8ce26ab374c791b4623327fe6fa384a2c5361b9287d8617f8f04dd90a1eb3c6c04cd4c23bda4ecee1f4a692a3ceff80876"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xac, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 1256.843493][T26228] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) 03:08:13 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xc000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:13 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece0200c70d0f13905ea23c22624c9f87f9793f50bbeffb40677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a1b241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd0224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5acd3de3a83209da17a0faf60fd6ad9b97aa5fa684803660000000000000003926b818aa3ca6108855e267f89316acea443e3b59c9b081d6a08000000ea2b1a52496d00af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea0000008000000000c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad89eef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be03f8a6ef2cd317902f19e385653282830689da6b53b263339863297771429d120000003341bf4a00fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94e6932c1b6a17bc0cfd3467decb05cfd9fcb32c8ed1dbd9d10a64c108285e71b5565b1768ee58969c4159ff030000000000004021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72660700006df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1f4db39f9f69dcb209e5877050c91301bb997316dbf17866fb84d4173731efe895ffecd05560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c5ed113c8198ca8ec18409b8950804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e47a391e358c3b377327ac9ecc34f24c9ae153ec60700694dc55bff9f5f4df90400000000000063ab6b047600d6b2c5ea1393fdf24285bfc6c057244300ee16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bdea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1513a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1f9f59d4f21137abf9a404abde7750898b1bd627e87306703be8672d70d1ab5b075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b928a31d2eca55f74a23641f61f2d5b308cf0d031b056237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4906000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d493bc19f810049209b085f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c4ff000000745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83186c1526af6fbb869604d51a36a54c832e45b2569dc0d90b077225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c0000000000378a921c7f7f8433c2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c1fb2d4b205aa00b6d713acebc5b014e61a543a5a194f9ac1cd76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f9360984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e49acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0efecb0f477db103463af2847e6ade5b9e065ec0d0ba58fedae5f08818fca475b169469f9efd131925d98c34b3cb26fe26796dd43b87e1cd2a39f5cf21d2e80a64ac97e71cafc29bfb78db090dd12225efeda2e93bf7f6ba7865e9c375a780929dfa5a210bf5858e2a4ff8e8d1e8c9cceed0d335acc94f76e7078ce4066f1e0ac9429f8013683301277a11e25b248b61180cb6207a0e26757f3f1bfc6c27f3720d1fb74afb17f3b5239bc2243853d5234afb05ed6024e94dee34666c5b5522b54cb433efa54b4e9022533e6a4598b453c9e549847c89bdee957dfa9ded9f16fdcd1b681e4c72f32fa3334313e334cc140daec7dcb22f463457a1a5ac230bbded8625832a2b6dbf837704aa89a7543208debe71d934cedaf85f1bf43f23baa076b051342ab9651cc11d9b8b7e68e931ca4795a720797959d07a0fd82c770a0c0a2b1924bc8dca0c4ca73f4e8ca2de4a1689b1717d9d008131206bb60c09ffbd2b5bdb327f45a583073d0e2045ab7b9dacefd8921f9078fcc568aa1f9c419115c2042f506b50aef369859f67fe4044a6943d7c2b028146743512d95f76bdbf5d5dabd3e8b9f9729caf7f85c826842fea43486e2bead66fdded6184965168ada42a2ed63f484f677dd4dd00b3a39010aa9baddee202b1ea070e44b59d396a3a280379bec2d22cda1f4d3fd6768326578dad0e36b505c117ee65ab8f4dab871a0f19da9cf1cf2e4606c1d1761d6709e05483f2632dc94c7d0d96c9bd349f5a64529bd8244f7849f559d31723263828419495ccd94a0e7f4d7393f0fcdc2b208665eba3ff4576b7a630c49c0c4490dd1ad354a5330a68b559ffa9ba4a2aeaefbbf2670d4b42246bd2cd088abca23528c19ca0310000000000000000000000000000000000000000000000b7548ab4acda49b43cba2f5a00297571804d1ba60dccc1d6ab9123f9299cd805a86ba037d83ed22f1a3fd2c1dd6f5611a2bfd4e8d6ab0ced838dbf3c116ee881988bc7f346def734d39d027e274918567d0e3459b067ec94dab1dd846353c7e2e8a8671ee124b389d3e3d8230b2e586f3cbb480000000000000000000000000000695f2305ac82faab3ab89aa1a6ca88a5e4bfa1f66dde9926d9fadd27b13fce909bd25a815b7fe6d52df39a9fac5ea8aa4a07f142e04b6e63d88b26061266fe98fbe1d95c836bb436e3ac8f8a051571d712afe4b11351e9f807a14e30758be72b5dd3414b5a8835a2b6127696e1b88c949d797a4d74abdc692f418109e6016dbf9d071bdd5671a819c1f07689ed9488bb030fdbc5b135a291bf2308a9bda01d94407fff2abfcc420fdf68c301fd2916afef9e1ebe197ea39ee61d1fd3e69091c1e69ac73a5b821c71e4a8a3160a4e213cb4cca9de89b2f88c6ca4ce9e73e4bfba317e78acb1fb8d03f11caa1e69801c6388e22a8b1672e943754e8ba5b7947ea662d376fef4f7fe11dc0a8f5fe04c94f0ef4a0c2a7cdb50c0856551ed0a595257d5d8a21167fb1e099a952c0b84c0fc21b6f1542fe26ebb7acd82a2e438c9aaea630f528e3b40a6a4ed6fd32d9647385797e6d1462344383aeafafecdd02cb15d5729720baae63e4b99381d23fe7f45490ab782be6ba358fda8e6fe8f036973a1dab36a36fd8359829e60511c74e55a9b29b871007eb954f95763edbb427a89e7cdd5a5fc4ea004d98a380f9914b0d506925acadc0a401949494b1e7377ffcbdcee9df8c0beda57aded440d1de329206498b81ecea7b356"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x4}, 0x38) [ 1257.058749][T26235] loop0: detected capacity change from 0 to 4096 03:08:13 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c2000012", 0x65, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1257.161013][T26235] EXT4-fs (loop0): corrupt root inode, run e2fsck [ 1257.168059][T26235] EXT4-fs (loop0): mount failed 03:08:14 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x5000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:14 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004", 0x1b, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:14 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece0200c70d0f13905ea23c22624c9f87f9793f50bbeffb40677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a1b241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd0224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5acd3de3a83209da17a0faf60fd6ad9b97aa5fa684803660000000000000003926b818aa3ca6108855e267f89316acea443e3b59c9b081d6a08000000ea2b1a52496d00af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea0000008000000000c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad89eef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be03f8a6ef2cd317902f19e385653282830689da6b53b263339863297771429d120000003341bf4a00fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94e6932c1b6a17bc0cfd3467decb05cfd9fcb32c8ed1dbd9d10a64c108285e71b5565b1768ee58969c4159ff030000000000004021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72660700006df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1f4db39f9f69dcb209e5877050c91301bb997316dbf17866fb84d4173731efe895ffecd05560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c5ed113c8198ca8ec18409b8950804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e47a391e358c3b377327ac9ecc34f24c9ae153ec60700694dc55bff9f5f4df90400000000000063ab6b047600d6b2c5ea1393fdf24285bfc6c057244300ee16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bdea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1513a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1f9f59d4f21137abf9a404abde7750898b1bd627e87306703be8672d70d1ab5b075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b928a31d2eca55f74a23641f61f2d5b308cf0d031b056237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4906000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d493bc19f810049209b085f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c4ff000000745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83186c1526af6fbb869604d51a36a54c832e45b2569dc0d90b077225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c0000000000378a921c7f7f8433c2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c1fb2d4b205aa00b6d713acebc5b014e61a543a5a194f9ac1cd76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f9360984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e49acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0efecb0f477db103463af2847e6ade5b9e065ec0d0ba58fedae5f08818fca475b169469f9efd131925d98c34b3cb26fe26796dd43b87e1cd2a39f5cf21d2e80a64ac97e71cafc29bfb78db090dd12225efeda2e93bf7f6ba7865e9c375a780929dfa5a210bf5858e2a4ff8e8d1e8c9cceed0d335acc94f76e7078ce4066f1e0ac9429f8013683301277a11e25b248b61180cb6207a0e26757f3f1bfc6c27f3720d1fb74afb17f3b5239bc2243853d5234afb05ed6024e94dee34666c5b5522b54cb433efa54b4e9022533e6a4598b453c9e549847c89bdee957dfa9ded9f16fdcd1b681e4c72f32fa3334313e334cc140daec7dcb22f463457a1a5ac230bbded8625832a2b6dbf837704aa89a7543208debe71d934cedaf85f1bf43f23baa076b051342ab9651cc11d9b8b7e68e931ca4795a720797959d07a0fd82c770a0c0a2b1924bc8dca0c4ca73f4e8ca2de4a1689b1717d9d008131206bb60c09ffbd2b5bdb327f45a583073d0e2045ab7b9dacefd8921f9078fcc568aa1f9c419115c2042f506b50aef369859f67fe4044a6943d7c2b028146743512d95f76bdbf5d5dabd3e8b9f9729caf7f85c826842fea43486e2bead66fdded6184965168ada42a2ed63f484f677dd4dd00b3a39010aa9baddee202b1ea070e44b59d396a3a280379bec2d22cda1f4d3fd6768326578dad0e36b505c117ee65ab8f4dab871a0f19da9cf1cf2e4606c1d1761d6709e05483f2632dc94c7d0d96c9bd349f5a64529bd8244f7849f559d31723263828419495ccd94a0e7f4d7393f0fcdc2b208665eba3ff4576b7a630c49c0c4490dd1ad354a5330a68b559ffa9ba4a2aeaefbbf2670d4b42246bd2cd088abca23528c19ca0310000000000000000000000000000000000000000000000b7548ab4acda49b43cba2f5a00297571804d1ba60dccc1d6ab9123f9299cd805a86ba037d83ed22f1a3fd2c1dd6f5611a2bfd4e8d6ab0ced838dbf3c116ee881988bc7f346def734d39d027e274918567d0e3459b067ec94dab1dd846353c7e2e8a8671ee124b389d3e3d8230b2e586f3cbb480000000000000000000000000000695f2305ac82faab3ab89aa1a6ca88a5e4bfa1f66dde9926d9fadd27b13fce909bd25a815b7fe6d52df39a9fac5ea8aa4a07f142e04b6e63d88b26061266fe98fbe1d95c836bb436e3ac8f8a051571d712afe4b11351e9f807a14e30758be72b5dd3414b5a8835a2b6127696e1b88c949d797a4d74abdc692f418109e6016dbf9d071bdd5671a819c1f07689ed9488bb030fdbc5b135a291bf2308a9bda01d94407fff2abfcc420fdf68c301fd2916afef9e1ebe197ea39ee61d1fd3e69091c1e69ac73a5b821c71e4a8a3160a4e213cb4cca9de89b2f88c6ca4ce9e73e4bfba317e78acb1fb8d03f11caa1e69801c6388e22a8b1672e943754e8ba5b7947ea662d376fef4f7fe11dc0a8f5fe04c94f0ef4a0c2a7cdb50c0856551ed0a595257d5d8a21167fb1e099a952c0b84c0fc21b6f1542fe26ebb7acd82a2e438c9aaea630f528e3b40a6a4ed6fd32d9647385797e6d1462344383aeafafecdd02cb15d5729720baae63e4b99381d23fe7f45490ab782be6ba358fda8e6fe8f036973a1dab36a36fd8359829e60511c74e55a9b29b871007eb954f95763edbb427a89e7cdd5a5fc4ea004d98a380f9914b0d506925acadc0a401949494b1e7377ffcbdcee9df8c0beda57aded440d1de329206498b81ecea7b356"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x4}, 0x38) 03:08:14 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xd000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1257.666502][T26254] loop2: detected capacity change from 0 to 4096 [ 1257.728129][T26254] EXT4-fs (loop2): fragment/cluster size (65536) != block size (4096) 03:08:14 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) [ 1257.998937][T26265] loop0: detected capacity change from 0 to 4096 03:08:14 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1880000000000000000002000000000063110400f3a628bd97a992ac10000000009500000000007841c0e1d3ac4d04851018f13a53b00000d726a520a54db2910169dc72b4496eb7bd825aa2500c2636a6b7bd8ff832f0d0096b8d31dbe1899d9f2c9b257d155ad51c84a733ae01a49e1ea8826acdc068852d7217217644c623a3214c9e609d1aacf45e834cd15afa65483d1b48f05bf22c4a2f857421ea730628f12d7d9c2a8fd2e2943f7e80697d3a2e06264d5cc3f4ad97bbecfc508a63f20c67f440b0e74751fdd550922c398ab996e6899d8d8ce26ab374c791b4623327fe6fa384a2c5361b9287d8617f8f04dd90a1eb3c6c04cd4c23bda4ecee1f4a692a3ceff80876"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xac, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:08:14 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:14 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece0200c70d0f13905ea23c22624c9f87f9793f50bbeffb40677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a1b241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd0224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5acd3de3a83209da17a0faf60fd6ad9b97aa5fa684803660000000000000003926b818aa3ca6108855e267f89316acea443e3b59c9b081d6a08000000ea2b1a52496d00af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea0000008000000000c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad89eef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be03f8a6ef2cd317902f19e385653282830689da6b53b263339863297771429d120000003341bf4a00fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94e6932c1b6a17bc0cfd3467decb05cfd9fcb32c8ed1dbd9d10a64c108285e71b5565b1768ee58969c4159ff030000000000004021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72660700006df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1f4db39f9f69dcb209e5877050c91301bb997316dbf17866fb84d4173731efe895ffecd05560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c5ed113c8198ca8ec18409b8950804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e47a391e358c3b377327ac9ecc34f24c9ae153ec60700694dc55bff9f5f4df90400000000000063ab6b047600d6b2c5ea1393fdf24285bfc6c057244300ee16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bdea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1513a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1f9f59d4f21137abf9a404abde7750898b1bd627e87306703be8672d70d1ab5b075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b928a31d2eca55f74a23641f61f2d5b308cf0d031b056237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4906000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d493bc19f810049209b085f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c4ff000000745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83186c1526af6fbb869604d51a36a54c832e45b2569dc0d90b077225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c0000000000378a921c7f7f8433c2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c1fb2d4b205aa00b6d713acebc5b014e61a543a5a194f9ac1cd76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f9360984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e49acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0efecb0f477db103463af2847e6ade5b9e065ec0d0ba58fedae5f08818fca475b169469f9efd131925d98c34b3cb26fe26796dd43b87e1cd2a39f5cf21d2e80a64ac97e71cafc29bfb78db090dd12225efeda2e93bf7f6ba7865e9c375a780929dfa5a210bf5858e2a4ff8e8d1e8c9cceed0d335acc94f76e7078ce4066f1e0ac9429f8013683301277a11e25b248b61180cb6207a0e26757f3f1bfc6c27f3720d1fb74afb17f3b5239bc2243853d5234afb05ed6024e94dee34666c5b5522b54cb433efa54b4e9022533e6a4598b453c9e549847c89bdee957dfa9ded9f16fdcd1b681e4c72f32fa3334313e334cc140daec7dcb22f463457a1a5ac230bbded8625832a2b6dbf837704aa89a7543208debe71d934cedaf85f1bf43f23baa076b051342ab9651cc11d9b8b7e68e931ca4795a720797959d07a0fd82c770a0c0a2b1924bc8dca0c4ca73f4e8ca2de4a1689b1717d9d008131206bb60c09ffbd2b5bdb327f45a583073d0e2045ab7b9dacefd8921f9078fcc568aa1f9c419115c2042f506b50aef369859f67fe4044a6943d7c2b028146743512d95f76bdbf5d5dabd3e8b9f9729caf7f85c826842fea43486e2bead66fdded6184965168ada42a2ed63f484f677dd4dd00b3a39010aa9baddee202b1ea070e44b59d396a3a280379bec2d22cda1f4d3fd6768326578dad0e36b505c117ee65ab8f4dab871a0f19da9cf1cf2e4606c1d1761d6709e05483f2632dc94c7d0d96c9bd349f5a64529bd8244f7849f559d31723263828419495ccd94a0e7f4d7393f0fcdc2b208665eba3ff4576b7a630c49c0c4490dd1ad354a5330a68b559ffa9ba4a2aeaefbbf2670d4b42246bd2cd088abca23528c19ca0310000000000000000000000000000000000000000000000b7548ab4acda49b43cba2f5a00297571804d1ba60dccc1d6ab9123f9299cd805a86ba037d83ed22f1a3fd2c1dd6f5611a2bfd4e8d6ab0ced838dbf3c116ee881988bc7f346def734d39d027e274918567d0e3459b067ec94dab1dd846353c7e2e8a8671ee124b389d3e3d8230b2e586f3cbb480000000000000000000000000000695f2305ac82faab3ab89aa1a6ca88a5e4bfa1f66dde9926d9fadd27b13fce909bd25a815b7fe6d52df39a9fac5ea8aa4a07f142e04b6e63d88b26061266fe98fbe1d95c836bb436e3ac8f8a051571d712afe4b11351e9f807a14e30758be72b5dd3414b5a8835a2b6127696e1b88c949d797a4d74abdc692f418109e6016dbf9d071bdd5671a819c1f07689ed9488bb030fdbc5b135a291bf2308a9bda01d94407fff2abfcc420fdf68c301fd2916afef9e1ebe197ea39ee61d1fd3e69091c1e69ac73a5b821c71e4a8a3160a4e213cb4cca9de89b2f88c6ca4ce9e73e4bfba317e78acb1fb8d03f11caa1e69801c6388e22a8b1672e943754e8ba5b7947ea662d376fef4f7fe11dc0a8f5fe04c94f0ef4a0c2a7cdb50c0856551ed0a595257d5d8a21167fb1e099a952c0b84c0fc21b6f1542fe26ebb7acd82a2e438c9aaea630f528e3b40a6a4ed6fd32d9647385797e6d1462344383aeafafecdd02cb15d5729720baae63e4b99381d23fe7f45490ab782be6ba358fda8e6fe8f036973a1dab36a36fd8359829e60511c74e55a9b29b871007eb954f95763edbb427a89e7cdd5a5fc4ea004d98a380f9914b0d506925acadc0a401949494b1e7377ffcbdcee9df8c0beda57aded440d1de329206498b81ecea7b356"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x4}, 0x38) [ 1258.186737][T26265] EXT4-fs (loop0): corrupt root inode, run e2fsck [ 1258.193707][T26265] EXT4-fs (loop0): mount failed 03:08:15 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004", 0x1b, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:15 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1258.550983][T26281] loop2: detected capacity change from 0 to 4096 [ 1258.677441][T26281] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 1258.709609][T26291] loop0: detected capacity change from 0 to 4096 [ 1258.896811][T26291] EXT4-fs (loop0): corrupt root inode, run e2fsck [ 1258.903838][T26291] EXT4-fs (loop0): mount failed 03:08:15 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece0200c70d0f13905ea23c22624c9f87f9793f50bbeffb40677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a1b241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd0224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5acd3de3a83209da17a0faf60fd6ad9b97aa5fa684803660000000000000003926b818aa3ca6108855e267f89316acea443e3b59c9b081d6a08000000ea2b1a52496d00af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea0000008000000000c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad89eef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be03f8a6ef2cd317902f19e385653282830689da6b53b263339863297771429d120000003341bf4a00fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94e6932c1b6a17bc0cfd3467decb05cfd9fcb32c8ed1dbd9d10a64c108285e71b5565b1768ee58969c4159ff030000000000004021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72660700006df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1f4db39f9f69dcb209e5877050c91301bb997316dbf17866fb84d4173731efe895ffecd05560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c5ed113c8198ca8ec18409b8950804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e47a391e358c3b377327ac9ecc34f24c9ae153ec60700694dc55bff9f5f4df90400000000000063ab6b047600d6b2c5ea1393fdf24285bfc6c057244300ee16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bdea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1513a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1f9f59d4f21137abf9a404abde7750898b1bd627e87306703be8672d70d1ab5b075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b928a31d2eca55f74a23641f61f2d5b308cf0d031b056237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4906000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d493bc19f810049209b085f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c4ff000000745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83186c1526af6fbb869604d51a36a54c832e45b2569dc0d90b077225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c0000000000378a921c7f7f8433c2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c1fb2d4b205aa00b6d713acebc5b014e61a543a5a194f9ac1cd76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f9360984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e49acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0efecb0f477db103463af2847e6ade5b9e065ec0d0ba58fedae5f08818fca475b169469f9efd131925d98c34b3cb26fe26796dd43b87e1cd2a39f5cf21d2e80a64ac97e71cafc29bfb78db090dd12225efeda2e93bf7f6ba7865e9c375a780929dfa5a210bf5858e2a4ff8e8d1e8c9cceed0d335acc94f76e7078ce4066f1e0ac9429f8013683301277a11e25b248b61180cb6207a0e26757f3f1bfc6c27f3720d1fb74afb17f3b5239bc2243853d5234afb05ed6024e94dee34666c5b5522b54cb433efa54b4e9022533e6a4598b453c9e549847c89bdee957dfa9ded9f16fdcd1b681e4c72f32fa3334313e334cc140daec7dcb22f463457a1a5ac230bbded8625832a2b6dbf837704aa89a7543208debe71d934cedaf85f1bf43f23baa076b051342ab9651cc11d9b8b7e68e931ca4795a720797959d07a0fd82c770a0c0a2b1924bc8dca0c4ca73f4e8ca2de4a1689b1717d9d008131206bb60c09ffbd2b5bdb327f45a583073d0e2045ab7b9dacefd8921f9078fcc568aa1f9c419115c2042f506b50aef369859f67fe4044a6943d7c2b028146743512d95f76bdbf5d5dabd3e8b9f9729caf7f85c826842fea43486e2bead66fdded6184965168ada42a2ed63f484f677dd4dd00b3a39010aa9baddee202b1ea070e44b59d396a3a280379bec2d22cda1f4d3fd6768326578dad0e36b505c117ee65ab8f4dab871a0f19da9cf1cf2e4606c1d1761d6709e05483f2632dc94c7d0d96c9bd349f5a64529bd8244f7849f559d31723263828419495ccd94a0e7f4d7393f0fcdc2b208665eba3ff4576b7a630c49c0c4490dd1ad354a5330a68b559ffa9ba4a2aeaefbbf2670d4b42246bd2cd088abca23528c19ca0310000000000000000000000000000000000000000000000b7548ab4acda49b43cba2f5a00297571804d1ba60dccc1d6ab9123f9299cd805a86ba037d83ed22f1a3fd2c1dd6f5611a2bfd4e8d6ab0ced838dbf3c116ee881988bc7f346def734d39d027e274918567d0e3459b067ec94dab1dd846353c7e2e8a8671ee124b389d3e3d8230b2e586f3cbb480000000000000000000000000000695f2305ac82faab3ab89aa1a6ca88a5e4bfa1f66dde9926d9fadd27b13fce909bd25a815b7fe6d52df39a9fac5ea8aa4a07f142e04b6e63d88b26061266fe98fbe1d95c836bb436e3ac8f8a051571d712afe4b11351e9f807a14e30758be72b5dd3414b5a8835a2b6127696e1b88c949d797a4d74abdc692f418109e6016dbf9d071bdd5671a819c1f07689ed9488bb030fdbc5b135a291bf2308a9bda01d94407fff2abfcc420fdf68c301fd2916afef9e1ebe197ea39ee61d1fd3e69091c1e69ac73a5b821c71e4a8a3160a4e213cb4cca9de89b2f88c6ca4ce9e73e4bfba317e78acb1fb8d03f11caa1e69801c6388e22a8b1672e943754e8ba5b7947ea662d376fef4f7fe11dc0a8f5fe04c94f0ef4a0c2a7cdb50c0856551ed0a595257d5d8a21167fb1e099a952c0b84c0fc21b6f1542fe26ebb7acd82a2e438c9aaea630f528e3b40a6a4ed6fd32d9647385797e6d1462344383aeafafecdd02cb15d5729720baae63e4b99381d23fe7f45490ab782be6ba358fda8e6fe8f036973a1dab36a36fd8359829e60511c74e55a9b29b871007eb954f95763edbb427a89e7cdd5a5fc4ea004d98a380f9914b0d506925acadc0a401949494b1e7377ffcbdcee9df8c0beda57aded440d1de329206498b81ecea7b356"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x38) 03:08:15 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:15 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:15 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1880000000000000000002000000000063110400f3a628bd97a992ac10000000009500000000007841c0e1d3ac4d04851018f13a53b00000d726a520a54db2910169dc72b4496eb7bd825aa2500c2636a6b7bd8ff832f0d0096b8d31dbe1899d9f2c9b257d155ad51c84a733ae01a49e1ea8826acdc068852d7217217644c623a3214c9e609d1aacf45e834cd15afa65483d1b48f05bf22c4a2f857421ea730628f12d7d9c2a8fd2e2943f7e80697d3a2e06264d5cc3f4ad97bbecfc508a63f20c67f440b0e74751fdd550922c398ab996e6899d8d8ce26ab374c791b4623327fe6fa384a2c5361b9287d8617f8f04dd90a1eb3c6c04cd4c23bda4ecee1f4a692a3ceff80876"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xac, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:08:16 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:16 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x10000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:16 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece0200c70d0f13905ea23c22624c9f87f9793f50bbeffb40677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a1b241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd0224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5acd3de3a83209da17a0faf60fd6ad9b97aa5fa684803660000000000000003926b818aa3ca6108855e267f89316acea443e3b59c9b081d6a08000000ea2b1a52496d00af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea0000008000000000c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad89eef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be03f8a6ef2cd317902f19e385653282830689da6b53b263339863297771429d120000003341bf4a00fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94e6932c1b6a17bc0cfd3467decb05cfd9fcb32c8ed1dbd9d10a64c108285e71b5565b1768ee58969c4159ff030000000000004021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72660700006df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1f4db39f9f69dcb209e5877050c91301bb997316dbf17866fb84d4173731efe895ffecd05560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c5ed113c8198ca8ec18409b8950804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e47a391e358c3b377327ac9ecc34f24c9ae153ec60700694dc55bff9f5f4df90400000000000063ab6b047600d6b2c5ea1393fdf24285bfc6c057244300ee16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bdea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1513a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1f9f59d4f21137abf9a404abde7750898b1bd627e87306703be8672d70d1ab5b075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b928a31d2eca55f74a23641f61f2d5b308cf0d031b056237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4906000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d493bc19f810049209b085f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c4ff000000745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83186c1526af6fbb869604d51a36a54c832e45b2569dc0d90b077225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c0000000000378a921c7f7f8433c2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c1fb2d4b205aa00b6d713acebc5b014e61a543a5a194f9ac1cd76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f9360984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e49acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0efecb0f477db103463af2847e6ade5b9e065ec0d0ba58fedae5f08818fca475b169469f9efd131925d98c34b3cb26fe26796dd43b87e1cd2a39f5cf21d2e80a64ac97e71cafc29bfb78db090dd12225efeda2e93bf7f6ba7865e9c375a780929dfa5a210bf5858e2a4ff8e8d1e8c9cceed0d335acc94f76e7078ce4066f1e0ac9429f8013683301277a11e25b248b61180cb6207a0e26757f3f1bfc6c27f3720d1fb74afb17f3b5239bc2243853d5234afb05ed6024e94dee34666c5b5522b54cb433efa54b4e9022533e6a4598b453c9e549847c89bdee957dfa9ded9f16fdcd1b681e4c72f32fa3334313e334cc140daec7dcb22f463457a1a5ac230bbded8625832a2b6dbf837704aa89a7543208debe71d934cedaf85f1bf43f23baa076b051342ab9651cc11d9b8b7e68e931ca4795a720797959d07a0fd82c770a0c0a2b1924bc8dca0c4ca73f4e8ca2de4a1689b1717d9d008131206bb60c09ffbd2b5bdb327f45a583073d0e2045ab7b9dacefd8921f9078fcc568aa1f9c419115c2042f506b50aef369859f67fe4044a6943d7c2b028146743512d95f76bdbf5d5dabd3e8b9f9729caf7f85c826842fea43486e2bead66fdded6184965168ada42a2ed63f484f677dd4dd00b3a39010aa9baddee202b1ea070e44b59d396a3a280379bec2d22cda1f4d3fd6768326578dad0e36b505c117ee65ab8f4dab871a0f19da9cf1cf2e4606c1d1761d6709e05483f2632dc94c7d0d96c9bd349f5a64529bd8244f7849f559d31723263828419495ccd94a0e7f4d7393f0fcdc2b208665eba3ff4576b7a630c49c0c4490dd1ad354a5330a68b559ffa9ba4a2aeaefbbf2670d4b42246bd2cd088abca23528c19ca0310000000000000000000000000000000000000000000000b7548ab4acda49b43cba2f5a00297571804d1ba60dccc1d6ab9123f9299cd805a86ba037d83ed22f1a3fd2c1dd6f5611a2bfd4e8d6ab0ced838dbf3c116ee881988bc7f346def734d39d027e274918567d0e3459b067ec94dab1dd846353c7e2e8a8671ee124b389d3e3d8230b2e586f3cbb480000000000000000000000000000695f2305ac82faab3ab89aa1a6ca88a5e4bfa1f66dde9926d9fadd27b13fce909bd25a815b7fe6d52df39a9fac5ea8aa4a07f142e04b6e63d88b26061266fe98fbe1d95c836bb436e3ac8f8a051571d712afe4b11351e9f807a14e30758be72b5dd3414b5a8835a2b6127696e1b88c949d797a4d74abdc692f418109e6016dbf9d071bdd5671a819c1f07689ed9488bb030fdbc5b135a291bf2308a9bda01d94407fff2abfcc420fdf68c301fd2916afef9e1ebe197ea39ee61d1fd3e69091c1e69ac73a5b821c71e4a8a3160a4e213cb4cca9de89b2f88c6ca4ce9e73e4bfba317e78acb1fb8d03f11caa1e69801c6388e22a8b1672e943754e8ba5b7947ea662d376fef4f7fe11dc0a8f5fe04c94f0ef4a0c2a7cdb50c0856551ed0a595257d5d8a21167fb1e099a952c0b84c0fc21b6f1542fe26ebb7acd82a2e438c9aaea630f528e3b40a6a4ed6fd32d9647385797e6d1462344383aeafafecdd02cb15d5729720baae63e4b99381d23fe7f45490ab782be6ba358fda8e6fe8f036973a1dab36a36fd8359829e60511c74e55a9b29b871007eb954f95763edbb427a89e7cdd5a5fc4ea004d98a380f9914b0d506925acadc0a401949494b1e7377ffcbdcee9df8c0beda57aded440d1de329206498b81ecea7b356"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x38) [ 1259.550518][T26308] loop2: detected capacity change from 0 to 4096 [ 1259.694277][T26308] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 1259.913648][T26323] loop0: detected capacity change from 0 to 4096 03:08:16 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x10400000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:16 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:16 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1260.036495][T26323] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 1260.255183][T26332] loop2: detected capacity change from 0 to 4096 [ 1260.285906][T26332] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 03:08:17 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece0200c70d0f13905ea23c22624c9f87f9793f50bbeffb40677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a1b241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd0224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5acd3de3a83209da17a0faf60fd6ad9b97aa5fa684803660000000000000003926b818aa3ca6108855e267f89316acea443e3b59c9b081d6a08000000ea2b1a52496d00af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea0000008000000000c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad89eef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be03f8a6ef2cd317902f19e385653282830689da6b53b263339863297771429d120000003341bf4a00fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94e6932c1b6a17bc0cfd3467decb05cfd9fcb32c8ed1dbd9d10a64c108285e71b5565b1768ee58969c4159ff030000000000004021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72660700006df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1f4db39f9f69dcb209e5877050c91301bb997316dbf17866fb84d4173731efe895ffecd05560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c5ed113c8198ca8ec18409b8950804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e47a391e358c3b377327ac9ecc34f24c9ae153ec60700694dc55bff9f5f4df90400000000000063ab6b047600d6b2c5ea1393fdf24285bfc6c057244300ee16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bdea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1513a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1f9f59d4f21137abf9a404abde7750898b1bd627e87306703be8672d70d1ab5b075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b928a31d2eca55f74a23641f61f2d5b308cf0d031b056237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4906000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d493bc19f810049209b085f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c4ff000000745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83186c1526af6fbb869604d51a36a54c832e45b2569dc0d90b077225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c0000000000378a921c7f7f8433c2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c1fb2d4b205aa00b6d713acebc5b014e61a543a5a194f9ac1cd76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f9360984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e49acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0efecb0f477db103463af2847e6ade5b9e065ec0d0ba58fedae5f08818fca475b169469f9efd131925d98c34b3cb26fe26796dd43b87e1cd2a39f5cf21d2e80a64ac97e71cafc29bfb78db090dd12225efeda2e93bf7f6ba7865e9c375a780929dfa5a210bf5858e2a4ff8e8d1e8c9cceed0d335acc94f76e7078ce4066f1e0ac9429f8013683301277a11e25b248b61180cb6207a0e26757f3f1bfc6c27f3720d1fb74afb17f3b5239bc2243853d5234afb05ed6024e94dee34666c5b5522b54cb433efa54b4e9022533e6a4598b453c9e549847c89bdee957dfa9ded9f16fdcd1b681e4c72f32fa3334313e334cc140daec7dcb22f463457a1a5ac230bbded8625832a2b6dbf837704aa89a7543208debe71d934cedaf85f1bf43f23baa076b051342ab9651cc11d9b8b7e68e931ca4795a720797959d07a0fd82c770a0c0a2b1924bc8dca0c4ca73f4e8ca2de4a1689b1717d9d008131206bb60c09ffbd2b5bdb327f45a583073d0e2045ab7b9dacefd8921f9078fcc568aa1f9c419115c2042f506b50aef369859f67fe4044a6943d7c2b028146743512d95f76bdbf5d5dabd3e8b9f9729caf7f85c826842fea43486e2bead66fdded6184965168ada42a2ed63f484f677dd4dd00b3a39010aa9baddee202b1ea070e44b59d396a3a280379bec2d22cda1f4d3fd6768326578dad0e36b505c117ee65ab8f4dab871a0f19da9cf1cf2e4606c1d1761d6709e05483f2632dc94c7d0d96c9bd349f5a64529bd8244f7849f559d31723263828419495ccd94a0e7f4d7393f0fcdc2b208665eba3ff4576b7a630c49c0c4490dd1ad354a5330a68b559ffa9ba4a2aeaefbbf2670d4b42246bd2cd088abca23528c19ca0310000000000000000000000000000000000000000000000b7548ab4acda49b43cba2f5a00297571804d1ba60dccc1d6ab9123f9299cd805a86ba037d83ed22f1a3fd2c1dd6f5611a2bfd4e8d6ab0ced838dbf3c116ee881988bc7f346def734d39d027e274918567d0e3459b067ec94dab1dd846353c7e2e8a8671ee124b389d3e3d8230b2e586f3cbb480000000000000000000000000000695f2305ac82faab3ab89aa1a6ca88a5e4bfa1f66dde9926d9fadd27b13fce909bd25a815b7fe6d52df39a9fac5ea8aa4a07f142e04b6e63d88b26061266fe98fbe1d95c836bb436e3ac8f8a051571d712afe4b11351e9f807a14e30758be72b5dd3414b5a8835a2b6127696e1b88c949d797a4d74abdc692f418109e6016dbf9d071bdd5671a819c1f07689ed9488bb030fdbc5b135a291bf2308a9bda01d94407fff2abfcc420fdf68c301fd2916afef9e1ebe197ea39ee61d1fd3e69091c1e69ac73a5b821c71e4a8a3160a4e213cb4cca9de89b2f88c6ca4ce9e73e4bfba317e78acb1fb8d03f11caa1e69801c6388e22a8b1672e943754e8ba5b7947ea662d376fef4f7fe11dc0a8f5fe04c94f0ef4a0c2a7cdb50c0856551ed0a595257d5d8a21167fb1e099a952c0b84c0fc21b6f1542fe26ebb7acd82a2e438c9aaea630f528e3b40a6a4ed6fd32d9647385797e6d1462344383aeafafecdd02cb15d5729720baae63e4b99381d23fe7f45490ab782be6ba358fda8e6fe8f036973a1dab36a36fd8359829e60511c74e55a9b29b871007eb954f95763edbb427a89e7cdd5a5fc4ea004d98a380f9914b0d506925acadc0a401949494b1e7377ffcbdcee9df8c0beda57aded440d1de329206498b81ecea7b356"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x38) 03:08:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:17 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) 03:08:17 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, 0x0) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:17 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:17 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x11000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1260.854239][T26348] loop0: detected capacity change from 0 to 4096 [ 1260.900538][T26354] loop2: detected capacity change from 0 to 4096 [ 1260.944747][T26348] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 1261.014915][T26348] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback. 03:08:17 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, 0x0) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:17 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece0200c70d0f13905ea23c22624c9f87f9793f50bbeffb40677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a1b241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd0224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5acd3de3a83209da17a0faf60fd6ad9b97aa5fa684803660000000000000003926b818aa3ca6108855e267f89316acea443e3b59c9b081d6a08000000ea2b1a52496d00af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea0000008000000000c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad89eef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be03f8a6ef2cd317902f19e385653282830689da6b53b263339863297771429d120000003341bf4a00fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94e6932c1b6a17bc0cfd3467decb05cfd9fcb32c8ed1dbd9d10a64c108285e71b5565b1768ee58969c4159ff030000000000004021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72660700006df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1f4db39f9f69dcb209e5877050c91301bb997316dbf17866fb84d4173731efe895ffecd05560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c5ed113c8198ca8ec18409b8950804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e47a391e358c3b377327ac9ecc34f24c9ae153ec60700694dc55bff9f5f4df90400000000000063ab6b047600d6b2c5ea1393fdf24285bfc6c057244300ee16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bdea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1513a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1f9f59d4f21137abf9a404abde7750898b1bd627e87306703be8672d70d1ab5b075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b928a31d2eca55f74a23641f61f2d5b308cf0d031b056237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4906000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d493bc19f810049209b085f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c4ff000000745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83186c1526af6fbb869604d51a36a54c832e45b2569dc0d90b077225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c0000000000378a921c7f7f8433c2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c1fb2d4b205aa00b6d713acebc5b014e61a543a5a194f9ac1cd76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f9360984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e49acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0efecb0f477db103463af2847e6ade5b9e065ec0d0ba58fedae5f08818fca475b169469f9efd131925d98c34b3cb26fe26796dd43b87e1cd2a39f5cf21d2e80a64ac97e71cafc29bfb78db090dd12225efeda2e93bf7f6ba7865e9c375a780929dfa5a210bf5858e2a4ff8e8d1e8c9cceed0d335acc94f76e7078ce4066f1e0ac9429f8013683301277a11e25b248b61180cb6207a0e26757f3f1bfc6c27f3720d1fb74afb17f3b5239bc2243853d5234afb05ed6024e94dee34666c5b5522b54cb433efa54b4e9022533e6a4598b453c9e549847c89bdee957dfa9ded9f16fdcd1b681e4c72f32fa3334313e334cc140daec7dcb22f463457a1a5ac230bbded8625832a2b6dbf837704aa89a7543208debe71d934cedaf85f1bf43f23baa076b051342ab9651cc11d9b8b7e68e931ca4795a720797959d07a0fd82c770a0c0a2b1924bc8dca0c4ca73f4e8ca2de4a1689b1717d9d008131206bb60c09ffbd2b5bdb327f45a583073d0e2045ab7b9dacefd8921f9078fcc568aa1f9c419115c2042f506b50aef369859f67fe4044a6943d7c2b028146743512d95f76bdbf5d5dabd3e8b9f9729caf7f85c826842fea43486e2bead66fdded6184965168ada42a2ed63f484f677dd4dd00b3a39010aa9baddee202b1ea070e44b59d396a3a280379bec2d22cda1f4d3fd6768326578dad0e36b505c117ee65ab8f4dab871a0f19da9cf1cf2e4606c1d1761d6709e05483f2632dc94c7d0d96c9bd349f5a64529bd8244f7849f559d31723263828419495ccd94a0e7f4d7393f0fcdc2b208665eba3ff4576b7a630c49c0c4490dd1ad354a5330a68b559ffa9ba4a2aeaefbbf2670d4b42246bd2cd088abca23528c19ca0310000000000000000000000000000000000000000000000b7548ab4acda49b43cba2f5a00297571804d1ba60dccc1d6ab9123f9299cd805a86ba037d83ed22f1a3fd2c1dd6f5611a2bfd4e8d6ab0ced838dbf3c116ee881988bc7f346def734d39d027e274918567d0e3459b067ec94dab1dd846353c7e2e8a8671ee124b389d3e3d8230b2e586f3cbb480000000000000000000000000000695f2305ac82faab3ab89aa1a6ca88a5e4bfa1f66dde9926d9fadd27b13fce909bd25a815b7fe6d52df39a9fac5ea8aa4a07f142e04b6e63d88b26061266fe98fbe1d95c836bb436e3ac8f8a051571d712afe4b11351e9f807a14e30758be72b5dd3414b5a8835a2b6127696e1b88c949d797a4d74abdc692f418109e6016dbf9d071bdd5671a819c1f07689ed9488bb030fdbc5b135a291bf2308a9bda01d94407fff2abfcc420fdf68c301fd2916afef9e1ebe197ea39ee61d1fd3e69091c1e69ac73a5b821c71e4a8a3160a4e213cb4cca9de89b2f88c6ca4ce9e73e4bfba317e78acb1fb8d03f11caa1e69801c6388e22a8b1672e943754e8ba5b7947ea662d376fef4f7fe11dc0a8f5fe04c94f0ef4a0c2a7cdb50c0856551ed0a595257d5d8a21167fb1e099a952c0b84c0fc21b6f1542fe26ebb7acd82a2e438c9aaea630f528e3b40a6a4ed6fd32d9647385797e6d1462344383aeafafecdd02cb15d5729720baae63e4b99381d23fe7f45490ab782be6ba358fda8e6fe8f036973a1dab36a36fd8359829e60511c74e55a9b29b871007eb954f95763edbb427a89e7cdd5a5fc4ea004d98a380f9914b0d506925acadc0a401949494b1e7377ffcbdcee9df8c0beda57aded440d1de329206498b81ecea7b356"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x4}, 0x38) 03:08:18 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f0000000000000400", 0x1c, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:18 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xa000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:18 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x12000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1261.560974][T26371] loop2: detected capacity change from 0 to 4096 03:08:18 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xb000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1261.971010][T26380] loop0: detected capacity change from 0 to 4096 03:08:18 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, 0x0) getdents(r1, &(0x7f00000004c0)=""/203, 0xcb) 03:08:18 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x4}, 0x38) 03:08:18 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) [ 1262.177969][T26380] EXT4-fs (loop0): corrupt root inode, run e2fsck [ 1262.184916][T26380] EXT4-fs (loop0): mount failed 03:08:19 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x14000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:19 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f0000000000000400", 0x1c, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) [ 1262.627732][T26399] loop2: detected capacity change from 0 to 4096 03:08:19 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:19 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xc000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:19 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(0xffffffffffffffff, &(0x7f00000004c0)=""/203, 0xcb) [ 1263.032594][T26409] loop0: detected capacity change from 0 to 4096 03:08:19 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) 03:08:19 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f0000000000000400", 0x1c, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:20 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x27000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:20 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xd000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1263.526298][T26427] loop2: detected capacity change from 0 to 4096 [ 1263.705601][T26427] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. 03:08:20 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1263.918169][T26439] loop0: detected capacity change from 0 to 4096 03:08:20 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(0xffffffffffffffff, &(0x7f00000004c0)=""/203, 0xcb) 03:08:20 executing program 5: r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:20 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) 03:08:21 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x10000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:21 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2f000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:21 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:21 executing program 5: r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) [ 1264.835267][T26464] loop2: detected capacity change from 0 to 4096 03:08:21 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) [ 1264.952919][T26464] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. 03:08:21 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3f000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:21 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x10030000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:21 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(0xffffffffffffffff, &(0x7f00000004c0)=""/203, 0xcb) [ 1265.207078][T26474] loop0: detected capacity change from 0 to 4096 03:08:22 executing program 5: r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:22 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) [ 1265.829656][T26495] loop2: detected capacity change from 0 to 4096 [ 1265.891057][T26500] loop0: detected capacity change from 0 to 4096 [ 1265.911022][T26500] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1265.923584][T26500] EXT4-fs (loop0): get root inode failed [ 1265.929549][T26500] EXT4-fs (loop0): mount failed [ 1265.968672][T26495] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. 03:08:22 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:22 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x10400000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:22 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, 0x0, 0x0) 03:08:22 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x48000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:22 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x0, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) [ 1266.451164][T26513] loop0: detected capacity change from 0 to 4096 03:08:23 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x11000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1266.612691][T26513] EXT4-fs error (device loop0): ext4_fill_super:4943: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1266.625583][T26513] EXT4-fs (loop0): get root inode failed [ 1266.631543][T26513] EXT4-fs (loop0): mount failed 03:08:23 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) [ 1266.809765][T26525] loop2: detected capacity change from 0 to 4096 03:08:23 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4c000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1266.971401][T26525] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. 03:08:23 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x0, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:23 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:23 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, 0x0, 0x0) 03:08:24 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x64000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:24 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x12000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1267.727036][T26546] loop0: detected capacity change from 0 to 4096 03:08:24 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x0, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) [ 1267.876608][T26553] loop2: detected capacity change from 0 to 4096 [ 1267.957618][T26553] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. 03:08:25 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x68000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:25 executing program 2: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f00000001c0)) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500), 0x0, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) getdents(r1, 0x0, 0x0) 03:08:25 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) 03:08:25 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:25 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x14000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:25 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x0, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) [ 1268.883412][T26579] loop2: detected capacity change from 0 to 4096 [ 1269.012876][T26583] loop0: detected capacity change from 0 to 4096 [ 1269.041039][T26579] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. 03:08:26 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6c000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:26 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1880000000000000000002000000000063110400f3a628bd97a992ac10000000009500000000007841c0e1d3ac4d04851018f13a53b00000d726a520a54db2910169dc72b4496eb7bd825aa2500c2636a6b7bd8ff832f0d0096b8d31dbe1899d9f2c9b257d155ad51c84a733ae01a49e1ea8826acdc068852d7217217644c623a3214c9e609d1aacf45e834cd15afa65483d1b48f05bf22c4a2f857421ea730628f12d7d9c2a8fd2e2943f7e80697d3a2e06264d5cc3f4ad97bbecfc508a63f20c67f440b0e74751fdd550922c398ab996e6899d8d8ce26ab374c791b4623327fe6fa384a2c5361b9287d8617f8f04dd90a1eb3c6c04cd4c23bda4ecee1f4a692a3ceff80876"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xac, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:08:26 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x27000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:26 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:26 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x0, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:26 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r0) [ 1269.930023][T26608] loop0: detected capacity change from 0 to 4096 [ 1270.071597][T26608] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1270.082056][T26608] EXT4-fs (loop0): group descriptors corrupted! 03:08:26 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6e000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {0x0, 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:27 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2f000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:27 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1880000000000000000002000000000063110400f3a628bd97a992ac10000000009500000000007841c0e1d3ac4d04851018f13a53b00000d726a520a54db2910169dc72b4496eb7bd825aa2500c2636a6b7bd8ff832f0d0096b8d31dbe1899d9f2c9b257d155ad51c84a733ae01a49e1ea8826acdc068852d7217217644c623a3214c9e609d1aacf45e834cd15afa65483d1b48f05bf22c4a2f857421ea730628f12d7d9c2a8fd2e2943f7e80697d3a2e06264d5cc3f4ad97bbecfc508a63f20c67f440b0e74751fdd550922c398ab996e6899d8d8ce26ab374c791b4623327fe6fa384a2c5361b9287d8617f8f04dd90a1eb3c6c04cd4c23bda4ecee1f4a692a3ceff80876"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xac, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:08:27 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x0, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {0x0, 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:27 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x70000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:27 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3f000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:27 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0x0, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) [ 1271.303774][T26637] loop0: detected capacity change from 0 to 4096 [ 1271.385342][T26637] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1271.395479][T26637] EXT4-fs (loop0): group descriptors corrupted! 03:08:28 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1880000000000000000002000000000063110400f3a628bd97a992ac10000000009500000000007841c0e1d3ac4d04851018f13a53b00000d726a520a54db2910169dc72b4496eb7bd825aa2500c2636a6b7bd8ff832f0d0096b8d31dbe1899d9f2c9b257d155ad51c84a733ae01a49e1ea8826acdc068852d7217217644c623a3214c9e609d1aacf45e834cd15afa65483d1b48f05bf22c4a2f857421ea730628f12d7d9c2a8fd2e2943f7e80697d3a2e06264d5cc3f4ad97bbecfc508a63f20c67f440b0e74751fdd550922c398ab996e6899d8d8ce26ab374c791b4623327fe6fa384a2c5361b9287d8617f8f04dd90a1eb3c6c04cd4c23bda4ecee1f4a692a3ceff80876"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xac, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:08:28 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r0) 03:08:28 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {0x0, 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:28 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0x0, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:28 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x71020000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:28 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x48000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1272.273088][T26661] loop0: detected capacity change from 0 to 4096 03:08:29 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0x0, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:29 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r0) 03:08:29 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) 03:08:29 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300), 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:29 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x74000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:29 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4c000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:29 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x0, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:29 executing program 3: recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(0xffffffffffffffff) [ 1273.030984][T26684] loop0: detected capacity change from 0 to 4096 03:08:29 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x0, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:30 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7a000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:30 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x64000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:30 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300), 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:30 executing program 3: recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(0xffffffffffffffff) 03:08:30 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) close(0xffffffffffffffff) 03:08:30 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x0, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 03:08:30 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x80510100}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1273.997760][T26708] loop0: detected capacity change from 0 to 4096 03:08:30 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x68000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:31 executing program 3: recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(0xffffffffffffffff) 03:08:31 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300), 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:31 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) 03:08:31 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8cffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:31 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) 03:08:31 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6c000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1275.045137][T26736] loop0: detected capacity change from 0 to 4096 [ 1275.160353][T26736] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1275.170928][T26736] EXT4-fs (loop0): group descriptors corrupted! 03:08:31 executing program 3: socketpair(0x0, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) 03:08:31 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) 03:08:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f00", 0x10, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:32 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xda030000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:32 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6e000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:32 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) 03:08:32 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) [ 1275.972907][T26761] loop0: detected capacity change from 0 to 4096 03:08:32 executing program 3: socketpair(0x0, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) [ 1276.032100][T26761] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (61595!=0) [ 1276.042366][T26761] EXT4-fs (loop0): group descriptors corrupted! 03:08:33 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x38) 03:08:33 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x70000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:33 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xf6ffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:33 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f00", 0x10, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:33 executing program 3: socketpair(0x0, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) [ 1276.980881][T26792] loop0: detected capacity change from 0 to 4096 03:08:33 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x74000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:33 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x38) 03:08:34 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfeffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:34 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) 03:08:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f00", 0x10, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:34 executing program 3: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) 03:08:34 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7a000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:34 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x38) 03:08:34 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xff070000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1278.137183][T26819] loop0: detected capacity change from 0 to 4096 03:08:35 executing program 3: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) 03:08:35 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38) 03:08:35 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000", 0x18, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:35 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x80510100}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:35 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffff8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:35 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) 03:08:35 executing program 3: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r1) 03:08:35 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38) [ 1279.175026][T26842] loop0: detected capacity change from 0 to 4096 [ 1279.284718][T26842] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (33325!=0) [ 1279.296081][T26842] EXT4-fs (loop0): group descriptors corrupted! 03:08:36 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8cffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:36 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffff7f}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:36 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000", 0x18, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:36 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x1d, 0xcc, 0x4, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38) 03:08:36 executing program 3: socketpair(0x1e, 0x1, 0x0, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(0xffffffffffffffff) [ 1280.090616][T26868] loop0: detected capacity change from 0 to 4096 03:08:36 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffff8c}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:36 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xb0010000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1280.193440][T26868] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (33325!=0) [ 1280.203139][T26868] EXT4-fs (loop0): group descriptors corrupted! 03:08:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f000300040000000000", 0x18, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:37 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x916, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000, 0x3}, 0x0, 0x100000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00'}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xfffff7ffffffffff, 0xffffffffffffffff, 0x8) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) 03:08:37 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) close(r1) 03:08:37 executing program 3: socketpair(0x1e, 0x1, 0x0, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(0xffffffffffffffff) 03:08:37 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffff6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:37 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xb0030000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1281.316902][T26888] device syzkaller1 entered promiscuous mode [ 1281.353625][T26892] loop0: detected capacity change from 0 to 4096 03:08:38 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) close(r1) 03:08:38 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xcc020000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:38 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffe}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:38 executing program 3: socketpair(0x1e, 0x1, 0x0, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(0xffffffffffffffff) 03:08:38 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) close(r1) 03:08:38 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f00030004000000000000000000", 0x1c, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:39 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xf6ffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1282.608145][T26927] loop0: detected capacity change from 0 to 4096 03:08:39 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e80)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) r2 = socket$kcm(0xa, 0x2, 0x11) setsockopt$sock_attach_bpf(r2, 0x29, 0x21, &(0x7f00000001c0)=r1, 0x4) 03:08:39 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:39 executing program 2: recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(0xffffffffffffffff) 03:08:39 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(r0) 03:08:39 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f00000000c0)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="0300000004", 0x5, 0x640}, {&(0x7f0000000300)="02000000030000000400000019000f00030004000000000000000000", 0x1c, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f01000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {&(0x7f0000000880)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x40000}], 0x0, &(0x7f00000000c0)=ANY=[]) setxattr$trusted_overlay_upper(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0), &(0x7f00000013c0)=ANY=[], 0xd8, 0x0) chroot(&(0x7f00000001c0)='./file0\x00') umount2(&(0x7f0000000180)='./file0\x00', 0x0) rename(0x0, &(0x7f0000000380)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) fsync(0xffffffffffffffff) 03:08:39 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfeffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:40 executing program 2: recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0xfe76, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x3b6af0}], 0x1, &(0x7f00000001c0)=""/4, 0x10036, 0x7301}, 0x3f9c) sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x17, &(0x7f0000000400)=[{&(0x7f0000000340)="4f15a39a2df43b14ed5f2c578d4db055ee07f5a3d802cf8b50b4e7df21e18cb5fc59569f9e048c6343d4d93a8de61654aea60f37d00726bbbaf8413fa35f71048ebd6b86b0d049ac43de63ad10d251b4fdb14d20706d302b10384fce5ec562f80eea2946c9cfc7f1078325732582af6da35442dfadaacf63643c41a7e5f882e09016d46b27739751f7cb3c9747d087919a9ce3b13b0c9a2774a54d8d5a2c5053ac2eebb14cad"}, {&(0x7f0000000240)="ae61a8d192171409dc2c19809ce70f90c61b402d89906f876fbb89196fa57c9dd7ed6fe73d4a9a050d32416a7e622c1c9943ab04d4e7db1546fab943d95d0a7057459e2d58c83e7f97ddda17b3aff67efc92f873b90a00b5d3c8226357fc7dce76f9ccb0c757e1f3f3d77ab2c382b1f474dbfc9f", 0x345e40}], 0x47, &(0x7f0000000000), 0x0, 0xb9efff7f}, 0x0) close(0xffffffffffffffff) 03:08:40 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800004, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x800000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:08:40 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b70200000d000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b700000000000000950000000000000056ce36b68b0f334d6c37d03057c90000866f55e3376e4a82071d7827af04f8426e5b0eb4642172797fc01200533324f871d94768e25851d3162c1bde856ed69b673e5b8d861ff207c0eb4b60a82fc3c0e2085d6add5893b223f703a954af0805f231eb8474953f640e3d490cdc0448ecf21b205768e34a395b6ef820398c1ba4b81cee61bd084623ca56c82b205eca4d90628aeacbd4654eb4371861a98bb8fc0fb89f8abf8e94d4429449cd85af76d9929b318c989bebd2f992112024650892c2ff5b38f9cac849a62720cd661d21ab5d7a8b9f974b4f5da4862c01b4cbe5f279fe779d5f9f366ec0aee3344d712d35edc17c209296c3db7ff279c9bc5ab356c3ff1399f860fef75f37888d0b0968f5a8fcdf57cc5c62f45fcaccb1a3401d604f415840873a0e1df38c8c7c9ce232542acf57c44faea190b98de36aa113dba42d29cf036f99ef9c5bc3c90823529860583d994fa93603f2ae2260bb56cb1a542ab27dfb25f54b6f73e2da29ef6b6f33e099cd94987238b5b09ab1b377fc08135572dd7e7ae09d603115f1cde757c9dffd838a84251cbe5f8e9e62fee4d1554fa20d84df5e107d368c139b5c17e916a990422a72150235ea93abb04521db134aad75b7c41ec63ca90e22c26a6ef512cd5c598330e07b18183e20f145c031a129aed2186d7a6e3cc00125abaf557bfc6616d0df05a684730e2f014e5400000000000000007d468676e6c0da27c75254f16c0680519c26f1a602b0df27df00e16af8ac465612000000000000000000000000000000000000dcec704f1e0f9395466e783f980a20c100000042c34a6daa0dc10b5c3b35f2a5e4c2324f290f8d6e32a3a1df72f033608c24e26c77fd2a9272b809ea09a095e98d95285341c4c329b252f77a32965cabce109d6f0cd007d3797f7a26ad86ee0a78478bf8437dbe48eea7717c623f0d2c0689834952decf82371055e56c8f4d2d349076f0127e36f7128a49310c304b54a57c14551e816cb04bc2d1d63f903b84e559b92f624f008239e2deacb8eac39549eed000000000000000000000000098f5061929380789f73f9f280a5280c8894e71f64f8fa84bdd09e2b7a2e0e2e5503465260227668d"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffcca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0xe, 0x0, &(0x7f0000000280)="b95b98ad05b70843140000000000", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x48) [ 1283.579583][T26957] loop0: detected capacity change from 0 to 4096 [ 1283.638152][T26957] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (33325!=0) [ 1283.648360][T26957] EXT4-fs (loop0): group descriptors corrupted! [ 1283.833418][T26965] ===================================================== [ 1283.840388][T26965] BUG: KMSAN: uninit-value in br_dev_xmit+0x88f/0x1b40 [ 1283.842338][T26965] CPU: 0 PID: 26965 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0 [ 1283.842338][T26965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1283.842338][T26965] Call Trace: [ 1283.842338][T26965] dump_stack+0x24c/0x2e0 [ 1283.842338][T26965] kmsan_report+0xfb/0x1e0 [ 1283.842338][T26965] __msan_warning+0x5c/0xa0 [ 1283.842338][T26965] br_dev_xmit+0x88f/0x1b40 [ 1283.887917][T26965] ? br_net_exit+0x250/0x250 [ 1283.887917][T26965] xmit_one+0x2b6/0x760 [ 1283.887917][T26965] __dev_queue_xmit+0x3432/0x4600 [ 1283.887917][T26965] dev_queue_xmit+0x4b/0x60 [ 1283.887917][T26965] __bpf_redirect+0x1461/0x16b0 [ 1283.887917][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.887917][T26965] bpf_clone_redirect+0x4a1/0x660 [ 1283.887917][T26965] ___bpf_prog_run+0x2b78/0xb950 [ 1283.887917][T26965] ? bpf_csum_level+0x760/0x760 [ 1283.887917][T26965] __bpf_prog_run512+0x12e/0x190 [ 1283.932906][T26965] ? kmsan_set_origin_checked+0xa2/0x100 [ 1283.932906][T26965] ? __msan_instrument_asm_store+0x22/0x130 [ 1283.932906][T26965] ? __msan_get_context_state+0x9/0x20 [ 1283.932906][T26965] ? irqentry_exit+0x12/0x50 [ 1283.932906][T26965] ? sysvec_apic_timer_interrupt+0x86/0xf0 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_set_origin_checked+0xa2/0x100 [ 1283.932906][T26965] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1283.932906][T26965] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1283.932906][T26965] ? ktime_get+0x390/0x470 [ 1283.932906][T26965] ? kmsan_get_metadata+0x4f/0x180 [ 1283.932906][T26965] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1283.932906][T26965] ? __bpf_prog_run480+0x190/0x190 [ 1283.932906][T26965] bpf_test_run+0x53f/0xe60 [ 1283.932906][T26965] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1283.932906][T26965] bpf_prog_test_run_skb+0x1914/0x3500 [ 1283.932906][T26965] ? __bpf_prog_test_run_raw_tp+0x3e0/0x3e0 [ 1283.932906][T26965] __do_sys_bpf+0xbe6f/0x1aba0 [ 1283.932906][T26965] ? ctx_sched_in+0x975/0x980 [ 1283.932906][T26965] ? kmsan_internal_set_origin+0x82/0xc0 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_internal_check_memory+0xb3/0x500 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] __se_sys_bpf+0x8e/0xa0 [ 1283.932906][T26965] __ia32_sys_bpf+0x4a/0x70 [ 1283.932906][T26965] __do_fast_syscall_32+0x127/0x180 [ 1283.932906][T26965] do_fast_syscall_32+0x77/0xd0 [ 1283.932906][T26965] do_SYSENTER_32+0x73/0x90 [ 1283.932906][T26965] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1283.932906][T26965] RIP: 0023:0xf7f34549 [ 1283.932906][T26965] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1283.932906][T26965] RSP: 002b:00000000f552e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 1283.932906][T26965] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200000c0 [ 1283.932906][T26965] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 1283.932906][T26965] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1283.932906][T26965] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1283.932906][T26965] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1283.932906][T26965] [ 1283.932906][T26965] Uninit was created at: [ 1283.932906][T26965] kmsan_internal_poison_shadow+0x66/0xd0 [ 1283.932906][T26965] kmsan_slab_alloc+0x8e/0xe0 [ 1283.932906][T26965] __kmalloc_node_track_caller+0xa4f/0x1470 [ 1283.932906][T26965] pskb_expand_head+0x25e/0x1e20 [ 1283.932906][T26965] skb_ensure_writable+0x4cf/0x590 [ 1283.932906][T26965] bpf_clone_redirect+0x25d/0x660 [ 1283.932906][T26965] ___bpf_prog_run+0x2b78/0xb950 [ 1283.932906][T26965] __bpf_prog_run512+0x12e/0x190 [ 1283.932906][T26965] bpf_test_run+0x53f/0xe60 [ 1283.932906][T26965] bpf_prog_test_run_skb+0x1914/0x3500 [ 1283.932906][T26965] __do_sys_bpf+0xbe6f/0x1aba0 [ 1283.932906][T26965] __se_sys_bpf+0x8e/0xa0 [ 1283.932906][T26965] __ia32_sys_bpf+0x4a/0x70 [ 1283.932906][T26965] __do_fast_syscall_32+0x127/0x180 [ 1283.932906][T26965] do_fast_syscall_32+0x77/0xd0 [ 1283.932906][T26965] do_SYSENTER_32+0x73/0x90 [ 1283.932906][T26965] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1283.932906][T26965] ===================================================== [ 1283.932906][T26965] Disabling lock debugging due to kernel taint [ 1283.932906][T26965] Kernel panic - not syncing: panic_on_kmsan set ... [ 1283.932906][T26965] CPU: 0 PID: 26965 Comm: syz-executor.5 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 1283.932906][T26965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1283.932906][T26965] Call Trace: [ 1283.932906][T26965] dump_stack+0x24c/0x2e0 [ 1283.932906][T26965] panic+0x4c6/0xea7 [ 1283.932906][T26965] ? add_taint+0x17c/0x210 [ 1283.932906][T26965] kmsan_report+0x1de/0x1e0 [ 1283.932906][T26965] __msan_warning+0x5c/0xa0 [ 1283.932906][T26965] br_dev_xmit+0x88f/0x1b40 [ 1283.932906][T26965] ? br_net_exit+0x250/0x250 [ 1283.932906][T26965] xmit_one+0x2b6/0x760 [ 1283.932906][T26965] __dev_queue_xmit+0x3432/0x4600 [ 1283.932906][T26965] dev_queue_xmit+0x4b/0x60 [ 1283.932906][T26965] __bpf_redirect+0x1461/0x16b0 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] bpf_clone_redirect+0x4a1/0x660 [ 1283.932906][T26965] ___bpf_prog_run+0x2b78/0xb950 [ 1283.932906][T26965] ? bpf_csum_level+0x760/0x760 [ 1283.932906][T26965] __bpf_prog_run512+0x12e/0x190 [ 1283.932906][T26965] ? kmsan_set_origin_checked+0xa2/0x100 [ 1283.932906][T26965] ? __msan_instrument_asm_store+0x22/0x130 [ 1283.932906][T26965] ? __msan_get_context_state+0x9/0x20 [ 1283.932906][T26965] ? irqentry_exit+0x12/0x50 [ 1283.932906][T26965] ? sysvec_apic_timer_interrupt+0x86/0xf0 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_set_origin_checked+0xa2/0x100 [ 1283.932906][T26965] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1283.932906][T26965] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1283.932906][T26965] ? ktime_get+0x390/0x470 [ 1283.932906][T26965] ? kmsan_get_metadata+0x4f/0x180 [ 1283.932906][T26965] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1283.932906][T26965] ? __bpf_prog_run480+0x190/0x190 [ 1283.932906][T26965] bpf_test_run+0x53f/0xe60 [ 1283.932906][T26965] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1283.932906][T26965] bpf_prog_test_run_skb+0x1914/0x3500 [ 1283.932906][T26965] ? __bpf_prog_test_run_raw_tp+0x3e0/0x3e0 [ 1283.932906][T26965] __do_sys_bpf+0xbe6f/0x1aba0 [ 1283.932906][T26965] ? ctx_sched_in+0x975/0x980 [ 1283.932906][T26965] ? kmsan_internal_set_origin+0x82/0xc0 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_internal_check_memory+0xb3/0x500 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] ? kmsan_get_metadata+0x116/0x180 [ 1283.932906][T26965] __se_sys_bpf+0x8e/0xa0 [ 1283.932906][T26965] __ia32_sys_bpf+0x4a/0x70 [ 1283.932906][T26965] __do_fast_syscall_32+0x127/0x180 [ 1283.932906][T26965] do_fast_syscall_32+0x77/0xd0 [ 1283.932906][T26965] do_SYSENTER_32+0x73/0x90 [ 1283.932906][T26965] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1283.932906][T26965] RIP: 0023:0xf7f34549 [ 1283.932906][T26965] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1283.932906][T26965] RSP: 002b:00000000f552e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 1283.932906][T26965] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200000c0 [ 1283.932906][T26965] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 1283.932906][T26965] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1283.932906][T26965] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1283.932906][T26965] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1283.932906][T26965] Kernel Offset: disabled [ 1283.932906][T26965] Rebooting in 86400 seconds..