_SYSENTER_32+0x73/0x90 [ 562.670173][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 562.523042][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 562.670173][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 562.523042][T13080] [ 562.670173][T13012] Uninit was stored to memory at: [ 562.523042][T13080] Uninit was stored to memory at: [ 562.670173][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 562.523042][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 562.670173][T13012] __msan_chain_origin+0x50/0x90 [ 562.523042][T13080] __msan_chain_origin+0x50/0x90 [ 562.670173][T13012] __get_compat_msghdr+0x5be/0x890 [ 562.523042][T13080] __get_compat_msghdr+0x5be/0x890 [ 562.670173][T13012] get_compat_msghdr+0x108/0x270 [ 562.523042][T13080] get_compat_msghdr+0x108/0x270 [ 562.670173][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 562.523042][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 562.670173][T13012] __sys_recvmmsg+0x4ca/0x510 [ 562.523042][T13080] __sys_recvmmsg+0x4ca/0x510 [ 562.670173][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 562.523042][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 562.670173][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 562.523042][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 562.670173][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 562.523042][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 562.670173][T13012] do_fast_syscall_32+0x6b/0xd0 [ 562.523042][T13080] do_fast_syscall_32+0x6b/0xd0 [ 562.670173][T13012] do_SYSENTER_32+0x73/0x90 [ 562.523042][T13080] do_SYSENTER_32+0x73/0x90 [ 562.670173][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 562.523042][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 562.670173][T13012] [ 562.523042][T13080] [ 562.670173][T13012] Uninit was stored to memory at: [ 562.523042][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 562.670173][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 562.523042][T13080] do_recvmmsg+0xc5/0x1ee0 [ 562.670173][T13012] __msan_chain_origin+0x50/0x90 [ 562.523042][T13080] do_recvmmsg+0xc5/0x1ee0 [ 562.670173][T13012] __get_compat_msghdr+0x5be/0x890 [ 563.305688][T13012] get_compat_msghdr+0x108/0x270 [ 563.307966][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 563.305688][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 563.305688][T13012] __sys_recvmmsg+0x4ca/0x510 [ 563.305688][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 563.305688][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 563.305688][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 563.305688][T13012] do_fast_syscall_32+0x6b/0xd0 [ 563.305688][T13012] do_SYSENTER_32+0x73/0x90 [ 563.305688][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 563.305688][T13012] [ 563.305688][T13012] Uninit was stored to memory at: [ 563.305688][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 563.305688][T13012] __msan_chain_origin+0x50/0x90 [ 563.305688][T13012] __get_compat_msghdr+0x5be/0x890 [ 563.305688][T13012] get_compat_msghdr+0x108/0x270 [ 563.305688][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 563.390349][T13012] __sys_recvmmsg+0x4ca/0x510 [ 563.390349][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 563.390349][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 563.390349][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 563.390349][T13012] do_fast_syscall_32+0x6b/0xd0 [ 563.390349][T13012] do_SYSENTER_32+0x73/0x90 [ 563.390349][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 563.390349][T13012] [ 563.390349][T13012] Uninit was stored to memory at: [ 563.390349][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 563.390349][T13012] __msan_chain_origin+0x50/0x90 [ 563.390349][T13012] __get_compat_msghdr+0x5be/0x890 [ 563.390349][T13012] get_compat_msghdr+0x108/0x270 [ 563.390349][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 563.460265][T13012] __sys_recvmmsg+0x4ca/0x510 [ 563.460265][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 563.460265][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 563.460265][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 563.460265][T13012] do_fast_syscall_32+0x6b/0xd0 [ 563.460265][T13012] do_SYSENTER_32+0x73/0x90 [ 563.460265][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 563.460265][T13012] [ 563.460265][T13012] Uninit was stored to memory at: [ 563.460265][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 563.460265][T13012] __msan_chain_origin+0x50/0x90 [ 563.460265][T13012] __get_compat_msghdr+0x5be/0x890 [ 563.460265][T13012] get_compat_msghdr+0x108/0x270 [ 563.460265][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 563.460265][T13012] __sys_recvmmsg+0x4ca/0x510 [ 563.460265][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 563.460265][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 563.460265][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 563.460265][T13012] do_fast_syscall_32+0x6b/0xd0 [ 563.460265][T13012] do_SYSENTER_32+0x73/0x90 [ 563.460265][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 563.460265][T13012] [ 563.460265][T13012] Uninit was stored to memory at: [ 563.460265][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 563.460265][T13012] __msan_chain_origin+0x50/0x90 [ 563.460265][T13012] __get_compat_msghdr+0x5be/0x890 [ 563.460265][T13012] get_compat_msghdr+0x108/0x270 [ 563.460265][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 563.460265][T13012] __sys_recvmmsg+0x4ca/0x510 [ 563.460265][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 563.460265][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 563.460265][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 563.460265][T13012] do_fast_syscall_32+0x6b/0xd0 [ 563.460265][T13012] do_SYSENTER_32+0x73/0x90 [ 563.460265][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 563.460265][T13012] [ 563.460265][T13012] Uninit was stored to memory at: [ 563.460265][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 563.460265][T13012] __msan_chain_origin+0x50/0x90 [ 563.460265][T13012] __get_compat_msghdr+0x5be/0x890 [ 563.460265][T13012] get_compat_msghdr+0x108/0x270 [ 563.460265][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 563.460265][T13012] __sys_recvmmsg+0x4ca/0x510 [ 563.460265][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 563.460265][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 563.460265][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 563.460265][T13012] do_fast_syscall_32+0x6b/0xd0 [ 563.460265][T13012] do_SYSENTER_32+0x73/0x90 [ 563.460265][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 563.460265][T13012] [ 563.460265][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 563.460265][T13012] do_recvmmsg+0xc5/0x1ee0 [ 563.460265][T13012] do_recvmmsg+0xc5/0x1ee0 [ 563.996136][T13041] not chained 1470000 origins [ 564.000159][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 564.000159][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 564.000159][T13041] Call Trace: [ 564.000159][T13041] dump_stack+0x1df/0x240 [ 564.000159][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 564.000159][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 564.000159][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 564.000159][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 564.000159][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 564.000159][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 564.000159][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 564.000159][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 564.000159][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 564.000159][T13041] ? _copy_from_user+0x15b/0x260 [ 564.000159][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 564.000159][T13041] __msan_chain_origin+0x50/0x90 [ 564.000159][T13041] __get_compat_msghdr+0x5be/0x890 [ 564.000159][T13041] get_compat_msghdr+0x108/0x270 [ 564.000159][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 564.000159][T13041] ? idle_cpu+0x9a/0x1d0 [ 564.000159][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 564.000159][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 564.000159][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 564.000159][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 564.000159][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 564.000159][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 564.000159][T13041] __sys_recvmmsg+0x4ca/0x510 [ 564.000159][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.000159][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 564.000159][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.000159][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 564.000159][T13041] do_fast_syscall_32+0x6b/0xd0 [ 564.000159][T13041] do_SYSENTER_32+0x73/0x90 [ 564.000159][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.000159][T13041] RIP: 0023:0xf7fd6549 [ 564.000159][T13041] Code: Bad RIP value. [ 564.000159][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 564.000159][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 564.000159][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 564.215959][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 564.000159][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 564.230182][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 564.230182][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 564.230182][T13041] Uninit was stored to memory at: [ 564.254336][T13072] not chained 1480000 origins [ 564.230182][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 564.259743][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 564.230182][T13041] __msan_chain_origin+0x50/0x90 [ 564.260160][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 564.230182][T13041] __get_compat_msghdr+0x5be/0x890 [ 564.260160][T13072] Call Trace: [ 564.230182][T13041] get_compat_msghdr+0x108/0x270 [ 564.260160][T13072] dump_stack+0x1df/0x240 [ 564.230182][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 564.260160][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 564.230182][T13041] __sys_recvmmsg+0x4ca/0x510 [ 564.260160][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 564.230182][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.260160][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 564.230182][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.260160][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 564.230182][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 564.260160][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 564.230182][T13041] do_fast_syscall_32+0x6b/0xd0 [ 564.260160][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 564.230182][T13041] do_SYSENTER_32+0x73/0x90 [ 564.260160][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 564.230182][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.260160][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 564.230182][T13041] [ 564.260160][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 564.230182][T13041] Uninit was stored to memory at: [ 564.260160][T13072] ? _copy_from_user+0x15b/0x260 [ 564.230182][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 564.260160][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 564.230182][T13041] __msan_chain_origin+0x50/0x90 [ 564.260160][T13072] __msan_chain_origin+0x50/0x90 [ 564.230182][T13041] __get_compat_msghdr+0x5be/0x890 [ 564.260160][T13072] __get_compat_msghdr+0x5be/0x890 [ 564.230182][T13041] get_compat_msghdr+0x108/0x270 [ 564.260160][T13072] get_compat_msghdr+0x108/0x270 [ 564.230182][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 564.260160][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 564.230182][T13041] __sys_recvmmsg+0x4ca/0x510 [ 564.260160][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 564.230182][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.260160][T13072] ? sched_clock_cpu+0x7c/0x930 [ 564.230182][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.260160][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 564.230182][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 564.260160][T13072] ? sched_clock_cpu+0x7c/0x930 [ 564.230182][T13041] do_fast_syscall_32+0x6b/0xd0 [ 564.260160][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 564.230182][T13041] do_SYSENTER_32+0x73/0x90 [ 564.260160][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 564.230182][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.260160][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 564.230182][T13041] [ 564.260160][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 564.230182][T13041] Uninit was stored to memory at: [ 564.260160][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 564.230182][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 564.260160][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 564.230182][T13041] __msan_chain_origin+0x50/0x90 [ 564.260160][T13072] __sys_recvmmsg+0x4ca/0x510 [ 564.230182][T13041] __get_compat_msghdr+0x5be/0x890 [ 564.260160][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.230182][T13041] get_compat_msghdr+0x108/0x270 [ 564.260160][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 564.230182][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 564.260160][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.230182][T13041] __sys_recvmmsg+0x4ca/0x510 [ 564.260160][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 564.230182][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.260160][T13072] do_fast_syscall_32+0x6b/0xd0 [ 564.230182][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.260160][T13072] do_SYSENTER_32+0x73/0x90 [ 564.230182][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 564.260160][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.230182][T13041] do_fast_syscall_32+0x6b/0xd0 [ 564.260160][T13072] RIP: 0023:0xf7fbe549 [ 564.230182][T13041] do_SYSENTER_32+0x73/0x90 [ 564.260160][T13072] Code: Bad RIP value. [ 564.230182][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.260160][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 564.230182][T13041] [ 564.260160][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 564.230182][T13041] Uninit was stored to memory at: [ 564.260160][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 564.230182][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 564.260160][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 564.230182][T13041] __msan_chain_origin+0x50/0x90 [ 564.260160][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 564.230182][T13041] __get_compat_msghdr+0x5be/0x890 [ 564.260160][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 564.230182][T13041] get_compat_msghdr+0x108/0x270 [ 564.260160][T13072] Uninit was stored to memory at: [ 564.230182][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 564.260160][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 564.230182][T13041] __sys_recvmmsg+0x4ca/0x510 [ 564.260160][T13072] __msan_chain_origin+0x50/0x90 [ 564.230182][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.260160][T13072] __get_compat_msghdr+0x5be/0x890 [ 564.230182][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.260160][T13072] get_compat_msghdr+0x108/0x270 [ 564.230182][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 564.260160][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 564.230182][T13041] do_fast_syscall_32+0x6b/0xd0 [ 564.260160][T13072] __sys_recvmmsg+0x4ca/0x510 [ 564.230182][T13041] do_SYSENTER_32+0x73/0x90 [ 564.260160][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.230182][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.260160][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.230182][T13041] [ 564.260160][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 564.230182][T13041] Uninit was stored to memory at: [ 564.260160][T13072] do_fast_syscall_32+0x6b/0xd0 [ 564.230182][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 564.260160][T13072] do_SYSENTER_32+0x73/0x90 [ 564.230182][T13041] __msan_chain_origin+0x50/0x90 [ 564.260160][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.230182][T13041] __get_compat_msghdr+0x5be/0x890 [ 564.260160][T13072] [ 564.230182][T13041] get_compat_msghdr+0x108/0x270 [ 564.260160][T13072] Uninit was stored to memory at: [ 564.230182][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 564.260160][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 564.230182][T13041] __sys_recvmmsg+0x4ca/0x510 [ 564.260160][T13072] __msan_chain_origin+0x50/0x90 [ 564.230182][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.260160][T13072] __get_compat_msghdr+0x5be/0x890 [ 564.230182][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.260160][T13072] get_compat_msghdr+0x108/0x270 [ 564.230182][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 564.260160][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 564.230182][T13041] do_fast_syscall_32+0x6b/0xd0 [ 564.260160][T13072] __sys_recvmmsg+0x4ca/0x510 [ 564.230182][T13041] do_SYSENTER_32+0x73/0x90 [ 564.260160][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.230182][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.260160][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.230182][T13041] [ 564.260160][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 564.230182][T13041] Uninit was stored to memory at: [ 564.260160][T13072] do_fast_syscall_32+0x6b/0xd0 [ 564.230182][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 564.260160][T13072] do_SYSENTER_32+0x73/0x90 [ 564.230182][T13041] __msan_chain_origin+0x50/0x90 [ 564.260160][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.230182][T13041] __get_compat_msghdr+0x5be/0x890 [ 564.260160][T13072] [ 564.230182][T13041] get_compat_msghdr+0x108/0x270 [ 564.260160][T13072] Uninit was stored to memory at: [ 564.230182][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 564.260160][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 564.230182][T13041] __sys_recvmmsg+0x4ca/0x510 [ 564.260160][T13072] __msan_chain_origin+0x50/0x90 [ 564.230182][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.260160][T13072] __get_compat_msghdr+0x5be/0x890 [ 564.230182][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.260160][T13072] get_compat_msghdr+0x108/0x270 [ 564.230182][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 564.260160][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 564.230182][T13041] do_fast_syscall_32+0x6b/0xd0 [ 564.260160][T13072] __sys_recvmmsg+0x4ca/0x510 [ 564.230182][T13041] do_SYSENTER_32+0x73/0x90 [ 564.260160][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.230182][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.260160][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.230182][T13041] [ 564.260160][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 564.230182][T13041] Uninit was stored to memory at: [ 564.260160][T13072] do_fast_syscall_32+0x6b/0xd0 [ 564.230182][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 564.260160][T13072] do_SYSENTER_32+0x73/0x90 [ 564.230182][T13041] __msan_chain_origin+0x50/0x90 [ 564.260160][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.230182][T13041] __get_compat_msghdr+0x5be/0x890 [ 564.260160][T13072] [ 564.230182][T13041] get_compat_msghdr+0x108/0x270 [ 564.260160][T13072] Uninit was stored to memory at: [ 564.230182][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 564.260160][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 564.230182][T13041] __sys_recvmmsg+0x4ca/0x510 [ 564.260160][T13072] __msan_chain_origin+0x50/0x90 [ 564.230182][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.260160][T13072] __get_compat_msghdr+0x5be/0x890 [ 564.230182][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.260160][T13072] get_compat_msghdr+0x108/0x270 [ 564.230182][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 564.260160][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 564.230182][T13041] do_fast_syscall_32+0x6b/0xd0 [ 564.260160][T13072] __sys_recvmmsg+0x4ca/0x510 [ 564.230182][T13041] do_SYSENTER_32+0x73/0x90 [ 564.260160][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 564.230182][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.260160][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 564.230182][T13041] [ 564.260160][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 564.230182][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 564.260160][T13072] do_fast_syscall_32+0x6b/0xd0 [ 564.230182][T13041] do_recvmmsg+0xc5/0x1ee0 [ 564.260160][T13072] do_SYSENTER_32+0x73/0x90 [ 564.230182][T13041] do_recvmmsg+0xc5/0x1ee0 [ 564.260160][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 564.260160][T13072] [ 564.260160][T13072] Uninit was stored to memory at: [ 565.302784][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 565.302784][T13072] __msan_chain_origin+0x50/0x90 [ 565.302784][T13072] __get_compat_msghdr+0x5be/0x890 [ 565.302784][T13072] get_compat_msghdr+0x108/0x270 [ 565.302784][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 565.302784][T13072] __sys_recvmmsg+0x4ca/0x510 [ 565.302784][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.302784][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.302784][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 565.302784][T13072] do_fast_syscall_32+0x6b/0xd0 [ 565.302784][T13072] do_SYSENTER_32+0x73/0x90 [ 565.302784][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.302784][T13072] [ 565.302784][T13072] Uninit was stored to memory at: [ 565.302784][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 565.302784][T13072] __msan_chain_origin+0x50/0x90 [ 565.302784][T13072] __get_compat_msghdr+0x5be/0x890 [ 565.302784][T13072] get_compat_msghdr+0x108/0x270 [ 565.302784][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 565.302784][T13072] __sys_recvmmsg+0x4ca/0x510 [ 565.302784][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.302784][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.302784][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 565.302784][T13072] do_fast_syscall_32+0x6b/0xd0 [ 565.302784][T13072] do_SYSENTER_32+0x73/0x90 [ 565.302784][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.302784][T13072] [ 565.302784][T13072] Uninit was stored to memory at: [ 565.302784][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 565.302784][T13072] __msan_chain_origin+0x50/0x90 [ 565.451283][T13012] not chained 1490000 origins [ 565.302784][T13072] __get_compat_msghdr+0x5be/0x890 [ 565.459378][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 565.302784][T13072] get_compat_msghdr+0x108/0x270 [ 565.460135][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 565.302784][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 565.460135][T13012] Call Trace: [ 565.302784][T13072] __sys_recvmmsg+0x4ca/0x510 [ 565.460135][T13012] dump_stack+0x1df/0x240 [ 565.302784][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.460135][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 565.302784][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.460135][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 565.302784][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 565.460135][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 565.302784][T13072] do_fast_syscall_32+0x6b/0xd0 [ 565.460135][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 565.302784][T13072] do_SYSENTER_32+0x73/0x90 [ 565.460135][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 565.302784][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.460135][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 565.302784][T13072] [ 565.460135][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 565.302784][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 565.460135][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 565.302784][T13072] do_recvmmsg+0xc5/0x1ee0 [ 565.460135][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 565.302784][T13072] do_recvmmsg+0xc5/0x1ee0 [ 565.460135][T13012] ? _copy_from_user+0x15b/0x260 [ 565.460135][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 565.614387][T13012] __msan_chain_origin+0x50/0x90 [ 565.614387][T13012] __get_compat_msghdr+0x5be/0x890 [ 565.614387][T13012] get_compat_msghdr+0x108/0x270 [ 565.614387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 565.614387][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 565.614387][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 565.614387][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 565.614387][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 565.614387][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 565.614387][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 565.614387][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 565.614387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 565.614387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.614387][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 565.614387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.614387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 565.614387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 565.614387][T13012] do_SYSENTER_32+0x73/0x90 [ 565.614387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.614387][T13012] RIP: 0023:0xf7f4d549 [ 565.614387][T13012] Code: Bad RIP value. [ 565.614387][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 565.614387][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 565.614387][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 565.614387][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 565.614387][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 565.614387][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 565.614387][T13012] Uninit was stored to memory at: [ 565.614387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 565.614387][T13012] __msan_chain_origin+0x50/0x90 [ 565.614387][T13012] __get_compat_msghdr+0x5be/0x890 [ 565.614387][T13012] get_compat_msghdr+0x108/0x270 [ 565.614387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 565.614387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 565.614387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.614387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.614387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 565.614387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 565.614387][T13012] do_SYSENTER_32+0x73/0x90 [ 565.614387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.614387][T13012] [ 565.614387][T13012] Uninit was stored to memory at: [ 565.614387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 565.614387][T13012] __msan_chain_origin+0x50/0x90 [ 565.614387][T13012] __get_compat_msghdr+0x5be/0x890 [ 565.614387][T13012] get_compat_msghdr+0x108/0x270 [ 565.614387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 565.614387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 565.614387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.614387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.614387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 565.614387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 565.614387][T13012] do_SYSENTER_32+0x73/0x90 [ 565.614387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.614387][T13012] [ 565.614387][T13012] Uninit was stored to memory at: [ 565.614387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 565.614387][T13012] __msan_chain_origin+0x50/0x90 [ 565.614387][T13012] __get_compat_msghdr+0x5be/0x890 [ 565.614387][T13012] get_compat_msghdr+0x108/0x270 [ 565.614387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 565.614387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 565.614387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.614387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.614387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 565.614387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 565.614387][T13012] do_SYSENTER_32+0x73/0x90 [ 565.614387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.614387][T13012] [ 565.614387][T13012] Uninit was stored to memory at: [ 565.614387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 565.614387][T13012] __msan_chain_origin+0x50/0x90 [ 565.614387][T13012] __get_compat_msghdr+0x5be/0x890 [ 565.614387][T13012] get_compat_msghdr+0x108/0x270 [ 565.614387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 565.614387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 565.614387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.614387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.614387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 565.614387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 565.614387][T13012] do_SYSENTER_32+0x73/0x90 [ 565.614387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.614387][T13012] [ 565.614387][T13012] Uninit was stored to memory at: [ 565.614387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 565.614387][T13012] __msan_chain_origin+0x50/0x90 [ 565.614387][T13012] __get_compat_msghdr+0x5be/0x890 [ 565.614387][T13012] get_compat_msghdr+0x108/0x270 [ 565.614387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 565.614387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 565.614387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.614387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.614387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 565.614387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 565.614387][T13012] do_SYSENTER_32+0x73/0x90 [ 565.614387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.614387][T13012] [ 565.614387][T13012] Uninit was stored to memory at: [ 565.614387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 565.614387][T13012] __msan_chain_origin+0x50/0x90 [ 565.614387][T13012] __get_compat_msghdr+0x5be/0x890 [ 565.614387][T13012] get_compat_msghdr+0x108/0x270 [ 565.614387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 565.614387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 565.614387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.614387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.614387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 565.614387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 565.614387][T13012] do_SYSENTER_32+0x73/0x90 [ 565.614387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.614387][T13012] [ 565.614387][T13012] Uninit was stored to memory at: [ 565.614387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 565.614387][T13012] __msan_chain_origin+0x50/0x90 [ 565.614387][T13012] __get_compat_msghdr+0x5be/0x890 [ 565.614387][T13012] get_compat_msghdr+0x108/0x270 [ 565.614387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 565.614387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 565.614387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 565.614387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 565.614387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 565.614387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 565.614387][T13012] do_SYSENTER_32+0x73/0x90 [ 565.614387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 565.614387][T13012] [ 565.614387][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 565.614387][T13012] do_recvmmsg+0xc5/0x1ee0 [ 565.614387][T13012] do_recvmmsg+0xc5/0x1ee0 [ 566.506816][T13080] not chained 1500000 origins [ 566.510156][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 566.510156][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 566.510156][T13080] Call Trace: [ 566.510156][T13080] dump_stack+0x1df/0x240 [ 566.510156][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 566.510156][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 566.510156][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 566.510156][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 566.510156][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 566.510156][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 566.510156][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 566.510156][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 566.510156][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 566.510156][T13080] ? _copy_from_user+0x15b/0x260 [ 566.510156][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 566.510156][T13080] __msan_chain_origin+0x50/0x90 [ 566.510156][T13080] __get_compat_msghdr+0x5be/0x890 [ 566.510156][T13080] get_compat_msghdr+0x108/0x270 [ 566.510156][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 566.510156][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 566.510156][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 566.510156][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 566.510156][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 566.510156][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 566.640602][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 566.640602][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 566.640602][T13080] __sys_recvmmsg+0x4ca/0x510 [ 566.640602][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.640602][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 566.640602][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.640602][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 566.640602][T13080] do_fast_syscall_32+0x6b/0xd0 [ 566.640602][T13080] do_SYSENTER_32+0x73/0x90 [ 566.640602][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 566.640602][T13080] RIP: 0023:0xf7fbe549 [ 566.640602][T13080] Code: Bad RIP value. [ 566.640602][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 566.640602][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 566.640602][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 566.640602][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 566.640602][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 566.640602][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 566.640602][T13080] Uninit was stored to memory at: [ 566.640602][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 566.640602][T13080] __msan_chain_origin+0x50/0x90 [ 566.640602][T13080] __get_compat_msghdr+0x5be/0x890 [ 566.640602][T13080] get_compat_msghdr+0x108/0x270 [ 566.640602][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 566.640602][T13080] __sys_recvmmsg+0x4ca/0x510 [ 566.640602][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.640602][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.640602][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 566.640602][T13080] do_fast_syscall_32+0x6b/0xd0 [ 566.640602][T13080] do_SYSENTER_32+0x73/0x90 [ 566.640602][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 566.640602][T13080] [ 566.640602][T13080] Uninit was stored to memory at: [ 566.640602][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 566.832326][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 566.640602][T13080] __msan_chain_origin+0x50/0x90 [ 566.640602][T13080] __get_compat_msghdr+0x5be/0x890 [ 566.850183][T13080] get_compat_msghdr+0x108/0x270 [ 566.850183][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 566.850183][T13080] __sys_recvmmsg+0x4ca/0x510 [ 566.850183][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.850183][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.850183][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 566.880351][T13080] do_fast_syscall_32+0x6b/0xd0 [ 566.880351][T13080] do_SYSENTER_32+0x73/0x90 [ 566.880351][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 566.880351][T13080] [ 566.880351][T13080] Uninit was stored to memory at: [ 566.880351][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 566.880351][T13080] __msan_chain_origin+0x50/0x90 [ 566.880351][T13080] __get_compat_msghdr+0x5be/0x890 [ 566.921153][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 566.880351][T13080] get_compat_msghdr+0x108/0x270 [ 566.933933][T13041] not chained 1510000 origins [ 566.880351][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 566.942150][T13041] CPU: 0 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 566.880351][T13080] __sys_recvmmsg+0x4ca/0x510 [ 566.942620][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 566.880351][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.942620][T13041] Call Trace: [ 566.880351][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.942620][T13041] dump_stack+0x1df/0x240 [ 566.880351][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 566.942620][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 566.880351][T13080] do_fast_syscall_32+0x6b/0xd0 [ 566.942620][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 566.880351][T13080] do_SYSENTER_32+0x73/0x90 [ 566.942620][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 566.880351][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 566.942620][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 566.880351][T13080] [ 566.942620][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 566.880351][T13080] Uninit was stored to memory at: [ 566.942620][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 566.880351][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 566.942620][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 566.880351][T13080] __msan_chain_origin+0x50/0x90 [ 566.942620][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 566.880351][T13080] __get_compat_msghdr+0x5be/0x890 [ 566.942620][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 566.880351][T13080] get_compat_msghdr+0x108/0x270 [ 566.942620][T13041] ? _copy_from_user+0x15b/0x260 [ 566.880351][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 566.942620][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 566.880351][T13080] __sys_recvmmsg+0x4ca/0x510 [ 566.942620][T13041] __msan_chain_origin+0x50/0x90 [ 566.880351][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.942620][T13041] __get_compat_msghdr+0x5be/0x890 [ 566.880351][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.942620][T13041] get_compat_msghdr+0x108/0x270 [ 566.880351][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 566.942620][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 566.880351][T13080] do_fast_syscall_32+0x6b/0xd0 [ 566.942620][T13041] ? idle_cpu+0x9a/0x1d0 [ 566.880351][T13080] do_SYSENTER_32+0x73/0x90 [ 566.942620][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 566.880351][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 566.942620][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 566.880351][T13080] [ 566.942620][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 566.880351][T13080] Uninit was stored to memory at: [ 566.942620][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 566.880351][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 566.942620][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 566.880351][T13080] __msan_chain_origin+0x50/0x90 [ 566.942620][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 566.880351][T13080] __get_compat_msghdr+0x5be/0x890 [ 566.942620][T13041] __sys_recvmmsg+0x4ca/0x510 [ 566.880351][T13080] get_compat_msghdr+0x108/0x270 [ 566.942620][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.880351][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 566.942620][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 566.880351][T13080] __sys_recvmmsg+0x4ca/0x510 [ 566.942620][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.880351][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.942620][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 566.880351][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.942620][T13041] do_fast_syscall_32+0x6b/0xd0 [ 566.880351][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 566.942620][T13041] do_SYSENTER_32+0x73/0x90 [ 566.880351][T13080] do_fast_syscall_32+0x6b/0xd0 [ 566.942620][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 566.880351][T13080] do_SYSENTER_32+0x73/0x90 [ 566.942620][T13041] RIP: 0023:0xf7fd6549 [ 566.942620][T13041] Code: Bad RIP value. [ 566.880351][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 566.942620][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 566.880351][T13080] [ 566.942620][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 566.880351][T13080] Uninit was stored to memory at: [ 566.942620][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 566.880351][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 566.942620][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 566.880351][T13080] __msan_chain_origin+0x50/0x90 [ 566.942620][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 566.880351][T13080] __get_compat_msghdr+0x5be/0x890 [ 566.942620][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 566.880351][T13080] get_compat_msghdr+0x108/0x270 [ 566.942620][T13041] Uninit was stored to memory at: [ 566.880351][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 566.942620][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 566.880351][T13080] __sys_recvmmsg+0x4ca/0x510 [ 566.942620][T13041] __msan_chain_origin+0x50/0x90 [ 566.880351][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.942620][T13041] __get_compat_msghdr+0x5be/0x890 [ 566.880351][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.942620][T13041] get_compat_msghdr+0x108/0x270 [ 566.880351][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 566.942620][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 566.880351][T13080] do_fast_syscall_32+0x6b/0xd0 [ 566.942620][T13041] __sys_recvmmsg+0x4ca/0x510 [ 566.880351][T13080] do_SYSENTER_32+0x73/0x90 [ 566.942620][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.880351][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 566.942620][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.880351][T13080] [ 566.942620][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 566.880351][T13080] Uninit was stored to memory at: [ 566.942620][T13041] do_fast_syscall_32+0x6b/0xd0 [ 566.880351][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 566.942620][T13041] do_SYSENTER_32+0x73/0x90 [ 566.880351][T13080] __msan_chain_origin+0x50/0x90 [ 566.942620][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 566.880351][T13080] __get_compat_msghdr+0x5be/0x890 [ 566.942620][T13041] [ 566.880351][T13080] get_compat_msghdr+0x108/0x270 [ 566.942620][T13041] Uninit was stored to memory at: [ 566.880351][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 566.942620][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 566.880351][T13080] __sys_recvmmsg+0x4ca/0x510 [ 566.942620][T13041] __msan_chain_origin+0x50/0x90 [ 566.880351][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.942620][T13041] __get_compat_msghdr+0x5be/0x890 [ 566.880351][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.942620][T13041] get_compat_msghdr+0x108/0x270 [ 566.880351][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 566.942620][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 566.880351][T13080] do_fast_syscall_32+0x6b/0xd0 [ 566.942620][T13041] __sys_recvmmsg+0x4ca/0x510 [ 566.880351][T13080] do_SYSENTER_32+0x73/0x90 [ 566.942620][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 566.880351][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 566.942620][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 566.880351][T13080] [ 566.942620][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 566.880351][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 566.942620][T13041] do_fast_syscall_32+0x6b/0xd0 [ 566.880351][T13080] do_recvmmsg+0xc5/0x1ee0 [ 566.942620][T13041] do_SYSENTER_32+0x73/0x90 [ 566.880351][T13080] do_recvmmsg+0xc5/0x1ee0 [ 566.942620][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 567.649827][T13041] [ 567.649827][T13041] Uninit was stored to memory at: [ 567.649827][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 567.649827][T13041] __msan_chain_origin+0x50/0x90 [ 567.649827][T13041] __get_compat_msghdr+0x5be/0x890 [ 567.649827][T13041] get_compat_msghdr+0x108/0x270 [ 567.649827][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 567.649827][T13041] __sys_recvmmsg+0x4ca/0x510 [ 567.649827][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 567.649827][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 567.649827][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 567.649827][T13041] do_fast_syscall_32+0x6b/0xd0 [ 567.649827][T13041] do_SYSENTER_32+0x73/0x90 [ 567.649827][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 567.649827][T13041] [ 567.649827][T13041] Uninit was stored to memory at: [ 567.649827][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 567.649827][T13041] __msan_chain_origin+0x50/0x90 [ 567.649827][T13041] __get_compat_msghdr+0x5be/0x890 [ 567.649827][T13041] get_compat_msghdr+0x108/0x270 [ 567.649827][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 567.649827][T13041] __sys_recvmmsg+0x4ca/0x510 [ 567.649827][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 567.649827][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 567.649827][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 567.649827][T13041] do_fast_syscall_32+0x6b/0xd0 [ 567.649827][T13041] do_SYSENTER_32+0x73/0x90 [ 567.649827][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 567.649827][T13041] [ 567.649827][T13041] Uninit was stored to memory at: [ 567.649827][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 567.808679][T13012] not chained 1520000 origins [ 567.649827][T13041] __msan_chain_origin+0x50/0x90 [ 567.810144][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 567.649827][T13041] __get_compat_msghdr+0x5be/0x890 [ 567.810144][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 567.649827][T13041] get_compat_msghdr+0x108/0x270 [ 567.810144][T13012] Call Trace: [ 567.649827][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 567.810144][T13012] dump_stack+0x1df/0x240 [ 567.649827][T13041] __sys_recvmmsg+0x4ca/0x510 [ 567.810144][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 567.649827][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 567.810144][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 567.649827][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 567.810144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 567.649827][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 567.810144][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 567.649827][T13041] do_fast_syscall_32+0x6b/0xd0 [ 567.810144][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 567.649827][T13041] do_SYSENTER_32+0x73/0x90 [ 567.810144][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 567.649827][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 567.810144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 567.649827][T13041] [ 567.810144][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 567.649827][T13041] Uninit was stored to memory at: [ 567.810144][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 567.649827][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 567.810144][T13012] ? _copy_from_user+0x15b/0x260 [ 567.649827][T13041] __msan_chain_origin+0x50/0x90 [ 567.810144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 567.649827][T13041] __get_compat_msghdr+0x5be/0x890 [ 567.810144][T13012] __msan_chain_origin+0x50/0x90 [ 567.649827][T13041] get_compat_msghdr+0x108/0x270 [ 567.810144][T13012] __get_compat_msghdr+0x5be/0x890 [ 567.649827][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 567.810144][T13012] get_compat_msghdr+0x108/0x270 [ 567.649827][T13041] __sys_recvmmsg+0x4ca/0x510 [ 567.810144][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 567.649827][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 567.810144][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 567.649827][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 567.810144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 567.649827][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 567.810144][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 567.649827][T13041] do_fast_syscall_32+0x6b/0xd0 [ 567.810144][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 567.649827][T13041] do_SYSENTER_32+0x73/0x90 [ 567.810144][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 567.649827][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 567.810144][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 567.649827][T13041] [ 567.810144][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 567.649827][T13041] Uninit was stored to memory at: [ 567.810144][T13012] __sys_recvmmsg+0x4ca/0x510 [ 567.649827][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 567.810144][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 567.649827][T13041] __msan_chain_origin+0x50/0x90 [ 567.810144][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 567.649827][T13041] __get_compat_msghdr+0x5be/0x890 [ 567.810144][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 567.649827][T13041] get_compat_msghdr+0x108/0x270 [ 567.810144][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 567.649827][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 567.810144][T13012] do_fast_syscall_32+0x6b/0xd0 [ 567.649827][T13041] __sys_recvmmsg+0x4ca/0x510 [ 567.810144][T13012] do_SYSENTER_32+0x73/0x90 [ 567.649827][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 567.810144][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 567.649827][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 567.810144][T13012] RIP: 0023:0xf7f4d549 [ 567.649827][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 567.810144][T13012] Code: Bad RIP value. [ 567.649827][T13041] do_fast_syscall_32+0x6b/0xd0 [ 567.810144][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 567.649827][T13041] do_SYSENTER_32+0x73/0x90 [ 567.810144][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 567.649827][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 567.810144][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 567.649827][T13041] [ 567.810144][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 567.649827][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 567.810144][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 567.649827][T13041] do_recvmmsg+0xc5/0x1ee0 [ 567.810144][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 567.649827][T13041] do_recvmmsg+0xc5/0x1ee0 [ 567.810144][T13012] Uninit was stored to memory at: [ 568.275219][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 568.284290][T13012] __msan_chain_origin+0x50/0x90 [ 568.288644][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 568.284290][T13012] __get_compat_msghdr+0x5be/0x890 [ 568.284290][T13012] get_compat_msghdr+0x108/0x270 [ 568.284290][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 568.284290][T13012] __sys_recvmmsg+0x4ca/0x510 [ 568.284290][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 568.284290][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 568.284290][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 568.284290][T13012] do_fast_syscall_32+0x6b/0xd0 [ 568.284290][T13012] do_SYSENTER_32+0x73/0x90 [ 568.284290][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 568.284290][T13012] [ 568.284290][T13012] Uninit was stored to memory at: [ 568.284290][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 568.284290][T13012] __msan_chain_origin+0x50/0x90 [ 568.284290][T13012] __get_compat_msghdr+0x5be/0x890 [ 568.284290][T13012] get_compat_msghdr+0x108/0x270 [ 568.370333][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 568.370333][T13012] __sys_recvmmsg+0x4ca/0x510 [ 568.370333][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 568.370333][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 568.370333][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 568.370333][T13012] do_fast_syscall_32+0x6b/0xd0 [ 568.370333][T13012] do_SYSENTER_32+0x73/0x90 [ 568.370333][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 568.370333][T13012] [ 568.370333][T13012] Uninit was stored to memory at: [ 568.370333][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 568.370333][T13012] __msan_chain_origin+0x50/0x90 [ 568.370333][T13012] __get_compat_msghdr+0x5be/0x890 [ 568.440285][T13012] get_compat_msghdr+0x108/0x270 [ 568.440285][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 568.440285][T13012] __sys_recvmmsg+0x4ca/0x510 [ 568.440285][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 568.440285][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 568.440285][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 568.440285][T13012] do_fast_syscall_32+0x6b/0xd0 [ 568.440285][T13012] do_SYSENTER_32+0x73/0x90 [ 568.440285][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 568.440285][T13012] [ 568.440285][T13012] Uninit was stored to memory at: [ 568.440285][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 568.440285][T13012] __msan_chain_origin+0x50/0x90 [ 568.440285][T13012] __get_compat_msghdr+0x5be/0x890 [ 568.510324][T13012] get_compat_msghdr+0x108/0x270 [ 568.515352][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 568.510324][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 568.510324][T13012] __sys_recvmmsg+0x4ca/0x510 [ 568.510324][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 568.510324][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 568.510324][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 568.510324][T13012] do_fast_syscall_32+0x6b/0xd0 [ 568.510324][T13012] do_SYSENTER_32+0x73/0x90 [ 568.510324][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 568.510324][T13012] [ 568.510324][T13012] Uninit was stored to memory at: [ 568.510324][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 568.510324][T13012] __msan_chain_origin+0x50/0x90 [ 568.510324][T13012] __get_compat_msghdr+0x5be/0x890 [ 568.510324][T13012] get_compat_msghdr+0x108/0x270 [ 568.598256][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 568.510324][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 568.510324][T13012] __sys_recvmmsg+0x4ca/0x510 [ 568.510324][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 568.510324][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 568.510324][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 568.510324][T13012] do_fast_syscall_32+0x6b/0xd0 [ 568.510324][T13012] do_SYSENTER_32+0x73/0x90 [ 568.510324][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 568.510324][T13012] [ 568.510324][T13012] Uninit was stored to memory at: [ 568.510324][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 568.510324][T13012] __msan_chain_origin+0x50/0x90 [ 568.510324][T13012] __get_compat_msghdr+0x5be/0x890 [ 568.510324][T13012] get_compat_msghdr+0x108/0x270 [ 568.510324][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 568.510324][T13012] __sys_recvmmsg+0x4ca/0x510 [ 568.510324][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 568.510324][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 568.510324][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 568.510324][T13012] do_fast_syscall_32+0x6b/0xd0 [ 568.510324][T13012] do_SYSENTER_32+0x73/0x90 [ 568.510324][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 568.510324][T13012] [ 568.510324][T13012] Uninit was stored to memory at: [ 568.510324][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 568.510324][T13012] __msan_chain_origin+0x50/0x90 [ 568.510324][T13012] __get_compat_msghdr+0x5be/0x890 [ 568.510324][T13012] get_compat_msghdr+0x108/0x270 [ 568.510324][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 568.510324][T13012] __sys_recvmmsg+0x4ca/0x510 [ 568.510324][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 568.510324][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 568.510324][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 568.510324][T13012] do_fast_syscall_32+0x6b/0xd0 [ 568.510324][T13012] do_SYSENTER_32+0x73/0x90 [ 568.510324][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 568.510324][T13012] [ 568.510324][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 568.510324][T13012] do_recvmmsg+0xc5/0x1ee0 [ 568.510324][T13012] do_recvmmsg+0xc5/0x1ee0 [ 568.974653][T13080] not chained 1530000 origins [ 568.979349][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 568.980168][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 568.980168][T13080] Call Trace: [ 568.980168][T13080] dump_stack+0x1df/0x240 [ 568.980168][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 568.980168][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 568.980168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 568.980168][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 568.980168][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 568.980168][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 568.980168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 568.980168][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 568.980168][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 568.980168][T13080] ? _copy_from_user+0x15b/0x260 [ 568.980168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 568.980168][T13080] __msan_chain_origin+0x50/0x90 [ 568.980168][T13080] __get_compat_msghdr+0x5be/0x890 [ 568.980168][T13080] get_compat_msghdr+0x108/0x270 [ 568.980168][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 568.980168][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 568.980168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 568.980168][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 568.980168][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 568.980168][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 568.980168][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 568.980168][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 569.116842][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 568.980168][T13080] __sys_recvmmsg+0x4ca/0x510 [ 568.980168][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 568.980168][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 568.980168][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 568.980168][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 568.980168][T13080] do_fast_syscall_32+0x6b/0xd0 [ 568.980168][T13080] do_SYSENTER_32+0x73/0x90 [ 568.980168][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 568.980168][T13080] RIP: 0023:0xf7fbe549 [ 568.980168][T13080] Code: Bad RIP value. [ 568.980168][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 568.980168][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 568.980168][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 568.980168][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 569.130203][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 569.130203][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 569.130203][T13080] Uninit was stored to memory at: [ 569.130203][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 569.130203][T13080] __msan_chain_origin+0x50/0x90 [ 569.130203][T13080] __get_compat_msghdr+0x5be/0x890 [ 569.246594][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 569.130203][T13080] get_compat_msghdr+0x108/0x270 [ 569.130203][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 569.130203][T13080] __sys_recvmmsg+0x4ca/0x510 [ 569.130203][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 569.130203][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 569.130203][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 569.130203][T13080] do_fast_syscall_32+0x6b/0xd0 [ 569.130203][T13080] do_SYSENTER_32+0x73/0x90 [ 569.130203][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 569.130203][T13080] [ 569.130203][T13080] Uninit was stored to memory at: [ 569.130203][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 569.130203][T13080] __msan_chain_origin+0x50/0x90 [ 569.130203][T13080] __get_compat_msghdr+0x5be/0x890 [ 569.130203][T13080] get_compat_msghdr+0x108/0x270 [ 569.130203][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 569.130203][T13080] __sys_recvmmsg+0x4ca/0x510 [ 569.130203][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 569.130203][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 569.130203][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 569.298192][T13021] not chained 1540000 origins [ 569.130203][T13080] do_fast_syscall_32+0x6b/0xd0 [ 569.300167][T13021] CPU: 0 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 569.130203][T13080] do_SYSENTER_32+0x73/0x90 [ 569.300167][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 569.130203][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 569.300167][T13021] Call Trace: [ 569.130203][T13080] [ 569.300167][T13021] dump_stack+0x1df/0x240 [ 569.130203][T13080] Uninit was stored to memory at: [ 569.300167][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 569.130203][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 569.300167][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 569.130203][T13080] __msan_chain_origin+0x50/0x90 [ 569.300167][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 569.130203][T13080] __get_compat_msghdr+0x5be/0x890 [ 569.300167][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 569.130203][T13080] get_compat_msghdr+0x108/0x270 [ 569.300167][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 569.130203][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 569.300167][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 569.130203][T13080] __sys_recvmmsg+0x4ca/0x510 [ 569.300167][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 569.130203][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 569.300167][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 569.130203][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 569.300167][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 569.130203][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 569.300167][T13021] ? _copy_from_user+0x15b/0x260 [ 569.130203][T13080] do_fast_syscall_32+0x6b/0xd0 [ 569.300167][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 569.130203][T13080] do_SYSENTER_32+0x73/0x90 [ 569.300167][T13021] __msan_chain_origin+0x50/0x90 [ 569.130203][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 569.300167][T13021] __get_compat_msghdr+0x5be/0x890 [ 569.130203][T13080] [ 569.300167][T13021] get_compat_msghdr+0x108/0x270 [ 569.130203][T13080] Uninit was stored to memory at: [ 569.300167][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 569.130203][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 569.300167][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 569.130203][T13080] __msan_chain_origin+0x50/0x90 [ 569.300167][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 569.130203][T13080] __get_compat_msghdr+0x5be/0x890 [ 569.300167][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 569.130203][T13080] get_compat_msghdr+0x108/0x270 [ 569.300167][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 569.130203][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 569.300167][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 569.130203][T13080] __sys_recvmmsg+0x4ca/0x510 [ 569.300167][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 569.130203][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 569.300167][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 569.130203][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 569.300167][T13021] __sys_recvmmsg+0x4ca/0x510 [ 569.130203][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 569.300167][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 569.130203][T13080] do_fast_syscall_32+0x6b/0xd0 [ 569.300167][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 569.130203][T13080] do_SYSENTER_32+0x73/0x90 [ 569.300167][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 569.130203][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 569.300167][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 569.130203][T13080] [ 569.300167][T13021] do_fast_syscall_32+0x6b/0xd0 [ 569.130203][T13080] Uninit was stored to memory at: [ 569.300167][T13021] do_SYSENTER_32+0x73/0x90 [ 569.130203][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 569.300167][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 569.130203][T13080] __msan_chain_origin+0x50/0x90 [ 569.300167][T13021] RIP: 0023:0xf7f4d549 [ 569.130203][T13080] __get_compat_msghdr+0x5be/0x890 [ 569.300167][T13021] Code: Bad RIP value. [ 569.130203][T13080] get_compat_msghdr+0x108/0x270 [ 569.300167][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 569.130203][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 569.300167][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 569.130203][T13080] __sys_recvmmsg+0x4ca/0x510 [ 569.300167][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 569.130203][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 569.300167][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 569.130203][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 569.300167][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 569.130203][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 569.300167][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 569.130203][T13080] do_fast_syscall_32+0x6b/0xd0 [ 569.300167][T13021] Uninit was stored to memory at: [ 569.130203][T13080] do_SYSENTER_32+0x73/0x90 [ 569.300167][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 569.130203][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 569.300167][T13021] __msan_chain_origin+0x50/0x90 [ 569.130203][T13080] [ 569.300167][T13021] __get_compat_msghdr+0x5be/0x890 [ 569.130203][T13080] Uninit was stored to memory at: [ 569.300167][T13021] get_compat_msghdr+0x108/0x270 [ 569.130203][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 569.300167][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 569.130203][T13080] __msan_chain_origin+0x50/0x90 [ 569.300167][T13021] __sys_recvmmsg+0x4ca/0x510 [ 569.130203][T13080] __get_compat_msghdr+0x5be/0x890 [ 569.300167][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 569.130203][T13080] get_compat_msghdr+0x108/0x270 [ 569.300167][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 569.130203][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 569.300167][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 569.130203][T13080] __sys_recvmmsg+0x4ca/0x510 [ 569.300167][T13021] do_fast_syscall_32+0x6b/0xd0 [ 569.130203][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 569.300167][T13021] do_SYSENTER_32+0x73/0x90 [ 569.130203][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 569.300167][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 569.130203][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 569.300167][T13021] [ 569.130203][T13080] do_fast_syscall_32+0x6b/0xd0 [ 569.300167][T13021] Uninit was stored to memory at: [ 569.130203][T13080] do_SYSENTER_32+0x73/0x90 [ 569.300167][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 569.130203][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 569.300167][T13021] __msan_chain_origin+0x50/0x90 [ 569.130203][T13080] [ 569.300167][T13021] __get_compat_msghdr+0x5be/0x890 [ 569.130203][T13080] Uninit was stored to memory at: [ 569.300167][T13021] get_compat_msghdr+0x108/0x270 [ 569.130203][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 569.300167][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 569.130203][T13080] __msan_chain_origin+0x50/0x90 [ 569.300167][T13021] __sys_recvmmsg+0x4ca/0x510 [ 569.130203][T13080] __get_compat_msghdr+0x5be/0x890 [ 569.300167][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 569.130203][T13080] get_compat_msghdr+0x108/0x270 [ 569.300167][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 569.130203][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 569.300167][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 569.130203][T13080] __sys_recvmmsg+0x4ca/0x510 [ 569.300167][T13021] do_fast_syscall_32+0x6b/0xd0 [ 569.130203][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 569.300167][T13021] do_SYSENTER_32+0x73/0x90 [ 569.130203][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 569.300167][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 569.130203][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 569.300167][T13021] [ 569.130203][T13080] do_fast_syscall_32+0x6b/0xd0 [ 569.300167][T13021] Uninit was stored to memory at: [ 569.130203][T13080] do_SYSENTER_32+0x73/0x90 [ 569.300167][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 569.130203][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 569.300167][T13021] __msan_chain_origin+0x50/0x90 [ 569.130203][T13080] [ 569.300167][T13021] __get_compat_msghdr+0x5be/0x890 [ 569.130203][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 569.300167][T13021] get_compat_msghdr+0x108/0x270 [ 569.130203][T13080] do_recvmmsg+0xc5/0x1ee0 [ 569.300167][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 569.130203][T13080] do_recvmmsg+0xc5/0x1ee0 [ 569.300167][T13021] __sys_recvmmsg+0x4ca/0x510 [ 570.102327][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.102327][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.102327][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 570.102327][T13021] do_fast_syscall_32+0x6b/0xd0 [ 570.102327][T13021] do_SYSENTER_32+0x73/0x90 [ 570.102327][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 570.102327][T13021] [ 570.102327][T13021] Uninit was stored to memory at: [ 570.102327][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 570.102327][T13021] __msan_chain_origin+0x50/0x90 [ 570.102327][T13021] __get_compat_msghdr+0x5be/0x890 [ 570.102327][T13021] get_compat_msghdr+0x108/0x270 [ 570.102327][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 570.102327][T13021] __sys_recvmmsg+0x4ca/0x510 [ 570.102327][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.102327][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.102327][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 570.102327][T13021] do_fast_syscall_32+0x6b/0xd0 [ 570.102327][T13021] do_SYSENTER_32+0x73/0x90 [ 570.102327][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 570.262615][T13041] not chained 1550000 origins [ 570.102327][T13021] [ 570.270141][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 570.102327][T13021] Uninit was stored to memory at: [ 570.270141][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 570.102327][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 570.270141][T13041] Call Trace: [ 570.102327][T13021] __msan_chain_origin+0x50/0x90 [ 570.270141][T13041] dump_stack+0x1df/0x240 [ 570.102327][T13021] __get_compat_msghdr+0x5be/0x890 [ 570.270141][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 570.102327][T13021] get_compat_msghdr+0x108/0x270 [ 570.270141][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 570.102327][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 570.270141][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 570.102327][T13021] __sys_recvmmsg+0x4ca/0x510 [ 570.270141][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 570.102327][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.270141][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 570.102327][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.270141][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 570.102327][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 570.270141][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 570.102327][T13021] do_fast_syscall_32+0x6b/0xd0 [ 570.270141][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 570.102327][T13021] do_SYSENTER_32+0x73/0x90 [ 570.270141][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 570.102327][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 570.270141][T13041] ? _copy_from_user+0x15b/0x260 [ 570.102327][T13021] [ 570.270141][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 570.102327][T13021] Uninit was stored to memory at: [ 570.270141][T13041] __msan_chain_origin+0x50/0x90 [ 570.102327][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 570.270141][T13041] __get_compat_msghdr+0x5be/0x890 [ 570.102327][T13021] __msan_chain_origin+0x50/0x90 [ 570.270141][T13041] get_compat_msghdr+0x108/0x270 [ 570.102327][T13021] __get_compat_msghdr+0x5be/0x890 [ 570.270141][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 570.102327][T13021] get_compat_msghdr+0x108/0x270 [ 570.270141][T13041] ? idle_cpu+0x9a/0x1d0 [ 570.102327][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 570.270141][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 570.102327][T13021] __sys_recvmmsg+0x4ca/0x510 [ 570.270141][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 570.102327][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.270141][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 570.102327][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.270141][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 570.102327][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 570.270141][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 570.102327][T13021] do_fast_syscall_32+0x6b/0xd0 [ 570.270141][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 570.102327][T13021] do_SYSENTER_32+0x73/0x90 [ 570.270141][T13041] __sys_recvmmsg+0x4ca/0x510 [ 570.102327][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 570.270141][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.102327][T13021] [ 570.270141][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 570.102327][T13021] Uninit was stored to memory at: [ 570.270141][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.102327][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 570.270141][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 570.102327][T13021] __msan_chain_origin+0x50/0x90 [ 570.270141][T13041] do_fast_syscall_32+0x6b/0xd0 [ 570.102327][T13021] __get_compat_msghdr+0x5be/0x890 [ 570.270141][T13041] do_SYSENTER_32+0x73/0x90 [ 570.102327][T13021] get_compat_msghdr+0x108/0x270 [ 570.270141][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 570.102327][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 570.270141][T13041] RIP: 0023:0xf7fd6549 [ 570.102327][T13021] __sys_recvmmsg+0x4ca/0x510 [ 570.270141][T13041] Code: Bad RIP value. [ 570.102327][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.270141][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 570.102327][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.270141][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 570.102327][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 570.270141][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 570.102327][T13021] do_fast_syscall_32+0x6b/0xd0 [ 570.270141][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 570.102327][T13021] do_SYSENTER_32+0x73/0x90 [ 570.270141][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 570.102327][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 570.270141][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 570.102327][T13021] [ 570.270141][T13041] Uninit was stored to memory at: [ 570.102327][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 570.270141][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 570.102327][T13021] do_recvmmsg+0xc5/0x1ee0 [ 570.270141][T13041] __msan_chain_origin+0x50/0x90 [ 570.102327][T13021] do_recvmmsg+0xc5/0x1ee0 [ 570.270141][T13041] __get_compat_msghdr+0x5be/0x890 [ 570.270141][T13041] get_compat_msghdr+0x108/0x270 [ 570.765890][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 570.765890][T13041] __sys_recvmmsg+0x4ca/0x510 [ 570.765890][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.765890][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.765890][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 570.765890][T13041] do_fast_syscall_32+0x6b/0xd0 [ 570.765890][T13041] do_SYSENTER_32+0x73/0x90 [ 570.765890][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 570.803459][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 570.765890][T13041] [ 570.765890][T13041] Uninit was stored to memory at: [ 570.765890][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 570.765890][T13041] __msan_chain_origin+0x50/0x90 [ 570.765890][T13041] __get_compat_msghdr+0x5be/0x890 [ 570.765890][T13041] get_compat_msghdr+0x108/0x270 [ 570.765890][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 570.765890][T13041] __sys_recvmmsg+0x4ca/0x510 [ 570.765890][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.765890][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.765890][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 570.765890][T13041] do_fast_syscall_32+0x6b/0xd0 [ 570.765890][T13041] do_SYSENTER_32+0x73/0x90 [ 570.765890][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 570.886378][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 570.765890][T13041] [ 570.896055][T13041] Uninit was stored to memory at: [ 570.896055][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 570.896055][T13041] __msan_chain_origin+0x50/0x90 [ 570.896055][T13041] __get_compat_msghdr+0x5be/0x890 [ 570.896055][T13041] get_compat_msghdr+0x108/0x270 [ 570.896055][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 570.896055][T13041] __sys_recvmmsg+0x4ca/0x510 [ 570.896055][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.896055][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.896055][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 570.896055][T13041] do_fast_syscall_32+0x6b/0xd0 [ 570.896055][T13041] do_SYSENTER_32+0x73/0x90 [ 570.896055][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 570.896055][T13041] [ 570.896055][T13041] Uninit was stored to memory at: [ 570.896055][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 570.896055][T13041] __msan_chain_origin+0x50/0x90 [ 570.896055][T13041] __get_compat_msghdr+0x5be/0x890 [ 570.988659][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 570.896055][T13041] get_compat_msghdr+0x108/0x270 [ 570.896055][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 570.896055][T13041] __sys_recvmmsg+0x4ca/0x510 [ 570.896055][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.896055][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.896055][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 570.896055][T13041] do_fast_syscall_32+0x6b/0xd0 [ 570.896055][T13041] do_SYSENTER_32+0x73/0x90 [ 570.896055][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.041728][T13012] not chained 1560000 origins [ 570.896055][T13041] [ 571.049350][T13012] CPU: 0 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 570.896055][T13041] Uninit was stored to memory at: [ 571.050177][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 570.896055][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 571.050177][T13012] Call Trace: [ 570.896055][T13041] __msan_chain_origin+0x50/0x90 [ 571.050177][T13012] dump_stack+0x1df/0x240 [ 570.896055][T13041] __get_compat_msghdr+0x5be/0x890 [ 571.050177][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 570.896055][T13041] get_compat_msghdr+0x108/0x270 [ 571.050177][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 570.896055][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 571.050177][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 570.896055][T13041] __sys_recvmmsg+0x4ca/0x510 [ 571.050177][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 570.896055][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.050177][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 570.896055][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.050177][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 570.896055][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 571.050177][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 570.896055][T13041] do_fast_syscall_32+0x6b/0xd0 [ 571.050177][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 570.896055][T13041] do_SYSENTER_32+0x73/0x90 [ 571.050177][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 570.896055][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.050177][T13012] ? _copy_from_user+0x15b/0x260 [ 570.896055][T13041] [ 571.050177][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 570.896055][T13041] Uninit was stored to memory at: [ 571.050177][T13012] __msan_chain_origin+0x50/0x90 [ 570.896055][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 571.050177][T13012] __get_compat_msghdr+0x5be/0x890 [ 570.896055][T13041] __msan_chain_origin+0x50/0x90 [ 571.050177][T13012] get_compat_msghdr+0x108/0x270 [ 570.896055][T13041] __get_compat_msghdr+0x5be/0x890 [ 571.050177][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 570.896055][T13041] get_compat_msghdr+0x108/0x270 [ 571.050177][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 570.896055][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 571.050177][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 570.896055][T13041] __sys_recvmmsg+0x4ca/0x510 [ 571.050177][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 570.896055][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.050177][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 570.896055][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.050177][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 570.896055][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 571.050177][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 570.896055][T13041] do_fast_syscall_32+0x6b/0xd0 [ 571.050177][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 570.896055][T13041] do_SYSENTER_32+0x73/0x90 [ 571.050177][T13012] __sys_recvmmsg+0x4ca/0x510 [ 570.896055][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.050177][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 570.896055][T13041] [ 571.050177][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 570.896055][T13041] Uninit was stored to memory at: [ 571.050177][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 570.896055][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 571.050177][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 570.896055][T13041] __msan_chain_origin+0x50/0x90 [ 571.050177][T13012] do_fast_syscall_32+0x6b/0xd0 [ 570.896055][T13041] __get_compat_msghdr+0x5be/0x890 [ 571.050177][T13012] do_SYSENTER_32+0x73/0x90 [ 570.896055][T13041] get_compat_msghdr+0x108/0x270 [ 571.050177][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 570.896055][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 571.050177][T13012] RIP: 0023:0xf7f4d549 [ 570.896055][T13041] __sys_recvmmsg+0x4ca/0x510 [ 571.050177][T13012] Code: Bad RIP value. [ 570.896055][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.050177][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 570.896055][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.050177][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 570.896055][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 571.050177][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 570.896055][T13041] do_fast_syscall_32+0x6b/0xd0 [ 571.050177][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 570.896055][T13041] do_SYSENTER_32+0x73/0x90 [ 571.050177][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 570.896055][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.050177][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 570.896055][T13041] [ 571.050177][T13012] Uninit was stored to memory at: [ 570.896055][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 571.050177][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 570.896055][T13041] do_recvmmsg+0xc5/0x1ee0 [ 571.050177][T13012] __msan_chain_origin+0x50/0x90 [ 570.896055][T13041] do_recvmmsg+0xc5/0x1ee0 [ 571.050177][T13012] __get_compat_msghdr+0x5be/0x890 [ 571.050177][T13012] get_compat_msghdr+0x108/0x270 [ 571.050177][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 571.050177][T13012] __sys_recvmmsg+0x4ca/0x510 [ 571.552883][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.552883][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.552883][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 571.552883][T13012] do_fast_syscall_32+0x6b/0xd0 [ 571.552883][T13012] do_SYSENTER_32+0x73/0x90 [ 571.552883][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.552883][T13012] [ 571.552883][T13012] Uninit was stored to memory at: [ 571.552883][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 571.552883][T13012] __msan_chain_origin+0x50/0x90 [ 571.552883][T13012] __get_compat_msghdr+0x5be/0x890 [ 571.552883][T13012] get_compat_msghdr+0x108/0x270 [ 571.552883][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 571.552883][T13012] __sys_recvmmsg+0x4ca/0x510 [ 571.552883][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.552883][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.552883][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 571.552883][T13012] do_fast_syscall_32+0x6b/0xd0 [ 571.552883][T13012] do_SYSENTER_32+0x73/0x90 [ 571.552883][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.552883][T13012] [ 571.552883][T13012] Uninit was stored to memory at: [ 571.552883][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 571.552883][T13012] __msan_chain_origin+0x50/0x90 [ 571.552883][T13012] __get_compat_msghdr+0x5be/0x890 [ 571.552883][T13012] get_compat_msghdr+0x108/0x270 [ 571.552883][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 571.552883][T13012] __sys_recvmmsg+0x4ca/0x510 [ 571.552883][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.552883][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.552883][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 571.708989][T13072] not chained 1570000 origins [ 571.552883][T13012] do_fast_syscall_32+0x6b/0xd0 [ 571.710141][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 571.552883][T13012] do_SYSENTER_32+0x73/0x90 [ 571.710141][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 571.552883][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.710141][T13072] Call Trace: [ 571.552883][T13012] [ 571.710141][T13072] dump_stack+0x1df/0x240 [ 571.552883][T13012] Uninit was stored to memory at: [ 571.710141][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 571.552883][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 571.710141][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 571.552883][T13012] __msan_chain_origin+0x50/0x90 [ 571.710141][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 571.552883][T13012] __get_compat_msghdr+0x5be/0x890 [ 571.710141][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 571.552883][T13012] get_compat_msghdr+0x108/0x270 [ 571.710141][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 571.552883][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 571.710141][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 571.552883][T13012] __sys_recvmmsg+0x4ca/0x510 [ 571.710141][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 571.552883][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.710141][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 571.552883][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.710141][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 571.552883][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 571.710141][T13072] ? _copy_from_user+0x15b/0x260 [ 571.552883][T13012] do_fast_syscall_32+0x6b/0xd0 [ 571.710141][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 571.552883][T13012] do_SYSENTER_32+0x73/0x90 [ 571.710141][T13072] __msan_chain_origin+0x50/0x90 [ 571.552883][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.710141][T13072] __get_compat_msghdr+0x5be/0x890 [ 571.552883][T13012] [ 571.710141][T13072] get_compat_msghdr+0x108/0x270 [ 571.552883][T13012] Uninit was stored to memory at: [ 571.710141][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 571.552883][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 571.710141][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 571.552883][T13012] __msan_chain_origin+0x50/0x90 [ 571.710141][T13072] ? sched_clock_cpu+0x7c/0x930 [ 571.552883][T13012] __get_compat_msghdr+0x5be/0x890 [ 571.710141][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 571.552883][T13012] get_compat_msghdr+0x108/0x270 [ 571.710141][T13072] ? sched_clock_cpu+0x7c/0x930 [ 571.552883][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 571.710141][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 571.552883][T13012] __sys_recvmmsg+0x4ca/0x510 [ 571.710141][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 571.552883][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.710141][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 571.552883][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.710141][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 571.552883][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 571.710141][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 571.552883][T13012] do_fast_syscall_32+0x6b/0xd0 [ 571.710141][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 571.552883][T13012] do_SYSENTER_32+0x73/0x90 [ 571.710141][T13072] __sys_recvmmsg+0x4ca/0x510 [ 571.552883][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.710141][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.552883][T13012] [ 571.710141][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 571.552883][T13012] Uninit was stored to memory at: [ 571.710141][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.552883][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 571.710141][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 571.552883][T13012] __msan_chain_origin+0x50/0x90 [ 571.710141][T13072] do_fast_syscall_32+0x6b/0xd0 [ 571.552883][T13012] __get_compat_msghdr+0x5be/0x890 [ 571.710141][T13072] do_SYSENTER_32+0x73/0x90 [ 571.552883][T13012] get_compat_msghdr+0x108/0x270 [ 571.710141][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.552883][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 571.710141][T13072] RIP: 0023:0xf7fbe549 [ 571.552883][T13012] __sys_recvmmsg+0x4ca/0x510 [ 571.710141][T13072] Code: Bad RIP value. [ 571.552883][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.710141][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 571.552883][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.710141][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 571.552883][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 571.710141][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 571.552883][T13012] do_fast_syscall_32+0x6b/0xd0 [ 571.710141][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 571.552883][T13012] do_SYSENTER_32+0x73/0x90 [ 571.710141][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 571.552883][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.710141][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 571.552883][T13012] [ 571.710141][T13072] Uninit was stored to memory at: [ 571.552883][T13012] Uninit was stored to memory at: [ 571.710141][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 571.552883][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 571.710141][T13072] __msan_chain_origin+0x50/0x90 [ 571.552883][T13012] __msan_chain_origin+0x50/0x90 [ 571.710141][T13072] __get_compat_msghdr+0x5be/0x890 [ 571.552883][T13012] __get_compat_msghdr+0x5be/0x890 [ 571.710141][T13072] get_compat_msghdr+0x108/0x270 [ 571.552883][T13012] get_compat_msghdr+0x108/0x270 [ 571.710141][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 571.552883][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 571.710141][T13072] __sys_recvmmsg+0x4ca/0x510 [ 571.552883][T13012] __sys_recvmmsg+0x4ca/0x510 [ 571.710141][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.552883][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 571.710141][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.552883][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 571.710141][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 571.552883][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 571.710141][T13072] do_fast_syscall_32+0x6b/0xd0 [ 571.552883][T13012] do_fast_syscall_32+0x6b/0xd0 [ 571.710141][T13072] do_SYSENTER_32+0x73/0x90 [ 571.552883][T13012] do_SYSENTER_32+0x73/0x90 [ 571.710141][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.552883][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 571.710141][T13072] [ 571.552883][T13012] [ 571.710141][T13072] Uninit was stored to memory at: [ 571.552883][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 571.710141][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 571.552883][T13012] do_recvmmsg+0xc5/0x1ee0 [ 571.710141][T13072] __msan_chain_origin+0x50/0x90 [ 571.552883][T13012] do_recvmmsg+0xc5/0x1ee0 [ 571.710141][T13072] __get_compat_msghdr+0x5be/0x890 [ 571.710141][T13072] get_compat_msghdr+0x108/0x270 [ 572.381438][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 572.385226][T13072] __sys_recvmmsg+0x4ca/0x510 [ 572.385226][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 572.385226][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 572.400801][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 572.385226][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 572.385226][T13072] do_fast_syscall_32+0x6b/0xd0 [ 572.385226][T13072] do_SYSENTER_32+0x73/0x90 [ 572.385226][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 572.385226][T13072] [ 572.385226][T13072] Uninit was stored to memory at: [ 572.385226][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 572.441294][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 572.385226][T13072] __msan_chain_origin+0x50/0x90 [ 572.385226][T13072] __get_compat_msghdr+0x5be/0x890 [ 572.385226][T13072] get_compat_msghdr+0x108/0x270 [ 572.385226][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 572.470290][T13072] __sys_recvmmsg+0x4ca/0x510 [ 572.470290][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 572.470290][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 572.486639][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 572.470290][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 572.470290][T13072] do_fast_syscall_32+0x6b/0xd0 [ 572.470290][T13072] do_SYSENTER_32+0x73/0x90 [ 572.470290][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 572.470290][T13072] [ 572.470290][T13072] Uninit was stored to memory at: [ 572.470290][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 572.470290][T13072] __msan_chain_origin+0x50/0x90 [ 572.470290][T13072] __get_compat_msghdr+0x5be/0x890 [ 572.470290][T13072] get_compat_msghdr+0x108/0x270 [ 572.470290][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 572.470290][T13072] __sys_recvmmsg+0x4ca/0x510 [ 572.470290][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 572.470290][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 572.470290][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 572.470290][T13072] do_fast_syscall_32+0x6b/0xd0 [ 572.470290][T13072] do_SYSENTER_32+0x73/0x90 [ 572.470290][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 572.470290][T13072] [ 572.540278][T13072] Uninit was stored to memory at: [ 572.540278][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 572.540278][T13072] __msan_chain_origin+0x50/0x90 [ 572.540278][T13072] __get_compat_msghdr+0x5be/0x890 [ 572.540278][T13072] get_compat_msghdr+0x108/0x270 [ 572.540278][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 572.540278][T13072] __sys_recvmmsg+0x4ca/0x510 [ 572.540278][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 572.540278][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 572.640375][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 572.640375][T13072] do_fast_syscall_32+0x6b/0xd0 [ 572.640375][T13072] do_SYSENTER_32+0x73/0x90 [ 572.640375][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 572.640375][T13072] [ 572.640375][T13072] Uninit was stored to memory at: [ 572.640375][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 572.640375][T13072] __msan_chain_origin+0x50/0x90 [ 572.640375][T13072] __get_compat_msghdr+0x5be/0x890 [ 572.640375][T13072] get_compat_msghdr+0x108/0x270 [ 572.640375][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 572.640375][T13072] __sys_recvmmsg+0x4ca/0x510 [ 572.640375][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 572.640375][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 572.640375][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 572.640375][T13072] do_fast_syscall_32+0x6b/0xd0 [ 572.640375][T13072] do_SYSENTER_32+0x73/0x90 [ 572.640375][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 572.728498][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 572.640375][T13072] [ 572.640375][T13072] Uninit was stored to memory at: [ 572.640375][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 572.640375][T13072] __msan_chain_origin+0x50/0x90 [ 572.640375][T13072] __get_compat_msghdr+0x5be/0x890 [ 572.640375][T13072] get_compat_msghdr+0x108/0x270 [ 572.640375][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 572.640375][T13072] __sys_recvmmsg+0x4ca/0x510 [ 572.640375][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 572.640375][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 572.640375][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 572.640375][T13072] do_fast_syscall_32+0x6b/0xd0 [ 572.640375][T13072] do_SYSENTER_32+0x73/0x90 [ 572.640375][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 572.640375][T13072] [ 572.640375][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 572.640375][T13072] do_recvmmsg+0xc5/0x1ee0 [ 572.640375][T13072] do_recvmmsg+0xc5/0x1ee0 [ 573.096943][T13072] not chained 1580000 origins [ 573.100154][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 573.100154][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 573.100154][T13072] Call Trace: [ 573.100154][T13072] dump_stack+0x1df/0x240 [ 573.100154][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 573.100154][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 573.100154][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 573.100154][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 573.100154][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 573.100154][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 573.100154][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 573.100154][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 573.100154][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 573.100154][T13072] ? _copy_from_user+0x15b/0x260 [ 573.100154][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 573.100154][T13072] __msan_chain_origin+0x50/0x90 [ 573.100154][T13072] __get_compat_msghdr+0x5be/0x890 [ 573.100154][T13072] get_compat_msghdr+0x108/0x270 [ 573.100154][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 573.100154][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 573.100154][T13072] ? sched_clock_cpu+0x7c/0x930 [ 573.100154][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 573.100154][T13072] ? sched_clock_cpu+0x7c/0x930 [ 573.100154][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 573.100154][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 573.100154][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 573.100154][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 573.250305][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 573.250305][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 573.250305][T13072] __sys_recvmmsg+0x4ca/0x510 [ 573.250305][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.250305][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 573.250305][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.250305][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 573.250305][T13072] do_fast_syscall_32+0x6b/0xd0 [ 573.250305][T13072] do_SYSENTER_32+0x73/0x90 [ 573.250305][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.250305][T13072] RIP: 0023:0xf7fbe549 [ 573.250305][T13072] Code: Bad RIP value. [ 573.250305][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 573.320316][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 573.320316][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 573.320316][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 573.320316][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 573.320316][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 573.320316][T13072] Uninit was stored to memory at: [ 573.320316][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 573.320316][T13072] __msan_chain_origin+0x50/0x90 [ 573.320316][T13072] __get_compat_msghdr+0x5be/0x890 [ 573.320316][T13072] get_compat_msghdr+0x108/0x270 [ 573.320316][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 573.320316][T13072] __sys_recvmmsg+0x4ca/0x510 [ 573.320316][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.320316][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.320316][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 573.320316][T13072] do_fast_syscall_32+0x6b/0xd0 [ 573.320316][T13072] do_SYSENTER_32+0x73/0x90 [ 573.320316][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.320316][T13072] [ 573.320316][T13072] Uninit was stored to memory at: [ 573.320316][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 573.440322][T13072] __msan_chain_origin+0x50/0x90 [ 573.440322][T13072] __get_compat_msghdr+0x5be/0x890 [ 573.440322][T13072] get_compat_msghdr+0x108/0x270 [ 573.440322][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 573.440322][T13072] __sys_recvmmsg+0x4ca/0x510 [ 573.440322][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.440322][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.440322][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 573.440322][T13072] do_fast_syscall_32+0x6b/0xd0 [ 573.484607][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 573.440322][T13072] do_SYSENTER_32+0x73/0x90 [ 573.500189][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.500189][T13072] [ 573.500189][T13072] Uninit was stored to memory at: [ 573.500189][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 573.520334][T13072] __msan_chain_origin+0x50/0x90 [ 573.520334][T13072] __get_compat_msghdr+0x5be/0x890 [ 573.520334][T13072] get_compat_msghdr+0x108/0x270 [ 573.520334][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 573.520334][T13072] __sys_recvmmsg+0x4ca/0x510 [ 573.520334][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.520334][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.520334][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 573.520334][T13072] do_fast_syscall_32+0x6b/0xd0 [ 573.520334][T13072] do_SYSENTER_32+0x73/0x90 [ 573.568031][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 573.520334][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.520334][T13072] [ 573.520334][T13072] Uninit was stored to memory at: [ 573.520334][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 573.520334][T13072] __msan_chain_origin+0x50/0x90 [ 573.520334][T13072] __get_compat_msghdr+0x5be/0x890 [ 573.520334][T13072] get_compat_msghdr+0x108/0x270 [ 573.520334][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 573.520334][T13072] __sys_recvmmsg+0x4ca/0x510 [ 573.520334][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.520334][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.593267][T13080] not chained 1590000 origins [ 573.520334][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 573.599426][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 573.520334][T13072] do_fast_syscall_32+0x6b/0xd0 [ 573.600161][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 573.520334][T13072] do_SYSENTER_32+0x73/0x90 [ 573.600161][T13080] Call Trace: [ 573.520334][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.600161][T13080] dump_stack+0x1df/0x240 [ 573.520334][T13072] [ 573.600161][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 573.520334][T13072] Uninit was stored to memory at: [ 573.600161][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 573.520334][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 573.600161][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 573.520334][T13072] __msan_chain_origin+0x50/0x90 [ 573.600161][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 573.520334][T13072] __get_compat_msghdr+0x5be/0x890 [ 573.600161][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 573.520334][T13072] get_compat_msghdr+0x108/0x270 [ 573.600161][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 573.520334][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 573.600161][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 573.520334][T13072] __sys_recvmmsg+0x4ca/0x510 [ 573.600161][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 573.520334][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.600161][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 573.520334][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.600161][T13080] ? _copy_from_user+0x15b/0x260 [ 573.520334][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 573.600161][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 573.520334][T13072] do_fast_syscall_32+0x6b/0xd0 [ 573.600161][T13080] __msan_chain_origin+0x50/0x90 [ 573.520334][T13072] do_SYSENTER_32+0x73/0x90 [ 573.600161][T13080] __get_compat_msghdr+0x5be/0x890 [ 573.520334][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.600161][T13080] get_compat_msghdr+0x108/0x270 [ 573.520334][T13072] [ 573.600161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 573.520334][T13072] Uninit was stored to memory at: [ 573.600161][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 573.520334][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 573.600161][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 573.520334][T13072] __msan_chain_origin+0x50/0x90 [ 573.600161][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 573.520334][T13072] __get_compat_msghdr+0x5be/0x890 [ 573.600161][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 573.520334][T13072] get_compat_msghdr+0x108/0x270 [ 573.600161][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 573.520334][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 573.600161][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 573.520334][T13072] __sys_recvmmsg+0x4ca/0x510 [ 573.600161][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 573.520334][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.600161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 573.520334][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.600161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.520334][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 573.600161][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 573.520334][T13072] do_fast_syscall_32+0x6b/0xd0 [ 573.600161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.520334][T13072] do_SYSENTER_32+0x73/0x90 [ 573.600161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 573.520334][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.600161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 573.520334][T13072] [ 573.600161][T13080] do_SYSENTER_32+0x73/0x90 [ 573.520334][T13072] Uninit was stored to memory at: [ 573.600161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.520334][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 573.600161][T13080] RIP: 0023:0xf7fbe549 [ 573.520334][T13072] __msan_chain_origin+0x50/0x90 [ 573.600161][T13080] Code: Bad RIP value. [ 573.520334][T13072] __get_compat_msghdr+0x5be/0x890 [ 573.600161][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 573.520334][T13072] get_compat_msghdr+0x108/0x270 [ 573.600161][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 573.520334][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 573.600161][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 573.520334][T13072] __sys_recvmmsg+0x4ca/0x510 [ 573.600161][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 573.520334][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.600161][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 573.520334][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.600161][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 573.520334][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 573.600161][T13080] Uninit was stored to memory at: [ 573.520334][T13072] do_fast_syscall_32+0x6b/0xd0 [ 573.600161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 573.520334][T13072] do_SYSENTER_32+0x73/0x90 [ 573.600161][T13080] __msan_chain_origin+0x50/0x90 [ 573.520334][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.600161][T13080] __get_compat_msghdr+0x5be/0x890 [ 573.520334][T13072] [ 573.600161][T13080] get_compat_msghdr+0x108/0x270 [ 573.520334][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 573.600161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 573.520334][T13072] do_recvmmsg+0xc5/0x1ee0 [ 573.600161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 573.520334][T13072] do_recvmmsg+0xc5/0x1ee0 [ 573.600161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.600161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.600161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 573.600161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 573.600161][T13080] do_SYSENTER_32+0x73/0x90 [ 573.600161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.600161][T13080] [ 573.600161][T13080] Uninit was stored to memory at: [ 573.600161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 573.600161][T13080] __msan_chain_origin+0x50/0x90 [ 573.600161][T13080] __get_compat_msghdr+0x5be/0x890 [ 573.600161][T13080] get_compat_msghdr+0x108/0x270 [ 573.600161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 573.600161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 573.600161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.600161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.600161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 573.600161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 573.600161][T13080] do_SYSENTER_32+0x73/0x90 [ 573.600161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.600161][T13080] [ 573.600161][T13080] Uninit was stored to memory at: [ 573.600161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 573.600161][T13080] __msan_chain_origin+0x50/0x90 [ 573.600161][T13080] __get_compat_msghdr+0x5be/0x890 [ 573.600161][T13080] get_compat_msghdr+0x108/0x270 [ 574.293692][T13041] not chained 1600000 origins [ 573.600161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 574.300138][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 573.600161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 574.300138][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 573.600161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 574.300138][T13041] Call Trace: [ 573.600161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 574.300138][T13041] dump_stack+0x1df/0x240 [ 573.600161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 574.300138][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 573.600161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 574.300138][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 573.600161][T13080] do_SYSENTER_32+0x73/0x90 [ 574.300138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 573.600161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 574.300138][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 573.600161][T13080] [ 574.300138][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 573.600161][T13080] Uninit was stored to memory at: [ 574.300138][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 573.600161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 574.300138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 573.600161][T13080] __msan_chain_origin+0x50/0x90 [ 574.300138][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 573.600161][T13080] __get_compat_msghdr+0x5be/0x890 [ 574.300138][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 573.600161][T13080] get_compat_msghdr+0x108/0x270 [ 574.300138][T13041] ? _copy_from_user+0x15b/0x260 [ 573.600161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 574.300138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 573.600161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 574.300138][T13041] __msan_chain_origin+0x50/0x90 [ 573.600161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 574.300138][T13041] __get_compat_msghdr+0x5be/0x890 [ 573.600161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 574.300138][T13041] get_compat_msghdr+0x108/0x270 [ 573.600161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 574.300138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 573.600161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 574.300138][T13041] ? idle_cpu+0x9a/0x1d0 [ 573.600161][T13080] do_SYSENTER_32+0x73/0x90 [ 574.300138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 573.600161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.600161][T13080] [ 574.300138][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 573.600161][T13080] Uninit was stored to memory at: [ 574.300138][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 573.600161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 574.300138][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 573.600161][T13080] __msan_chain_origin+0x50/0x90 [ 574.300138][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 573.600161][T13080] __get_compat_msghdr+0x5be/0x890 [ 574.300138][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 573.600161][T13080] get_compat_msghdr+0x108/0x270 [ 574.300138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 573.600161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 574.300138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.600161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 574.300138][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 573.600161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 574.300138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.600161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 574.300138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 573.600161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 574.300138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 573.600161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 574.300138][T13041] do_SYSENTER_32+0x73/0x90 [ 573.600161][T13080] do_SYSENTER_32+0x73/0x90 [ 574.300138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.600161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 574.300138][T13041] RIP: 0023:0xf7fd6549 [ 573.600161][T13080] [ 574.300138][T13041] Code: Bad RIP value. [ 573.600161][T13080] Uninit was stored to memory at: [ 574.300138][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 573.600161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 574.300138][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 573.600161][T13080] __msan_chain_origin+0x50/0x90 [ 574.300138][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 573.600161][T13080] __get_compat_msghdr+0x5be/0x890 [ 574.300138][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 573.600161][T13080] get_compat_msghdr+0x108/0x270 [ 574.300138][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 573.600161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 574.300138][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 573.600161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 574.300138][T13041] Uninit was stored to memory at: [ 573.600161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 574.300138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 573.600161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 574.300138][T13041] __msan_chain_origin+0x50/0x90 [ 573.600161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 574.300138][T13041] __get_compat_msghdr+0x5be/0x890 [ 573.600161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 574.300138][T13041] get_compat_msghdr+0x108/0x270 [ 573.600161][T13080] do_SYSENTER_32+0x73/0x90 [ 574.300138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 573.600161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 574.300138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 573.600161][T13080] [ 574.300138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.600161][T13080] Uninit was stored to memory at: [ 574.300138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.600161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 574.300138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 573.600161][T13080] __msan_chain_origin+0x50/0x90 [ 574.300138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 573.600161][T13080] __get_compat_msghdr+0x5be/0x890 [ 574.300138][T13041] do_SYSENTER_32+0x73/0x90 [ 573.600161][T13080] get_compat_msghdr+0x108/0x270 [ 574.300138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 573.600161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 574.300138][T13041] [ 573.600161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 574.300138][T13041] Uninit was stored to memory at: [ 573.600161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 574.300138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 573.600161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 574.300138][T13041] __msan_chain_origin+0x50/0x90 [ 573.600161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 574.300138][T13041] __get_compat_msghdr+0x5be/0x890 [ 573.600161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 574.300138][T13041] get_compat_msghdr+0x108/0x270 [ 573.600161][T13080] do_SYSENTER_32+0x73/0x90 [ 574.300138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 573.600161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 574.300138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 573.600161][T13080] [ 574.300138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 573.600161][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 574.300138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 573.600161][T13080] do_recvmmsg+0xc5/0x1ee0 [ 574.300138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 573.600161][T13080] do_recvmmsg+0xc5/0x1ee0 [ 574.300138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 574.300138][T13041] do_SYSENTER_32+0x73/0x90 [ 575.008208][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.008208][T13041] [ 575.008208][T13041] Uninit was stored to memory at: [ 575.008208][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 575.008208][T13041] __msan_chain_origin+0x50/0x90 [ 575.036400][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 575.008208][T13041] __get_compat_msghdr+0x5be/0x890 [ 575.008208][T13041] get_compat_msghdr+0x108/0x270 [ 575.008208][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 575.008208][T13041] __sys_recvmmsg+0x4ca/0x510 [ 575.008208][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.008208][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.073426][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 575.008208][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 575.008208][T13041] do_fast_syscall_32+0x6b/0xd0 [ 575.008208][T13041] do_SYSENTER_32+0x73/0x90 [ 575.008208][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.008208][T13041] [ 575.008208][T13041] Uninit was stored to memory at: [ 575.008208][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 575.008208][T13041] __msan_chain_origin+0x50/0x90 [ 575.119796][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 575.008208][T13041] __get_compat_msghdr+0x5be/0x890 [ 575.008208][T13041] get_compat_msghdr+0x108/0x270 [ 575.008208][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 575.008208][T13041] __sys_recvmmsg+0x4ca/0x510 [ 575.008208][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.008208][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.008208][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 575.008208][T13041] do_fast_syscall_32+0x6b/0xd0 [ 575.008208][T13041] do_SYSENTER_32+0x73/0x90 [ 575.008208][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.008208][T13041] [ 575.008208][T13041] Uninit was stored to memory at: [ 575.008208][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 575.008208][T13041] __msan_chain_origin+0x50/0x90 [ 575.008208][T13041] __get_compat_msghdr+0x5be/0x890 [ 575.008208][T13041] get_compat_msghdr+0x108/0x270 [ 575.008208][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 575.008208][T13041] __sys_recvmmsg+0x4ca/0x510 [ 575.008208][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.008208][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.008208][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 575.008208][T13041] do_fast_syscall_32+0x6b/0xd0 [ 575.008208][T13041] do_SYSENTER_32+0x73/0x90 [ 575.008208][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.008208][T13041] [ 575.008208][T13041] Uninit was stored to memory at: [ 575.008208][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 575.008208][T13041] __msan_chain_origin+0x50/0x90 [ 575.008208][T13041] __get_compat_msghdr+0x5be/0x890 [ 575.008208][T13041] get_compat_msghdr+0x108/0x270 [ 575.008208][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 575.008208][T13041] __sys_recvmmsg+0x4ca/0x510 [ 575.008208][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.008208][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.008208][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 575.008208][T13041] do_fast_syscall_32+0x6b/0xd0 [ 575.008208][T13041] do_SYSENTER_32+0x73/0x90 [ 575.008208][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.008208][T13041] [ 575.008208][T13041] Uninit was stored to memory at: [ 575.008208][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 575.008208][T13041] __msan_chain_origin+0x50/0x90 [ 575.008208][T13041] __get_compat_msghdr+0x5be/0x890 [ 575.343114][ T4885] systemd-journald[4885]: /dev/kmsg buffer overrun, some messages lost. [ 575.008208][T13041] get_compat_msghdr+0x108/0x270 [ 575.008208][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 575.008208][T13041] __sys_recvmmsg+0x4ca/0x510 [ 575.008208][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.008208][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.008208][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 575.008208][T13041] do_fast_syscall_32+0x6b/0xd0 [ 575.008208][T13041] do_SYSENTER_32+0x73/0x90 [ 575.008208][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.008208][T13041] [ 575.008208][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 575.008208][T13041] do_recvmmsg+0xc5/0x1ee0 [ 575.008208][T13041] do_recvmmsg+0xc5/0x1ee0 [ 575.564921][T13012] not chained 1610000 origins [ 575.569622][T13012] CPU: 0 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 575.570180][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 575.570180][T13012] Call Trace: [ 575.570180][T13012] dump_stack+0x1df/0x240 [ 575.570180][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 575.570180][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 575.570180][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 575.570180][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 575.570180][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 575.570180][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 575.570180][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 575.570180][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 575.570180][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 575.570180][T13012] ? _copy_from_user+0x15b/0x260 [ 575.570180][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 575.570180][T13012] __msan_chain_origin+0x50/0x90 [ 575.570180][T13012] __get_compat_msghdr+0x5be/0x890 [ 575.570180][T13012] get_compat_msghdr+0x108/0x270 [ 575.570180][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 575.570180][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 575.570180][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 575.570180][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 575.570180][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 575.692290][T13072] not chained 1620000 origins [ 575.570180][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 575.570180][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 575.570180][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 575.570180][T13012] __sys_recvmmsg+0x4ca/0x510 [ 575.570180][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.570180][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 575.570180][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.570180][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 575.570180][T13012] do_fast_syscall_32+0x6b/0xd0 [ 575.570180][T13012] do_SYSENTER_32+0x73/0x90 [ 575.570180][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.570180][T13012] RIP: 0023:0xf7f4d549 [ 575.570180][T13012] Code: Bad RIP value. [ 575.570180][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 575.570180][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 575.570180][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 575.570180][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 575.570180][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 575.570180][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 575.570180][T13012] Uninit was stored to memory at: [ 575.700141][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 575.700141][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 575.570180][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 575.700141][T13072] Call Trace: [ 575.570180][T13012] __msan_chain_origin+0x50/0x90 [ 575.700141][T13072] dump_stack+0x1df/0x240 [ 575.570180][T13012] __get_compat_msghdr+0x5be/0x890 [ 575.700141][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 575.570180][T13012] get_compat_msghdr+0x108/0x270 [ 575.700141][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 575.570180][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 575.700141][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 575.570180][T13012] __sys_recvmmsg+0x4ca/0x510 [ 575.700141][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 575.570180][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.700141][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 575.570180][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.700141][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 575.570180][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 575.700141][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 575.570180][T13012] do_fast_syscall_32+0x6b/0xd0 [ 575.700141][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 575.570180][T13012] do_SYSENTER_32+0x73/0x90 [ 575.700141][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 575.570180][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.700141][T13072] ? _copy_from_user+0x15b/0x260 [ 575.570180][T13012] [ 575.700141][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 575.570180][T13012] Uninit was stored to memory at: [ 575.700141][T13072] __msan_chain_origin+0x50/0x90 [ 575.570180][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 575.700141][T13072] __get_compat_msghdr+0x5be/0x890 [ 575.570180][T13012] __msan_chain_origin+0x50/0x90 [ 575.700141][T13072] get_compat_msghdr+0x108/0x270 [ 575.570180][T13012] __get_compat_msghdr+0x5be/0x890 [ 575.700141][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 575.570180][T13012] get_compat_msghdr+0x108/0x270 [ 575.700141][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 575.700141][T13072] ? sched_clock_cpu+0x7c/0x930 [ 575.570180][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 575.700141][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 575.570180][T13012] __sys_recvmmsg+0x4ca/0x510 [ 575.700141][T13072] ? sched_clock_cpu+0x7c/0x930 [ 575.570180][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.700141][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 575.570180][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.700141][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 575.570180][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 575.700141][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 575.570180][T13012] do_fast_syscall_32+0x6b/0xd0 [ 575.700141][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 575.570180][T13012] do_SYSENTER_32+0x73/0x90 [ 575.700141][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 575.570180][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.700141][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 575.570180][T13012] [ 575.700141][T13072] __sys_recvmmsg+0x4ca/0x510 [ 575.570180][T13012] Uninit was stored to memory at: [ 575.700141][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.570180][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 575.700141][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 575.570180][T13012] __msan_chain_origin+0x50/0x90 [ 575.700141][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.570180][T13012] __get_compat_msghdr+0x5be/0x890 [ 575.700141][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 575.570180][T13012] get_compat_msghdr+0x108/0x270 [ 575.700141][T13072] do_fast_syscall_32+0x6b/0xd0 [ 575.570180][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 575.700141][T13072] do_SYSENTER_32+0x73/0x90 [ 575.570180][T13012] __sys_recvmmsg+0x4ca/0x510 [ 575.700141][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.570180][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.700141][T13072] RIP: 0023:0xf7fbe549 [ 575.570180][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.700141][T13072] Code: Bad RIP value. [ 575.570180][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 575.700141][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 575.570180][T13012] do_fast_syscall_32+0x6b/0xd0 [ 575.700141][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 575.570180][T13012] do_SYSENTER_32+0x73/0x90 [ 575.700141][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 575.570180][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.700141][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 575.570180][T13012] [ 575.700141][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 575.570180][T13012] Uninit was stored to memory at: [ 575.700141][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 575.570180][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 575.700141][T13072] Uninit was stored to memory at: [ 575.570180][T13012] __msan_chain_origin+0x50/0x90 [ 575.700141][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 575.570180][T13012] __get_compat_msghdr+0x5be/0x890 [ 575.700141][T13072] __msan_chain_origin+0x50/0x90 [ 575.570180][T13012] get_compat_msghdr+0x108/0x270 [ 575.700141][T13072] __get_compat_msghdr+0x5be/0x890 [ 575.570180][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 575.700141][T13072] get_compat_msghdr+0x108/0x270 [ 575.570180][T13012] __sys_recvmmsg+0x4ca/0x510 [ 575.700141][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 575.570180][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.700141][T13072] __sys_recvmmsg+0x4ca/0x510 [ 575.570180][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.700141][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.570180][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 575.700141][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.570180][T13012] do_fast_syscall_32+0x6b/0xd0 [ 575.700141][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 575.570180][T13012] do_SYSENTER_32+0x73/0x90 [ 575.700141][T13072] do_fast_syscall_32+0x6b/0xd0 [ 575.570180][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.700141][T13072] do_SYSENTER_32+0x73/0x90 [ 575.570180][T13012] [ 575.700141][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.570180][T13012] Uninit was stored to memory at: [ 575.700141][T13072] [ 575.570180][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 575.700141][T13072] Uninit was stored to memory at: [ 575.570180][T13012] __msan_chain_origin+0x50/0x90 [ 575.700141][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 575.570180][T13012] __get_compat_msghdr+0x5be/0x890 [ 575.700141][T13072] __msan_chain_origin+0x50/0x90 [ 575.570180][T13012] get_compat_msghdr+0x108/0x270 [ 575.700141][T13072] __get_compat_msghdr+0x5be/0x890 [ 575.570180][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 575.700141][T13072] get_compat_msghdr+0x108/0x270 [ 575.570180][T13012] __sys_recvmmsg+0x4ca/0x510 [ 575.700141][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 575.570180][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.700141][T13072] __sys_recvmmsg+0x4ca/0x510 [ 575.570180][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.700141][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.570180][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 575.700141][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.570180][T13012] do_fast_syscall_32+0x6b/0xd0 [ 575.700141][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 575.570180][T13012] do_SYSENTER_32+0x73/0x90 [ 575.700141][T13072] do_fast_syscall_32+0x6b/0xd0 [ 575.570180][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.700141][T13072] do_SYSENTER_32+0x73/0x90 [ 575.570180][T13012] [ 575.700141][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.570180][T13012] Uninit was stored to memory at: [ 575.700141][T13072] [ 575.570180][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 575.700141][T13072] Uninit was stored to memory at: [ 575.570180][T13012] __msan_chain_origin+0x50/0x90 [ 575.700141][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 575.570180][T13012] __get_compat_msghdr+0x5be/0x890 [ 575.700141][T13072] __msan_chain_origin+0x50/0x90 [ 575.570180][T13012] get_compat_msghdr+0x108/0x270 [ 575.700141][T13072] __get_compat_msghdr+0x5be/0x890 [ 575.570180][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 575.700141][T13072] get_compat_msghdr+0x108/0x270 [ 575.570180][T13012] __sys_recvmmsg+0x4ca/0x510 [ 575.700141][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 575.570180][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.700141][T13072] __sys_recvmmsg+0x4ca/0x510 [ 575.570180][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.700141][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.570180][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 575.700141][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.570180][T13012] do_fast_syscall_32+0x6b/0xd0 [ 575.700141][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 575.570180][T13012] do_SYSENTER_32+0x73/0x90 [ 575.700141][T13072] do_fast_syscall_32+0x6b/0xd0 [ 575.570180][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.700141][T13072] do_SYSENTER_32+0x73/0x90 [ 575.570180][T13012] [ 575.700141][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.570180][T13012] Uninit was stored to memory at: [ 575.700141][T13072] [ 575.570180][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 575.700141][T13072] Uninit was stored to memory at: [ 575.570180][T13012] __msan_chain_origin+0x50/0x90 [ 575.700141][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 575.570180][T13012] __get_compat_msghdr+0x5be/0x890 [ 575.700141][T13072] __msan_chain_origin+0x50/0x90 [ 575.570180][T13012] get_compat_msghdr+0x108/0x270 [ 575.700141][T13072] __get_compat_msghdr+0x5be/0x890 [ 575.570180][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 575.700141][T13072] get_compat_msghdr+0x108/0x270 [ 575.570180][T13012] __sys_recvmmsg+0x4ca/0x510 [ 575.700141][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 575.570180][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.700141][T13072] __sys_recvmmsg+0x4ca/0x510 [ 575.570180][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.700141][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 575.570180][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 575.700141][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 575.570180][T13012] do_fast_syscall_32+0x6b/0xd0 [ 575.700141][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 575.570180][T13012] do_SYSENTER_32+0x73/0x90 [ 575.700141][T13072] do_fast_syscall_32+0x6b/0xd0 [ 575.570180][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.700141][T13072] do_SYSENTER_32+0x73/0x90 [ 575.570180][T13012] [ 575.700141][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 575.570180][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 575.700141][T13072] [ 575.570180][T13012] do_recvmmsg+0xc5/0x1ee0 [ 575.700141][T13072] Uninit was stored to memory at: [ 575.570180][T13012] do_recvmmsg+0xc5/0x1ee0 [ 575.700141][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 576.867636][T13072] __msan_chain_origin+0x50/0x90 [ 576.867636][T13072] __get_compat_msghdr+0x5be/0x890 [ 576.880537][T13072] get_compat_msghdr+0x108/0x270 [ 576.880537][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 576.880537][T13072] __sys_recvmmsg+0x4ca/0x510 [ 576.880537][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 576.880537][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 576.880537][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 576.880537][T13072] do_fast_syscall_32+0x6b/0xd0 [ 576.880537][T13072] do_SYSENTER_32+0x73/0x90 [ 576.880537][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 576.880537][T13072] [ 576.880537][T13072] Uninit was stored to memory at: [ 576.880537][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 576.880537][T13072] __msan_chain_origin+0x50/0x90 [ 576.880537][T13072] __get_compat_msghdr+0x5be/0x890 [ 576.880537][T13072] get_compat_msghdr+0x108/0x270 [ 576.880537][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 576.880537][T13072] __sys_recvmmsg+0x4ca/0x510 [ 576.880537][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 576.880537][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 576.880537][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 576.880537][T13072] do_fast_syscall_32+0x6b/0xd0 [ 576.880537][T13072] do_SYSENTER_32+0x73/0x90 [ 576.880537][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 576.880537][T13072] [ 576.880537][T13072] Uninit was stored to memory at: [ 576.880537][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 576.880537][T13072] __msan_chain_origin+0x50/0x90 [ 576.880537][T13072] __get_compat_msghdr+0x5be/0x890 [ 576.880537][T13072] get_compat_msghdr+0x108/0x270 [ 576.880537][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 576.880537][T13072] __sys_recvmmsg+0x4ca/0x510 [ 576.880537][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 576.880537][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 576.880537][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 576.880537][T13072] do_fast_syscall_32+0x6b/0xd0 [ 576.880537][T13072] do_SYSENTER_32+0x73/0x90 [ 576.880537][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 576.880537][T13072] [ 576.880537][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 576.880537][T13072] do_recvmmsg+0xc5/0x1ee0 [ 576.880537][T13072] do_recvmmsg+0xc5/0x1ee0 [ 577.122746][ T4885] printk: systemd-journal: 369 output lines suppressed due to ratelimiting [ 577.136203][ T1] systemd[1]: systemd-journald.service: Main process exited, code=killed, status=6/ABRT [ 577.206870][ T1] systemd[1]: systemd-journald.service: Unit entered failed state. [ 577.226622][ T1] systemd[1]: systemd-journald.service: Failed with result 'watchdog'. [ 577.256407][ T1] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 577.294692][T13041] not chained 1630000 origins [ 577.299391][T13041] CPU: 0 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 577.300178][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 577.300178][T13041] Call Trace: [ 577.300178][T13041] dump_stack+0x1df/0x240 [ 577.300178][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 577.300178][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 577.300178][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 577.300178][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 577.300178][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 577.300178][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 577.300178][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 577.300178][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 577.300178][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 577.300178][T13041] ? _copy_from_user+0x15b/0x260 [ 577.300178][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 577.300178][T13041] __msan_chain_origin+0x50/0x90 [ 577.300178][T13041] __get_compat_msghdr+0x5be/0x890 [ 577.300178][T13041] get_compat_msghdr+0x108/0x270 [ 577.300178][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 577.300178][T13041] ? idle_cpu+0x9a/0x1d0 [ 577.300178][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 577.300178][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 577.300178][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 577.300178][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 577.300178][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 577.300178][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 577.300178][T13041] __sys_recvmmsg+0x4ca/0x510 [ 577.300178][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 577.300178][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 577.300178][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 577.300178][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 577.300178][T13041] do_fast_syscall_32+0x6b/0xd0 [ 577.300178][T13041] do_SYSENTER_32+0x73/0x90 [ 577.300178][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 577.300178][T13041] RIP: 0023:0xf7fd6549 [ 577.300178][T13041] Code: Bad RIP value. [ 577.300178][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 577.300178][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 577.300178][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 577.300178][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 577.300178][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 577.300178][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 577.300178][T13041] Uninit was stored to memory at: [ 577.300178][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 577.300178][T13041] __msan_chain_origin+0x50/0x90 [ 577.300178][T13041] __get_compat_msghdr+0x5be/0x890 [ 577.300178][T13041] get_compat_msghdr+0x108/0x270 [ 577.300178][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 577.300178][T13041] __sys_recvmmsg+0x4ca/0x510 [ 577.300178][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 577.300178][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 577.300178][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 577.300178][T13041] do_fast_syscall_32+0x6b/0xd0 [ 577.300178][T13041] do_SYSENTER_32+0x73/0x90 [ 577.300178][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 577.300178][T13041] [ 577.300178][T13041] Uninit was stored to memory at: [ 577.300178][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 577.300178][T13041] __msan_chain_origin+0x50/0x90 [ 577.300178][T13041] __get_compat_msghdr+0x5be/0x890 [ 577.300178][T13041] get_compat_msghdr+0x108/0x270 [ 577.300178][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 577.300178][T13041] __sys_recvmmsg+0x4ca/0x510 [ 577.300178][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 577.300178][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 577.300178][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 577.300178][T13041] do_fast_syscall_32+0x6b/0xd0 [ 577.300178][T13041] do_SYSENTER_32+0x73/0x90 [ 577.300178][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 577.300178][T13041] [ 577.300178][T13041] Uninit was stored to memory at: [ 577.300178][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 577.300178][T13041] __msan_chain_origin+0x50/0x90 [ 577.300178][T13041] __get_compat_msghdr+0x5be/0x890 [ 577.300178][T13041] get_compat_msghdr+0x108/0x270 [ 577.300178][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 577.300178][T13041] __sys_recvmmsg+0x4ca/0x510 [ 577.300178][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 577.300178][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 577.300178][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 577.300178][T13041] do_fast_syscall_32+0x6b/0xd0 [ 577.300178][T13041] do_SYSENTER_32+0x73/0x90 [ 577.300178][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 577.300178][T13041] [ 577.300178][T13041] Uninit was stored to memory at: [ 577.300178][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 577.300178][T13041] __msan_chain_origin+0x50/0x90 [ 577.300178][T13041] __get_compat_msghdr+0x5be/0x890 [ 577.300178][T13041] get_compat_msghdr+0x108/0x270 [ 577.300178][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 577.300178][T13041] __sys_recvmmsg+0x4ca/0x510 [ 577.300178][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 577.300178][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 577.300178][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 577.300178][T13041] do_fast_syscall_32+0x6b/0xd0 [ 577.300178][T13041] do_SYSENTER_32+0x73/0x90 [ 577.300178][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 577.300178][T13041] [ 577.300178][T13041] Uninit was stored to memory at: [ 577.300178][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 577.300178][T13041] __msan_chain_origin+0x50/0x90 [ 577.300178][T13041] __get_compat_msghdr+0x5be/0x890 [ 577.300178][T13041] get_compat_msghdr+0x108/0x270 [ 577.300178][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 577.300178][T13041] __sys_recvmmsg+0x4ca/0x510 [ 577.300178][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 577.300178][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 577.300178][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 577.300178][T13041] do_fast_syscall_32+0x6b/0xd0 [ 577.300178][T13041] do_SYSENTER_32+0x73/0x90 [ 577.300178][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 577.300178][T13041] [ 577.300178][T13041] Uninit was stored to memory at: [ 577.300178][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 577.300178][T13041] __msan_chain_origin+0x50/0x90 [ 577.300178][T13041] __get_compat_msghdr+0x5be/0x890 [ 577.300178][T13041] get_compat_msghdr+0x108/0x270 [ 577.300178][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 577.300178][T13041] __sys_recvmmsg+0x4ca/0x510 [ 577.300178][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 577.300178][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 577.300178][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 577.300178][T13041] do_fast_syscall_32+0x6b/0xd0 [ 577.300178][T13041] do_SYSENTER_32+0x73/0x90 [ 577.300178][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 577.300178][T13041] [ 577.300178][T13041] Uninit was stored to memory at: [ 577.300178][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 577.300178][T13041] __msan_chain_origin+0x50/0x90 [ 577.300178][T13041] __get_compat_msghdr+0x5be/0x890 [ 577.300178][T13041] get_compat_msghdr+0x108/0x270 [ 577.300178][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 577.300178][T13041] __sys_recvmmsg+0x4ca/0x510 [ 577.300178][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 577.300178][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 577.300178][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 577.300178][T13041] do_fast_syscall_32+0x6b/0xd0 [ 577.300178][T13041] do_SYSENTER_32+0x73/0x90 [ 577.300178][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 577.300178][T13041] [ 577.300178][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 577.300178][T13041] do_recvmmsg+0xc5/0x1ee0 [ 577.300178][T13041] do_recvmmsg+0xc5/0x1ee0 [ 578.083993][ T1] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 578.113796][ T1] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 578.133488][ T1] systemd[1]: Stopped Journal Service. [ 578.178189][T13080] not chained 1640000 origins [ 578.180175][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 578.180175][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 578.180175][T13080] Call Trace: [ 578.180175][T13080] dump_stack+0x1df/0x240 [ 578.180175][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 578.180175][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 578.180175][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 578.180175][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 578.180175][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 578.180175][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 578.180175][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 578.180175][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 578.180175][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 578.180175][T13080] ? _copy_from_user+0x15b/0x260 [ 578.180175][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 578.180175][T13080] __msan_chain_origin+0x50/0x90 [ 578.180175][T13080] __get_compat_msghdr+0x5be/0x890 [ 578.180175][T13080] get_compat_msghdr+0x108/0x270 [ 578.180175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 578.180175][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 578.180175][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 578.180175][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 578.180175][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 578.180175][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 578.180175][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 578.180175][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 578.180175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 578.180175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 578.180175][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 578.180175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 578.180175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 578.180175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 578.180175][T13080] do_SYSENTER_32+0x73/0x90 [ 578.180175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 578.180175][T13080] RIP: 0023:0xf7fbe549 [ 578.180175][T13080] Code: Bad RIP value. [ 578.180175][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 578.180175][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 578.180175][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 578.180175][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 578.180175][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 578.180175][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 578.180175][T13080] Uninit was stored to memory at: [ 578.180175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 578.180175][T13080] __msan_chain_origin+0x50/0x90 [ 578.180175][T13080] __get_compat_msghdr+0x5be/0x890 [ 578.180175][T13080] get_compat_msghdr+0x108/0x270 [ 578.180175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 578.180175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 578.180175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 578.180175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 578.180175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 578.180175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 578.180175][T13080] do_SYSENTER_32+0x73/0x90 [ 578.180175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 578.180175][T13080] [ 578.180175][T13080] Uninit was stored to memory at: [ 578.180175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 578.180175][T13080] __msan_chain_origin+0x50/0x90 [ 578.180175][T13080] __get_compat_msghdr+0x5be/0x890 [ 578.180175][T13080] get_compat_msghdr+0x108/0x270 [ 578.180175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 578.180175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 578.180175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 578.180175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 578.180175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 578.180175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 578.180175][T13080] do_SYSENTER_32+0x73/0x90 [ 578.180175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 578.180175][T13080] [ 578.180175][T13080] Uninit was stored to memory at: [ 578.180175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 578.180175][T13080] __msan_chain_origin+0x50/0x90 [ 578.180175][T13080] __get_compat_msghdr+0x5be/0x890 [ 578.180175][T13080] get_compat_msghdr+0x108/0x270 [ 578.180175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 578.180175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 578.180175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 578.180175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 578.180175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 578.180175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 578.180175][T13080] do_SYSENTER_32+0x73/0x90 [ 578.180175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 578.180175][T13080] [ 578.180175][T13080] Uninit was stored to memory at: [ 578.180175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 578.180175][T13080] __msan_chain_origin+0x50/0x90 [ 578.180175][T13080] __get_compat_msghdr+0x5be/0x890 [ 578.180175][T13080] get_compat_msghdr+0x108/0x270 [ 578.180175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 578.180175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 578.180175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 578.180175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 578.180175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 578.180175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 578.180175][T13080] do_SYSENTER_32+0x73/0x90 [ 578.180175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 578.180175][T13080] [ 578.180175][T13080] Uninit was stored to memory at: [ 578.180175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 578.180175][T13080] __msan_chain_origin+0x50/0x90 [ 578.180175][T13080] __get_compat_msghdr+0x5be/0x890 [ 578.180175][T13080] get_compat_msghdr+0x108/0x270 [ 578.180175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 578.180175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 578.180175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 578.180175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 578.180175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 578.180175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 578.180175][T13080] do_SYSENTER_32+0x73/0x90 [ 578.180175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 578.180175][T13080] [ 578.180175][T13080] Uninit was stored to memory at: [ 578.180175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 578.180175][T13080] __msan_chain_origin+0x50/0x90 [ 578.180175][T13080] __get_compat_msghdr+0x5be/0x890 [ 578.180175][T13080] get_compat_msghdr+0x108/0x270 [ 578.180175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 578.180175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 578.180175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 578.180175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 578.180175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 578.180175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 578.180175][T13080] do_SYSENTER_32+0x73/0x90 [ 578.180175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 578.180175][T13080] [ 578.180175][T13080] Uninit was stored to memory at: [ 578.180175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 578.180175][T13080] __msan_chain_origin+0x50/0x90 [ 578.180175][T13080] __get_compat_msghdr+0x5be/0x890 [ 578.180175][T13080] get_compat_msghdr+0x108/0x270 [ 578.180175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 578.180175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 578.180175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 578.180175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 578.180175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 578.180175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 578.180175][T13080] do_SYSENTER_32+0x73/0x90 [ 578.180175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 578.180175][T13080] [ 578.180175][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 578.180175][T13080] do_recvmmsg+0xc5/0x1ee0 [ 578.180175][T13080] do_recvmmsg+0xc5/0x1ee0 [ 579.026032][T13021] not chained 1650000 origins [ 579.030154][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 579.030154][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 579.030154][T13021] Call Trace: [ 579.030154][T13021] dump_stack+0x1df/0x240 [ 579.030154][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 579.030154][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 579.030154][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 579.030154][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 579.030154][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 579.030154][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 579.030154][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 579.030154][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 579.030154][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 579.030154][T13021] ? _copy_from_user+0x15b/0x260 [ 579.030154][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 579.030154][T13021] __msan_chain_origin+0x50/0x90 [ 579.030154][T13021] __get_compat_msghdr+0x5be/0x890 [ 579.030154][T13021] get_compat_msghdr+0x108/0x270 [ 579.030154][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 579.030154][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 579.030154][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 579.030154][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 579.030154][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 579.030154][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 579.030154][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 579.030154][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 579.169788][T13012] not chained 1660000 origins [ 579.030154][T13021] __sys_recvmmsg+0x4ca/0x510 [ 579.030154][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.030154][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 579.030154][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.030154][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 579.030154][T13021] do_fast_syscall_32+0x6b/0xd0 [ 579.030154][T13021] do_SYSENTER_32+0x73/0x90 [ 579.030154][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.030154][T13021] RIP: 0023:0xf7f4d549 [ 579.030154][T13021] Code: Bad RIP value. [ 579.030154][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 579.030154][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 579.030154][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 579.030154][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 579.030154][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 579.030154][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 579.030154][T13021] Uninit was stored to memory at: [ 579.170159][T13012] CPU: 0 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 579.170159][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 579.030154][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 579.170159][T13012] Call Trace: [ 579.030154][T13021] __msan_chain_origin+0x50/0x90 [ 579.170159][T13012] dump_stack+0x1df/0x240 [ 579.030154][T13021] __get_compat_msghdr+0x5be/0x890 [ 579.170159][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 579.030154][T13021] get_compat_msghdr+0x108/0x270 [ 579.170159][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 579.030154][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 579.170159][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 579.030154][T13021] __sys_recvmmsg+0x4ca/0x510 [ 579.170159][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 579.030154][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.170159][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 579.030154][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.170159][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 579.030154][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 579.170159][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 579.030154][T13021] do_fast_syscall_32+0x6b/0xd0 [ 579.170159][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 579.030154][T13021] do_SYSENTER_32+0x73/0x90 [ 579.170159][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 579.030154][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.170159][T13012] ? _copy_from_user+0x15b/0x260 [ 579.030154][T13021] [ 579.170159][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 579.030154][T13021] Uninit was stored to memory at: [ 579.170159][T13012] __msan_chain_origin+0x50/0x90 [ 579.030154][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 579.170159][T13012] __get_compat_msghdr+0x5be/0x890 [ 579.030154][T13021] __msan_chain_origin+0x50/0x90 [ 579.170159][T13012] get_compat_msghdr+0x108/0x270 [ 579.030154][T13021] __get_compat_msghdr+0x5be/0x890 [ 579.170159][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 579.030154][T13021] get_compat_msghdr+0x108/0x270 [ 579.170159][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 579.030154][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 579.170159][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 579.030154][T13021] __sys_recvmmsg+0x4ca/0x510 [ 579.170159][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 579.030154][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.170159][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 579.030154][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.170159][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 579.030154][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 579.170159][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 579.030154][T13021] do_fast_syscall_32+0x6b/0xd0 [ 579.170159][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 579.030154][T13021] do_SYSENTER_32+0x73/0x90 [ 579.170159][T13012] __sys_recvmmsg+0x4ca/0x510 [ 579.030154][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.170159][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.030154][T13021] [ 579.170159][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 579.030154][T13021] Uninit was stored to memory at: [ 579.170159][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.030154][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 579.170159][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 579.030154][T13021] __msan_chain_origin+0x50/0x90 [ 579.170159][T13012] do_fast_syscall_32+0x6b/0xd0 [ 579.030154][T13021] __get_compat_msghdr+0x5be/0x890 [ 579.170159][T13012] do_SYSENTER_32+0x73/0x90 [ 579.030154][T13021] get_compat_msghdr+0x108/0x270 [ 579.170159][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.030154][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 579.170159][T13012] RIP: 0023:0xf7f4d549 [ 579.030154][T13021] __sys_recvmmsg+0x4ca/0x510 [ 579.170159][T13012] Code: Bad RIP value. [ 579.030154][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.170159][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 579.030154][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.170159][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 579.030154][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 579.170159][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 579.170159][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 579.030154][T13021] do_fast_syscall_32+0x6b/0xd0 [ 579.170159][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 579.030154][T13021] do_SYSENTER_32+0x73/0x90 [ 579.170159][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 579.030154][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.170159][T13012] Uninit was stored to memory at: [ 579.030154][T13021] [ 579.170159][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 579.030154][T13021] Uninit was stored to memory at: [ 579.170159][T13012] __msan_chain_origin+0x50/0x90 [ 579.030154][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 579.170159][T13012] __get_compat_msghdr+0x5be/0x890 [ 579.030154][T13021] __msan_chain_origin+0x50/0x90 [ 579.170159][T13012] get_compat_msghdr+0x108/0x270 [ 579.030154][T13021] __get_compat_msghdr+0x5be/0x890 [ 579.170159][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 579.030154][T13021] get_compat_msghdr+0x108/0x270 [ 579.170159][T13012] __sys_recvmmsg+0x4ca/0x510 [ 579.030154][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 579.170159][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.030154][T13021] __sys_recvmmsg+0x4ca/0x510 [ 579.170159][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.030154][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.170159][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 579.030154][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.170159][T13012] do_fast_syscall_32+0x6b/0xd0 [ 579.030154][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 579.170159][T13012] do_SYSENTER_32+0x73/0x90 [ 579.030154][T13021] do_fast_syscall_32+0x6b/0xd0 [ 579.170159][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.030154][T13021] do_SYSENTER_32+0x73/0x90 [ 579.170159][T13012] [ 579.030154][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.170159][T13012] Uninit was stored to memory at: [ 579.030154][T13021] [ 579.170159][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 579.030154][T13021] Uninit was stored to memory at: [ 579.170159][T13012] __msan_chain_origin+0x50/0x90 [ 579.030154][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 579.170159][T13012] __get_compat_msghdr+0x5be/0x890 [ 579.030154][T13021] __msan_chain_origin+0x50/0x90 [ 579.170159][T13012] get_compat_msghdr+0x108/0x270 [ 579.030154][T13021] __get_compat_msghdr+0x5be/0x890 [ 579.170159][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 579.030154][T13021] get_compat_msghdr+0x108/0x270 [ 579.170159][T13012] __sys_recvmmsg+0x4ca/0x510 [ 579.030154][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 579.170159][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.030154][T13021] __sys_recvmmsg+0x4ca/0x510 [ 579.170159][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.030154][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.170159][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 579.030154][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.170159][T13012] do_fast_syscall_32+0x6b/0xd0 [ 579.030154][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 579.170159][T13012] do_SYSENTER_32+0x73/0x90 [ 579.030154][T13021] do_fast_syscall_32+0x6b/0xd0 [ 579.170159][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.030154][T13021] do_SYSENTER_32+0x73/0x90 [ 579.170159][T13012] [ 579.030154][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.170159][T13012] Uninit was stored to memory at: [ 579.030154][T13021] [ 579.170159][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 579.030154][T13021] Uninit was stored to memory at: [ 579.170159][T13012] __msan_chain_origin+0x50/0x90 [ 579.030154][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 579.170159][T13012] __get_compat_msghdr+0x5be/0x890 [ 579.030154][T13021] __msan_chain_origin+0x50/0x90 [ 579.170159][T13012] get_compat_msghdr+0x108/0x270 [ 579.030154][T13021] __get_compat_msghdr+0x5be/0x890 [ 579.170159][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 579.030154][T13021] get_compat_msghdr+0x108/0x270 [ 579.170159][T13012] __sys_recvmmsg+0x4ca/0x510 [ 579.030154][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 579.170159][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.030154][T13021] __sys_recvmmsg+0x4ca/0x510 [ 579.170159][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.030154][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.170159][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 579.030154][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.170159][T13012] do_fast_syscall_32+0x6b/0xd0 [ 579.030154][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 579.170159][T13012] do_SYSENTER_32+0x73/0x90 [ 579.030154][T13021] do_fast_syscall_32+0x6b/0xd0 [ 579.170159][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.030154][T13021] do_SYSENTER_32+0x73/0x90 [ 579.170159][T13012] [ 579.030154][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.170159][T13012] Uninit was stored to memory at: [ 579.030154][T13021] [ 579.170159][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 579.030154][T13021] Uninit was stored to memory at: [ 579.170159][T13012] __msan_chain_origin+0x50/0x90 [ 579.030154][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 579.170159][T13012] __get_compat_msghdr+0x5be/0x890 [ 579.030154][T13021] __msan_chain_origin+0x50/0x90 [ 579.170159][T13012] get_compat_msghdr+0x108/0x270 [ 579.030154][T13021] __get_compat_msghdr+0x5be/0x890 [ 579.170159][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 579.030154][T13021] get_compat_msghdr+0x108/0x270 [ 579.170159][T13012] __sys_recvmmsg+0x4ca/0x510 [ 579.030154][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 579.170159][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.030154][T13021] __sys_recvmmsg+0x4ca/0x510 [ 579.170159][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.030154][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 579.170159][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 579.030154][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 579.170159][T13012] do_fast_syscall_32+0x6b/0xd0 [ 579.030154][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 579.170159][T13012] do_SYSENTER_32+0x73/0x90 [ 579.030154][T13021] do_fast_syscall_32+0x6b/0xd0 [ 579.170159][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.030154][T13021] do_SYSENTER_32+0x73/0x90 [ 579.170159][T13012] [ 579.030154][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 579.170159][T13012] Uninit was stored to memory at: [ 579.030154][T13021] [ 579.170159][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 579.030154][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 579.170159][T13012] __msan_chain_origin+0x50/0x90 [ 579.030154][T13021] do_recvmmsg+0xc5/0x1ee0 [ 579.170159][T13012] __get_compat_msghdr+0x5be/0x890 [ 579.030154][T13021] do_recvmmsg+0xc5/0x1ee0 [ 579.170159][T13012] get_compat_msghdr+0x108/0x270 [ 580.322249][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 580.322249][T13012] __sys_recvmmsg+0x4ca/0x510 [ 580.322249][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.322249][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.322249][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 580.322249][T13012] do_fast_syscall_32+0x6b/0xd0 [ 580.322249][T13012] do_SYSENTER_32+0x73/0x90 [ 580.322249][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.322249][T13012] [ 580.322249][T13012] Uninit was stored to memory at: [ 580.322249][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 580.322249][T13012] __msan_chain_origin+0x50/0x90 [ 580.322249][T13012] __get_compat_msghdr+0x5be/0x890 [ 580.322249][T13012] get_compat_msghdr+0x108/0x270 [ 580.322249][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 580.322249][T13012] __sys_recvmmsg+0x4ca/0x510 [ 580.322249][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.322249][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.419243][ T1] systemd[1]: Starting Journal Service... [ 580.322249][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 580.322249][T13012] do_fast_syscall_32+0x6b/0xd0 [ 580.322249][T13012] do_SYSENTER_32+0x73/0x90 [ 580.322249][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.322249][T13012] [ 580.322249][T13012] Uninit was stored to memory at: [ 580.322249][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 580.322249][T13012] __msan_chain_origin+0x50/0x90 [ 580.322249][T13012] __get_compat_msghdr+0x5be/0x890 [ 580.322249][T13012] get_compat_msghdr+0x108/0x270 [ 580.322249][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 580.322249][T13012] __sys_recvmmsg+0x4ca/0x510 [ 580.322249][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.322249][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.322249][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 580.322249][T13012] do_fast_syscall_32+0x6b/0xd0 [ 580.322249][T13012] do_SYSENTER_32+0x73/0x90 [ 580.322249][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.322249][T13012] [ 580.322249][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 580.322249][T13012] do_recvmmsg+0xc5/0x1ee0 [ 580.322249][T13012] do_recvmmsg+0xc5/0x1ee0 [ 580.636951][T13041] not chained 1670000 origins [ 580.640210][T13041] CPU: 0 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 580.640210][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 580.640210][T13041] Call Trace: [ 580.640210][T13041] dump_stack+0x1df/0x240 [ 580.640210][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 580.640210][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 580.640210][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 580.640210][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 580.640210][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 580.640210][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 580.640210][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 580.640210][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 580.640210][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 580.640210][T13041] ? _copy_from_user+0x15b/0x260 [ 580.640210][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 580.640210][T13041] __msan_chain_origin+0x50/0x90 [ 580.640210][T13041] __get_compat_msghdr+0x5be/0x890 [ 580.640210][T13041] get_compat_msghdr+0x108/0x270 [ 580.640210][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 580.640210][T13041] ? idle_cpu+0x9a/0x1d0 [ 580.640210][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 580.640210][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 580.640210][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 580.766204][T13021] not chained 1680000 origins [ 580.640210][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 580.640210][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 580.640210][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 580.640210][T13041] __sys_recvmmsg+0x4ca/0x510 [ 580.640210][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.640210][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 580.640210][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.640210][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 580.640210][T13041] do_fast_syscall_32+0x6b/0xd0 [ 580.640210][T13041] do_SYSENTER_32+0x73/0x90 [ 580.640210][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.640210][T13041] RIP: 0023:0xf7fd6549 [ 580.640210][T13041] Code: Bad RIP value. [ 580.640210][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 580.640210][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 580.640210][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 580.640210][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 580.640210][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 580.640210][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 580.640210][T13041] Uninit was stored to memory at: [ 580.770153][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 580.770153][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 580.640210][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 580.770153][T13021] Call Trace: [ 580.640210][T13041] __msan_chain_origin+0x50/0x90 [ 580.770153][T13021] dump_stack+0x1df/0x240 [ 580.640210][T13041] __get_compat_msghdr+0x5be/0x890 [ 580.770153][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 580.640210][T13041] get_compat_msghdr+0x108/0x270 [ 580.770153][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 580.640210][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 580.770153][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 580.640210][T13041] __sys_recvmmsg+0x4ca/0x510 [ 580.770153][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 580.640210][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.770153][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 580.640210][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.770153][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 580.640210][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 580.770153][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 580.640210][T13041] do_fast_syscall_32+0x6b/0xd0 [ 580.770153][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 580.640210][T13041] do_SYSENTER_32+0x73/0x90 [ 580.770153][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 580.640210][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.770153][T13021] ? _copy_from_user+0x15b/0x260 [ 580.640210][T13041] [ 580.770153][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 580.640210][T13041] Uninit was stored to memory at: [ 580.770153][T13021] __msan_chain_origin+0x50/0x90 [ 580.640210][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 580.770153][T13021] __get_compat_msghdr+0x5be/0x890 [ 580.640210][T13041] __msan_chain_origin+0x50/0x90 [ 580.770153][T13021] get_compat_msghdr+0x108/0x270 [ 580.640210][T13041] __get_compat_msghdr+0x5be/0x890 [ 580.770153][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 580.640210][T13041] get_compat_msghdr+0x108/0x270 [ 580.770153][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 580.640210][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 580.770153][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 580.640210][T13041] __sys_recvmmsg+0x4ca/0x510 [ 580.770153][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 580.640210][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.770153][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 580.640210][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.770153][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 580.640210][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 580.770153][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 580.640210][T13041] do_fast_syscall_32+0x6b/0xd0 [ 580.770153][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 580.640210][T13041] do_SYSENTER_32+0x73/0x90 [ 580.770153][T13021] __sys_recvmmsg+0x4ca/0x510 [ 580.640210][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.770153][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.640210][T13041] [ 580.770153][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 580.640210][T13041] Uninit was stored to memory at: [ 580.770153][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.640210][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 580.770153][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 580.640210][T13041] __msan_chain_origin+0x50/0x90 [ 580.770153][T13021] do_fast_syscall_32+0x6b/0xd0 [ 580.640210][T13041] __get_compat_msghdr+0x5be/0x890 [ 580.770153][T13021] do_SYSENTER_32+0x73/0x90 [ 580.640210][T13041] get_compat_msghdr+0x108/0x270 [ 580.770153][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.640210][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 580.770153][T13021] RIP: 0023:0xf7f4d549 [ 580.640210][T13041] __sys_recvmmsg+0x4ca/0x510 [ 580.770153][T13021] Code: Bad RIP value. [ 580.640210][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.770153][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 580.640210][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.770153][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 580.640210][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 580.770153][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 580.640210][T13041] do_fast_syscall_32+0x6b/0xd0 [ 580.770153][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 580.640210][T13041] do_SYSENTER_32+0x73/0x90 [ 580.770153][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 580.640210][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.770153][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 580.640210][T13041] [ 580.770153][T13021] Uninit was stored to memory at: [ 580.640210][T13041] Uninit was stored to memory at: [ 580.770153][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 580.640210][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 580.770153][T13021] __msan_chain_origin+0x50/0x90 [ 580.640210][T13041] __msan_chain_origin+0x50/0x90 [ 580.770153][T13021] __get_compat_msghdr+0x5be/0x890 [ 580.640210][T13041] __get_compat_msghdr+0x5be/0x890 [ 580.770153][T13021] get_compat_msghdr+0x108/0x270 [ 580.640210][T13041] get_compat_msghdr+0x108/0x270 [ 580.770153][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 580.640210][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 580.770153][T13021] __sys_recvmmsg+0x4ca/0x510 [ 580.640210][T13041] __sys_recvmmsg+0x4ca/0x510 [ 580.770153][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.640210][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.770153][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.640210][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.770153][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 580.640210][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 580.770153][T13021] do_fast_syscall_32+0x6b/0xd0 [ 580.640210][T13041] do_fast_syscall_32+0x6b/0xd0 [ 580.770153][T13021] do_SYSENTER_32+0x73/0x90 [ 580.640210][T13041] do_SYSENTER_32+0x73/0x90 [ 580.770153][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.640210][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.770153][T13021] [ 580.640210][T13041] [ 580.770153][T13021] Uninit was stored to memory at: [ 580.640210][T13041] Uninit was stored to memory at: [ 580.770153][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 580.640210][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 580.770153][T13021] __msan_chain_origin+0x50/0x90 [ 580.640210][T13041] __msan_chain_origin+0x50/0x90 [ 580.770153][T13021] __get_compat_msghdr+0x5be/0x890 [ 580.640210][T13041] __get_compat_msghdr+0x5be/0x890 [ 580.770153][T13021] get_compat_msghdr+0x108/0x270 [ 580.640210][T13041] get_compat_msghdr+0x108/0x270 [ 580.770153][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 580.640210][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 580.770153][T13021] __sys_recvmmsg+0x4ca/0x510 [ 580.640210][T13041] __sys_recvmmsg+0x4ca/0x510 [ 580.770153][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.640210][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.770153][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.640210][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.770153][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 580.640210][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 580.770153][T13021] do_fast_syscall_32+0x6b/0xd0 [ 580.640210][T13041] do_fast_syscall_32+0x6b/0xd0 [ 580.770153][T13021] do_SYSENTER_32+0x73/0x90 [ 580.640210][T13041] do_SYSENTER_32+0x73/0x90 [ 580.770153][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.640210][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.770153][T13021] [ 580.640210][T13041] [ 580.770153][T13021] Uninit was stored to memory at: [ 580.640210][T13041] Uninit was stored to memory at: [ 580.770153][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 580.640210][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 580.770153][T13021] __msan_chain_origin+0x50/0x90 [ 580.640210][T13041] __msan_chain_origin+0x50/0x90 [ 580.770153][T13021] __get_compat_msghdr+0x5be/0x890 [ 580.640210][T13041] __get_compat_msghdr+0x5be/0x890 [ 580.770153][T13021] get_compat_msghdr+0x108/0x270 [ 580.640210][T13041] get_compat_msghdr+0x108/0x270 [ 580.770153][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 580.640210][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 580.770153][T13021] __sys_recvmmsg+0x4ca/0x510 [ 580.640210][T13041] __sys_recvmmsg+0x4ca/0x510 [ 580.770153][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.640210][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.770153][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.640210][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.770153][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 580.640210][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 580.770153][T13021] do_fast_syscall_32+0x6b/0xd0 [ 580.640210][T13041] do_fast_syscall_32+0x6b/0xd0 [ 580.770153][T13021] do_SYSENTER_32+0x73/0x90 [ 580.640210][T13041] do_SYSENTER_32+0x73/0x90 [ 580.770153][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.640210][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.770153][T13021] [ 580.640210][T13041] [ 580.770153][T13021] Uninit was stored to memory at: [ 580.640210][T13041] Uninit was stored to memory at: [ 580.770153][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 580.640210][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 580.770153][T13021] __msan_chain_origin+0x50/0x90 [ 580.640210][T13041] __msan_chain_origin+0x50/0x90 [ 580.770153][T13021] __get_compat_msghdr+0x5be/0x890 [ 580.640210][T13041] __get_compat_msghdr+0x5be/0x890 [ 580.770153][T13021] get_compat_msghdr+0x108/0x270 [ 580.640210][T13041] get_compat_msghdr+0x108/0x270 [ 580.770153][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 580.640210][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 580.770153][T13021] __sys_recvmmsg+0x4ca/0x510 [ 580.640210][T13041] __sys_recvmmsg+0x4ca/0x510 [ 580.770153][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.640210][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 580.770153][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.640210][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 580.770153][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 580.640210][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 580.770153][T13021] do_fast_syscall_32+0x6b/0xd0 [ 580.640210][T13041] do_fast_syscall_32+0x6b/0xd0 [ 580.770153][T13021] do_SYSENTER_32+0x73/0x90 [ 580.640210][T13041] do_SYSENTER_32+0x73/0x90 [ 580.770153][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.640210][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 580.770153][T13021] [ 580.640210][T13041] [ 580.770153][T13021] Uninit was stored to memory at: [ 580.640210][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 580.770153][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 580.640210][T13041] do_recvmmsg+0xc5/0x1ee0 [ 580.770153][T13021] __msan_chain_origin+0x50/0x90 [ 580.640210][T13041] do_recvmmsg+0xc5/0x1ee0 [ 580.770153][T13021] __get_compat_msghdr+0x5be/0x890 [ 580.770153][T13021] get_compat_msghdr+0x108/0x270 [ 581.936300][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 581.936300][T13021] __sys_recvmmsg+0x4ca/0x510 [ 581.936300][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 581.936300][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 581.936300][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 581.936300][T13021] do_fast_syscall_32+0x6b/0xd0 [ 581.936300][T13021] do_SYSENTER_32+0x73/0x90 [ 581.936300][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 581.936300][T13021] [ 581.936300][T13021] Uninit was stored to memory at: [ 581.936300][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 581.936300][T13021] __msan_chain_origin+0x50/0x90 [ 581.936300][T13021] __get_compat_msghdr+0x5be/0x890 [ 581.936300][T13021] get_compat_msghdr+0x108/0x270 [ 581.936300][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 581.936300][T13021] __sys_recvmmsg+0x4ca/0x510 [ 581.936300][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 581.936300][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 581.936300][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 581.936300][T13021] do_fast_syscall_32+0x6b/0xd0 [ 581.936300][T13021] do_SYSENTER_32+0x73/0x90 [ 581.936300][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 581.936300][T13021] [ 581.936300][T13021] Uninit was stored to memory at: [ 581.936300][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 581.936300][T13021] __msan_chain_origin+0x50/0x90 [ 581.936300][T13021] __get_compat_msghdr+0x5be/0x890 [ 582.075144][T13080] not chained 1690000 origins [ 581.936300][T13021] get_compat_msghdr+0x108/0x270 [ 582.080160][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 581.936300][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 582.080160][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 581.936300][T13021] __sys_recvmmsg+0x4ca/0x510 [ 582.080160][T13080] Call Trace: [ 581.936300][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 582.080160][T13080] dump_stack+0x1df/0x240 [ 581.936300][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 582.080160][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 581.936300][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 582.080160][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 581.936300][T13021] do_fast_syscall_32+0x6b/0xd0 [ 582.080160][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 581.936300][T13021] do_SYSENTER_32+0x73/0x90 [ 582.080160][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 581.936300][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 582.080160][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 581.936300][T13021] [ 582.080160][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 581.936300][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 582.080160][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 581.936300][T13021] do_recvmmsg+0xc5/0x1ee0 [ 582.080160][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 581.936300][T13021] do_recvmmsg+0xc5/0x1ee0 [ 582.080160][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 582.080160][T13080] ? _copy_from_user+0x15b/0x260 [ 582.224547][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 582.224547][T13080] __msan_chain_origin+0x50/0x90 [ 582.233101][T13080] __get_compat_msghdr+0x5be/0x890 [ 582.235669][T13080] get_compat_msghdr+0x108/0x270 [ 582.235669][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 582.235669][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 582.235669][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 582.235669][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 582.235669][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 582.235669][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 582.235669][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 582.235669][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 582.235669][T13080] __sys_recvmmsg+0x4ca/0x510 [ 582.235669][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 582.235669][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 582.235669][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 582.235669][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 582.235669][T13080] do_fast_syscall_32+0x6b/0xd0 [ 582.235669][T13080] do_SYSENTER_32+0x73/0x90 [ 582.235669][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 582.235669][T13080] RIP: 0023:0xf7fbe549 [ 582.235669][T13080] Code: Bad RIP value. [ 582.235669][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 582.235669][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 582.235669][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 582.235669][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 582.235669][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 582.235669][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 582.235669][T13080] Uninit was stored to memory at: [ 582.235669][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 582.235669][T13080] __msan_chain_origin+0x50/0x90 [ 582.235669][T13080] __get_compat_msghdr+0x5be/0x890 [ 582.235669][T13080] get_compat_msghdr+0x108/0x270 [ 582.235669][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 582.235669][T13080] __sys_recvmmsg+0x4ca/0x510 [ 582.235669][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 582.235669][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 582.235669][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 582.235669][T13080] do_fast_syscall_32+0x6b/0xd0 [ 582.235669][T13080] do_SYSENTER_32+0x73/0x90 [ 582.235669][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 582.235669][T13080] [ 582.235669][T13080] Uninit was stored to memory at: [ 582.235669][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 582.235669][T13080] __msan_chain_origin+0x50/0x90 [ 582.235669][T13080] __get_compat_msghdr+0x5be/0x890 [ 582.235669][T13080] get_compat_msghdr+0x108/0x270 [ 582.235669][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 582.235669][T13080] __sys_recvmmsg+0x4ca/0x510 [ 582.235669][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 582.235669][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 582.235669][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 582.235669][T13080] do_fast_syscall_32+0x6b/0xd0 [ 582.235669][T13080] do_SYSENTER_32+0x73/0x90 [ 582.235669][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 582.235669][T13080] [ 582.235669][T13080] Uninit was stored to memory at: [ 582.235669][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 582.235669][T13080] __msan_chain_origin+0x50/0x90 [ 582.235669][T13080] __get_compat_msghdr+0x5be/0x890 [ 582.235669][T13080] get_compat_msghdr+0x108/0x270 [ 582.235669][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 582.235669][T13080] __sys_recvmmsg+0x4ca/0x510 [ 582.235669][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 582.235669][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 582.235669][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 582.235669][T13080] do_fast_syscall_32+0x6b/0xd0 [ 582.235669][T13080] do_SYSENTER_32+0x73/0x90 [ 582.235669][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 582.235669][T13080] [ 582.235669][T13080] Uninit was stored to memory at: [ 582.235669][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 582.235669][T13080] __msan_chain_origin+0x50/0x90 [ 582.235669][T13080] __get_compat_msghdr+0x5be/0x890 [ 582.235669][T13080] get_compat_msghdr+0x108/0x270 [ 582.235669][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 582.235669][T13080] __sys_recvmmsg+0x4ca/0x510 [ 582.235669][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 582.235669][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 582.235669][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 582.235669][T13080] do_fast_syscall_32+0x6b/0xd0 [ 582.235669][T13080] do_SYSENTER_32+0x73/0x90 [ 582.235669][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 582.235669][T13080] [ 582.235669][T13080] Uninit was stored to memory at: [ 582.235669][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 582.235669][T13080] __msan_chain_origin+0x50/0x90 [ 582.235669][T13080] __get_compat_msghdr+0x5be/0x890 [ 582.235669][T13080] get_compat_msghdr+0x108/0x270 [ 582.235669][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 582.235669][T13080] __sys_recvmmsg+0x4ca/0x510 [ 582.235669][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 582.235669][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 582.235669][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 582.235669][T13080] do_fast_syscall_32+0x6b/0xd0 [ 582.235669][T13080] do_SYSENTER_32+0x73/0x90 [ 582.235669][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 582.235669][T13080] [ 582.235669][T13080] Uninit was stored to memory at: [ 582.235669][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 582.235669][T13080] __msan_chain_origin+0x50/0x90 [ 582.235669][T13080] __get_compat_msghdr+0x5be/0x890 [ 582.235669][T13080] get_compat_msghdr+0x108/0x270 [ 582.235669][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 582.235669][T13080] __sys_recvmmsg+0x4ca/0x510 [ 582.235669][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 582.235669][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 582.235669][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 582.235669][T13080] do_fast_syscall_32+0x6b/0xd0 [ 582.235669][T13080] do_SYSENTER_32+0x73/0x90 [ 582.235669][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 582.235669][T13080] [ 582.235669][T13080] Uninit was stored to memory at: [ 582.235669][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 582.235669][T13080] __msan_chain_origin+0x50/0x90 [ 582.235669][T13080] __get_compat_msghdr+0x5be/0x890 [ 582.235669][T13080] get_compat_msghdr+0x108/0x270 [ 582.235669][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 582.235669][T13080] __sys_recvmmsg+0x4ca/0x510 [ 582.235669][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 582.235669][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 582.235669][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 582.235669][T13080] do_fast_syscall_32+0x6b/0xd0 [ 582.235669][T13080] do_SYSENTER_32+0x73/0x90 [ 582.235669][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 582.235669][T13080] [ 582.235669][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 582.235669][T13080] do_recvmmsg+0xc5/0x1ee0 [ 582.235669][T13080] do_recvmmsg+0xc5/0x1ee0 [ 583.058666][T13041] not chained 1700000 origins [ 583.060198][T13041] CPU: 0 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 583.060198][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 583.060198][T13041] Call Trace: [ 583.060198][T13041] dump_stack+0x1df/0x240 [ 583.060198][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 583.060198][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 583.060198][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 583.060198][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 583.060198][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 583.060198][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 583.060198][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 583.060198][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 583.060198][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 583.060198][T13041] ? _copy_from_user+0x15b/0x260 [ 583.060198][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 583.060198][T13041] __msan_chain_origin+0x50/0x90 [ 583.060198][T13041] __get_compat_msghdr+0x5be/0x890 [ 583.060198][T13041] get_compat_msghdr+0x108/0x270 [ 583.060198][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 583.060198][T13041] ? idle_cpu+0x9a/0x1d0 [ 583.060198][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 583.060198][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 583.060198][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 583.060198][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 583.060198][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 583.060198][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 583.060198][T13041] __sys_recvmmsg+0x4ca/0x510 [ 583.060198][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.060198][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 583.219471][T13087] systemd-journald[13087]: File /run/log/journal/64dd78f1a75445a997c532444ad0f085/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 583.060198][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.060198][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 583.060198][T13041] do_fast_syscall_32+0x6b/0xd0 [ 583.060198][T13041] do_SYSENTER_32+0x73/0x90 [ 583.060198][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.060198][T13041] RIP: 0023:0xf7fd6549 [ 583.060198][T13041] Code: Bad RIP value. [ 583.060198][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 583.060198][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 583.060198][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 583.060198][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 583.060198][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 583.060198][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 583.060198][T13041] Uninit was stored to memory at: [ 583.060198][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 583.060198][T13041] __msan_chain_origin+0x50/0x90 [ 583.060198][T13041] __get_compat_msghdr+0x5be/0x890 [ 583.060198][T13041] get_compat_msghdr+0x108/0x270 [ 583.060198][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 583.060198][T13041] __sys_recvmmsg+0x4ca/0x510 [ 583.060198][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.060198][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.060198][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 583.060198][T13041] do_fast_syscall_32+0x6b/0xd0 [ 583.060198][T13041] do_SYSENTER_32+0x73/0x90 [ 583.060198][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.060198][T13041] [ 583.060198][T13041] Uninit was stored to memory at: [ 583.060198][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 583.060198][T13041] __msan_chain_origin+0x50/0x90 [ 583.060198][T13041] __get_compat_msghdr+0x5be/0x890 [ 583.060198][T13041] get_compat_msghdr+0x108/0x270 [ 583.060198][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 583.060198][T13041] __sys_recvmmsg+0x4ca/0x510 [ 583.060198][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.060198][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.060198][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 583.441972][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 583.060198][T13041] do_fast_syscall_32+0x6b/0xd0 [ 583.060198][T13041] do_SYSENTER_32+0x73/0x90 [ 583.060198][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.060198][T13041] [ 583.060198][T13041] Uninit was stored to memory at: [ 583.060198][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 583.060198][T13041] __msan_chain_origin+0x50/0x90 [ 583.483289][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 583.060198][T13041] __get_compat_msghdr+0x5be/0x890 [ 583.060198][T13041] get_compat_msghdr+0x108/0x270 [ 583.060198][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 583.060198][T13041] __sys_recvmmsg+0x4ca/0x510 [ 583.060198][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.060198][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.060198][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 583.525282][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 583.060198][T13041] do_fast_syscall_32+0x6b/0xd0 [ 583.060198][T13041] do_SYSENTER_32+0x73/0x90 [ 583.060198][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.060198][T13041] [ 583.060198][T13041] Uninit was stored to memory at: [ 583.060198][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 583.060198][T13041] __msan_chain_origin+0x50/0x90 [ 583.571451][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 583.060198][T13041] __get_compat_msghdr+0x5be/0x890 [ 583.060198][T13041] get_compat_msghdr+0x108/0x270 [ 583.060198][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 583.060198][T13041] __sys_recvmmsg+0x4ca/0x510 [ 583.060198][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.060198][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.060198][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 583.060198][T13041] do_fast_syscall_32+0x6b/0xd0 [ 583.060198][T13041] do_SYSENTER_32+0x73/0x90 [ 583.060198][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.060198][T13041] [ 583.060198][T13041] Uninit was stored to memory at: [ 583.060198][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 583.060198][T13041] __msan_chain_origin+0x50/0x90 [ 583.060198][T13041] __get_compat_msghdr+0x5be/0x890 [ 583.653828][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 583.060198][T13041] get_compat_msghdr+0x108/0x270 [ 583.060198][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 583.060198][T13041] __sys_recvmmsg+0x4ca/0x510 [ 583.675837][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 583.060198][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.060198][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.060198][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 583.060198][T13041] do_fast_syscall_32+0x6b/0xd0 [ 583.060198][T13041] do_SYSENTER_32+0x73/0x90 [ 583.060198][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.060198][T13041] [ 583.060198][T13041] Uninit was stored to memory at: [ 583.060198][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 583.060198][T13041] __msan_chain_origin+0x50/0x90 [ 583.060198][T13041] __get_compat_msghdr+0x5be/0x890 [ 583.060198][T13041] get_compat_msghdr+0x108/0x270 [ 583.060198][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 583.060198][T13041] __sys_recvmmsg+0x4ca/0x510 [ 583.060198][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.758706][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 583.060198][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.060198][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 583.060198][T13041] do_fast_syscall_32+0x6b/0xd0 [ 583.060198][T13041] do_SYSENTER_32+0x73/0x90 [ 583.060198][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.060198][T13041] [ 583.060198][T13041] Uninit was stored to memory at: [ 583.060198][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 583.060198][T13041] __msan_chain_origin+0x50/0x90 [ 583.060198][T13041] __get_compat_msghdr+0x5be/0x890 [ 583.060198][T13041] get_compat_msghdr+0x108/0x270 [ 583.060198][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 583.060198][T13041] __sys_recvmmsg+0x4ca/0x510 [ 583.060198][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.060198][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.060198][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 583.851365][T13072] not chained 1710000 origins [ 583.060198][T13041] do_fast_syscall_32+0x6b/0xd0 [ 583.858426][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 583.060198][T13041] do_SYSENTER_32+0x73/0x90 [ 583.860150][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 583.060198][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.860150][T13072] Call Trace: [ 583.060198][T13041] [ 583.860150][T13072] dump_stack+0x1df/0x240 [ 583.060198][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 583.860150][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 583.060198][T13041] do_recvmmsg+0xc5/0x1ee0 [ 583.860150][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 583.060198][T13041] do_recvmmsg+0xc5/0x1ee0 [ 583.860150][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 583.860150][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 583.938856][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 583.938856][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 583.938856][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 583.938856][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 583.938856][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 583.938856][T13072] ? _copy_from_user+0x15b/0x260 [ 583.938856][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 583.938856][T13072] __msan_chain_origin+0x50/0x90 [ 583.938856][T13072] __get_compat_msghdr+0x5be/0x890 [ 583.938856][T13072] get_compat_msghdr+0x108/0x270 [ 583.938856][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 583.938856][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 583.938856][T13072] ? sched_clock_cpu+0x7c/0x930 [ 583.938856][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 583.938856][T13072] ? sched_clock_cpu+0x7c/0x930 [ 583.938856][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 583.938856][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 583.938856][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 583.938856][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 583.938856][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 583.938856][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 583.938856][T13072] __sys_recvmmsg+0x4ca/0x510 [ 583.938856][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.938856][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 583.938856][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.938856][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 584.074789][T13012] not chained 1720000 origins [ 583.938856][T13072] do_fast_syscall_32+0x6b/0xd0 [ 583.938856][T13072] do_SYSENTER_32+0x73/0x90 [ 583.938856][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.938856][T13072] RIP: 0023:0xf7fbe549 [ 583.938856][T13072] Code: Bad RIP value. [ 583.938856][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 583.938856][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 583.938856][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 583.938856][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 583.938856][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 583.938856][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 583.938856][T13072] Uninit was stored to memory at: [ 584.080160][T13012] CPU: 0 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 584.080160][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 583.938856][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 584.080160][T13012] Call Trace: [ 583.938856][T13072] __msan_chain_origin+0x50/0x90 [ 584.080160][T13012] dump_stack+0x1df/0x240 [ 583.938856][T13072] __get_compat_msghdr+0x5be/0x890 [ 584.080160][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 583.938856][T13072] get_compat_msghdr+0x108/0x270 [ 584.080160][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 583.938856][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 584.080160][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 583.938856][T13072] __sys_recvmmsg+0x4ca/0x510 [ 584.080160][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 583.938856][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 584.080160][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 583.938856][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 584.080160][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 583.938856][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 584.080160][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 583.938856][T13072] do_fast_syscall_32+0x6b/0xd0 [ 584.080160][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 583.938856][T13072] do_SYSENTER_32+0x73/0x90 [ 584.080160][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 583.938856][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 584.080160][T13012] ? _copy_from_user+0x15b/0x260 [ 583.938856][T13072] [ 584.080160][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 583.938856][T13072] Uninit was stored to memory at: [ 584.080160][T13012] __msan_chain_origin+0x50/0x90 [ 583.938856][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 584.080160][T13012] __get_compat_msghdr+0x5be/0x890 [ 583.938856][T13072] __msan_chain_origin+0x50/0x90 [ 584.080160][T13012] get_compat_msghdr+0x108/0x270 [ 583.938856][T13072] __get_compat_msghdr+0x5be/0x890 [ 584.080160][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 583.938856][T13072] get_compat_msghdr+0x108/0x270 [ 584.080160][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 583.938856][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 584.080160][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 583.938856][T13072] __sys_recvmmsg+0x4ca/0x510 [ 584.080160][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 583.938856][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 584.080160][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 583.938856][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 584.080160][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 583.938856][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 584.080160][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 583.938856][T13072] do_fast_syscall_32+0x6b/0xd0 [ 583.938856][T13072] do_SYSENTER_32+0x73/0x90 [ 584.080160][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 583.938856][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 584.080160][T13012] __sys_recvmmsg+0x4ca/0x510 [ 583.938856][T13072] [ 584.080160][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.938856][T13072] Uninit was stored to memory at: [ 584.080160][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 583.938856][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 584.080160][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.938856][T13072] __msan_chain_origin+0x50/0x90 [ 584.080160][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 583.938856][T13072] __get_compat_msghdr+0x5be/0x890 [ 584.080160][T13012] do_fast_syscall_32+0x6b/0xd0 [ 583.938856][T13072] get_compat_msghdr+0x108/0x270 [ 584.080160][T13012] do_SYSENTER_32+0x73/0x90 [ 583.938856][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 584.080160][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.938856][T13072] __sys_recvmmsg+0x4ca/0x510 [ 584.080160][T13012] RIP: 0023:0xf7f4d549 [ 583.938856][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 584.080160][T13012] Code: Bad RIP value. [ 583.938856][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 584.080160][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 583.938856][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 584.080160][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 583.938856][T13072] do_fast_syscall_32+0x6b/0xd0 [ 584.080160][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 583.938856][T13072] do_SYSENTER_32+0x73/0x90 [ 584.080160][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 583.938856][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 584.080160][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 583.938856][T13072] [ 584.080160][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 583.938856][T13072] Uninit was stored to memory at: [ 584.080160][T13012] Uninit was stored to memory at: [ 583.938856][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 584.080160][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 583.938856][T13072] __msan_chain_origin+0x50/0x90 [ 584.080160][T13012] __msan_chain_origin+0x50/0x90 [ 583.938856][T13072] __get_compat_msghdr+0x5be/0x890 [ 584.080160][T13012] __get_compat_msghdr+0x5be/0x890 [ 583.938856][T13072] get_compat_msghdr+0x108/0x270 [ 584.080160][T13012] get_compat_msghdr+0x108/0x270 [ 583.938856][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 584.080160][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 583.938856][T13072] __sys_recvmmsg+0x4ca/0x510 [ 584.080160][T13012] __sys_recvmmsg+0x4ca/0x510 [ 583.938856][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 584.080160][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.938856][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 584.080160][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.938856][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 584.080160][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 583.938856][T13072] do_fast_syscall_32+0x6b/0xd0 [ 584.080160][T13012] do_fast_syscall_32+0x6b/0xd0 [ 583.938856][T13072] do_SYSENTER_32+0x73/0x90 [ 584.080160][T13012] do_SYSENTER_32+0x73/0x90 [ 583.938856][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 584.080160][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.938856][T13072] [ 584.080160][T13012] [ 583.938856][T13072] Uninit was stored to memory at: [ 584.080160][T13012] Uninit was stored to memory at: [ 583.938856][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 584.080160][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 583.938856][T13072] __msan_chain_origin+0x50/0x90 [ 584.080160][T13012] __msan_chain_origin+0x50/0x90 [ 583.938856][T13072] __get_compat_msghdr+0x5be/0x890 [ 584.080160][T13012] __get_compat_msghdr+0x5be/0x890 [ 583.938856][T13072] get_compat_msghdr+0x108/0x270 [ 584.080160][T13012] get_compat_msghdr+0x108/0x270 [ 583.938856][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 584.080160][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 583.938856][T13072] __sys_recvmmsg+0x4ca/0x510 [ 584.080160][T13012] __sys_recvmmsg+0x4ca/0x510 [ 583.938856][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 584.080160][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.938856][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 584.080160][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.938856][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 584.080160][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 583.938856][T13072] do_fast_syscall_32+0x6b/0xd0 [ 584.080160][T13012] do_fast_syscall_32+0x6b/0xd0 [ 583.938856][T13072] do_SYSENTER_32+0x73/0x90 [ 584.080160][T13012] do_SYSENTER_32+0x73/0x90 [ 583.938856][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 584.080160][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.938856][T13072] [ 584.080160][T13012] [ 583.938856][T13072] Uninit was stored to memory at: [ 584.080160][T13012] Uninit was stored to memory at: [ 583.938856][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 584.080160][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 583.938856][T13072] __msan_chain_origin+0x50/0x90 [ 584.080160][T13012] __msan_chain_origin+0x50/0x90 [ 583.938856][T13072] __get_compat_msghdr+0x5be/0x890 [ 584.080160][T13012] __get_compat_msghdr+0x5be/0x890 [ 583.938856][T13072] get_compat_msghdr+0x108/0x270 [ 584.080160][T13012] get_compat_msghdr+0x108/0x270 [ 583.938856][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 584.080160][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 583.938856][T13072] __sys_recvmmsg+0x4ca/0x510 [ 584.080160][T13012] __sys_recvmmsg+0x4ca/0x510 [ 583.938856][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 584.080160][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.938856][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 584.080160][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.938856][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 584.080160][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 583.938856][T13072] do_fast_syscall_32+0x6b/0xd0 [ 584.080160][T13012] do_fast_syscall_32+0x6b/0xd0 [ 583.938856][T13072] do_SYSENTER_32+0x73/0x90 [ 584.080160][T13012] do_SYSENTER_32+0x73/0x90 [ 583.938856][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 584.080160][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.938856][T13072] [ 584.080160][T13012] [ 583.938856][T13072] Uninit was stored to memory at: [ 584.080160][T13012] Uninit was stored to memory at: [ 583.938856][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 584.080160][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 583.938856][T13072] __msan_chain_origin+0x50/0x90 [ 584.080160][T13012] __msan_chain_origin+0x50/0x90 [ 583.938856][T13072] __get_compat_msghdr+0x5be/0x890 [ 584.080160][T13012] __get_compat_msghdr+0x5be/0x890 [ 583.938856][T13072] get_compat_msghdr+0x108/0x270 [ 584.080160][T13012] get_compat_msghdr+0x108/0x270 [ 583.938856][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 584.080160][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 583.938856][T13072] __sys_recvmmsg+0x4ca/0x510 [ 584.080160][T13012] __sys_recvmmsg+0x4ca/0x510 [ 583.938856][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 584.080160][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 583.938856][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 584.080160][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 583.938856][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 584.080160][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 583.938856][T13072] do_fast_syscall_32+0x6b/0xd0 [ 584.080160][T13012] do_fast_syscall_32+0x6b/0xd0 [ 583.938856][T13072] do_SYSENTER_32+0x73/0x90 [ 584.080160][T13012] do_SYSENTER_32+0x73/0x90 [ 583.938856][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 584.080160][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 583.938856][T13072] [ 584.080160][T13012] [ 583.938856][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 584.080160][T13012] Uninit was stored to memory at: [ 583.938856][T13072] do_recvmmsg+0xc5/0x1ee0 [ 584.080160][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 583.938856][T13072] do_recvmmsg+0xc5/0x1ee0 [ 584.080160][T13012] __msan_chain_origin+0x50/0x90 [ 585.192423][T13012] __get_compat_msghdr+0x5be/0x890 [ 585.192423][T13012] get_compat_msghdr+0x108/0x270 [ 585.192423][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 585.192423][T13012] __sys_recvmmsg+0x4ca/0x510 [ 585.213820][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 585.192423][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.192423][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.192423][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 585.192423][T13012] do_fast_syscall_32+0x6b/0xd0 [ 585.192423][T13012] do_SYSENTER_32+0x73/0x90 [ 585.192423][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.255295][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 585.192423][T13012] [ 585.192423][T13012] Uninit was stored to memory at: [ 585.192423][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 585.192423][T13012] __msan_chain_origin+0x50/0x90 [ 585.192423][T13012] __get_compat_msghdr+0x5be/0x890 [ 585.192423][T13012] get_compat_msghdr+0x108/0x270 [ 585.192423][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 585.192423][T13012] __sys_recvmmsg+0x4ca/0x510 [ 585.192423][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.192423][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.192423][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 585.192423][T13012] do_fast_syscall_32+0x6b/0xd0 [ 585.192423][T13012] do_SYSENTER_32+0x73/0x90 [ 585.192423][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.192423][T13012] [ 585.192423][T13012] Uninit was stored to memory at: [ 585.192423][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 585.192423][T13012] __msan_chain_origin+0x50/0x90 [ 585.192423][T13012] __get_compat_msghdr+0x5be/0x890 [ 585.192423][T13012] get_compat_msghdr+0x108/0x270 [ 585.192423][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 585.192423][T13012] __sys_recvmmsg+0x4ca/0x510 [ 585.192423][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.192423][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.192423][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 585.192423][T13012] do_fast_syscall_32+0x6b/0xd0 [ 585.192423][T13012] do_SYSENTER_32+0x73/0x90 [ 585.192423][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.192423][T13012] [ 585.192423][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 585.192423][T13012] do_recvmmsg+0xc5/0x1ee0 [ 585.192423][T13012] do_recvmmsg+0xc5/0x1ee0 [ 585.587432][T13080] not chained 1730000 origins [ 585.590205][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 585.590205][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 585.590205][T13080] Call Trace: [ 585.590205][T13080] dump_stack+0x1df/0x240 [ 585.590205][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 585.590205][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 585.590205][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 585.590205][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 585.590205][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 585.590205][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 585.590205][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 585.590205][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 585.590205][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 585.590205][T13080] ? _copy_from_user+0x15b/0x260 [ 585.590205][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 585.590205][T13080] __msan_chain_origin+0x50/0x90 [ 585.590205][T13080] __get_compat_msghdr+0x5be/0x890 [ 585.590205][T13080] get_compat_msghdr+0x108/0x270 [ 585.590205][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 585.590205][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 585.590205][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 585.590205][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 585.590205][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 585.590205][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 585.590205][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 585.590205][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 585.590205][T13080] __sys_recvmmsg+0x4ca/0x510 [ 585.590205][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.590205][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 585.590205][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.590205][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 585.590205][T13080] do_fast_syscall_32+0x6b/0xd0 [ 585.590205][T13080] do_SYSENTER_32+0x73/0x90 [ 585.590205][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.590205][T13080] RIP: 0023:0xf7fbe549 [ 585.590205][T13080] Code: Bad RIP value. [ 585.590205][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 585.590205][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 585.590205][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 585.590205][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 585.590205][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 585.590205][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 585.590205][T13080] Uninit was stored to memory at: [ 585.590205][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 585.590205][T13080] __msan_chain_origin+0x50/0x90 [ 585.590205][T13080] __get_compat_msghdr+0x5be/0x890 [ 585.590205][T13080] get_compat_msghdr+0x108/0x270 [ 585.590205][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 585.590205][T13080] __sys_recvmmsg+0x4ca/0x510 [ 585.590205][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.590205][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.590205][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 585.590205][T13080] do_fast_syscall_32+0x6b/0xd0 [ 585.590205][T13080] do_SYSENTER_32+0x73/0x90 [ 585.590205][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.590205][T13080] [ 585.590205][T13080] Uninit was stored to memory at: [ 585.590205][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 585.590205][T13080] __msan_chain_origin+0x50/0x90 [ 585.590205][T13080] __get_compat_msghdr+0x5be/0x890 [ 585.590205][T13080] get_compat_msghdr+0x108/0x270 [ 585.590205][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 585.590205][T13080] __sys_recvmmsg+0x4ca/0x510 [ 585.590205][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.590205][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.590205][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 585.590205][T13080] do_fast_syscall_32+0x6b/0xd0 [ 585.590205][T13080] do_SYSENTER_32+0x73/0x90 [ 585.590205][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.590205][T13080] [ 585.590205][T13080] Uninit was stored to memory at: [ 585.590205][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 585.590205][T13080] __msan_chain_origin+0x50/0x90 [ 585.590205][T13080] __get_compat_msghdr+0x5be/0x890 [ 585.590205][T13080] get_compat_msghdr+0x108/0x270 [ 585.590205][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 585.590205][T13080] __sys_recvmmsg+0x4ca/0x510 [ 585.590205][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.590205][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.590205][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 585.590205][T13080] do_fast_syscall_32+0x6b/0xd0 [ 585.590205][T13080] do_SYSENTER_32+0x73/0x90 [ 585.590205][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.590205][T13080] [ 585.590205][T13080] Uninit was stored to memory at: [ 585.590205][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 585.590205][T13080] __msan_chain_origin+0x50/0x90 [ 585.590205][T13080] __get_compat_msghdr+0x5be/0x890 [ 585.590205][T13080] get_compat_msghdr+0x108/0x270 [ 585.590205][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 585.590205][T13080] __sys_recvmmsg+0x4ca/0x510 [ 585.590205][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.590205][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.590205][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 585.590205][T13080] do_fast_syscall_32+0x6b/0xd0 [ 585.590205][T13080] do_SYSENTER_32+0x73/0x90 [ 585.590205][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.590205][T13080] [ 585.590205][T13080] Uninit was stored to memory at: [ 585.590205][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 585.590205][T13080] __msan_chain_origin+0x50/0x90 [ 585.590205][T13080] __get_compat_msghdr+0x5be/0x890 [ 585.590205][T13080] get_compat_msghdr+0x108/0x270 [ 585.590205][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 585.590205][T13080] __sys_recvmmsg+0x4ca/0x510 [ 585.590205][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.590205][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.590205][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 585.590205][T13080] do_fast_syscall_32+0x6b/0xd0 [ 585.590205][T13080] do_SYSENTER_32+0x73/0x90 [ 585.590205][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.590205][T13080] [ 585.590205][T13080] Uninit was stored to memory at: [ 585.590205][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 585.590205][T13080] __msan_chain_origin+0x50/0x90 [ 585.590205][T13080] __get_compat_msghdr+0x5be/0x890 [ 585.590205][T13080] get_compat_msghdr+0x108/0x270 [ 585.590205][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 585.590205][T13080] __sys_recvmmsg+0x4ca/0x510 [ 585.590205][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.590205][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.590205][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 585.590205][T13080] do_fast_syscall_32+0x6b/0xd0 [ 585.590205][T13080] do_SYSENTER_32+0x73/0x90 [ 585.590205][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.590205][T13080] [ 585.590205][T13080] Uninit was stored to memory at: [ 585.590205][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 585.590205][T13080] __msan_chain_origin+0x50/0x90 [ 585.590205][T13080] __get_compat_msghdr+0x5be/0x890 [ 585.590205][T13080] get_compat_msghdr+0x108/0x270 [ 585.590205][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 585.590205][T13080] __sys_recvmmsg+0x4ca/0x510 [ 585.590205][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 585.590205][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 585.590205][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 585.590205][T13080] do_fast_syscall_32+0x6b/0xd0 [ 585.590205][T13080] do_SYSENTER_32+0x73/0x90 [ 585.590205][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 585.590205][T13080] [ 585.590205][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 585.590205][T13080] do_recvmmsg+0xc5/0x1ee0 [ 585.590205][T13080] do_recvmmsg+0xc5/0x1ee0 [ 586.513269][T13080] not chained 1740000 origins [ 586.517967][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 586.520222][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 586.520222][T13080] Call Trace: [ 586.520222][T13080] dump_stack+0x1df/0x240 [ 586.520222][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 586.520222][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 586.520222][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 586.520222][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 586.520222][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 586.520222][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 586.520222][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 586.520222][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 586.520222][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 586.520222][T13080] ? _copy_from_user+0x15b/0x260 [ 586.520222][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 586.520222][T13080] __msan_chain_origin+0x50/0x90 [ 586.520222][T13080] __get_compat_msghdr+0x5be/0x890 [ 586.520222][T13080] get_compat_msghdr+0x108/0x270 [ 586.520222][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 586.520222][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 586.520222][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 586.520222][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 586.520222][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 586.520222][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 586.520222][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 586.520222][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 586.520222][T13080] __sys_recvmmsg+0x4ca/0x510 [ 586.520222][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 586.520222][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 586.520222][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 586.520222][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 586.520222][T13080] do_fast_syscall_32+0x6b/0xd0 [ 586.520222][T13080] do_SYSENTER_32+0x73/0x90 [ 586.520222][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 586.520222][T13080] RIP: 0023:0xf7fbe549 [ 586.520222][T13080] Code: Bad RIP value. [ 586.520222][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 586.520222][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 586.520222][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 586.520222][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 586.520222][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 586.520222][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 586.520222][T13080] Uninit was stored to memory at: [ 586.520222][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 586.520222][T13080] __msan_chain_origin+0x50/0x90 [ 586.520222][T13080] __get_compat_msghdr+0x5be/0x890 [ 586.520222][T13080] get_compat_msghdr+0x108/0x270 [ 586.520222][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 586.520222][T13080] __sys_recvmmsg+0x4ca/0x510 [ 586.520222][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 586.520222][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 586.520222][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 586.520222][T13080] do_fast_syscall_32+0x6b/0xd0 [ 586.520222][T13080] do_SYSENTER_32+0x73/0x90 [ 586.520222][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 586.520222][T13080] [ 586.520222][T13080] Uninit was stored to memory at: [ 586.520222][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 586.520222][T13080] __msan_chain_origin+0x50/0x90 [ 586.520222][T13080] __get_compat_msghdr+0x5be/0x890 [ 586.520222][T13080] get_compat_msghdr+0x108/0x270 [ 586.520222][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 586.520222][T13080] __sys_recvmmsg+0x4ca/0x510 [ 586.520222][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 586.520222][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 586.520222][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 586.520222][T13080] do_fast_syscall_32+0x6b/0xd0 [ 586.520222][T13080] do_SYSENTER_32+0x73/0x90 [ 586.520222][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 586.520222][T13080] [ 586.520222][T13080] Uninit was stored to memory at: [ 586.520222][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 586.520222][T13080] __msan_chain_origin+0x50/0x90 [ 586.520222][T13080] __get_compat_msghdr+0x5be/0x890 [ 586.520222][T13080] get_compat_msghdr+0x108/0x270 [ 586.520222][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 586.520222][T13080] __sys_recvmmsg+0x4ca/0x510 [ 586.520222][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 586.520222][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 586.520222][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 586.520222][T13080] do_fast_syscall_32+0x6b/0xd0 [ 586.520222][T13080] do_SYSENTER_32+0x73/0x90 [ 586.520222][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 586.520222][T13080] [ 586.520222][T13080] Uninit was stored to memory at: [ 586.520222][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 586.520222][T13080] __msan_chain_origin+0x50/0x90 [ 586.520222][T13080] __get_compat_msghdr+0x5be/0x890 [ 586.520222][T13080] get_compat_msghdr+0x108/0x270 [ 586.520222][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 586.520222][T13080] __sys_recvmmsg+0x4ca/0x510 [ 586.520222][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 586.520222][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 586.520222][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 586.520222][T13080] do_fast_syscall_32+0x6b/0xd0 [ 586.520222][T13080] do_SYSENTER_32+0x73/0x90 [ 586.520222][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 586.520222][T13080] [ 586.520222][T13080] Uninit was stored to memory at: [ 586.520222][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 586.520222][T13080] __msan_chain_origin+0x50/0x90 [ 586.520222][T13080] __get_compat_msghdr+0x5be/0x890 [ 586.520222][T13080] get_compat_msghdr+0x108/0x270 [ 586.520222][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 586.520222][T13080] __sys_recvmmsg+0x4ca/0x510 [ 586.520222][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 586.520222][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 586.520222][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 586.520222][T13080] do_fast_syscall_32+0x6b/0xd0 [ 586.520222][T13080] do_SYSENTER_32+0x73/0x90 [ 586.520222][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 586.520222][T13080] [ 586.520222][T13080] Uninit was stored to memory at: [ 586.520222][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 586.520222][T13080] __msan_chain_origin+0x50/0x90 [ 586.520222][T13080] __get_compat_msghdr+0x5be/0x890 [ 586.520222][T13080] get_compat_msghdr+0x108/0x270 [ 586.520222][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 586.520222][T13080] __sys_recvmmsg+0x4ca/0x510 [ 586.520222][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 586.520222][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 586.520222][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 586.520222][T13080] do_fast_syscall_32+0x6b/0xd0 [ 586.520222][T13080] do_SYSENTER_32+0x73/0x90 [ 586.520222][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 586.520222][T13080] [ 586.520222][T13080] Uninit was stored to memory at: [ 586.520222][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 586.520222][T13080] __msan_chain_origin+0x50/0x90 [ 586.520222][T13080] __get_compat_msghdr+0x5be/0x890 [ 586.520222][T13080] get_compat_msghdr+0x108/0x270 [ 586.520222][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 586.520222][T13080] __sys_recvmmsg+0x4ca/0x510 [ 586.520222][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 586.520222][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 586.520222][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 586.520222][T13080] do_fast_syscall_32+0x6b/0xd0 [ 586.520222][T13080] do_SYSENTER_32+0x73/0x90 [ 586.520222][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 586.520222][T13080] [ 586.520222][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 586.520222][T13080] do_recvmmsg+0xc5/0x1ee0 [ 586.520222][T13080] do_recvmmsg+0xc5/0x1ee0 [ 587.432616][T13041] not chained 1750000 origins [ 587.437439][T13041] CPU: 0 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 587.440171][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 587.440171][T13041] Call Trace: [ 587.440171][T13041] dump_stack+0x1df/0x240 [ 587.440171][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 587.440171][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 587.440171][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 587.440171][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 587.440171][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 587.440171][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 587.440171][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 587.440171][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 587.440171][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 587.440171][T13041] ? _copy_from_user+0x15b/0x260 [ 587.440171][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 587.440171][T13041] __msan_chain_origin+0x50/0x90 [ 587.440171][T13041] __get_compat_msghdr+0x5be/0x890 [ 587.440171][T13041] get_compat_msghdr+0x108/0x270 [ 587.440171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 587.440171][T13041] ? idle_cpu+0x9a/0x1d0 [ 587.440171][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 587.440171][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 587.440171][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 587.440171][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 587.440171][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 587.440171][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 587.440171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 587.440171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 587.440171][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 587.440171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 587.440171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 587.440171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 587.440171][T13041] do_SYSENTER_32+0x73/0x90 [ 587.440171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 587.440171][T13041] RIP: 0023:0xf7fd6549 [ 587.440171][T13041] Code: Bad RIP value. [ 587.440171][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 587.440171][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 587.440171][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 587.440171][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 587.440171][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 587.440171][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 587.440171][T13041] Uninit was stored to memory at: [ 587.440171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 587.440171][T13041] __msan_chain_origin+0x50/0x90 [ 587.440171][T13041] __get_compat_msghdr+0x5be/0x890 [ 587.440171][T13041] get_compat_msghdr+0x108/0x270 [ 587.440171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 587.440171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 587.440171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 587.440171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 587.440171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 587.440171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 587.440171][T13041] do_SYSENTER_32+0x73/0x90 [ 587.440171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 587.440171][T13041] [ 587.440171][T13041] Uninit was stored to memory at: [ 587.440171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 587.440171][T13041] __msan_chain_origin+0x50/0x90 [ 587.440171][T13041] __get_compat_msghdr+0x5be/0x890 [ 587.440171][T13041] get_compat_msghdr+0x108/0x270 [ 587.440171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 587.440171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 587.440171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 587.440171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 587.440171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 587.440171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 587.440171][T13041] do_SYSENTER_32+0x73/0x90 [ 587.440171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 587.440171][T13041] [ 587.440171][T13041] Uninit was stored to memory at: [ 587.440171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 587.440171][T13041] __msan_chain_origin+0x50/0x90 [ 587.440171][T13041] __get_compat_msghdr+0x5be/0x890 [ 587.440171][T13041] get_compat_msghdr+0x108/0x270 [ 587.440171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 587.440171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 587.440171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 587.440171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 587.440171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 587.440171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 587.440171][T13041] do_SYSENTER_32+0x73/0x90 [ 587.440171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 587.440171][T13041] [ 587.440171][T13041] Uninit was stored to memory at: [ 587.440171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 587.440171][T13041] __msan_chain_origin+0x50/0x90 [ 587.440171][T13041] __get_compat_msghdr+0x5be/0x890 [ 587.440171][T13041] get_compat_msghdr+0x108/0x270 [ 587.440171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 587.440171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 587.440171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 587.440171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 587.440171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 587.440171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 587.440171][T13041] do_SYSENTER_32+0x73/0x90 [ 587.440171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 587.440171][T13041] [ 587.440171][T13041] Uninit was stored to memory at: [ 587.440171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 587.440171][T13041] __msan_chain_origin+0x50/0x90 [ 587.440171][T13041] __get_compat_msghdr+0x5be/0x890 [ 587.440171][T13041] get_compat_msghdr+0x108/0x270 [ 587.440171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 587.440171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 587.440171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 587.440171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 587.440171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 587.440171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 587.440171][T13041] do_SYSENTER_32+0x73/0x90 [ 587.440171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 587.440171][T13041] [ 587.440171][T13041] Uninit was stored to memory at: [ 587.440171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 587.440171][T13041] __msan_chain_origin+0x50/0x90 [ 587.440171][T13041] __get_compat_msghdr+0x5be/0x890 [ 587.440171][T13041] get_compat_msghdr+0x108/0x270 [ 587.440171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 587.440171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 587.440171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 587.440171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 587.440171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 587.440171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 587.440171][T13041] do_SYSENTER_32+0x73/0x90 [ 587.440171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 587.440171][T13041] [ 587.440171][T13041] Uninit was stored to memory at: [ 587.440171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 587.440171][T13041] __msan_chain_origin+0x50/0x90 [ 587.440171][T13041] __get_compat_msghdr+0x5be/0x890 [ 587.440171][T13041] get_compat_msghdr+0x108/0x270 [ 588.121940][T13072] not chained 1760000 origins [ 587.440171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 588.130141][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 587.440171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 588.130141][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 587.440171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.130141][T13072] Call Trace: [ 587.440171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.130141][T13072] dump_stack+0x1df/0x240 [ 587.440171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 588.130141][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 587.440171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 588.130141][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 587.440171][T13041] do_SYSENTER_32+0x73/0x90 [ 588.130141][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 587.440171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.130141][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 587.440171][T13041] [ 588.130141][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 587.440171][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 588.130141][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 587.440171][T13041] do_recvmmsg+0xc5/0x1ee0 [ 588.130141][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 587.440171][T13041] do_recvmmsg+0xc5/0x1ee0 [ 588.130141][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 588.260218][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 588.263119][T13072] ? _copy_from_user+0x15b/0x260 [ 588.263119][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 588.263119][T13072] __msan_chain_origin+0x50/0x90 [ 588.263119][T13072] __get_compat_msghdr+0x5be/0x890 [ 588.263119][T13072] get_compat_msghdr+0x108/0x270 [ 588.263119][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 588.263119][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 588.263119][T13072] ? sched_clock_cpu+0x7c/0x930 [ 588.263119][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 588.263119][T13072] ? sched_clock_cpu+0x7c/0x930 [ 588.263119][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 588.263119][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 588.263119][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 588.263119][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 588.263119][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 588.263119][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 588.263119][T13072] __sys_recvmmsg+0x4ca/0x510 [ 588.263119][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.263119][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 588.263119][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.263119][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 588.263119][T13072] do_fast_syscall_32+0x6b/0xd0 [ 588.263119][T13072] do_SYSENTER_32+0x73/0x90 [ 588.263119][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.263119][T13072] RIP: 0023:0xf7fbe549 [ 588.263119][T13072] Code: Bad RIP value. [ 588.398366][T13021] not chained 1770000 origins [ 588.263119][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 588.263119][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 588.263119][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 588.263119][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 588.263119][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 588.263119][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 588.263119][T13072] Uninit was stored to memory at: [ 588.400165][T13021] CPU: 0 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 588.400165][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 588.263119][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 588.400165][T13021] Call Trace: [ 588.263119][T13072] __msan_chain_origin+0x50/0x90 [ 588.400165][T13021] dump_stack+0x1df/0x240 [ 588.263119][T13072] __get_compat_msghdr+0x5be/0x890 [ 588.400165][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 588.263119][T13072] get_compat_msghdr+0x108/0x270 [ 588.400165][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 588.263119][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 588.400165][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 588.263119][T13072] __sys_recvmmsg+0x4ca/0x510 [ 588.400165][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 588.263119][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.400165][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 588.263119][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.400165][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 588.263119][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 588.400165][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 588.263119][T13072] do_fast_syscall_32+0x6b/0xd0 [ 588.400165][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 588.263119][T13072] do_SYSENTER_32+0x73/0x90 [ 588.400165][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 588.263119][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.400165][T13021] ? _copy_from_user+0x15b/0x260 [ 588.263119][T13072] [ 588.400165][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 588.263119][T13072] Uninit was stored to memory at: [ 588.400165][T13021] __msan_chain_origin+0x50/0x90 [ 588.263119][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 588.400165][T13021] __get_compat_msghdr+0x5be/0x890 [ 588.263119][T13072] __msan_chain_origin+0x50/0x90 [ 588.400165][T13021] get_compat_msghdr+0x108/0x270 [ 588.263119][T13072] __get_compat_msghdr+0x5be/0x890 [ 588.400165][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 588.263119][T13072] get_compat_msghdr+0x108/0x270 [ 588.400165][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 588.263119][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 588.400165][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 588.263119][T13072] __sys_recvmmsg+0x4ca/0x510 [ 588.400165][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 588.263119][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.400165][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 588.263119][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.400165][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 588.263119][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 588.400165][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 588.263119][T13072] do_fast_syscall_32+0x6b/0xd0 [ 588.400165][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 588.263119][T13072] do_SYSENTER_32+0x73/0x90 [ 588.400165][T13021] __sys_recvmmsg+0x4ca/0x510 [ 588.263119][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.400165][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.263119][T13072] [ 588.400165][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 588.263119][T13072] Uninit was stored to memory at: [ 588.400165][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.263119][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 588.400165][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 588.263119][T13072] __msan_chain_origin+0x50/0x90 [ 588.400165][T13021] do_fast_syscall_32+0x6b/0xd0 [ 588.263119][T13072] __get_compat_msghdr+0x5be/0x890 [ 588.400165][T13021] do_SYSENTER_32+0x73/0x90 [ 588.263119][T13072] get_compat_msghdr+0x108/0x270 [ 588.400165][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.263119][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 588.400165][T13021] RIP: 0023:0xf7f4d549 [ 588.263119][T13072] __sys_recvmmsg+0x4ca/0x510 [ 588.400165][T13021] Code: Bad RIP value. [ 588.263119][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.400165][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 588.263119][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.400165][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 588.263119][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 588.400165][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 588.263119][T13072] do_fast_syscall_32+0x6b/0xd0 [ 588.400165][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 588.263119][T13072] do_SYSENTER_32+0x73/0x90 [ 588.400165][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 588.263119][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.400165][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 588.263119][T13072] [ 588.400165][T13021] Uninit was stored to memory at: [ 588.263119][T13072] Uninit was stored to memory at: [ 588.400165][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 588.263119][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 588.400165][T13021] __msan_chain_origin+0x50/0x90 [ 588.263119][T13072] __msan_chain_origin+0x50/0x90 [ 588.400165][T13021] __get_compat_msghdr+0x5be/0x890 [ 588.263119][T13072] __get_compat_msghdr+0x5be/0x890 [ 588.400165][T13021] get_compat_msghdr+0x108/0x270 [ 588.263119][T13072] get_compat_msghdr+0x108/0x270 [ 588.400165][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 588.263119][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 588.400165][T13021] __sys_recvmmsg+0x4ca/0x510 [ 588.263119][T13072] __sys_recvmmsg+0x4ca/0x510 [ 588.400165][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.263119][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.400165][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.263119][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.400165][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 588.263119][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 588.400165][T13021] do_fast_syscall_32+0x6b/0xd0 [ 588.263119][T13072] do_fast_syscall_32+0x6b/0xd0 [ 588.400165][T13021] do_SYSENTER_32+0x73/0x90 [ 588.263119][T13072] do_SYSENTER_32+0x73/0x90 [ 588.400165][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.263119][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.400165][T13021] [ 588.263119][T13072] [ 588.400165][T13021] Uninit was stored to memory at: [ 588.263119][T13072] Uninit was stored to memory at: [ 588.400165][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 588.263119][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 588.400165][T13021] __msan_chain_origin+0x50/0x90 [ 588.263119][T13072] __msan_chain_origin+0x50/0x90 [ 588.400165][T13021] __get_compat_msghdr+0x5be/0x890 [ 588.263119][T13072] __get_compat_msghdr+0x5be/0x890 [ 588.400165][T13021] get_compat_msghdr+0x108/0x270 [ 588.263119][T13072] get_compat_msghdr+0x108/0x270 [ 588.400165][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 588.263119][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 588.400165][T13021] __sys_recvmmsg+0x4ca/0x510 [ 588.263119][T13072] __sys_recvmmsg+0x4ca/0x510 [ 588.400165][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.263119][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.400165][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.263119][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.400165][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 588.263119][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 588.400165][T13021] do_fast_syscall_32+0x6b/0xd0 [ 588.263119][T13072] do_fast_syscall_32+0x6b/0xd0 [ 588.400165][T13021] do_SYSENTER_32+0x73/0x90 [ 588.263119][T13072] do_SYSENTER_32+0x73/0x90 [ 588.400165][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.263119][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.400165][T13021] [ 588.263119][T13072] [ 588.400165][T13021] Uninit was stored to memory at: [ 588.263119][T13072] Uninit was stored to memory at: [ 588.400165][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 588.263119][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 588.400165][T13021] __msan_chain_origin+0x50/0x90 [ 588.263119][T13072] __msan_chain_origin+0x50/0x90 [ 588.400165][T13021] __get_compat_msghdr+0x5be/0x890 [ 588.263119][T13072] __get_compat_msghdr+0x5be/0x890 [ 588.400165][T13021] get_compat_msghdr+0x108/0x270 [ 588.263119][T13072] get_compat_msghdr+0x108/0x270 [ 588.400165][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 588.263119][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 588.400165][T13021] __sys_recvmmsg+0x4ca/0x510 [ 588.263119][T13072] __sys_recvmmsg+0x4ca/0x510 [ 588.400165][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.263119][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.400165][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.263119][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.400165][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 588.263119][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 588.400165][T13021] do_fast_syscall_32+0x6b/0xd0 [ 588.263119][T13072] do_fast_syscall_32+0x6b/0xd0 [ 588.400165][T13021] do_SYSENTER_32+0x73/0x90 [ 588.263119][T13072] do_SYSENTER_32+0x73/0x90 [ 588.400165][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.263119][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.400165][T13021] [ 588.263119][T13072] [ 588.400165][T13021] Uninit was stored to memory at: [ 588.263119][T13072] Uninit was stored to memory at: [ 588.400165][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 588.263119][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 588.400165][T13021] __msan_chain_origin+0x50/0x90 [ 588.263119][T13072] __msan_chain_origin+0x50/0x90 [ 588.400165][T13021] __get_compat_msghdr+0x5be/0x890 [ 588.263119][T13072] __get_compat_msghdr+0x5be/0x890 [ 588.400165][T13021] get_compat_msghdr+0x108/0x270 [ 588.263119][T13072] get_compat_msghdr+0x108/0x270 [ 588.400165][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 588.263119][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 588.400165][T13021] __sys_recvmmsg+0x4ca/0x510 [ 588.263119][T13072] __sys_recvmmsg+0x4ca/0x510 [ 588.400165][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.263119][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 588.400165][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.263119][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 588.400165][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 588.263119][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 588.400165][T13021] do_fast_syscall_32+0x6b/0xd0 [ 588.263119][T13072] do_fast_syscall_32+0x6b/0xd0 [ 588.400165][T13021] do_SYSENTER_32+0x73/0x90 [ 588.263119][T13072] do_SYSENTER_32+0x73/0x90 [ 588.400165][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.263119][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 588.400165][T13021] [ 588.263119][T13072] [ 588.400165][T13021] Uninit was stored to memory at: [ 588.263119][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 588.400165][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 588.263119][T13072] do_recvmmsg+0xc5/0x1ee0 [ 588.400165][T13021] __msan_chain_origin+0x50/0x90 [ 588.263119][T13072] do_recvmmsg+0xc5/0x1ee0 [ 588.400165][T13021] __get_compat_msghdr+0x5be/0x890 [ 588.400165][T13021] get_compat_msghdr+0x108/0x270 [ 588.400165][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 589.512816][T13021] __sys_recvmmsg+0x4ca/0x510 [ 589.512816][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 589.512816][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 589.512816][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 589.512816][T13021] do_fast_syscall_32+0x6b/0xd0 [ 589.512816][T13021] do_SYSENTER_32+0x73/0x90 [ 589.512816][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 589.512816][T13021] [ 589.512816][T13021] Uninit was stored to memory at: [ 589.512816][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 589.512816][T13021] __msan_chain_origin+0x50/0x90 [ 589.567786][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 589.512816][T13021] __get_compat_msghdr+0x5be/0x890 [ 589.512816][T13021] get_compat_msghdr+0x108/0x270 [ 589.512816][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 589.512816][T13021] __sys_recvmmsg+0x4ca/0x510 [ 589.512816][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 589.512816][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 589.512816][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 589.512816][T13021] do_fast_syscall_32+0x6b/0xd0 [ 589.512816][T13021] do_SYSENTER_32+0x73/0x90 [ 589.619734][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 589.512816][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 589.512816][T13021] [ 589.512816][T13021] Uninit was stored to memory at: [ 589.512816][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 589.512816][T13021] __msan_chain_origin+0x50/0x90 [ 589.512816][T13021] __get_compat_msghdr+0x5be/0x890 [ 589.512816][T13021] get_compat_msghdr+0x108/0x270 [ 589.512816][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 589.512816][T13021] __sys_recvmmsg+0x4ca/0x510 [ 589.512816][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 589.512816][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 589.512816][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 589.512816][T13021] do_fast_syscall_32+0x6b/0xd0 [ 589.512816][T13021] do_SYSENTER_32+0x73/0x90 [ 589.512816][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 589.512816][T13021] [ 589.512816][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 589.512816][T13021] do_recvmmsg+0xc5/0x1ee0 [ 589.512816][T13021] do_recvmmsg+0xc5/0x1ee0 [ 589.867489][T13080] not chained 1780000 origins [ 589.870176][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 589.870176][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 589.870176][T13080] Call Trace: [ 589.870176][T13080] dump_stack+0x1df/0x240 [ 589.870176][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 589.870176][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 589.870176][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 589.870176][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 589.870176][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 589.870176][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 589.870176][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 589.931376][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 589.870176][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 589.870176][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 589.870176][T13080] ? _copy_from_user+0x15b/0x260 [ 589.870176][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 589.964195][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 589.870176][T13080] __msan_chain_origin+0x50/0x90 [ 589.870176][T13080] __get_compat_msghdr+0x5be/0x890 [ 589.870176][T13080] get_compat_msghdr+0x108/0x270 [ 589.870176][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 589.870176][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 589.870176][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 589.870176][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 589.870176][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 589.870176][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 589.870176][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 589.870176][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 589.870176][T13080] __sys_recvmmsg+0x4ca/0x510 [ 589.870176][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 590.037778][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 589.870176][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 589.870176][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 589.870176][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 589.870176][T13080] do_fast_syscall_32+0x6b/0xd0 [ 589.870176][T13080] do_SYSENTER_32+0x73/0x90 [ 589.870176][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 589.870176][T13080] RIP: 0023:0xf7fbe549 [ 589.870176][T13080] Code: Bad RIP value. [ 589.870176][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 589.870176][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 589.870176][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 589.870176][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 590.118058][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 589.870176][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 589.870176][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 589.870176][T13080] Uninit was stored to memory at: [ 589.870176][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 589.870176][T13080] __msan_chain_origin+0x50/0x90 [ 589.870176][T13080] __get_compat_msghdr+0x5be/0x890 [ 589.870176][T13080] get_compat_msghdr+0x108/0x270 [ 589.870176][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 590.154200][T13012] not chained 1790000 origins [ 589.870176][T13080] __sys_recvmmsg+0x4ca/0x510 [ 590.160153][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 589.870176][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 590.160153][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 589.870176][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 590.160153][T13012] Call Trace: [ 589.870176][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 590.160153][T13012] dump_stack+0x1df/0x240 [ 589.870176][T13080] do_fast_syscall_32+0x6b/0xd0 [ 590.160153][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 589.870176][T13080] do_SYSENTER_32+0x73/0x90 [ 590.160153][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 589.870176][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 590.160153][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 589.870176][T13080] [ 590.160153][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 589.870176][T13080] Uninit was stored to memory at: [ 590.160153][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 589.870176][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 590.160153][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 589.870176][T13080] __msan_chain_origin+0x50/0x90 [ 590.160153][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 589.870176][T13080] __get_compat_msghdr+0x5be/0x890 [ 590.160153][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 589.870176][T13080] get_compat_msghdr+0x108/0x270 [ 590.160153][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 589.870176][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 590.160153][T13012] ? _copy_from_user+0x15b/0x260 [ 589.870176][T13080] __sys_recvmmsg+0x4ca/0x510 [ 590.160153][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 589.870176][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 590.160153][T13012] __msan_chain_origin+0x50/0x90 [ 589.870176][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 590.160153][T13012] __get_compat_msghdr+0x5be/0x890 [ 589.870176][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 590.160153][T13012] get_compat_msghdr+0x108/0x270 [ 589.870176][T13080] do_fast_syscall_32+0x6b/0xd0 [ 590.160153][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 589.870176][T13080] do_SYSENTER_32+0x73/0x90 [ 590.160153][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 589.870176][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 590.160153][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 589.870176][T13080] [ 590.160153][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 589.870176][T13080] Uninit was stored to memory at: [ 590.160153][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 589.870176][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 590.160153][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 589.870176][T13080] __msan_chain_origin+0x50/0x90 [ 590.160153][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 589.870176][T13080] __get_compat_msghdr+0x5be/0x890 [ 590.160153][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 589.870176][T13080] get_compat_msghdr+0x108/0x270 [ 590.160153][T13012] __sys_recvmmsg+0x4ca/0x510 [ 589.870176][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 590.160153][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 589.870176][T13080] __sys_recvmmsg+0x4ca/0x510 [ 590.160153][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 589.870176][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 590.160153][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 589.870176][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 590.160153][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 589.870176][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 590.160153][T13012] do_fast_syscall_32+0x6b/0xd0 [ 589.870176][T13080] do_fast_syscall_32+0x6b/0xd0 [ 590.160153][T13012] do_SYSENTER_32+0x73/0x90 [ 589.870176][T13080] do_SYSENTER_32+0x73/0x90 [ 590.160153][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 589.870176][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 590.160153][T13012] RIP: 0023:0xf7f4d549 [ 589.870176][T13080] [ 590.160153][T13012] Code: Bad RIP value. [ 589.870176][T13080] Uninit was stored to memory at: [ 590.160153][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 589.870176][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 590.160153][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 589.870176][T13080] __msan_chain_origin+0x50/0x90 [ 590.160153][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 589.870176][T13080] __get_compat_msghdr+0x5be/0x890 [ 590.160153][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 589.870176][T13080] get_compat_msghdr+0x108/0x270 [ 590.160153][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 589.870176][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 590.160153][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 589.870176][T13080] __sys_recvmmsg+0x4ca/0x510 [ 590.160153][T13012] Uninit was stored to memory at: [ 589.870176][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 590.160153][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 589.870176][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 590.160153][T13012] __msan_chain_origin+0x50/0x90 [ 589.870176][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 590.160153][T13012] __get_compat_msghdr+0x5be/0x890 [ 589.870176][T13080] do_fast_syscall_32+0x6b/0xd0 [ 590.160153][T13012] get_compat_msghdr+0x108/0x270 [ 589.870176][T13080] do_SYSENTER_32+0x73/0x90 [ 590.160153][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 589.870176][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 590.160153][T13012] __sys_recvmmsg+0x4ca/0x510 [ 589.870176][T13080] [ 590.160153][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 589.870176][T13080] Uninit was stored to memory at: [ 590.160153][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 589.870176][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 590.160153][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 589.870176][T13080] __msan_chain_origin+0x50/0x90 [ 590.160153][T13012] do_fast_syscall_32+0x6b/0xd0 [ 589.870176][T13080] __get_compat_msghdr+0x5be/0x890 [ 590.160153][T13012] do_SYSENTER_32+0x73/0x90 [ 589.870176][T13080] get_compat_msghdr+0x108/0x270 [ 590.160153][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 589.870176][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 590.160153][T13012] [ 589.870176][T13080] __sys_recvmmsg+0x4ca/0x510 [ 590.160153][T13012] Uninit was stored to memory at: [ 589.870176][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 590.160153][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 589.870176][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 590.160153][T13012] __msan_chain_origin+0x50/0x90 [ 589.870176][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 590.160153][T13012] __get_compat_msghdr+0x5be/0x890 [ 589.870176][T13080] do_fast_syscall_32+0x6b/0xd0 [ 590.160153][T13012] get_compat_msghdr+0x108/0x270 [ 589.870176][T13080] do_SYSENTER_32+0x73/0x90 [ 590.160153][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 589.870176][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 590.160153][T13012] __sys_recvmmsg+0x4ca/0x510 [ 589.870176][T13080] [ 590.160153][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 589.870176][T13080] Uninit was stored to memory at: [ 590.160153][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 589.870176][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 590.160153][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 589.870176][T13080] __msan_chain_origin+0x50/0x90 [ 590.160153][T13012] do_fast_syscall_32+0x6b/0xd0 [ 589.870176][T13080] __get_compat_msghdr+0x5be/0x890 [ 590.160153][T13012] do_SYSENTER_32+0x73/0x90 [ 589.870176][T13080] get_compat_msghdr+0x108/0x270 [ 590.160153][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 589.870176][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 590.160153][T13012] [ 589.870176][T13080] __sys_recvmmsg+0x4ca/0x510 [ 590.160153][T13012] Uninit was stored to memory at: [ 589.870176][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 590.160153][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 589.870176][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 590.160153][T13012] __msan_chain_origin+0x50/0x90 [ 589.870176][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 590.160153][T13012] __get_compat_msghdr+0x5be/0x890 [ 589.870176][T13080] do_fast_syscall_32+0x6b/0xd0 [ 590.160153][T13012] get_compat_msghdr+0x108/0x270 [ 589.870176][T13080] do_SYSENTER_32+0x73/0x90 [ 590.160153][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 589.870176][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 590.160153][T13012] __sys_recvmmsg+0x4ca/0x510 [ 589.870176][T13080] [ 590.160153][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 589.870176][T13080] Uninit was stored to memory at: [ 590.160153][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 589.870176][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 590.160153][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 589.870176][T13080] __msan_chain_origin+0x50/0x90 [ 590.160153][T13012] do_fast_syscall_32+0x6b/0xd0 [ 589.870176][T13080] __get_compat_msghdr+0x5be/0x890 [ 590.160153][T13012] do_SYSENTER_32+0x73/0x90 [ 589.870176][T13080] get_compat_msghdr+0x108/0x270 [ 590.160153][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 589.870176][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 590.160153][T13012] [ 589.870176][T13080] __sys_recvmmsg+0x4ca/0x510 [ 590.160153][T13012] Uninit was stored to memory at: [ 589.870176][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 590.160153][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 589.870176][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 590.160153][T13012] __msan_chain_origin+0x50/0x90 [ 589.870176][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 590.160153][T13012] __get_compat_msghdr+0x5be/0x890 [ 589.870176][T13080] do_fast_syscall_32+0x6b/0xd0 [ 590.160153][T13012] get_compat_msghdr+0x108/0x270 [ 589.870176][T13080] do_SYSENTER_32+0x73/0x90 [ 590.160153][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 589.870176][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 590.160153][T13012] __sys_recvmmsg+0x4ca/0x510 [ 589.870176][T13080] [ 590.160153][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 589.870176][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 590.160153][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 589.870176][T13080] do_recvmmsg+0xc5/0x1ee0 [ 590.160153][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 589.870176][T13080] do_recvmmsg+0xc5/0x1ee0 [ 590.160153][T13012] do_fast_syscall_32+0x6b/0xd0 [ 591.160277][T13012] do_SYSENTER_32+0x73/0x90 [ 591.160277][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.160277][T13012] [ 591.160277][T13012] Uninit was stored to memory at: [ 591.160277][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 591.160277][T13012] __msan_chain_origin+0x50/0x90 [ 591.160277][T13012] __get_compat_msghdr+0x5be/0x890 [ 591.160277][T13012] get_compat_msghdr+0x108/0x270 [ 591.160277][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 591.160277][T13012] __sys_recvmmsg+0x4ca/0x510 [ 591.160277][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.160277][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.160277][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 591.160277][T13012] do_fast_syscall_32+0x6b/0xd0 [ 591.160277][T13012] do_SYSENTER_32+0x73/0x90 [ 591.160277][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.160277][T13012] [ 591.160277][T13012] Uninit was stored to memory at: [ 591.160277][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 591.160277][T13012] __msan_chain_origin+0x50/0x90 [ 591.160277][T13012] __get_compat_msghdr+0x5be/0x890 [ 591.160277][T13012] get_compat_msghdr+0x108/0x270 [ 591.160277][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 591.160277][T13012] __sys_recvmmsg+0x4ca/0x510 [ 591.287186][T13041] not chained 1800000 origins [ 591.160277][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.290163][T13041] CPU: 0 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 591.160277][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.290163][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 591.160277][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 591.290163][T13041] Call Trace: [ 591.160277][T13012] do_fast_syscall_32+0x6b/0xd0 [ 591.290163][T13041] dump_stack+0x1df/0x240 [ 591.160277][T13012] do_SYSENTER_32+0x73/0x90 [ 591.290163][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 591.160277][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.290163][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 591.160277][T13012] [ 591.290163][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 591.160277][T13012] Uninit was stored to memory at: [ 591.290163][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 591.160277][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 591.290163][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 591.160277][T13012] __msan_chain_origin+0x50/0x90 [ 591.290163][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 591.160277][T13012] __get_compat_msghdr+0x5be/0x890 [ 591.290163][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 591.160277][T13012] get_compat_msghdr+0x108/0x270 [ 591.290163][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 591.160277][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 591.290163][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 591.160277][T13012] __sys_recvmmsg+0x4ca/0x510 [ 591.290163][T13041] ? _copy_from_user+0x15b/0x260 [ 591.160277][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.290163][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 591.160277][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.290163][T13041] __msan_chain_origin+0x50/0x90 [ 591.160277][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 591.290163][T13041] __get_compat_msghdr+0x5be/0x890 [ 591.160277][T13012] do_fast_syscall_32+0x6b/0xd0 [ 591.290163][T13041] get_compat_msghdr+0x108/0x270 [ 591.160277][T13012] do_SYSENTER_32+0x73/0x90 [ 591.290163][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 591.160277][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.290163][T13041] ? idle_cpu+0x9a/0x1d0 [ 591.160277][T13012] [ 591.290163][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 591.160277][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 591.290163][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 591.160277][T13012] do_recvmmsg+0xc5/0x1ee0 [ 591.290163][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 591.160277][T13012] do_recvmmsg+0xc5/0x1ee0 [ 591.290163][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 591.290163][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 591.290163][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 591.552469][T13041] __sys_recvmmsg+0x4ca/0x510 [ 591.552469][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.552469][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 591.552469][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.552469][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 591.552469][T13041] do_fast_syscall_32+0x6b/0xd0 [ 591.552469][T13041] do_SYSENTER_32+0x73/0x90 [ 591.552469][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.552469][T13041] RIP: 0023:0xf7fd6549 [ 591.552469][T13041] Code: Bad RIP value. [ 591.552469][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 591.552469][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 591.552469][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 591.552469][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 591.631000][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 591.552469][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 591.552469][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 591.552469][T13041] Uninit was stored to memory at: [ 591.552469][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 591.552469][T13041] __msan_chain_origin+0x50/0x90 [ 591.674994][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 591.552469][T13041] __get_compat_msghdr+0x5be/0x890 [ 591.552469][T13041] get_compat_msghdr+0x108/0x270 [ 591.552469][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 591.552469][T13041] __sys_recvmmsg+0x4ca/0x510 [ 591.552469][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.552469][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.715060][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 591.552469][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 591.552469][T13041] do_fast_syscall_32+0x6b/0xd0 [ 591.552469][T13041] do_SYSENTER_32+0x73/0x90 [ 591.552469][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.552469][T13041] [ 591.552469][T13041] Uninit was stored to memory at: [ 591.552469][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 591.755096][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 591.552469][T13041] __msan_chain_origin+0x50/0x90 [ 591.552469][T13041] __get_compat_msghdr+0x5be/0x890 [ 591.552469][T13041] get_compat_msghdr+0x108/0x270 [ 591.552469][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 591.552469][T13041] __sys_recvmmsg+0x4ca/0x510 [ 591.552469][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.552469][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.552469][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 591.552469][T13041] do_fast_syscall_32+0x6b/0xd0 [ 591.552469][T13041] do_SYSENTER_32+0x73/0x90 [ 591.552469][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.552469][T13041] [ 591.552469][T13041] Uninit was stored to memory at: [ 591.552469][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 591.552469][T13041] __msan_chain_origin+0x50/0x90 [ 591.552469][T13041] __get_compat_msghdr+0x5be/0x890 [ 591.552469][T13041] get_compat_msghdr+0x108/0x270 [ 591.552469][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 591.552469][T13041] __sys_recvmmsg+0x4ca/0x510 [ 591.552469][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.552469][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.552469][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 591.552469][T13041] do_fast_syscall_32+0x6b/0xd0 [ 591.552469][T13041] do_SYSENTER_32+0x73/0x90 [ 591.552469][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.552469][T13041] [ 591.552469][T13041] Uninit was stored to memory at: [ 591.552469][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 591.552469][T13041] __msan_chain_origin+0x50/0x90 [ 591.552469][T13041] __get_compat_msghdr+0x5be/0x890 [ 591.552469][T13041] get_compat_msghdr+0x108/0x270 [ 591.552469][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 591.552469][T13041] __sys_recvmmsg+0x4ca/0x510 [ 591.552469][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.552469][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.552469][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 591.552469][T13041] do_fast_syscall_32+0x6b/0xd0 [ 591.552469][T13041] do_SYSENTER_32+0x73/0x90 [ 591.552469][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.552469][T13041] [ 591.552469][T13041] Uninit was stored to memory at: [ 591.552469][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 591.552469][T13041] __msan_chain_origin+0x50/0x90 [ 591.552469][T13041] __get_compat_msghdr+0x5be/0x890 [ 591.552469][T13041] get_compat_msghdr+0x108/0x270 [ 591.552469][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 591.552469][T13041] __sys_recvmmsg+0x4ca/0x510 [ 591.552469][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.552469][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.552469][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 591.552469][T13041] do_fast_syscall_32+0x6b/0xd0 [ 591.552469][T13041] do_SYSENTER_32+0x73/0x90 [ 591.552469][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.552469][T13041] [ 591.552469][T13041] Uninit was stored to memory at: [ 591.552469][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 591.552469][T13041] __msan_chain_origin+0x50/0x90 [ 591.552469][T13041] __get_compat_msghdr+0x5be/0x890 [ 591.552469][T13041] get_compat_msghdr+0x108/0x270 [ 591.552469][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 591.552469][T13041] __sys_recvmmsg+0x4ca/0x510 [ 591.552469][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.552469][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.552469][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 591.552469][T13041] do_fast_syscall_32+0x6b/0xd0 [ 591.552469][T13041] do_SYSENTER_32+0x73/0x90 [ 591.552469][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.552469][T13041] [ 591.552469][T13041] Uninit was stored to memory at: [ 591.552469][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 591.552469][T13041] __msan_chain_origin+0x50/0x90 [ 591.552469][T13041] __get_compat_msghdr+0x5be/0x890 [ 591.552469][T13041] get_compat_msghdr+0x108/0x270 [ 591.552469][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 591.552469][T13041] __sys_recvmmsg+0x4ca/0x510 [ 591.552469][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 591.552469][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 591.552469][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 591.552469][T13041] do_fast_syscall_32+0x6b/0xd0 [ 591.552469][T13041] do_SYSENTER_32+0x73/0x90 [ 591.552469][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 591.552469][T13041] [ 591.552469][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 591.552469][T13041] do_recvmmsg+0xc5/0x1ee0 [ 591.552469][T13041] do_recvmmsg+0xc5/0x1ee0 [ 592.386013][T13041] not chained 1810000 origins [ 592.390235][T13041] CPU: 0 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 592.390235][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 592.390235][T13041] Call Trace: [ 592.390235][T13041] dump_stack+0x1df/0x240 [ 592.390235][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 592.390235][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 592.390235][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 592.390235][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 592.390235][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 592.390235][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 592.390235][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 592.390235][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 592.390235][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 592.390235][T13041] ? _copy_from_user+0x15b/0x260 [ 592.390235][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 592.390235][T13041] __msan_chain_origin+0x50/0x90 [ 592.390235][T13041] __get_compat_msghdr+0x5be/0x890 [ 592.390235][T13041] get_compat_msghdr+0x108/0x270 [ 592.390235][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 592.390235][T13041] ? idle_cpu+0x9a/0x1d0 [ 592.390235][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 592.390235][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 592.390235][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 592.390235][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 592.390235][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 592.390235][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 592.390235][T13041] __sys_recvmmsg+0x4ca/0x510 [ 592.390235][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.390235][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 592.390235][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.390235][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 592.390235][T13041] do_fast_syscall_32+0x6b/0xd0 [ 592.390235][T13041] do_SYSENTER_32+0x73/0x90 [ 592.390235][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.390235][T13041] RIP: 0023:0xf7fd6549 [ 592.390235][T13041] Code: Bad RIP value. [ 592.390235][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 592.390235][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 592.390235][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 592.390235][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 592.390235][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 592.390235][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 592.390235][T13041] Uninit was stored to memory at: [ 592.390235][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 592.390235][T13041] __msan_chain_origin+0x50/0x90 [ 592.390235][T13041] __get_compat_msghdr+0x5be/0x890 [ 592.648778][T13021] not chained 1820000 origins [ 592.390235][T13041] get_compat_msghdr+0x108/0x270 [ 592.650144][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 592.390235][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 592.650144][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 592.390235][T13041] __sys_recvmmsg+0x4ca/0x510 [ 592.650144][T13021] Call Trace: [ 592.390235][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.650144][T13021] dump_stack+0x1df/0x240 [ 592.390235][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.650144][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 592.390235][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 592.650144][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 592.390235][T13041] do_fast_syscall_32+0x6b/0xd0 [ 592.650144][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 592.390235][T13041] do_SYSENTER_32+0x73/0x90 [ 592.650144][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 592.390235][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.650144][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 592.390235][T13041] [ 592.650144][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 592.390235][T13041] Uninit was stored to memory at: [ 592.650144][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 592.390235][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 592.650144][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 592.390235][T13041] __msan_chain_origin+0x50/0x90 [ 592.650144][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 592.390235][T13041] __get_compat_msghdr+0x5be/0x890 [ 592.390235][T13041] get_compat_msghdr+0x108/0x270 [ 592.650144][T13021] ? _copy_from_user+0x15b/0x260 [ 592.390235][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 592.650144][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 592.390235][T13041] __sys_recvmmsg+0x4ca/0x510 [ 592.650144][T13021] __msan_chain_origin+0x50/0x90 [ 592.390235][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.650144][T13021] __get_compat_msghdr+0x5be/0x890 [ 592.390235][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.650144][T13021] get_compat_msghdr+0x108/0x270 [ 592.390235][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 592.650144][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 592.390235][T13041] do_fast_syscall_32+0x6b/0xd0 [ 592.650144][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 592.390235][T13041] do_SYSENTER_32+0x73/0x90 [ 592.650144][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 592.390235][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.650144][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 592.390235][T13041] [ 592.650144][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 592.390235][T13041] Uninit was stored to memory at: [ 592.650144][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 592.390235][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 592.650144][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 592.390235][T13041] __msan_chain_origin+0x50/0x90 [ 592.650144][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 592.390235][T13041] __get_compat_msghdr+0x5be/0x890 [ 592.650144][T13021] __sys_recvmmsg+0x4ca/0x510 [ 592.390235][T13041] get_compat_msghdr+0x108/0x270 [ 592.650144][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.390235][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 592.650144][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 592.390235][T13041] __sys_recvmmsg+0x4ca/0x510 [ 592.650144][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.390235][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.650144][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 592.390235][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.650144][T13021] do_fast_syscall_32+0x6b/0xd0 [ 592.390235][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 592.650144][T13021] do_SYSENTER_32+0x73/0x90 [ 592.390235][T13041] do_fast_syscall_32+0x6b/0xd0 [ 592.650144][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.390235][T13041] do_SYSENTER_32+0x73/0x90 [ 592.650144][T13021] RIP: 0023:0xf7f4d549 [ 592.390235][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.650144][T13021] Code: Bad RIP value. [ 592.390235][T13041] [ 592.650144][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 592.390235][T13041] Uninit was stored to memory at: [ 592.650144][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 592.390235][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 592.650144][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 592.390235][T13041] __msan_chain_origin+0x50/0x90 [ 592.650144][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 592.390235][T13041] __get_compat_msghdr+0x5be/0x890 [ 592.650144][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 592.390235][T13041] get_compat_msghdr+0x108/0x270 [ 592.650144][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 592.390235][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 592.650144][T13021] Uninit was stored to memory at: [ 592.390235][T13041] __sys_recvmmsg+0x4ca/0x510 [ 592.650144][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 592.390235][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.650144][T13021] __msan_chain_origin+0x50/0x90 [ 592.390235][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.650144][T13021] __get_compat_msghdr+0x5be/0x890 [ 592.390235][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 592.650144][T13021] get_compat_msghdr+0x108/0x270 [ 592.390235][T13041] do_fast_syscall_32+0x6b/0xd0 [ 592.650144][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 592.390235][T13041] do_SYSENTER_32+0x73/0x90 [ 592.650144][T13021] __sys_recvmmsg+0x4ca/0x510 [ 592.390235][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.650144][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.390235][T13041] [ 592.650144][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.390235][T13041] Uninit was stored to memory at: [ 592.650144][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 592.390235][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 592.650144][T13021] do_fast_syscall_32+0x6b/0xd0 [ 592.390235][T13041] __msan_chain_origin+0x50/0x90 [ 592.650144][T13021] do_SYSENTER_32+0x73/0x90 [ 592.390235][T13041] __get_compat_msghdr+0x5be/0x890 [ 592.650144][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.390235][T13041] get_compat_msghdr+0x108/0x270 [ 592.650144][T13021] [ 592.390235][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 592.650144][T13021] Uninit was stored to memory at: [ 592.390235][T13041] __sys_recvmmsg+0x4ca/0x510 [ 592.650144][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 592.390235][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.650144][T13021] __msan_chain_origin+0x50/0x90 [ 592.390235][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.650144][T13021] __get_compat_msghdr+0x5be/0x890 [ 592.390235][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 592.650144][T13021] get_compat_msghdr+0x108/0x270 [ 592.650144][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 592.390235][T13041] do_fast_syscall_32+0x6b/0xd0 [ 592.650144][T13021] __sys_recvmmsg+0x4ca/0x510 [ 592.390235][T13041] do_SYSENTER_32+0x73/0x90 [ 592.650144][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.390235][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.650144][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.390235][T13041] [ 592.650144][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 592.390235][T13041] Uninit was stored to memory at: [ 592.650144][T13021] do_fast_syscall_32+0x6b/0xd0 [ 592.390235][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 592.650144][T13021] do_SYSENTER_32+0x73/0x90 [ 592.390235][T13041] __msan_chain_origin+0x50/0x90 [ 592.650144][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.390235][T13041] __get_compat_msghdr+0x5be/0x890 [ 592.650144][T13021] [ 592.390235][T13041] get_compat_msghdr+0x108/0x270 [ 592.650144][T13021] Uninit was stored to memory at: [ 592.390235][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 592.650144][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 592.390235][T13041] __sys_recvmmsg+0x4ca/0x510 [ 592.650144][T13021] __msan_chain_origin+0x50/0x90 [ 592.390235][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.650144][T13021] __get_compat_msghdr+0x5be/0x890 [ 592.390235][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.650144][T13021] get_compat_msghdr+0x108/0x270 [ 592.390235][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 592.650144][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 592.390235][T13041] do_fast_syscall_32+0x6b/0xd0 [ 592.650144][T13021] __sys_recvmmsg+0x4ca/0x510 [ 592.390235][T13041] do_SYSENTER_32+0x73/0x90 [ 592.650144][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.390235][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.650144][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.390235][T13041] [ 592.650144][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 592.390235][T13041] Uninit was stored to memory at: [ 592.650144][T13021] do_fast_syscall_32+0x6b/0xd0 [ 592.390235][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 592.650144][T13021] do_SYSENTER_32+0x73/0x90 [ 592.390235][T13041] __msan_chain_origin+0x50/0x90 [ 592.650144][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.390235][T13041] __get_compat_msghdr+0x5be/0x890 [ 592.650144][T13021] [ 592.390235][T13041] get_compat_msghdr+0x108/0x270 [ 592.650144][T13021] Uninit was stored to memory at: [ 592.390235][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 592.650144][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 592.390235][T13041] __sys_recvmmsg+0x4ca/0x510 [ 592.650144][T13021] __msan_chain_origin+0x50/0x90 [ 592.390235][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.650144][T13021] __get_compat_msghdr+0x5be/0x890 [ 592.390235][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.650144][T13021] get_compat_msghdr+0x108/0x270 [ 592.390235][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 592.650144][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 592.390235][T13041] do_fast_syscall_32+0x6b/0xd0 [ 592.650144][T13021] __sys_recvmmsg+0x4ca/0x510 [ 592.390235][T13041] do_SYSENTER_32+0x73/0x90 [ 592.650144][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 592.390235][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 592.650144][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 592.390235][T13041] [ 592.650144][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 592.390235][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 592.650144][T13021] do_fast_syscall_32+0x6b/0xd0 [ 592.390235][T13041] do_recvmmsg+0xc5/0x1ee0 [ 592.650144][T13021] do_SYSENTER_32+0x73/0x90 [ 592.390235][T13041] do_recvmmsg+0xc5/0x1ee0 [ 592.650144][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.656849][T13021] [ 593.656849][T13021] Uninit was stored to memory at: [ 593.656849][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 593.656849][T13021] __msan_chain_origin+0x50/0x90 [ 593.656849][T13021] __get_compat_msghdr+0x5be/0x890 [ 593.656849][T13021] get_compat_msghdr+0x108/0x270 [ 593.656849][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 593.656849][T13021] __sys_recvmmsg+0x4ca/0x510 [ 593.656849][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.656849][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.656849][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 593.656849][T13021] do_fast_syscall_32+0x6b/0xd0 [ 593.656849][T13021] do_SYSENTER_32+0x73/0x90 [ 593.656849][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.656849][T13021] [ 593.656849][T13021] Uninit was stored to memory at: [ 593.656849][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 593.656849][T13021] __msan_chain_origin+0x50/0x90 [ 593.656849][T13021] __get_compat_msghdr+0x5be/0x890 [ 593.656849][T13021] get_compat_msghdr+0x108/0x270 [ 593.656849][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 593.656849][T13021] __sys_recvmmsg+0x4ca/0x510 [ 593.656849][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.656849][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.656849][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 593.656849][T13021] do_fast_syscall_32+0x6b/0xd0 [ 593.793364][T13080] not chained 1830000 origins [ 593.656849][T13021] do_SYSENTER_32+0x73/0x90 [ 593.798819][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 593.656849][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.800168][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 593.656849][T13021] [ 593.800168][T13080] Call Trace: [ 593.656849][T13021] Uninit was stored to memory at: [ 593.800168][T13080] dump_stack+0x1df/0x240 [ 593.656849][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 593.800168][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 593.656849][T13021] __msan_chain_origin+0x50/0x90 [ 593.800168][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 593.656849][T13021] __get_compat_msghdr+0x5be/0x890 [ 593.800168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 593.656849][T13021] get_compat_msghdr+0x108/0x270 [ 593.800168][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 593.656849][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 593.800168][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 593.656849][T13021] __sys_recvmmsg+0x4ca/0x510 [ 593.800168][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 593.656849][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.800168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 593.656849][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.800168][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 593.656849][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 593.800168][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 593.656849][T13021] do_fast_syscall_32+0x6b/0xd0 [ 593.800168][T13080] ? _copy_from_user+0x15b/0x260 [ 593.656849][T13021] do_SYSENTER_32+0x73/0x90 [ 593.800168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 593.656849][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.800168][T13080] __msan_chain_origin+0x50/0x90 [ 593.656849][T13021] [ 593.800168][T13080] __get_compat_msghdr+0x5be/0x890 [ 593.656849][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 593.800168][T13080] get_compat_msghdr+0x108/0x270 [ 593.656849][T13021] do_recvmmsg+0xc5/0x1ee0 [ 593.800168][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 593.656849][T13021] do_recvmmsg+0xc5/0x1ee0 [ 593.800168][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 593.800168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 593.800168][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 593.800168][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 594.022714][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 594.024023][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 594.024023][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 594.024023][T13080] __sys_recvmmsg+0x4ca/0x510 [ 594.024023][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.024023][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 594.024023][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.024023][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 594.024023][T13080] do_fast_syscall_32+0x6b/0xd0 [ 594.024023][T13080] do_SYSENTER_32+0x73/0x90 [ 594.074812][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 594.024023][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.024023][T13080] RIP: 0023:0xf7fbe549 [ 594.024023][T13080] Code: Bad RIP value. [ 594.024023][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 594.024023][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 594.114219][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 594.024023][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 594.024023][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 594.024023][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 594.024023][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 594.154430][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 594.024023][T13080] Uninit was stored to memory at: [ 594.024023][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 594.024023][T13080] __msan_chain_origin+0x50/0x90 [ 594.024023][T13080] __get_compat_msghdr+0x5be/0x890 [ 594.024023][T13080] get_compat_msghdr+0x108/0x270 [ 594.024023][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 594.193511][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 594.024023][T13080] __sys_recvmmsg+0x4ca/0x510 [ 594.024023][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.024023][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.024023][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 594.024023][T13080] do_fast_syscall_32+0x6b/0xd0 [ 594.024023][T13080] do_SYSENTER_32+0x73/0x90 [ 594.231967][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 594.024023][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.024023][T13080] [ 594.024023][T13080] Uninit was stored to memory at: [ 594.024023][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 594.024023][T13080] __msan_chain_origin+0x50/0x90 [ 594.024023][T13080] __get_compat_msghdr+0x5be/0x890 [ 594.271685][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 594.024023][T13080] get_compat_msghdr+0x108/0x270 [ 594.024023][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 594.024023][T13080] __sys_recvmmsg+0x4ca/0x510 [ 594.024023][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.024023][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.024023][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 594.309546][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 594.024023][T13080] do_fast_syscall_32+0x6b/0xd0 [ 594.024023][T13080] do_SYSENTER_32+0x73/0x90 [ 594.024023][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.024023][T13080] [ 594.024023][T13080] Uninit was stored to memory at: [ 594.024023][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 594.024023][T13080] __msan_chain_origin+0x50/0x90 [ 594.024023][T13080] __get_compat_msghdr+0x5be/0x890 [ 594.024023][T13080] get_compat_msghdr+0x108/0x270 [ 594.024023][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 594.024023][T13080] __sys_recvmmsg+0x4ca/0x510 [ 594.024023][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.024023][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.024023][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 594.024023][T13080] do_fast_syscall_32+0x6b/0xd0 [ 594.024023][T13080] do_SYSENTER_32+0x73/0x90 [ 594.024023][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.024023][T13080] [ 594.024023][T13080] Uninit was stored to memory at: [ 594.024023][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 594.024023][T13080] __msan_chain_origin+0x50/0x90 [ 594.024023][T13080] __get_compat_msghdr+0x5be/0x890 [ 594.024023][T13080] get_compat_msghdr+0x108/0x270 [ 594.024023][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 594.024023][T13080] __sys_recvmmsg+0x4ca/0x510 [ 594.441283][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 594.024023][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.024023][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.024023][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 594.024023][T13080] do_fast_syscall_32+0x6b/0xd0 [ 594.024023][T13080] do_SYSENTER_32+0x73/0x90 [ 594.024023][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.482120][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 594.024023][T13080] [ 594.024023][T13080] Uninit was stored to memory at: [ 594.497831][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 594.024023][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 594.024023][T13080] __msan_chain_origin+0x50/0x90 [ 594.024023][T13080] __get_compat_msghdr+0x5be/0x890 [ 594.024023][T13080] get_compat_msghdr+0x108/0x270 [ 594.024023][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 594.024023][T13080] __sys_recvmmsg+0x4ca/0x510 [ 594.024023][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.024023][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.024023][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 594.024023][T13080] do_fast_syscall_32+0x6b/0xd0 [ 594.024023][T13080] do_SYSENTER_32+0x73/0x90 [ 594.024023][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.024023][T13080] [ 594.024023][T13080] Uninit was stored to memory at: [ 594.024023][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 594.024023][T13080] __msan_chain_origin+0x50/0x90 [ 594.024023][T13080] __get_compat_msghdr+0x5be/0x890 [ 594.024023][T13080] get_compat_msghdr+0x108/0x270 [ 594.024023][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 594.024023][T13080] __sys_recvmmsg+0x4ca/0x510 [ 594.024023][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.024023][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.024023][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 594.024023][T13080] do_fast_syscall_32+0x6b/0xd0 [ 594.024023][T13080] do_SYSENTER_32+0x73/0x90 [ 594.024023][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.024023][T13080] [ 594.024023][T13080] Uninit was stored to memory at: [ 594.024023][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 594.024023][T13080] __msan_chain_origin+0x50/0x90 [ 594.024023][T13080] __get_compat_msghdr+0x5be/0x890 [ 594.024023][T13080] get_compat_msghdr+0x108/0x270 [ 594.024023][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 594.024023][T13080] __sys_recvmmsg+0x4ca/0x510 [ 594.024023][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.024023][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.024023][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 594.024023][T13080] do_fast_syscall_32+0x6b/0xd0 [ 594.024023][T13080] do_SYSENTER_32+0x73/0x90 [ 594.024023][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.024023][T13080] [ 594.024023][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 594.024023][T13080] do_recvmmsg+0xc5/0x1ee0 [ 594.024023][T13080] do_recvmmsg+0xc5/0x1ee0 [ 594.806392][T13012] not chained 1840000 origins [ 594.810147][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 594.810147][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 594.810147][T13012] Call Trace: [ 594.830330][T13012] dump_stack+0x1df/0x240 [ 594.830330][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 594.830330][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 594.830330][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 594.830330][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 594.830330][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 594.830330][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 594.830330][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 594.830330][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 594.830330][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 594.830330][T13012] ? _copy_from_user+0x15b/0x260 [ 594.830330][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 594.830330][T13012] __msan_chain_origin+0x50/0x90 [ 594.830330][T13012] __get_compat_msghdr+0x5be/0x890 [ 594.830330][T13012] get_compat_msghdr+0x108/0x270 [ 594.830330][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 594.830330][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 594.830330][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 594.830330][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 594.830330][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 594.830330][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 594.830330][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 594.945254][T13072] not chained 1850000 origins [ 594.830330][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 594.830330][T13012] __sys_recvmmsg+0x4ca/0x510 [ 594.830330][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.830330][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 594.830330][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.830330][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 594.830330][T13012] do_fast_syscall_32+0x6b/0xd0 [ 594.830330][T13012] do_SYSENTER_32+0x73/0x90 [ 594.830330][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.830330][T13012] RIP: 0023:0xf7f4d549 [ 594.830330][T13012] Code: Bad RIP value. [ 594.830330][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 594.830330][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 594.830330][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 594.830330][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 594.830330][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 594.830330][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 594.830330][T13012] Uninit was stored to memory at: [ 594.950162][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 594.950162][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 594.830330][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 594.950162][T13072] Call Trace: [ 594.830330][T13012] __msan_chain_origin+0x50/0x90 [ 594.950162][T13072] dump_stack+0x1df/0x240 [ 594.830330][T13012] __get_compat_msghdr+0x5be/0x890 [ 594.950162][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 594.830330][T13012] get_compat_msghdr+0x108/0x270 [ 594.950162][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 594.830330][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 594.950162][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 594.830330][T13012] __sys_recvmmsg+0x4ca/0x510 [ 594.950162][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 594.830330][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.950162][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 594.830330][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.950162][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 594.830330][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 594.950162][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 594.830330][T13012] do_fast_syscall_32+0x6b/0xd0 [ 594.950162][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 594.830330][T13012] do_SYSENTER_32+0x73/0x90 [ 594.950162][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 594.830330][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.950162][T13072] ? _copy_from_user+0x15b/0x260 [ 594.830330][T13012] [ 594.950162][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 594.830330][T13012] Uninit was stored to memory at: [ 594.950162][T13072] __msan_chain_origin+0x50/0x90 [ 594.830330][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 594.950162][T13072] __get_compat_msghdr+0x5be/0x890 [ 594.830330][T13012] __msan_chain_origin+0x50/0x90 [ 594.950162][T13072] get_compat_msghdr+0x108/0x270 [ 594.830330][T13012] __get_compat_msghdr+0x5be/0x890 [ 594.950162][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 594.830330][T13012] get_compat_msghdr+0x108/0x270 [ 594.950162][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 594.830330][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 594.950162][T13072] ? sched_clock_cpu+0x7c/0x930 [ 594.830330][T13012] __sys_recvmmsg+0x4ca/0x510 [ 594.950162][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 594.830330][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.950162][T13072] ? sched_clock_cpu+0x7c/0x930 [ 594.830330][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.950162][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 594.830330][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 594.950162][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 594.830330][T13012] do_fast_syscall_32+0x6b/0xd0 [ 594.950162][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 594.830330][T13012] do_SYSENTER_32+0x73/0x90 [ 594.950162][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 594.830330][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.950162][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 594.830330][T13012] [ 594.950162][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 594.830330][T13012] Uninit was stored to memory at: [ 594.950162][T13072] __sys_recvmmsg+0x4ca/0x510 [ 594.830330][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 594.950162][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.830330][T13012] __msan_chain_origin+0x50/0x90 [ 594.950162][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 594.830330][T13012] __get_compat_msghdr+0x5be/0x890 [ 594.950162][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.830330][T13012] get_compat_msghdr+0x108/0x270 [ 594.950162][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 594.830330][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 594.950162][T13072] do_fast_syscall_32+0x6b/0xd0 [ 594.830330][T13012] __sys_recvmmsg+0x4ca/0x510 [ 594.950162][T13072] do_SYSENTER_32+0x73/0x90 [ 594.830330][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.950162][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.830330][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.950162][T13072] RIP: 0023:0xf7fbe549 [ 594.830330][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 594.950162][T13072] Code: Bad RIP value. [ 594.830330][T13012] do_fast_syscall_32+0x6b/0xd0 [ 594.950162][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 594.830330][T13012] do_SYSENTER_32+0x73/0x90 [ 594.950162][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 594.830330][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.950162][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 594.830330][T13012] [ 594.950162][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 594.830330][T13012] Uninit was stored to memory at: [ 594.950162][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 594.830330][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 594.950162][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 594.830330][T13012] __msan_chain_origin+0x50/0x90 [ 594.950162][T13072] Uninit was stored to memory at: [ 594.830330][T13012] __get_compat_msghdr+0x5be/0x890 [ 594.950162][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 594.830330][T13012] get_compat_msghdr+0x108/0x270 [ 594.950162][T13072] __msan_chain_origin+0x50/0x90 [ 594.830330][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 594.950162][T13072] __get_compat_msghdr+0x5be/0x890 [ 594.830330][T13012] __sys_recvmmsg+0x4ca/0x510 [ 594.950162][T13072] get_compat_msghdr+0x108/0x270 [ 594.830330][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.950162][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 594.830330][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.950162][T13072] __sys_recvmmsg+0x4ca/0x510 [ 594.830330][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 594.950162][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.830330][T13012] do_fast_syscall_32+0x6b/0xd0 [ 594.950162][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.830330][T13012] do_SYSENTER_32+0x73/0x90 [ 594.950162][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 594.830330][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.950162][T13072] do_fast_syscall_32+0x6b/0xd0 [ 594.830330][T13012] [ 594.950162][T13072] do_SYSENTER_32+0x73/0x90 [ 594.830330][T13012] Uninit was stored to memory at: [ 594.950162][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.830330][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 594.950162][T13072] [ 594.830330][T13012] __msan_chain_origin+0x50/0x90 [ 594.950162][T13072] Uninit was stored to memory at: [ 594.830330][T13012] __get_compat_msghdr+0x5be/0x890 [ 594.950162][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 594.830330][T13012] get_compat_msghdr+0x108/0x270 [ 594.950162][T13072] __msan_chain_origin+0x50/0x90 [ 594.830330][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 594.950162][T13072] __get_compat_msghdr+0x5be/0x890 [ 594.830330][T13012] __sys_recvmmsg+0x4ca/0x510 [ 594.950162][T13072] get_compat_msghdr+0x108/0x270 [ 594.830330][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.950162][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 594.830330][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.950162][T13072] __sys_recvmmsg+0x4ca/0x510 [ 594.830330][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 594.950162][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.830330][T13012] do_fast_syscall_32+0x6b/0xd0 [ 594.950162][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.830330][T13012] do_SYSENTER_32+0x73/0x90 [ 594.950162][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 594.830330][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.950162][T13072] do_fast_syscall_32+0x6b/0xd0 [ 594.830330][T13012] [ 594.950162][T13072] do_SYSENTER_32+0x73/0x90 [ 594.830330][T13012] Uninit was stored to memory at: [ 594.950162][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.830330][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 594.950162][T13072] [ 594.830330][T13012] __msan_chain_origin+0x50/0x90 [ 594.950162][T13072] Uninit was stored to memory at: [ 594.830330][T13012] __get_compat_msghdr+0x5be/0x890 [ 594.950162][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 594.830330][T13012] get_compat_msghdr+0x108/0x270 [ 594.950162][T13072] __msan_chain_origin+0x50/0x90 [ 594.830330][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 594.950162][T13072] __get_compat_msghdr+0x5be/0x890 [ 594.830330][T13012] __sys_recvmmsg+0x4ca/0x510 [ 594.950162][T13072] get_compat_msghdr+0x108/0x270 [ 594.830330][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.950162][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 594.830330][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.950162][T13072] __sys_recvmmsg+0x4ca/0x510 [ 594.830330][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 594.950162][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.830330][T13012] do_fast_syscall_32+0x6b/0xd0 [ 594.950162][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.830330][T13012] do_SYSENTER_32+0x73/0x90 [ 594.950162][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 594.830330][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.950162][T13072] do_fast_syscall_32+0x6b/0xd0 [ 594.830330][T13012] [ 594.950162][T13072] do_SYSENTER_32+0x73/0x90 [ 594.830330][T13012] Uninit was stored to memory at: [ 594.950162][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.830330][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 594.950162][T13072] [ 594.830330][T13012] __msan_chain_origin+0x50/0x90 [ 594.950162][T13072] Uninit was stored to memory at: [ 594.830330][T13012] __get_compat_msghdr+0x5be/0x890 [ 594.950162][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 594.830330][T13012] get_compat_msghdr+0x108/0x270 [ 594.950162][T13072] __msan_chain_origin+0x50/0x90 [ 594.830330][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 594.950162][T13072] __get_compat_msghdr+0x5be/0x890 [ 594.830330][T13012] __sys_recvmmsg+0x4ca/0x510 [ 594.950162][T13072] get_compat_msghdr+0x108/0x270 [ 594.830330][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.950162][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 594.830330][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.950162][T13072] __sys_recvmmsg+0x4ca/0x510 [ 594.830330][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 594.950162][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 594.830330][T13012] do_fast_syscall_32+0x6b/0xd0 [ 594.950162][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 594.830330][T13012] do_SYSENTER_32+0x73/0x90 [ 594.950162][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 594.830330][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.950162][T13072] do_fast_syscall_32+0x6b/0xd0 [ 594.830330][T13012] [ 594.950162][T13072] do_SYSENTER_32+0x73/0x90 [ 594.830330][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 594.950162][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 594.830330][T13012] do_recvmmsg+0xc5/0x1ee0 [ 594.950162][T13072] [ 594.830330][T13012] do_recvmmsg+0xc5/0x1ee0 [ 594.950162][T13072] Uninit was stored to memory at: [ 596.100217][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 596.110766][T13072] __msan_chain_origin+0x50/0x90 [ 596.110766][T13072] __get_compat_msghdr+0x5be/0x890 [ 596.110766][T13072] get_compat_msghdr+0x108/0x270 [ 596.110766][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 596.110766][T13072] __sys_recvmmsg+0x4ca/0x510 [ 596.110766][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.110766][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.110766][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 596.110766][T13072] do_fast_syscall_32+0x6b/0xd0 [ 596.110766][T13072] do_SYSENTER_32+0x73/0x90 [ 596.110766][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.110766][T13072] [ 596.110766][T13072] Uninit was stored to memory at: [ 596.110766][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 596.110766][T13072] __msan_chain_origin+0x50/0x90 [ 596.110766][T13072] __get_compat_msghdr+0x5be/0x890 [ 596.110766][T13072] get_compat_msghdr+0x108/0x270 [ 596.110766][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 596.110766][T13072] __sys_recvmmsg+0x4ca/0x510 [ 596.110766][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.110766][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.110766][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 596.110766][T13072] do_fast_syscall_32+0x6b/0xd0 [ 596.110766][T13072] do_SYSENTER_32+0x73/0x90 [ 596.110766][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.110766][T13072] [ 596.110766][T13072] Uninit was stored to memory at: [ 596.110766][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 596.110766][T13072] __msan_chain_origin+0x50/0x90 [ 596.110766][T13072] __get_compat_msghdr+0x5be/0x890 [ 596.110766][T13072] get_compat_msghdr+0x108/0x270 [ 596.110766][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 596.110766][T13072] __sys_recvmmsg+0x4ca/0x510 [ 596.110766][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.110766][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.110766][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 596.110766][T13072] do_fast_syscall_32+0x6b/0xd0 [ 596.110766][T13072] do_SYSENTER_32+0x73/0x90 [ 596.110766][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.110766][T13072] [ 596.110766][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 596.110766][T13072] do_recvmmsg+0xc5/0x1ee0 [ 596.110766][T13072] do_recvmmsg+0xc5/0x1ee0 [ 596.503425][T13021] not chained 1860000 origins [ 596.508242][T13021] CPU: 0 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 596.510181][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 596.510181][T13021] Call Trace: [ 596.510181][T13021] dump_stack+0x1df/0x240 [ 596.510181][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 596.510181][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 596.510181][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 596.510181][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 596.510181][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 596.510181][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 596.510181][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 596.510181][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 596.510181][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 596.510181][T13021] ? _copy_from_user+0x15b/0x260 [ 596.510181][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 596.510181][T13021] __msan_chain_origin+0x50/0x90 [ 596.510181][T13021] __get_compat_msghdr+0x5be/0x890 [ 596.510181][T13021] get_compat_msghdr+0x108/0x270 [ 596.510181][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 596.510181][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 596.510181][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 596.510181][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 596.510181][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 596.510181][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 596.510181][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 596.510181][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 596.510181][T13021] __sys_recvmmsg+0x4ca/0x510 [ 596.510181][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.510181][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 596.510181][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.510181][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 596.510181][T13021] do_fast_syscall_32+0x6b/0xd0 [ 596.510181][T13021] do_SYSENTER_32+0x73/0x90 [ 596.510181][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.510181][T13021] RIP: 0023:0xf7f4d549 [ 596.510181][T13021] Code: Bad RIP value. [ 596.510181][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 596.510181][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 596.510181][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 596.510181][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 596.510181][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 596.510181][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 596.510181][T13021] Uninit was stored to memory at: [ 596.510181][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 596.510181][T13021] __msan_chain_origin+0x50/0x90 [ 596.510181][T13021] __get_compat_msghdr+0x5be/0x890 [ 596.510181][T13021] get_compat_msghdr+0x108/0x270 [ 596.510181][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 596.510181][T13021] __sys_recvmmsg+0x4ca/0x510 [ 596.510181][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.510181][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.510181][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 596.510181][T13021] do_fast_syscall_32+0x6b/0xd0 [ 596.510181][T13021] do_SYSENTER_32+0x73/0x90 [ 596.510181][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.510181][T13021] [ 596.510181][T13021] Uninit was stored to memory at: [ 596.510181][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 596.510181][T13021] __msan_chain_origin+0x50/0x90 [ 596.510181][T13021] __get_compat_msghdr+0x5be/0x890 [ 596.510181][T13021] get_compat_msghdr+0x108/0x270 [ 596.510181][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 596.510181][T13021] __sys_recvmmsg+0x4ca/0x510 [ 596.510181][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.510181][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.510181][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 596.510181][T13021] do_fast_syscall_32+0x6b/0xd0 [ 596.510181][T13021] do_SYSENTER_32+0x73/0x90 [ 596.510181][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.510181][T13021] [ 596.510181][T13021] Uninit was stored to memory at: [ 596.510181][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 596.510181][T13021] __msan_chain_origin+0x50/0x90 [ 596.510181][T13021] __get_compat_msghdr+0x5be/0x890 [ 596.510181][T13021] get_compat_msghdr+0x108/0x270 [ 596.510181][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 596.510181][T13021] __sys_recvmmsg+0x4ca/0x510 [ 596.510181][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.510181][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.510181][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 596.510181][T13021] do_fast_syscall_32+0x6b/0xd0 [ 596.510181][T13021] do_SYSENTER_32+0x73/0x90 [ 596.510181][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.510181][T13021] [ 596.510181][T13021] Uninit was stored to memory at: [ 596.510181][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 596.510181][T13021] __msan_chain_origin+0x50/0x90 [ 596.510181][T13021] __get_compat_msghdr+0x5be/0x890 [ 596.510181][T13021] get_compat_msghdr+0x108/0x270 [ 596.510181][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 596.510181][T13021] __sys_recvmmsg+0x4ca/0x510 [ 596.510181][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.510181][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.510181][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 596.510181][T13021] do_fast_syscall_32+0x6b/0xd0 [ 596.510181][T13021] do_SYSENTER_32+0x73/0x90 [ 596.510181][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.510181][T13021] [ 596.510181][T13021] Uninit was stored to memory at: [ 596.510181][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 596.510181][T13021] __msan_chain_origin+0x50/0x90 [ 596.510181][T13021] __get_compat_msghdr+0x5be/0x890 [ 596.510181][T13021] get_compat_msghdr+0x108/0x270 [ 596.510181][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 596.510181][T13021] __sys_recvmmsg+0x4ca/0x510 [ 596.510181][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.510181][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.510181][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 596.510181][T13021] do_fast_syscall_32+0x6b/0xd0 [ 596.510181][T13021] do_SYSENTER_32+0x73/0x90 [ 596.510181][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.510181][T13021] [ 596.510181][T13021] Uninit was stored to memory at: [ 596.510181][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 596.510181][T13021] __msan_chain_origin+0x50/0x90 [ 596.510181][T13021] __get_compat_msghdr+0x5be/0x890 [ 596.510181][T13021] get_compat_msghdr+0x108/0x270 [ 596.510181][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 596.510181][T13021] __sys_recvmmsg+0x4ca/0x510 [ 596.510181][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.510181][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.510181][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 596.510181][T13021] do_fast_syscall_32+0x6b/0xd0 [ 596.510181][T13021] do_SYSENTER_32+0x73/0x90 [ 596.510181][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.510181][T13021] [ 596.510181][T13021] Uninit was stored to memory at: [ 596.510181][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 596.510181][T13021] __msan_chain_origin+0x50/0x90 [ 596.510181][T13021] __get_compat_msghdr+0x5be/0x890 [ 596.510181][T13021] get_compat_msghdr+0x108/0x270 [ 596.510181][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 596.510181][T13021] __sys_recvmmsg+0x4ca/0x510 [ 596.510181][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.510181][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.510181][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 596.510181][T13021] do_fast_syscall_32+0x6b/0xd0 [ 596.510181][T13021] do_SYSENTER_32+0x73/0x90 [ 596.510181][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.510181][T13021] [ 596.510181][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 596.510181][T13021] do_recvmmsg+0xc5/0x1ee0 [ 596.510181][T13021] do_recvmmsg+0xc5/0x1ee0 [ 597.395312][T13072] not chained 1870000 origins [ 597.400021][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 597.400150][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 597.400150][T13072] Call Trace: [ 597.400150][T13072] dump_stack+0x1df/0x240 [ 597.400150][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 597.400150][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 597.400150][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 597.400150][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 597.400150][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 597.400150][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 597.400150][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 597.400150][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 597.400150][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 597.400150][T13072] ? _copy_from_user+0x15b/0x260 [ 597.400150][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 597.400150][T13072] __msan_chain_origin+0x50/0x90 [ 597.400150][T13072] __get_compat_msghdr+0x5be/0x890 [ 597.400150][T13072] get_compat_msghdr+0x108/0x270 [ 597.400150][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 597.400150][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 597.510330][T13072] ? sched_clock_cpu+0x7c/0x930 [ 597.510330][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 597.510330][T13072] ? sched_clock_cpu+0x7c/0x930 [ 597.510330][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 597.510330][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 597.510330][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 597.510330][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 597.510330][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 597.510330][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 597.510330][T13072] __sys_recvmmsg+0x4ca/0x510 [ 597.510330][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.510330][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 597.510330][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.580304][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 597.580304][T13072] do_fast_syscall_32+0x6b/0xd0 [ 597.580304][T13072] do_SYSENTER_32+0x73/0x90 [ 597.580304][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.580304][T13072] RIP: 0023:0xf7fbe549 [ 597.580304][T13072] Code: Bad RIP value. [ 597.580304][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 597.580304][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 597.580304][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 597.580304][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 597.580304][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 597.580304][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 597.580304][T13072] Uninit was stored to memory at: [ 597.580304][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 597.580304][T13072] __msan_chain_origin+0x50/0x90 [ 597.580304][T13072] __get_compat_msghdr+0x5be/0x890 [ 597.680343][T13072] get_compat_msghdr+0x108/0x270 [ 597.680343][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 597.680343][T13072] __sys_recvmmsg+0x4ca/0x510 [ 597.680343][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.680343][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.680343][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 597.680343][T13072] do_fast_syscall_32+0x6b/0xd0 [ 597.680343][T13072] do_SYSENTER_32+0x73/0x90 [ 597.680343][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.680343][T13072] [ 597.680343][T13072] Uninit was stored to memory at: [ 597.680343][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 597.680343][T13072] __msan_chain_origin+0x50/0x90 [ 597.680343][T13072] __get_compat_msghdr+0x5be/0x890 [ 597.680343][T13072] get_compat_msghdr+0x108/0x270 [ 597.680343][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 597.680343][T13072] __sys_recvmmsg+0x4ca/0x510 [ 597.680343][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.680343][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.771395][T13080] not chained 1880000 origins [ 597.680343][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 597.780195][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 597.680343][T13072] do_fast_syscall_32+0x6b/0xd0 [ 597.780195][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 597.680343][T13072] do_SYSENTER_32+0x73/0x90 [ 597.780195][T13080] Call Trace: [ 597.680343][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.780195][T13080] dump_stack+0x1df/0x240 [ 597.680343][T13072] [ 597.780195][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 597.680343][T13072] Uninit was stored to memory at: [ 597.780195][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 597.680343][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 597.780195][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 597.680343][T13072] __msan_chain_origin+0x50/0x90 [ 597.780195][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 597.680343][T13072] __get_compat_msghdr+0x5be/0x890 [ 597.780195][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 597.680343][T13072] get_compat_msghdr+0x108/0x270 [ 597.780195][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 597.680343][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 597.780195][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 597.680343][T13072] __sys_recvmmsg+0x4ca/0x510 [ 597.780195][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 597.680343][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.780195][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 597.680343][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.780195][T13080] ? _copy_from_user+0x15b/0x260 [ 597.680343][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 597.780195][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 597.680343][T13072] do_fast_syscall_32+0x6b/0xd0 [ 597.780195][T13080] __msan_chain_origin+0x50/0x90 [ 597.680343][T13072] do_SYSENTER_32+0x73/0x90 [ 597.780195][T13080] __get_compat_msghdr+0x5be/0x890 [ 597.680343][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.780195][T13080] get_compat_msghdr+0x108/0x270 [ 597.680343][T13072] [ 597.780195][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 597.680343][T13072] Uninit was stored to memory at: [ 597.780195][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 597.680343][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 597.780195][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 597.680343][T13072] __msan_chain_origin+0x50/0x90 [ 597.780195][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 597.680343][T13072] __get_compat_msghdr+0x5be/0x890 [ 597.780195][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 597.680343][T13072] get_compat_msghdr+0x108/0x270 [ 597.780195][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 597.680343][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 597.780195][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 597.680343][T13072] __sys_recvmmsg+0x4ca/0x510 [ 597.780195][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 597.680343][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.780195][T13080] __sys_recvmmsg+0x4ca/0x510 [ 597.680343][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.780195][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.680343][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 597.780195][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 597.680343][T13072] do_fast_syscall_32+0x6b/0xd0 [ 597.780195][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.680343][T13072] do_SYSENTER_32+0x73/0x90 [ 597.780195][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 597.680343][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.780195][T13080] do_fast_syscall_32+0x6b/0xd0 [ 597.680343][T13072] [ 597.780195][T13080] do_SYSENTER_32+0x73/0x90 [ 597.680343][T13072] Uninit was stored to memory at: [ 597.780195][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.680343][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 597.780195][T13080] RIP: 0023:0xf7fbe549 [ 597.680343][T13072] __msan_chain_origin+0x50/0x90 [ 597.780195][T13080] Code: Bad RIP value. [ 597.680343][T13072] __get_compat_msghdr+0x5be/0x890 [ 597.780195][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 597.680343][T13072] get_compat_msghdr+0x108/0x270 [ 597.780195][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 597.680343][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 597.780195][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 597.680343][T13072] __sys_recvmmsg+0x4ca/0x510 [ 597.780195][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 597.680343][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.780195][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 597.680343][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.780195][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 597.680343][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 597.780195][T13080] Uninit was stored to memory at: [ 597.680343][T13072] do_fast_syscall_32+0x6b/0xd0 [ 597.780195][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 597.680343][T13072] do_SYSENTER_32+0x73/0x90 [ 597.780195][T13080] __msan_chain_origin+0x50/0x90 [ 597.680343][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.780195][T13080] __get_compat_msghdr+0x5be/0x890 [ 597.680343][T13072] [ 597.780195][T13080] get_compat_msghdr+0x108/0x270 [ 597.680343][T13072] Uninit was stored to memory at: [ 597.780195][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 597.680343][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 597.780195][T13080] __sys_recvmmsg+0x4ca/0x510 [ 597.680343][T13072] __msan_chain_origin+0x50/0x90 [ 597.780195][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.680343][T13072] __get_compat_msghdr+0x5be/0x890 [ 597.780195][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.680343][T13072] get_compat_msghdr+0x108/0x270 [ 597.780195][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 597.680343][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 597.780195][T13080] do_fast_syscall_32+0x6b/0xd0 [ 597.680343][T13072] __sys_recvmmsg+0x4ca/0x510 [ 597.780195][T13080] do_SYSENTER_32+0x73/0x90 [ 597.680343][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.780195][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.680343][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.780195][T13080] [ 597.680343][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 597.780195][T13080] Uninit was stored to memory at: [ 597.680343][T13072] do_fast_syscall_32+0x6b/0xd0 [ 597.780195][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 597.680343][T13072] do_SYSENTER_32+0x73/0x90 [ 597.780195][T13080] __msan_chain_origin+0x50/0x90 [ 597.680343][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.780195][T13080] __get_compat_msghdr+0x5be/0x890 [ 597.680343][T13072] [ 597.780195][T13080] get_compat_msghdr+0x108/0x270 [ 597.680343][T13072] Uninit was stored to memory at: [ 597.780195][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 597.680343][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 597.780195][T13080] __sys_recvmmsg+0x4ca/0x510 [ 597.680343][T13072] __msan_chain_origin+0x50/0x90 [ 597.780195][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.680343][T13072] __get_compat_msghdr+0x5be/0x890 [ 597.780195][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.680343][T13072] get_compat_msghdr+0x108/0x270 [ 597.780195][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 597.680343][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 597.780195][T13080] do_fast_syscall_32+0x6b/0xd0 [ 597.680343][T13072] __sys_recvmmsg+0x4ca/0x510 [ 597.780195][T13080] do_SYSENTER_32+0x73/0x90 [ 597.680343][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.780195][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.680343][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.780195][T13080] [ 597.680343][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 597.780195][T13080] Uninit was stored to memory at: [ 597.680343][T13072] do_fast_syscall_32+0x6b/0xd0 [ 597.780195][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 597.680343][T13072] do_SYSENTER_32+0x73/0x90 [ 597.680343][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.780195][T13080] __msan_chain_origin+0x50/0x90 [ 597.680343][T13072] [ 597.780195][T13080] __get_compat_msghdr+0x5be/0x890 [ 597.680343][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 597.780195][T13080] get_compat_msghdr+0x108/0x270 [ 597.680343][T13072] do_recvmmsg+0xc5/0x1ee0 [ 597.780195][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 597.680343][T13072] do_recvmmsg+0xc5/0x1ee0 [ 597.780195][T13080] __sys_recvmmsg+0x4ca/0x510 [ 597.780195][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.780195][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.780195][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 597.780195][T13080] do_fast_syscall_32+0x6b/0xd0 [ 597.780195][T13080] do_SYSENTER_32+0x73/0x90 [ 598.610245][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.610245][T13080] [ 598.610245][T13080] Uninit was stored to memory at: [ 598.610245][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 598.610245][T13080] __msan_chain_origin+0x50/0x90 [ 598.610245][T13080] __get_compat_msghdr+0x5be/0x890 [ 598.610245][T13080] get_compat_msghdr+0x108/0x270 [ 598.610245][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 598.610245][T13080] __sys_recvmmsg+0x4ca/0x510 [ 598.610245][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.610245][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.610245][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 598.610245][T13080] do_fast_syscall_32+0x6b/0xd0 [ 598.610245][T13080] do_SYSENTER_32+0x73/0x90 [ 598.610245][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.610245][T13080] [ 598.610245][T13080] Uninit was stored to memory at: [ 598.610245][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 598.610245][T13080] __msan_chain_origin+0x50/0x90 [ 598.610245][T13080] __get_compat_msghdr+0x5be/0x890 [ 598.610245][T13080] get_compat_msghdr+0x108/0x270 [ 598.610245][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 598.610245][T13080] __sys_recvmmsg+0x4ca/0x510 [ 598.610245][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.610245][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.610245][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 598.610245][T13080] do_fast_syscall_32+0x6b/0xd0 [ 598.610245][T13080] do_SYSENTER_32+0x73/0x90 [ 598.610245][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.755734][T13041] not chained 1890000 origins [ 598.610245][T13080] [ 598.760140][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 598.610245][T13080] Uninit was stored to memory at: [ 598.760140][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 598.610245][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 598.760140][T13041] Call Trace: [ 598.610245][T13080] __msan_chain_origin+0x50/0x90 [ 598.760140][T13041] dump_stack+0x1df/0x240 [ 598.610245][T13080] __get_compat_msghdr+0x5be/0x890 [ 598.760140][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 598.610245][T13080] get_compat_msghdr+0x108/0x270 [ 598.760140][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 598.610245][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 598.760140][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 598.610245][T13080] __sys_recvmmsg+0x4ca/0x510 [ 598.760140][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 598.610245][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.760140][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 598.610245][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.760140][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 598.610245][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 598.760140][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 598.610245][T13080] do_fast_syscall_32+0x6b/0xd0 [ 598.760140][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 598.610245][T13080] do_SYSENTER_32+0x73/0x90 [ 598.760140][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 598.610245][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.760140][T13041] ? _copy_from_user+0x15b/0x260 [ 598.610245][T13080] [ 598.760140][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 598.610245][T13080] Uninit was stored to memory at: [ 598.760140][T13041] __msan_chain_origin+0x50/0x90 [ 598.610245][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 598.760140][T13041] __get_compat_msghdr+0x5be/0x890 [ 598.610245][T13080] __msan_chain_origin+0x50/0x90 [ 598.760140][T13041] get_compat_msghdr+0x108/0x270 [ 598.610245][T13080] __get_compat_msghdr+0x5be/0x890 [ 598.760140][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 598.610245][T13080] get_compat_msghdr+0x108/0x270 [ 598.760140][T13041] ? idle_cpu+0x9a/0x1d0 [ 598.610245][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 598.760140][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 598.610245][T13080] __sys_recvmmsg+0x4ca/0x510 [ 598.760140][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 598.610245][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.760140][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 598.610245][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.760140][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 598.610245][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 598.760140][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 598.610245][T13080] do_fast_syscall_32+0x6b/0xd0 [ 598.760140][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 598.610245][T13080] do_SYSENTER_32+0x73/0x90 [ 598.760140][T13041] __sys_recvmmsg+0x4ca/0x510 [ 598.610245][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.760140][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.610245][T13080] [ 598.760140][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 598.610245][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 598.760140][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.610245][T13080] do_recvmmsg+0xc5/0x1ee0 [ 598.760140][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 598.610245][T13080] do_recvmmsg+0xc5/0x1ee0 [ 598.760140][T13041] do_fast_syscall_32+0x6b/0xd0 [ 598.760140][T13041] do_SYSENTER_32+0x73/0x90 [ 599.098545][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.098545][T13041] RIP: 0023:0xf7fd6549 [ 599.098545][T13041] Code: Bad RIP value. [ 599.098545][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 599.119818][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 599.098545][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 599.098545][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 599.098545][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 599.098545][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 599.098545][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 599.098545][T13041] Uninit was stored to memory at: [ 599.098545][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 599.098545][T13041] __msan_chain_origin+0x50/0x90 [ 599.098545][T13041] __get_compat_msghdr+0x5be/0x890 [ 599.098545][T13041] get_compat_msghdr+0x108/0x270 [ 599.098545][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 599.098545][T13041] __sys_recvmmsg+0x4ca/0x510 [ 599.098545][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.098545][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.098545][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 599.098545][T13041] do_fast_syscall_32+0x6b/0xd0 [ 599.098545][T13041] do_SYSENTER_32+0x73/0x90 [ 599.098545][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.098545][T13041] [ 599.098545][T13041] Uninit was stored to memory at: [ 599.244021][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 599.098545][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 599.098545][T13041] __msan_chain_origin+0x50/0x90 [ 599.098545][T13041] __get_compat_msghdr+0x5be/0x890 [ 599.267987][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 599.098545][T13041] get_compat_msghdr+0x108/0x270 [ 599.098545][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 599.098545][T13041] __sys_recvmmsg+0x4ca/0x510 [ 599.098545][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.098545][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.098545][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 599.098545][T13041] do_fast_syscall_32+0x6b/0xd0 [ 599.098545][T13041] do_SYSENTER_32+0x73/0x90 [ 599.098545][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.098545][T13041] [ 599.098545][T13041] Uninit was stored to memory at: [ 599.098545][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 599.098545][T13041] __msan_chain_origin+0x50/0x90 [ 599.098545][T13041] __get_compat_msghdr+0x5be/0x890 [ 599.098545][T13041] get_compat_msghdr+0x108/0x270 [ 599.306963][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 599.306963][T13041] __sys_recvmmsg+0x4ca/0x510 [ 599.306963][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.306963][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.306963][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 599.306963][T13041] do_fast_syscall_32+0x6b/0xd0 [ 599.306963][T13041] do_SYSENTER_32+0x73/0x90 [ 599.306963][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.306963][T13041] [ 599.306963][T13041] Uninit was stored to memory at: [ 599.306963][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 599.306963][T13041] __msan_chain_origin+0x50/0x90 [ 599.306963][T13041] __get_compat_msghdr+0x5be/0x890 [ 599.306963][T13041] get_compat_msghdr+0x108/0x270 [ 599.306963][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 599.306963][T13041] __sys_recvmmsg+0x4ca/0x510 [ 599.306963][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.438891][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 599.306963][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.306963][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 599.306963][T13041] do_fast_syscall_32+0x6b/0xd0 [ 599.306963][T13041] do_SYSENTER_32+0x73/0x90 [ 599.306963][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.306963][T13041] [ 599.306963][T13041] Uninit was stored to memory at: [ 599.306963][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 599.306963][T13041] __msan_chain_origin+0x50/0x90 [ 599.306963][T13041] __get_compat_msghdr+0x5be/0x890 [ 599.306963][T13041] get_compat_msghdr+0x108/0x270 [ 599.306963][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 599.306963][T13041] __sys_recvmmsg+0x4ca/0x510 [ 599.511017][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 599.306963][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.306963][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.306963][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 599.306963][T13041] do_fast_syscall_32+0x6b/0xd0 [ 599.541575][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 599.306963][T13041] do_SYSENTER_32+0x73/0x90 [ 599.306963][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.306963][T13041] [ 599.306963][T13041] Uninit was stored to memory at: [ 599.306963][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 599.306963][T13041] __msan_chain_origin+0x50/0x90 [ 599.306963][T13041] __get_compat_msghdr+0x5be/0x890 [ 599.306963][T13041] get_compat_msghdr+0x108/0x270 [ 599.306963][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 599.306963][T13041] __sys_recvmmsg+0x4ca/0x510 [ 599.306963][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.306963][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.306963][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 599.306963][T13041] do_fast_syscall_32+0x6b/0xd0 [ 599.618694][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 599.306963][T13041] do_SYSENTER_32+0x73/0x90 [ 599.306963][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.306963][T13041] [ 599.306963][T13041] Uninit was stored to memory at: [ 599.306963][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 599.306963][T13041] __msan_chain_origin+0x50/0x90 [ 599.306963][T13041] __get_compat_msghdr+0x5be/0x890 [ 599.306963][T13041] get_compat_msghdr+0x108/0x270 [ 599.306963][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 599.306963][T13041] __sys_recvmmsg+0x4ca/0x510 [ 599.306963][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.306963][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.306963][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 599.306963][T13041] do_fast_syscall_32+0x6b/0xd0 [ 599.306963][T13041] do_SYSENTER_32+0x73/0x90 [ 599.680366][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.680366][T13041] [ 599.680366][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 599.716552][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 599.680366][T13041] do_recvmmsg+0xc5/0x1ee0 [ 599.680366][T13041] do_recvmmsg+0xc5/0x1ee0 [ 599.773653][T13012] not chained 1900000 origins [ 599.778365][T13012] CPU: 0 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 599.780193][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 599.780193][T13012] Call Trace: [ 599.780193][T13012] dump_stack+0x1df/0x240 [ 599.780193][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 599.780193][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 599.780193][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 599.780193][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 599.780193][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 599.780193][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 599.780193][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 599.780193][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 599.780193][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 599.780193][T13012] ? _copy_from_user+0x15b/0x260 [ 599.780193][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 599.780193][T13012] __msan_chain_origin+0x50/0x90 [ 599.780193][T13012] __get_compat_msghdr+0x5be/0x890 [ 599.780193][T13012] get_compat_msghdr+0x108/0x270 [ 599.780193][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 599.780193][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 599.780193][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 599.780193][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 599.780193][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 599.780193][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 599.780193][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 599.780193][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 599.780193][T13012] __sys_recvmmsg+0x4ca/0x510 [ 599.780193][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.780193][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 599.780193][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.780193][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 599.780193][T13012] do_fast_syscall_32+0x6b/0xd0 [ 599.780193][T13012] do_SYSENTER_32+0x73/0x90 [ 599.780193][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.959488][T13072] not chained 1910000 origins [ 599.780193][T13012] RIP: 0023:0xf7f4d549 [ 599.780193][T13012] Code: Bad RIP value. [ 599.780193][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 599.780193][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 599.780193][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 599.780193][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 599.780193][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 599.780193][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 599.780193][T13012] Uninit was stored to memory at: [ 599.960139][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 599.960139][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 599.780193][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 599.960139][T13072] Call Trace: [ 599.780193][T13012] __msan_chain_origin+0x50/0x90 [ 599.960139][T13072] dump_stack+0x1df/0x240 [ 599.780193][T13012] __get_compat_msghdr+0x5be/0x890 [ 599.960139][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 599.960139][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 599.780193][T13012] get_compat_msghdr+0x108/0x270 [ 599.960139][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 599.780193][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 599.960139][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 599.780193][T13012] __sys_recvmmsg+0x4ca/0x510 [ 599.960139][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 599.780193][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.960139][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 599.780193][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.960139][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 599.780193][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 599.960139][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 599.780193][T13012] do_fast_syscall_32+0x6b/0xd0 [ 599.960139][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 599.780193][T13012] do_SYSENTER_32+0x73/0x90 [ 599.960139][T13072] ? _copy_from_user+0x15b/0x260 [ 599.780193][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.960139][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 599.780193][T13012] [ 599.960139][T13072] __msan_chain_origin+0x50/0x90 [ 599.780193][T13012] Uninit was stored to memory at: [ 599.960139][T13072] __get_compat_msghdr+0x5be/0x890 [ 599.780193][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 599.960139][T13072] get_compat_msghdr+0x108/0x270 [ 599.780193][T13012] __msan_chain_origin+0x50/0x90 [ 599.960139][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 599.780193][T13012] __get_compat_msghdr+0x5be/0x890 [ 599.960139][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 599.780193][T13012] get_compat_msghdr+0x108/0x270 [ 599.960139][T13072] ? sched_clock_cpu+0x7c/0x930 [ 599.780193][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 599.960139][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 599.780193][T13012] __sys_recvmmsg+0x4ca/0x510 [ 599.960139][T13072] ? sched_clock_cpu+0x7c/0x930 [ 599.780193][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.960139][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 599.780193][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.960139][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 599.780193][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 599.960139][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 599.780193][T13012] do_fast_syscall_32+0x6b/0xd0 [ 599.960139][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 599.780193][T13012] do_SYSENTER_32+0x73/0x90 [ 599.960139][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 599.780193][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.960139][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 599.780193][T13012] [ 599.960139][T13072] __sys_recvmmsg+0x4ca/0x510 [ 599.780193][T13012] Uninit was stored to memory at: [ 599.960139][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.780193][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 599.960139][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 599.780193][T13012] __msan_chain_origin+0x50/0x90 [ 599.960139][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.780193][T13012] __get_compat_msghdr+0x5be/0x890 [ 599.960139][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 599.780193][T13012] get_compat_msghdr+0x108/0x270 [ 599.960139][T13072] do_fast_syscall_32+0x6b/0xd0 [ 599.780193][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 599.960139][T13072] do_SYSENTER_32+0x73/0x90 [ 599.780193][T13012] __sys_recvmmsg+0x4ca/0x510 [ 599.960139][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.780193][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.960139][T13072] RIP: 0023:0xf7fbe549 [ 599.780193][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.960139][T13072] Code: Bad RIP value. [ 599.780193][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 599.960139][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 599.780193][T13012] do_fast_syscall_32+0x6b/0xd0 [ 599.960139][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 599.780193][T13012] do_SYSENTER_32+0x73/0x90 [ 599.960139][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 599.780193][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.960139][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 599.780193][T13012] [ 599.960139][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 599.780193][T13012] Uninit was stored to memory at: [ 599.960139][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 599.780193][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 599.960139][T13072] Uninit was stored to memory at: [ 599.780193][T13012] __msan_chain_origin+0x50/0x90 [ 599.960139][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 599.780193][T13012] __get_compat_msghdr+0x5be/0x890 [ 599.960139][T13072] __msan_chain_origin+0x50/0x90 [ 599.780193][T13012] get_compat_msghdr+0x108/0x270 [ 599.960139][T13072] __get_compat_msghdr+0x5be/0x890 [ 599.780193][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 599.960139][T13072] get_compat_msghdr+0x108/0x270 [ 599.780193][T13012] __sys_recvmmsg+0x4ca/0x510 [ 599.960139][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 599.780193][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.960139][T13072] __sys_recvmmsg+0x4ca/0x510 [ 599.780193][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.960139][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.780193][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 599.960139][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.780193][T13012] do_fast_syscall_32+0x6b/0xd0 [ 599.960139][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 599.780193][T13012] do_SYSENTER_32+0x73/0x90 [ 599.960139][T13072] do_fast_syscall_32+0x6b/0xd0 [ 599.780193][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.960139][T13072] do_SYSENTER_32+0x73/0x90 [ 599.780193][T13012] [ 599.960139][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.780193][T13012] Uninit was stored to memory at: [ 599.960139][T13072] [ 599.780193][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 599.960139][T13072] Uninit was stored to memory at: [ 599.780193][T13012] __msan_chain_origin+0x50/0x90 [ 599.960139][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 599.780193][T13012] __get_compat_msghdr+0x5be/0x890 [ 599.960139][T13072] __msan_chain_origin+0x50/0x90 [ 599.780193][T13012] get_compat_msghdr+0x108/0x270 [ 599.960139][T13072] __get_compat_msghdr+0x5be/0x890 [ 599.780193][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 599.960139][T13072] get_compat_msghdr+0x108/0x270 [ 599.780193][T13012] __sys_recvmmsg+0x4ca/0x510 [ 599.960139][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 599.780193][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.960139][T13072] __sys_recvmmsg+0x4ca/0x510 [ 599.780193][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.960139][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.780193][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 599.960139][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.780193][T13012] do_fast_syscall_32+0x6b/0xd0 [ 599.960139][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 599.780193][T13012] do_SYSENTER_32+0x73/0x90 [ 599.960139][T13072] do_fast_syscall_32+0x6b/0xd0 [ 599.780193][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.960139][T13072] do_SYSENTER_32+0x73/0x90 [ 599.780193][T13012] [ 599.960139][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.780193][T13012] Uninit was stored to memory at: [ 599.960139][T13072] [ 599.780193][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 599.960139][T13072] Uninit was stored to memory at: [ 599.780193][T13012] __msan_chain_origin+0x50/0x90 [ 599.960139][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 599.780193][T13012] __get_compat_msghdr+0x5be/0x890 [ 599.960139][T13072] __msan_chain_origin+0x50/0x90 [ 599.780193][T13012] get_compat_msghdr+0x108/0x270 [ 599.960139][T13072] __get_compat_msghdr+0x5be/0x890 [ 599.780193][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 599.960139][T13072] get_compat_msghdr+0x108/0x270 [ 599.780193][T13012] __sys_recvmmsg+0x4ca/0x510 [ 599.960139][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 599.780193][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.960139][T13072] __sys_recvmmsg+0x4ca/0x510 [ 599.780193][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.960139][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.780193][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 599.960139][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.780193][T13012] do_fast_syscall_32+0x6b/0xd0 [ 599.960139][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 599.780193][T13012] do_SYSENTER_32+0x73/0x90 [ 599.960139][T13072] do_fast_syscall_32+0x6b/0xd0 [ 599.780193][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.960139][T13072] do_SYSENTER_32+0x73/0x90 [ 599.780193][T13012] [ 599.960139][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.780193][T13012] Uninit was stored to memory at: [ 599.960139][T13072] [ 599.780193][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 599.960139][T13072] Uninit was stored to memory at: [ 599.780193][T13012] __msan_chain_origin+0x50/0x90 [ 599.960139][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 599.780193][T13012] __get_compat_msghdr+0x5be/0x890 [ 599.960139][T13072] __msan_chain_origin+0x50/0x90 [ 599.780193][T13012] get_compat_msghdr+0x108/0x270 [ 599.960139][T13072] __get_compat_msghdr+0x5be/0x890 [ 599.780193][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 599.960139][T13072] get_compat_msghdr+0x108/0x270 [ 599.780193][T13012] __sys_recvmmsg+0x4ca/0x510 [ 599.960139][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 599.780193][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.960139][T13072] __sys_recvmmsg+0x4ca/0x510 [ 599.780193][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.960139][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.780193][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 599.960139][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.780193][T13012] do_fast_syscall_32+0x6b/0xd0 [ 599.960139][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 599.780193][T13012] do_SYSENTER_32+0x73/0x90 [ 599.960139][T13072] do_fast_syscall_32+0x6b/0xd0 [ 599.780193][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.960139][T13072] do_SYSENTER_32+0x73/0x90 [ 599.780193][T13012] [ 599.960139][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.780193][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 599.960139][T13072] [ 599.780193][T13012] do_recvmmsg+0xc5/0x1ee0 [ 599.960139][T13072] Uninit was stored to memory at: [ 599.780193][T13012] do_recvmmsg+0xc5/0x1ee0 [ 599.960139][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 601.075595][T13072] __msan_chain_origin+0x50/0x90 [ 601.075595][T13072] __get_compat_msghdr+0x5be/0x890 [ 601.086155][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 601.075595][T13072] get_compat_msghdr+0x108/0x270 [ 601.075595][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 601.075595][T13072] __sys_recvmmsg+0x4ca/0x510 [ 601.075595][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.075595][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.075595][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 601.075595][T13072] do_fast_syscall_32+0x6b/0xd0 [ 601.075595][T13072] do_SYSENTER_32+0x73/0x90 [ 601.075595][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.075595][T13072] [ 601.075595][T13072] Uninit was stored to memory at: [ 601.075595][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 601.075595][T13072] __msan_chain_origin+0x50/0x90 [ 601.075595][T13072] __get_compat_msghdr+0x5be/0x890 [ 601.075595][T13072] get_compat_msghdr+0x108/0x270 [ 601.075595][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 601.075595][T13072] __sys_recvmmsg+0x4ca/0x510 [ 601.075595][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.075595][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.075595][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 601.075595][T13072] do_fast_syscall_32+0x6b/0xd0 [ 601.202967][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 601.075595][T13072] do_SYSENTER_32+0x73/0x90 [ 601.075595][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.075595][T13072] [ 601.075595][T13072] Uninit was stored to memory at: [ 601.075595][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 601.075595][T13072] __msan_chain_origin+0x50/0x90 [ 601.075595][T13072] __get_compat_msghdr+0x5be/0x890 [ 601.075595][T13072] get_compat_msghdr+0x108/0x270 [ 601.075595][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 601.075595][T13072] __sys_recvmmsg+0x4ca/0x510 [ 601.075595][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.075595][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.075595][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 601.075595][T13072] do_fast_syscall_32+0x6b/0xd0 [ 601.075595][T13072] do_SYSENTER_32+0x73/0x90 [ 601.075595][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.075595][T13072] [ 601.075595][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 601.075595][T13072] do_recvmmsg+0xc5/0x1ee0 [ 601.075595][T13072] do_recvmmsg+0xc5/0x1ee0 [ 601.557152][T13021] not chained 1920000 origins [ 601.560161][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 601.560161][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 601.560161][T13021] Call Trace: [ 601.560161][T13021] dump_stack+0x1df/0x240 [ 601.560161][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 601.560161][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 601.560161][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 601.560161][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 601.560161][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 601.560161][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 601.560161][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 601.560161][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 601.630310][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 601.630310][T13021] ? _copy_from_user+0x15b/0x260 [ 601.630310][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 601.630310][T13021] __msan_chain_origin+0x50/0x90 [ 601.630310][T13021] __get_compat_msghdr+0x5be/0x890 [ 601.630310][T13021] get_compat_msghdr+0x108/0x270 [ 601.630310][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 601.630310][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 601.630310][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 601.630310][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 601.680344][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 601.680344][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 601.680344][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 601.680344][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 601.680344][T13021] __sys_recvmmsg+0x4ca/0x510 [ 601.680344][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.680344][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 601.680344][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.680344][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 601.680344][T13021] do_fast_syscall_32+0x6b/0xd0 [ 601.680344][T13021] do_SYSENTER_32+0x73/0x90 [ 601.680344][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.680344][T13021] RIP: 0023:0xf7f4d549 [ 601.680344][T13021] Code: Bad RIP value. [ 601.680344][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 601.680344][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 601.680344][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 601.680344][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 601.680344][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 601.680344][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 601.680344][T13021] Uninit was stored to memory at: [ 601.680344][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 601.680344][T13021] __msan_chain_origin+0x50/0x90 [ 601.680344][T13021] __get_compat_msghdr+0x5be/0x890 [ 601.680344][T13021] get_compat_msghdr+0x108/0x270 [ 601.680344][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 601.680344][T13021] __sys_recvmmsg+0x4ca/0x510 [ 601.680344][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.680344][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.680344][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 601.680344][T13021] do_fast_syscall_32+0x6b/0xd0 [ 601.680344][T13021] do_SYSENTER_32+0x73/0x90 [ 601.680344][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.680344][T13021] [ 601.680344][T13021] Uninit was stored to memory at: [ 601.680344][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 601.680344][T13021] __msan_chain_origin+0x50/0x90 [ 601.680344][T13021] __get_compat_msghdr+0x5be/0x890 [ 601.680344][T13021] get_compat_msghdr+0x108/0x270 [ 601.680344][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 601.680344][T13021] __sys_recvmmsg+0x4ca/0x510 [ 601.680344][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.680344][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.680344][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 601.680344][T13021] do_fast_syscall_32+0x6b/0xd0 [ 601.680344][T13021] do_SYSENTER_32+0x73/0x90 [ 601.680344][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.680344][T13021] [ 601.680344][T13021] Uninit was stored to memory at: [ 601.680344][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 601.680344][T13021] __msan_chain_origin+0x50/0x90 [ 601.680344][T13021] __get_compat_msghdr+0x5be/0x890 [ 601.680344][T13021] get_compat_msghdr+0x108/0x270 [ 601.680344][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 601.680344][T13021] __sys_recvmmsg+0x4ca/0x510 [ 601.680344][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.680344][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.680344][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 601.680344][T13021] do_fast_syscall_32+0x6b/0xd0 [ 601.680344][T13021] do_SYSENTER_32+0x73/0x90 [ 601.680344][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.680344][T13021] [ 601.680344][T13021] Uninit was stored to memory at: [ 601.680344][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 601.680344][T13021] __msan_chain_origin+0x50/0x90 [ 601.680344][T13021] __get_compat_msghdr+0x5be/0x890 [ 601.680344][T13021] get_compat_msghdr+0x108/0x270 [ 601.680344][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 601.680344][T13021] __sys_recvmmsg+0x4ca/0x510 [ 601.680344][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.680344][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.680344][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 601.680344][T13021] do_fast_syscall_32+0x6b/0xd0 [ 601.680344][T13021] do_SYSENTER_32+0x73/0x90 [ 601.680344][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.680344][T13021] [ 601.680344][T13021] Uninit was stored to memory at: [ 601.680344][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 601.680344][T13021] __msan_chain_origin+0x50/0x90 [ 601.680344][T13021] __get_compat_msghdr+0x5be/0x890 [ 601.680344][T13021] get_compat_msghdr+0x108/0x270 [ 601.680344][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 601.680344][T13021] __sys_recvmmsg+0x4ca/0x510 [ 601.680344][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.680344][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.680344][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 601.680344][T13021] do_fast_syscall_32+0x6b/0xd0 [ 601.680344][T13021] do_SYSENTER_32+0x73/0x90 [ 601.680344][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.680344][T13021] [ 601.680344][T13021] Uninit was stored to memory at: [ 601.680344][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 601.680344][T13021] __msan_chain_origin+0x50/0x90 [ 601.680344][T13021] __get_compat_msghdr+0x5be/0x890 [ 601.680344][T13021] get_compat_msghdr+0x108/0x270 [ 601.680344][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 601.680344][T13021] __sys_recvmmsg+0x4ca/0x510 [ 601.680344][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.680344][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.680344][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 601.680344][T13021] do_fast_syscall_32+0x6b/0xd0 [ 601.680344][T13021] do_SYSENTER_32+0x73/0x90 [ 601.680344][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.680344][T13021] [ 601.680344][T13021] Uninit was stored to memory at: [ 601.680344][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 601.680344][T13021] __msan_chain_origin+0x50/0x90 [ 601.680344][T13021] __get_compat_msghdr+0x5be/0x890 [ 601.680344][T13021] get_compat_msghdr+0x108/0x270 [ 601.680344][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 602.255794][T13041] not chained 1930000 origins [ 601.680344][T13021] __sys_recvmmsg+0x4ca/0x510 [ 602.260181][T13041] CPU: 0 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 601.680344][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.260181][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 601.680344][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.260181][T13041] Call Trace: [ 601.680344][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 602.260181][T13041] dump_stack+0x1df/0x240 [ 601.680344][T13021] do_fast_syscall_32+0x6b/0xd0 [ 602.260181][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 601.680344][T13021] do_SYSENTER_32+0x73/0x90 [ 602.260181][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 601.680344][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.260181][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 601.680344][T13021] [ 602.260181][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 601.680344][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 602.260181][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 601.680344][T13021] do_recvmmsg+0xc5/0x1ee0 [ 602.260181][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 601.680344][T13021] do_recvmmsg+0xc5/0x1ee0 [ 602.260181][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 602.260181][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 602.260181][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 602.392152][T13041] ? _copy_from_user+0x15b/0x260 [ 602.392152][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 602.392152][T13041] __msan_chain_origin+0x50/0x90 [ 602.392152][T13041] __get_compat_msghdr+0x5be/0x890 [ 602.392152][T13041] get_compat_msghdr+0x108/0x270 [ 602.392152][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 602.392152][T13041] ? idle_cpu+0x9a/0x1d0 [ 602.392152][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 602.392152][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 602.392152][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 602.392152][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 602.392152][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 602.392152][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 602.392152][T13041] __sys_recvmmsg+0x4ca/0x510 [ 602.392152][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.392152][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 602.392152][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.392152][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 602.392152][T13041] do_fast_syscall_32+0x6b/0xd0 [ 602.392152][T13041] do_SYSENTER_32+0x73/0x90 [ 602.392152][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.392152][T13041] RIP: 0023:0xf7fd6549 [ 602.392152][T13041] Code: Bad RIP value. [ 602.392152][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 602.392152][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 602.392152][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 602.531793][T13021] not chained 1940000 origins [ 602.392152][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 602.392152][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 602.392152][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 602.392152][T13041] Uninit was stored to memory at: [ 602.540143][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 602.540143][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 602.392152][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 602.540143][T13021] Call Trace: [ 602.392152][T13041] __msan_chain_origin+0x50/0x90 [ 602.540143][T13021] dump_stack+0x1df/0x240 [ 602.392152][T13041] __get_compat_msghdr+0x5be/0x890 [ 602.540143][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 602.392152][T13041] get_compat_msghdr+0x108/0x270 [ 602.540143][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 602.392152][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 602.540143][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 602.392152][T13041] __sys_recvmmsg+0x4ca/0x510 [ 602.540143][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 602.392152][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.540143][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 602.392152][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.540143][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 602.392152][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 602.540143][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 602.392152][T13041] do_fast_syscall_32+0x6b/0xd0 [ 602.540143][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 602.392152][T13041] do_SYSENTER_32+0x73/0x90 [ 602.540143][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 602.392152][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.540143][T13021] ? _copy_from_user+0x15b/0x260 [ 602.392152][T13041] [ 602.540143][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 602.392152][T13041] Uninit was stored to memory at: [ 602.540143][T13021] __msan_chain_origin+0x50/0x90 [ 602.392152][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 602.540143][T13021] __get_compat_msghdr+0x5be/0x890 [ 602.392152][T13041] __msan_chain_origin+0x50/0x90 [ 602.540143][T13021] get_compat_msghdr+0x108/0x270 [ 602.392152][T13041] __get_compat_msghdr+0x5be/0x890 [ 602.540143][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 602.392152][T13041] get_compat_msghdr+0x108/0x270 [ 602.540143][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 602.392152][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 602.540143][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 602.392152][T13041] __sys_recvmmsg+0x4ca/0x510 [ 602.540143][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 602.392152][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.540143][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 602.392152][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.540143][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 602.392152][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 602.540143][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 602.392152][T13041] do_fast_syscall_32+0x6b/0xd0 [ 602.540143][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 602.392152][T13041] do_SYSENTER_32+0x73/0x90 [ 602.540143][T13021] __sys_recvmmsg+0x4ca/0x510 [ 602.392152][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.540143][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.392152][T13041] [ 602.540143][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 602.392152][T13041] Uninit was stored to memory at: [ 602.540143][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.392152][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 602.540143][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 602.392152][T13041] __msan_chain_origin+0x50/0x90 [ 602.540143][T13021] do_fast_syscall_32+0x6b/0xd0 [ 602.392152][T13041] __get_compat_msghdr+0x5be/0x890 [ 602.540143][T13021] do_SYSENTER_32+0x73/0x90 [ 602.392152][T13041] get_compat_msghdr+0x108/0x270 [ 602.540143][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.392152][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 602.540143][T13021] RIP: 0023:0xf7f4d549 [ 602.392152][T13041] __sys_recvmmsg+0x4ca/0x510 [ 602.540143][T13021] Code: Bad RIP value. [ 602.392152][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.540143][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 602.392152][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.540143][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 602.392152][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 602.540143][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 602.392152][T13041] do_fast_syscall_32+0x6b/0xd0 [ 602.540143][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 602.392152][T13041] do_SYSENTER_32+0x73/0x90 [ 602.540143][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 602.392152][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.540143][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 602.392152][T13041] [ 602.540143][T13021] Uninit was stored to memory at: [ 602.392152][T13041] Uninit was stored to memory at: [ 602.540143][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 602.392152][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 602.540143][T13021] __msan_chain_origin+0x50/0x90 [ 602.392152][T13041] __msan_chain_origin+0x50/0x90 [ 602.540143][T13021] __get_compat_msghdr+0x5be/0x890 [ 602.392152][T13041] __get_compat_msghdr+0x5be/0x890 [ 602.540143][T13021] get_compat_msghdr+0x108/0x270 [ 602.392152][T13041] get_compat_msghdr+0x108/0x270 [ 602.540143][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 602.392152][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 602.540143][T13021] __sys_recvmmsg+0x4ca/0x510 [ 602.392152][T13041] __sys_recvmmsg+0x4ca/0x510 [ 602.540143][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.392152][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.540143][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.392152][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.540143][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 602.392152][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 602.540143][T13021] do_fast_syscall_32+0x6b/0xd0 [ 602.392152][T13041] do_fast_syscall_32+0x6b/0xd0 [ 602.540143][T13021] do_SYSENTER_32+0x73/0x90 [ 602.392152][T13041] do_SYSENTER_32+0x73/0x90 [ 602.540143][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.392152][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.540143][T13021] [ 602.392152][T13041] [ 602.540143][T13021] Uninit was stored to memory at: [ 602.392152][T13041] Uninit was stored to memory at: [ 602.540143][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 602.392152][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 602.540143][T13021] __msan_chain_origin+0x50/0x90 [ 602.392152][T13041] __msan_chain_origin+0x50/0x90 [ 602.540143][T13021] __get_compat_msghdr+0x5be/0x890 [ 602.392152][T13041] __get_compat_msghdr+0x5be/0x890 [ 602.540143][T13021] get_compat_msghdr+0x108/0x270 [ 602.392152][T13041] get_compat_msghdr+0x108/0x270 [ 602.540143][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 602.392152][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 602.540143][T13021] __sys_recvmmsg+0x4ca/0x510 [ 602.392152][T13041] __sys_recvmmsg+0x4ca/0x510 [ 602.540143][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.392152][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.540143][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.392152][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.540143][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 602.392152][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 602.540143][T13021] do_fast_syscall_32+0x6b/0xd0 [ 602.392152][T13041] do_fast_syscall_32+0x6b/0xd0 [ 602.540143][T13021] do_SYSENTER_32+0x73/0x90 [ 602.392152][T13041] do_SYSENTER_32+0x73/0x90 [ 602.540143][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.392152][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.540143][T13021] [ 602.392152][T13041] [ 602.540143][T13021] Uninit was stored to memory at: [ 602.392152][T13041] Uninit was stored to memory at: [ 602.540143][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 602.392152][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 602.540143][T13021] __msan_chain_origin+0x50/0x90 [ 602.392152][T13041] __msan_chain_origin+0x50/0x90 [ 602.540143][T13021] __get_compat_msghdr+0x5be/0x890 [ 602.392152][T13041] __get_compat_msghdr+0x5be/0x890 [ 602.540143][T13021] get_compat_msghdr+0x108/0x270 [ 602.392152][T13041] get_compat_msghdr+0x108/0x270 [ 602.540143][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 602.392152][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 602.540143][T13021] __sys_recvmmsg+0x4ca/0x510 [ 602.392152][T13041] __sys_recvmmsg+0x4ca/0x510 [ 602.540143][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.392152][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.540143][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.392152][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.540143][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 602.392152][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 602.540143][T13021] do_fast_syscall_32+0x6b/0xd0 [ 602.392152][T13041] do_fast_syscall_32+0x6b/0xd0 [ 602.540143][T13021] do_SYSENTER_32+0x73/0x90 [ 602.392152][T13041] do_SYSENTER_32+0x73/0x90 [ 602.540143][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.392152][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.540143][T13021] [ 602.392152][T13041] [ 602.540143][T13021] Uninit was stored to memory at: [ 602.392152][T13041] Uninit was stored to memory at: [ 602.540143][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 602.392152][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 602.540143][T13021] __msan_chain_origin+0x50/0x90 [ 602.392152][T13041] __msan_chain_origin+0x50/0x90 [ 602.540143][T13021] __get_compat_msghdr+0x5be/0x890 [ 602.392152][T13041] __get_compat_msghdr+0x5be/0x890 [ 602.540143][T13021] get_compat_msghdr+0x108/0x270 [ 602.392152][T13041] get_compat_msghdr+0x108/0x270 [ 602.540143][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 602.392152][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 602.540143][T13021] __sys_recvmmsg+0x4ca/0x510 [ 602.392152][T13041] __sys_recvmmsg+0x4ca/0x510 [ 602.540143][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.392152][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.540143][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.392152][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.540143][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 602.392152][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 602.540143][T13021] do_fast_syscall_32+0x6b/0xd0 [ 602.392152][T13041] do_fast_syscall_32+0x6b/0xd0 [ 602.540143][T13021] do_SYSENTER_32+0x73/0x90 [ 602.392152][T13041] do_SYSENTER_32+0x73/0x90 [ 602.392152][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.540143][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.392152][T13041] [ 602.540143][T13021] [ 602.392152][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 602.540143][T13021] Uninit was stored to memory at: [ 602.392152][T13041] do_recvmmsg+0xc5/0x1ee0 [ 602.540143][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 602.392152][T13041] do_recvmmsg+0xc5/0x1ee0 [ 602.540143][T13021] __msan_chain_origin+0x50/0x90 [ 603.598301][T13021] __get_compat_msghdr+0x5be/0x890 [ 603.598301][T13021] get_compat_msghdr+0x108/0x270 [ 603.598301][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 603.598301][T13021] __sys_recvmmsg+0x4ca/0x510 [ 603.598301][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.598301][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.598301][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 603.598301][T13021] do_fast_syscall_32+0x6b/0xd0 [ 603.598301][T13021] do_SYSENTER_32+0x73/0x90 [ 603.598301][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.598301][T13021] [ 603.598301][T13021] Uninit was stored to memory at: [ 603.598301][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 603.598301][T13021] __msan_chain_origin+0x50/0x90 [ 603.598301][T13021] __get_compat_msghdr+0x5be/0x890 [ 603.598301][T13021] get_compat_msghdr+0x108/0x270 [ 603.680469][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 603.680469][T13021] __sys_recvmmsg+0x4ca/0x510 [ 603.680469][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.680469][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.680469][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 603.680469][T13021] do_fast_syscall_32+0x6b/0xd0 [ 603.680469][T13021] do_SYSENTER_32+0x73/0x90 [ 603.680469][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.680469][T13021] [ 603.680469][T13021] Uninit was stored to memory at: [ 603.680469][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 603.680469][T13021] __msan_chain_origin+0x50/0x90 [ 603.680469][T13021] __get_compat_msghdr+0x5be/0x890 [ 603.680469][T13021] get_compat_msghdr+0x108/0x270 [ 603.680469][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 603.680469][T13021] __sys_recvmmsg+0x4ca/0x510 [ 603.680469][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.680469][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.680469][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 603.680469][T13021] do_fast_syscall_32+0x6b/0xd0 [ 603.680469][T13021] do_SYSENTER_32+0x73/0x90 [ 603.680469][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.680469][T13021] [ 603.680469][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 603.680469][T13021] do_recvmmsg+0xc5/0x1ee0 [ 603.680469][T13021] do_recvmmsg+0xc5/0x1ee0 [ 604.048021][T13080] not chained 1950000 origins [ 604.050161][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 604.050161][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 604.050161][T13080] Call Trace: [ 604.050161][T13080] dump_stack+0x1df/0x240 [ 604.050161][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 604.050161][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 604.050161][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 604.050161][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 604.050161][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 604.050161][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 604.050161][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 604.050161][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 604.050161][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 604.050161][T13080] ? _copy_from_user+0x15b/0x260 [ 604.050161][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 604.050161][T13080] __msan_chain_origin+0x50/0x90 [ 604.050161][T13080] __get_compat_msghdr+0x5be/0x890 [ 604.050161][T13080] get_compat_msghdr+0x108/0x270 [ 604.050161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 604.050161][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 604.050161][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 604.050161][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 604.050161][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 604.050161][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 604.050161][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 604.050161][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 604.050161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 604.050161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.050161][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 604.050161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.050161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 604.050161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 604.050161][T13080] do_SYSENTER_32+0x73/0x90 [ 604.050161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.050161][T13080] RIP: 0023:0xf7fbe549 [ 604.050161][T13080] Code: Bad RIP value. [ 604.050161][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 604.050161][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 604.050161][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 604.050161][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 604.050161][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 604.050161][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 604.050161][T13080] Uninit was stored to memory at: [ 604.050161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 604.050161][T13080] __msan_chain_origin+0x50/0x90 [ 604.050161][T13080] __get_compat_msghdr+0x5be/0x890 [ 604.050161][T13080] get_compat_msghdr+0x108/0x270 [ 604.050161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 604.050161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 604.050161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.050161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.050161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 604.050161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 604.050161][T13080] do_SYSENTER_32+0x73/0x90 [ 604.050161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.050161][T13080] [ 604.050161][T13080] Uninit was stored to memory at: [ 604.050161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 604.050161][T13080] __msan_chain_origin+0x50/0x90 [ 604.050161][T13080] __get_compat_msghdr+0x5be/0x890 [ 604.050161][T13080] get_compat_msghdr+0x108/0x270 [ 604.050161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 604.050161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 604.050161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.050161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.050161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 604.050161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 604.050161][T13080] do_SYSENTER_32+0x73/0x90 [ 604.050161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.050161][T13080] [ 604.050161][T13080] Uninit was stored to memory at: [ 604.050161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 604.050161][T13080] __msan_chain_origin+0x50/0x90 [ 604.050161][T13080] __get_compat_msghdr+0x5be/0x890 [ 604.050161][T13080] get_compat_msghdr+0x108/0x270 [ 604.050161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 604.050161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 604.050161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.050161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.050161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 604.050161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 604.050161][T13080] do_SYSENTER_32+0x73/0x90 [ 604.050161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.050161][T13080] [ 604.050161][T13080] Uninit was stored to memory at: [ 604.050161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 604.050161][T13080] __msan_chain_origin+0x50/0x90 [ 604.050161][T13080] __get_compat_msghdr+0x5be/0x890 [ 604.050161][T13080] get_compat_msghdr+0x108/0x270 [ 604.050161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 604.050161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 604.050161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.050161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.050161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 604.050161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 604.050161][T13080] do_SYSENTER_32+0x73/0x90 [ 604.050161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.050161][T13080] [ 604.050161][T13080] Uninit was stored to memory at: [ 604.050161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 604.050161][T13080] __msan_chain_origin+0x50/0x90 [ 604.050161][T13080] __get_compat_msghdr+0x5be/0x890 [ 604.050161][T13080] get_compat_msghdr+0x108/0x270 [ 604.050161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 604.050161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 604.050161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.050161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.050161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 604.050161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 604.050161][T13080] do_SYSENTER_32+0x73/0x90 [ 604.050161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.050161][T13080] [ 604.050161][T13080] Uninit was stored to memory at: [ 604.050161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 604.050161][T13080] __msan_chain_origin+0x50/0x90 [ 604.050161][T13080] __get_compat_msghdr+0x5be/0x890 [ 604.050161][T13080] get_compat_msghdr+0x108/0x270 [ 604.050161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 604.050161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 604.050161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.050161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.050161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 604.050161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 604.050161][T13080] do_SYSENTER_32+0x73/0x90 [ 604.050161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.050161][T13080] [ 604.050161][T13080] Uninit was stored to memory at: [ 604.050161][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 604.050161][T13080] __msan_chain_origin+0x50/0x90 [ 604.050161][T13080] __get_compat_msghdr+0x5be/0x890 [ 604.050161][T13080] get_compat_msghdr+0x108/0x270 [ 604.050161][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 604.050161][T13080] __sys_recvmmsg+0x4ca/0x510 [ 604.050161][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.050161][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.050161][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 604.050161][T13080] do_fast_syscall_32+0x6b/0xd0 [ 604.050161][T13080] do_SYSENTER_32+0x73/0x90 [ 604.050161][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.050161][T13080] [ 604.050161][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 604.050161][T13080] do_recvmmsg+0xc5/0x1ee0 [ 604.050161][T13080] do_recvmmsg+0xc5/0x1ee0 [ 604.817071][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 605.026286][T13012] not chained 1960000 origins [ 605.030176][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 605.030176][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.030176][T13012] Call Trace: [ 605.030176][T13012] dump_stack+0x1df/0x240 [ 605.030176][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 605.030176][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 605.030176][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 605.030176][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 605.030176][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 605.030176][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 605.030176][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 605.030176][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 605.030176][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 605.030176][T13012] ? _copy_from_user+0x15b/0x260 [ 605.030176][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 605.030176][T13012] __msan_chain_origin+0x50/0x90 [ 605.030176][T13012] __get_compat_msghdr+0x5be/0x890 [ 605.030176][T13012] get_compat_msghdr+0x108/0x270 [ 605.030176][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 605.030176][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 605.030176][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 605.030176][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 605.030176][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 605.030176][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 605.030176][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 605.030176][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 605.030176][T13012] __sys_recvmmsg+0x4ca/0x510 [ 605.030176][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.030176][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 605.030176][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.030176][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 605.030176][T13012] do_fast_syscall_32+0x6b/0xd0 [ 605.030176][T13012] do_SYSENTER_32+0x73/0x90 [ 605.030176][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.030176][T13012] RIP: 0023:0xf7f4d549 [ 605.030176][T13012] Code: Bad RIP value. [ 605.030176][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 605.030176][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 605.030176][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 605.030176][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 605.030176][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 605.030176][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 605.030176][T13012] Uninit was stored to memory at: [ 605.030176][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 605.030176][T13012] __msan_chain_origin+0x50/0x90 [ 605.030176][T13012] __get_compat_msghdr+0x5be/0x890 [ 605.030176][T13012] get_compat_msghdr+0x108/0x270 [ 605.030176][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 605.030176][T13012] __sys_recvmmsg+0x4ca/0x510 [ 605.030176][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.030176][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.030176][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 605.030176][T13012] do_fast_syscall_32+0x6b/0xd0 [ 605.030176][T13012] do_SYSENTER_32+0x73/0x90 [ 605.030176][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.030176][T13012] [ 605.343447][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 605.030176][T13012] Uninit was stored to memory at: [ 605.030176][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 605.360186][T13012] __msan_chain_origin+0x50/0x90 [ 605.360186][T13012] __get_compat_msghdr+0x5be/0x890 [ 605.360186][T13012] get_compat_msghdr+0x108/0x270 [ 605.360186][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 605.360186][T13012] __sys_recvmmsg+0x4ca/0x510 [ 605.360186][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.393155][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 605.360186][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.360186][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 605.360186][T13012] do_fast_syscall_32+0x6b/0xd0 [ 605.360186][T13012] do_SYSENTER_32+0x73/0x90 [ 605.360186][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.360186][T13012] [ 605.430406][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 605.360186][T13012] Uninit was stored to memory at: [ 605.360186][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 605.360186][T13012] __msan_chain_origin+0x50/0x90 [ 605.360186][T13012] __get_compat_msghdr+0x5be/0x890 [ 605.360186][T13012] get_compat_msghdr+0x108/0x270 [ 605.360186][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 605.360186][T13012] __sys_recvmmsg+0x4ca/0x510 [ 605.360186][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.476013][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 605.360186][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.360186][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 605.360186][T13012] do_fast_syscall_32+0x6b/0xd0 [ 605.360186][T13012] do_SYSENTER_32+0x73/0x90 [ 605.360186][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.360186][T13012] [ 605.360186][T13012] Uninit was stored to memory at: [ 605.360186][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 605.360186][T13012] __msan_chain_origin+0x50/0x90 [ 605.360186][T13012] __get_compat_msghdr+0x5be/0x890 [ 605.360186][T13012] get_compat_msghdr+0x108/0x270 [ 605.360186][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 605.360186][T13012] __sys_recvmmsg+0x4ca/0x510 [ 605.360186][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.360186][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.360186][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 605.360186][T13012] do_fast_syscall_32+0x6b/0xd0 [ 605.360186][T13012] do_SYSENTER_32+0x73/0x90 [ 605.360186][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.360186][T13012] [ 605.360186][T13012] Uninit was stored to memory at: [ 605.360186][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 605.360186][T13012] __msan_chain_origin+0x50/0x90 [ 605.360186][T13012] __get_compat_msghdr+0x5be/0x890 [ 605.360186][T13012] get_compat_msghdr+0x108/0x270 [ 605.360186][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 605.360186][T13012] __sys_recvmmsg+0x4ca/0x510 [ 605.360186][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.360186][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.360186][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 605.360186][T13012] do_fast_syscall_32+0x6b/0xd0 [ 605.360186][T13012] do_SYSENTER_32+0x73/0x90 [ 605.360186][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.360186][T13012] [ 605.659174][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 605.360186][T13012] Uninit was stored to memory at: [ 605.360186][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 605.360186][T13012] __msan_chain_origin+0x50/0x90 [ 605.680355][T13012] __get_compat_msghdr+0x5be/0x890 [ 605.680355][T13012] get_compat_msghdr+0x108/0x270 [ 605.680355][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 605.680355][T13012] __sys_recvmmsg+0x4ca/0x510 [ 605.680355][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.680355][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.680355][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 605.680355][T13012] do_fast_syscall_32+0x6b/0xd0 [ 605.722303][T13080] not chained 1970000 origins [ 605.680355][T13012] do_SYSENTER_32+0x73/0x90 [ 605.730020][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 605.680355][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.730192][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.680355][T13012] [ 605.730192][T13080] Call Trace: [ 605.680355][T13012] Uninit was stored to memory at: [ 605.730192][T13080] dump_stack+0x1df/0x240 [ 605.680355][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 605.730192][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 605.680355][T13012] __msan_chain_origin+0x50/0x90 [ 605.730192][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 605.680355][T13012] __get_compat_msghdr+0x5be/0x890 [ 605.730192][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 605.680355][T13012] get_compat_msghdr+0x108/0x270 [ 605.730192][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 605.680355][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 605.730192][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 605.680355][T13012] __sys_recvmmsg+0x4ca/0x510 [ 605.730192][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 605.680355][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.730192][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 605.680355][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.730192][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 605.680355][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 605.730192][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 605.680355][T13012] do_fast_syscall_32+0x6b/0xd0 [ 605.730192][T13080] ? _copy_from_user+0x15b/0x260 [ 605.680355][T13012] do_SYSENTER_32+0x73/0x90 [ 605.730192][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 605.680355][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.730192][T13080] __msan_chain_origin+0x50/0x90 [ 605.680355][T13012] [ 605.730192][T13080] __get_compat_msghdr+0x5be/0x890 [ 605.680355][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 605.730192][T13080] get_compat_msghdr+0x108/0x270 [ 605.680355][T13012] do_recvmmsg+0xc5/0x1ee0 [ 605.730192][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 605.680355][T13012] do_recvmmsg+0xc5/0x1ee0 [ 605.730192][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 605.934162][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 605.941165][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 605.941165][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 605.941165][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 605.941165][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 605.941165][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 605.941165][T13080] __sys_recvmmsg+0x4ca/0x510 [ 605.941165][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.941165][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 605.941165][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.941165][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 605.941165][T13080] do_fast_syscall_32+0x6b/0xd0 [ 605.941165][T13080] do_SYSENTER_32+0x73/0x90 [ 605.941165][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.941165][T13080] RIP: 0023:0xf7fbe549 [ 605.941165][T13080] Code: Bad RIP value. [ 605.941165][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 605.941165][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 605.941165][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 605.941165][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 605.941165][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 605.941165][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 605.941165][T13080] Uninit was stored to memory at: [ 605.941165][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 605.941165][T13080] __msan_chain_origin+0x50/0x90 [ 606.085247][T13041] not chained 1980000 origins [ 605.941165][T13080] __get_compat_msghdr+0x5be/0x890 [ 606.090143][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 605.941165][T13080] get_compat_msghdr+0x108/0x270 [ 606.090143][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.941165][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 606.090143][T13041] Call Trace: [ 605.941165][T13080] __sys_recvmmsg+0x4ca/0x510 [ 606.090143][T13041] dump_stack+0x1df/0x240 [ 605.941165][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.090143][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 605.941165][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.090143][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 605.941165][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 606.090143][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 605.941165][T13080] do_fast_syscall_32+0x6b/0xd0 [ 606.090143][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 605.941165][T13080] do_SYSENTER_32+0x73/0x90 [ 606.090143][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 605.941165][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.090143][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 605.941165][T13080] [ 606.090143][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 605.941165][T13080] Uninit was stored to memory at: [ 606.090143][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 605.941165][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 606.090143][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 605.941165][T13080] __msan_chain_origin+0x50/0x90 [ 606.090143][T13041] ? _copy_from_user+0x15b/0x260 [ 605.941165][T13080] __get_compat_msghdr+0x5be/0x890 [ 606.090143][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 605.941165][T13080] get_compat_msghdr+0x108/0x270 [ 606.090143][T13041] __msan_chain_origin+0x50/0x90 [ 605.941165][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 606.090143][T13041] __get_compat_msghdr+0x5be/0x890 [ 605.941165][T13080] __sys_recvmmsg+0x4ca/0x510 [ 606.090143][T13041] get_compat_msghdr+0x108/0x270 [ 605.941165][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.090143][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 605.941165][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.090143][T13041] ? idle_cpu+0x9a/0x1d0 [ 605.941165][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 606.090143][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 605.941165][T13080] do_fast_syscall_32+0x6b/0xd0 [ 606.090143][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 605.941165][T13080] do_SYSENTER_32+0x73/0x90 [ 606.090143][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 605.941165][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.090143][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 605.941165][T13080] [ 606.090143][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 605.941165][T13080] Uninit was stored to memory at: [ 606.090143][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 605.941165][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 606.090143][T13041] __sys_recvmmsg+0x4ca/0x510 [ 605.941165][T13080] __msan_chain_origin+0x50/0x90 [ 606.090143][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.941165][T13080] __get_compat_msghdr+0x5be/0x890 [ 606.090143][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 605.941165][T13080] get_compat_msghdr+0x108/0x270 [ 606.090143][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.941165][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 606.090143][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 605.941165][T13080] __sys_recvmmsg+0x4ca/0x510 [ 606.090143][T13041] do_fast_syscall_32+0x6b/0xd0 [ 605.941165][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.090143][T13041] do_SYSENTER_32+0x73/0x90 [ 605.941165][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.090143][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.941165][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 606.090143][T13041] RIP: 0023:0xf7fd6549 [ 605.941165][T13080] do_fast_syscall_32+0x6b/0xd0 [ 606.090143][T13041] Code: Bad RIP value. [ 605.941165][T13080] do_SYSENTER_32+0x73/0x90 [ 606.090143][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 605.941165][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.090143][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 605.941165][T13080] [ 606.090143][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 605.941165][T13080] Uninit was stored to memory at: [ 606.090143][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 605.941165][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 606.090143][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 605.941165][T13080] __msan_chain_origin+0x50/0x90 [ 606.090143][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 605.941165][T13080] __get_compat_msghdr+0x5be/0x890 [ 606.090143][T13041] Uninit was stored to memory at: [ 605.941165][T13080] get_compat_msghdr+0x108/0x270 [ 606.090143][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 605.941165][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 606.090143][T13041] __msan_chain_origin+0x50/0x90 [ 605.941165][T13080] __sys_recvmmsg+0x4ca/0x510 [ 606.090143][T13041] __get_compat_msghdr+0x5be/0x890 [ 605.941165][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.090143][T13041] get_compat_msghdr+0x108/0x270 [ 605.941165][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.090143][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 605.941165][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 606.090143][T13041] __sys_recvmmsg+0x4ca/0x510 [ 605.941165][T13080] do_fast_syscall_32+0x6b/0xd0 [ 606.090143][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.941165][T13080] do_SYSENTER_32+0x73/0x90 [ 606.090143][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.941165][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.090143][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 605.941165][T13080] [ 606.090143][T13041] do_fast_syscall_32+0x6b/0xd0 [ 605.941165][T13080] Uninit was stored to memory at: [ 606.090143][T13041] do_SYSENTER_32+0x73/0x90 [ 605.941165][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 606.090143][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.941165][T13080] __msan_chain_origin+0x50/0x90 [ 606.090143][T13041] [ 605.941165][T13080] __get_compat_msghdr+0x5be/0x890 [ 606.090143][T13041] Uninit was stored to memory at: [ 605.941165][T13080] get_compat_msghdr+0x108/0x270 [ 606.090143][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 605.941165][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 606.090143][T13041] __msan_chain_origin+0x50/0x90 [ 605.941165][T13080] __sys_recvmmsg+0x4ca/0x510 [ 606.090143][T13041] __get_compat_msghdr+0x5be/0x890 [ 605.941165][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.090143][T13041] get_compat_msghdr+0x108/0x270 [ 605.941165][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.090143][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 605.941165][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 606.090143][T13041] __sys_recvmmsg+0x4ca/0x510 [ 605.941165][T13080] do_fast_syscall_32+0x6b/0xd0 [ 606.090143][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.941165][T13080] do_SYSENTER_32+0x73/0x90 [ 606.090143][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.941165][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.090143][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 605.941165][T13080] [ 606.090143][T13041] do_fast_syscall_32+0x6b/0xd0 [ 605.941165][T13080] Uninit was stored to memory at: [ 606.090143][T13041] do_SYSENTER_32+0x73/0x90 [ 605.941165][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 606.090143][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.941165][T13080] __msan_chain_origin+0x50/0x90 [ 606.090143][T13041] [ 605.941165][T13080] __get_compat_msghdr+0x5be/0x890 [ 606.090143][T13041] Uninit was stored to memory at: [ 605.941165][T13080] get_compat_msghdr+0x108/0x270 [ 605.941165][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 606.090143][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 605.941165][T13080] __sys_recvmmsg+0x4ca/0x510 [ 606.090143][T13041] __msan_chain_origin+0x50/0x90 [ 605.941165][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.090143][T13041] __get_compat_msghdr+0x5be/0x890 [ 605.941165][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.090143][T13041] get_compat_msghdr+0x108/0x270 [ 605.941165][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 606.090143][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 605.941165][T13080] do_fast_syscall_32+0x6b/0xd0 [ 606.090143][T13041] __sys_recvmmsg+0x4ca/0x510 [ 605.941165][T13080] do_SYSENTER_32+0x73/0x90 [ 606.090143][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.941165][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.090143][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.941165][T13080] [ 606.090143][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 605.941165][T13080] Uninit was stored to memory at: [ 606.090143][T13041] do_fast_syscall_32+0x6b/0xd0 [ 605.941165][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 606.090143][T13041] do_SYSENTER_32+0x73/0x90 [ 605.941165][T13080] __msan_chain_origin+0x50/0x90 [ 606.090143][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.941165][T13080] __get_compat_msghdr+0x5be/0x890 [ 606.090143][T13041] [ 605.941165][T13080] get_compat_msghdr+0x108/0x270 [ 606.090143][T13041] Uninit was stored to memory at: [ 605.941165][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 606.090143][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 605.941165][T13080] __sys_recvmmsg+0x4ca/0x510 [ 606.090143][T13041] __msan_chain_origin+0x50/0x90 [ 605.941165][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.090143][T13041] __get_compat_msghdr+0x5be/0x890 [ 605.941165][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.090143][T13041] get_compat_msghdr+0x108/0x270 [ 605.941165][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 606.090143][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 605.941165][T13080] do_fast_syscall_32+0x6b/0xd0 [ 606.090143][T13041] __sys_recvmmsg+0x4ca/0x510 [ 605.941165][T13080] do_SYSENTER_32+0x73/0x90 [ 606.090143][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.941165][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.090143][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.941165][T13080] [ 606.090143][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 605.941165][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 606.090143][T13041] do_fast_syscall_32+0x6b/0xd0 [ 605.941165][T13080] do_recvmmsg+0xc5/0x1ee0 [ 606.090143][T13041] do_SYSENTER_32+0x73/0x90 [ 605.941165][T13080] do_recvmmsg+0xc5/0x1ee0 [ 606.090143][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.096387][T13041] [ 607.096387][T13041] Uninit was stored to memory at: [ 607.096387][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 607.096387][T13041] __msan_chain_origin+0x50/0x90 [ 607.096387][T13041] __get_compat_msghdr+0x5be/0x890 [ 607.096387][T13041] get_compat_msghdr+0x108/0x270 [ 607.096387][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 607.096387][T13041] __sys_recvmmsg+0x4ca/0x510 [ 607.096387][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.138240][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 607.096387][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.096387][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 607.096387][T13041] do_fast_syscall_32+0x6b/0xd0 [ 607.096387][T13041] do_SYSENTER_32+0x73/0x90 [ 607.096387][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.096387][T13041] [ 607.096387][T13041] Uninit was stored to memory at: [ 607.096387][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 607.096387][T13041] __msan_chain_origin+0x50/0x90 [ 607.096387][T13041] __get_compat_msghdr+0x5be/0x890 [ 607.096387][T13041] get_compat_msghdr+0x108/0x270 [ 607.096387][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 607.096387][T13041] __sys_recvmmsg+0x4ca/0x510 [ 607.096387][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.096387][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.096387][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 607.096387][T13041] do_fast_syscall_32+0x6b/0xd0 [ 607.096387][T13041] do_SYSENTER_32+0x73/0x90 [ 607.096387][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.096387][T13041] [ 607.096387][T13041] Uninit was stored to memory at: [ 607.096387][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 607.096387][T13041] __msan_chain_origin+0x50/0x90 [ 607.262604][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 607.096387][T13041] __get_compat_msghdr+0x5be/0x890 [ 607.096387][T13041] get_compat_msghdr+0x108/0x270 [ 607.096387][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 607.096387][T13041] __sys_recvmmsg+0x4ca/0x510 [ 607.096387][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.096387][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.096387][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 607.096387][T13041] do_fast_syscall_32+0x6b/0xd0 [ 607.096387][T13041] do_SYSENTER_32+0x73/0x90 [ 607.096387][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.096387][T13041] [ 607.096387][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 607.096387][T13041] do_recvmmsg+0xc5/0x1ee0 [ 607.096387][T13041] do_recvmmsg+0xc5/0x1ee0 [ 607.352134][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 607.381676][T13072] not chained 1990000 origins [ 607.386531][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 607.390237][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 607.390237][T13072] Call Trace: [ 607.390237][T13072] dump_stack+0x1df/0x240 [ 607.390237][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 607.390237][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 607.390237][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 607.390237][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 607.390237][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 607.390237][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 607.390237][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 607.390237][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 607.390237][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 607.390237][T13072] ? _copy_from_user+0x15b/0x260 [ 607.390237][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 607.390237][T13072] __msan_chain_origin+0x50/0x90 [ 607.390237][T13072] __get_compat_msghdr+0x5be/0x890 [ 607.390237][T13072] get_compat_msghdr+0x108/0x270 [ 607.390237][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 607.390237][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 607.390237][T13072] ? sched_clock_cpu+0x7c/0x930 [ 607.390237][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 607.390237][T13072] ? sched_clock_cpu+0x7c/0x930 [ 607.390237][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 607.390237][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 607.390237][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 607.390237][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 607.390237][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 607.390237][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 607.390237][T13072] __sys_recvmmsg+0x4ca/0x510 [ 607.545770][T13012] not chained 2000000 origins [ 607.390237][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.390237][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 607.390237][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.390237][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 607.390237][T13072] do_fast_syscall_32+0x6b/0xd0 [ 607.390237][T13072] do_SYSENTER_32+0x73/0x90 [ 607.390237][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.390237][T13072] RIP: 0023:0xf7fbe549 [ 607.390237][T13072] Code: Bad RIP value. [ 607.390237][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 607.390237][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 607.390237][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 607.390237][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 607.390237][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 607.390237][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 607.390237][T13072] Uninit was stored to memory at: [ 607.550143][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 607.550143][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 607.390237][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 607.550143][T13012] Call Trace: [ 607.390237][T13072] __msan_chain_origin+0x50/0x90 [ 607.550143][T13012] dump_stack+0x1df/0x240 [ 607.390237][T13072] __get_compat_msghdr+0x5be/0x890 [ 607.550143][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 607.390237][T13072] get_compat_msghdr+0x108/0x270 [ 607.550143][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 607.390237][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 607.550143][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 607.390237][T13072] __sys_recvmmsg+0x4ca/0x510 [ 607.550143][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 607.390237][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.550143][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 607.390237][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.550143][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 607.390237][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 607.550143][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 607.390237][T13072] do_fast_syscall_32+0x6b/0xd0 [ 607.550143][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 607.390237][T13072] do_SYSENTER_32+0x73/0x90 [ 607.550143][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 607.390237][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.550143][T13012] ? _copy_from_user+0x15b/0x260 [ 607.390237][T13072] [ 607.550143][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 607.390237][T13072] Uninit was stored to memory at: [ 607.550143][T13012] __msan_chain_origin+0x50/0x90 [ 607.390237][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 607.550143][T13012] __get_compat_msghdr+0x5be/0x890 [ 607.390237][T13072] __msan_chain_origin+0x50/0x90 [ 607.550143][T13012] get_compat_msghdr+0x108/0x270 [ 607.390237][T13072] __get_compat_msghdr+0x5be/0x890 [ 607.550143][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 607.390237][T13072] get_compat_msghdr+0x108/0x270 [ 607.550143][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 607.390237][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 607.550143][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 607.390237][T13072] __sys_recvmmsg+0x4ca/0x510 [ 607.550143][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 607.390237][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.550143][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 607.390237][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.550143][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 607.390237][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 607.550143][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 607.390237][T13072] do_fast_syscall_32+0x6b/0xd0 [ 607.550143][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 607.390237][T13072] do_SYSENTER_32+0x73/0x90 [ 607.550143][T13012] __sys_recvmmsg+0x4ca/0x510 [ 607.390237][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.550143][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.390237][T13072] [ 607.550143][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 607.390237][T13072] Uninit was stored to memory at: [ 607.550143][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.390237][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 607.550143][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 607.390237][T13072] __msan_chain_origin+0x50/0x90 [ 607.550143][T13012] do_fast_syscall_32+0x6b/0xd0 [ 607.390237][T13072] __get_compat_msghdr+0x5be/0x890 [ 607.550143][T13012] do_SYSENTER_32+0x73/0x90 [ 607.390237][T13072] get_compat_msghdr+0x108/0x270 [ 607.550143][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.390237][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 607.550143][T13012] RIP: 0023:0xf7f4d549 [ 607.390237][T13072] __sys_recvmmsg+0x4ca/0x510 [ 607.550143][T13012] Code: Bad RIP value. [ 607.390237][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.550143][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 607.390237][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.550143][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 607.390237][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 607.550143][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 607.390237][T13072] do_fast_syscall_32+0x6b/0xd0 [ 607.550143][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 607.390237][T13072] do_SYSENTER_32+0x73/0x90 [ 607.550143][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 607.390237][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.550143][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 607.390237][T13072] [ 607.550143][T13012] Uninit was stored to memory at: [ 607.390237][T13072] Uninit was stored to memory at: [ 607.550143][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 607.390237][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 607.550143][T13012] __msan_chain_origin+0x50/0x90 [ 607.390237][T13072] __msan_chain_origin+0x50/0x90 [ 607.550143][T13012] __get_compat_msghdr+0x5be/0x890 [ 607.390237][T13072] __get_compat_msghdr+0x5be/0x890 [ 607.550143][T13012] get_compat_msghdr+0x108/0x270 [ 607.390237][T13072] get_compat_msghdr+0x108/0x270 [ 607.550143][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 607.390237][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 607.550143][T13012] __sys_recvmmsg+0x4ca/0x510 [ 607.390237][T13072] __sys_recvmmsg+0x4ca/0x510 [ 607.550143][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.390237][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.550143][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.390237][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.550143][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 607.390237][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 607.550143][T13012] do_fast_syscall_32+0x6b/0xd0 [ 607.390237][T13072] do_fast_syscall_32+0x6b/0xd0 [ 607.550143][T13012] do_SYSENTER_32+0x73/0x90 [ 607.390237][T13072] do_SYSENTER_32+0x73/0x90 [ 607.550143][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.390237][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.550143][T13012] [ 607.390237][T13072] [ 607.550143][T13012] Uninit was stored to memory at: [ 607.390237][T13072] Uninit was stored to memory at: [ 607.550143][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 607.390237][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 607.550143][T13012] __msan_chain_origin+0x50/0x90 [ 607.390237][T13072] __msan_chain_origin+0x50/0x90 [ 607.550143][T13012] __get_compat_msghdr+0x5be/0x890 [ 607.390237][T13072] __get_compat_msghdr+0x5be/0x890 [ 607.550143][T13012] get_compat_msghdr+0x108/0x270 [ 607.390237][T13072] get_compat_msghdr+0x108/0x270 [ 607.550143][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 607.390237][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 607.550143][T13012] __sys_recvmmsg+0x4ca/0x510 [ 607.390237][T13072] __sys_recvmmsg+0x4ca/0x510 [ 607.550143][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.390237][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.550143][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.390237][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.550143][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 607.390237][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 607.550143][T13012] do_fast_syscall_32+0x6b/0xd0 [ 607.390237][T13072] do_fast_syscall_32+0x6b/0xd0 [ 607.550143][T13012] do_SYSENTER_32+0x73/0x90 [ 607.390237][T13072] do_SYSENTER_32+0x73/0x90 [ 607.550143][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.390237][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.550143][T13012] [ 607.390237][T13072] [ 607.550143][T13012] Uninit was stored to memory at: [ 607.390237][T13072] Uninit was stored to memory at: [ 607.550143][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 607.390237][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 607.550143][T13012] __msan_chain_origin+0x50/0x90 [ 607.390237][T13072] __msan_chain_origin+0x50/0x90 [ 607.550143][T13012] __get_compat_msghdr+0x5be/0x890 [ 607.390237][T13072] __get_compat_msghdr+0x5be/0x890 [ 607.550143][T13012] get_compat_msghdr+0x108/0x270 [ 607.390237][T13072] get_compat_msghdr+0x108/0x270 [ 607.550143][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 607.390237][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 607.550143][T13012] __sys_recvmmsg+0x4ca/0x510 [ 607.390237][T13072] __sys_recvmmsg+0x4ca/0x510 [ 607.550143][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.390237][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.550143][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.390237][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.550143][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 607.390237][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 607.550143][T13012] do_fast_syscall_32+0x6b/0xd0 [ 607.390237][T13072] do_fast_syscall_32+0x6b/0xd0 [ 607.550143][T13012] do_SYSENTER_32+0x73/0x90 [ 607.390237][T13072] do_SYSENTER_32+0x73/0x90 [ 607.550143][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.390237][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.550143][T13012] [ 607.390237][T13072] [ 607.550143][T13012] Uninit was stored to memory at: [ 607.390237][T13072] Uninit was stored to memory at: [ 607.550143][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 607.390237][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 607.550143][T13012] __msan_chain_origin+0x50/0x90 [ 607.390237][T13072] __msan_chain_origin+0x50/0x90 [ 607.550143][T13012] __get_compat_msghdr+0x5be/0x890 [ 607.390237][T13072] __get_compat_msghdr+0x5be/0x890 [ 607.550143][T13012] get_compat_msghdr+0x108/0x270 [ 607.390237][T13072] get_compat_msghdr+0x108/0x270 [ 607.550143][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 607.390237][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 607.550143][T13012] __sys_recvmmsg+0x4ca/0x510 [ 607.390237][T13072] __sys_recvmmsg+0x4ca/0x510 [ 607.550143][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.390237][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.550143][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.390237][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.550143][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 607.390237][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 607.550143][T13012] do_fast_syscall_32+0x6b/0xd0 [ 607.390237][T13072] do_fast_syscall_32+0x6b/0xd0 [ 607.550143][T13012] do_SYSENTER_32+0x73/0x90 [ 607.390237][T13072] do_SYSENTER_32+0x73/0x90 [ 607.550143][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.390237][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.550143][T13012] [ 607.390237][T13072] [ 607.550143][T13012] Uninit was stored to memory at: [ 607.390237][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 607.550143][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 607.390237][T13072] do_recvmmsg+0xc5/0x1ee0 [ 607.550143][T13012] __msan_chain_origin+0x50/0x90 [ 607.390237][T13072] do_recvmmsg+0xc5/0x1ee0 [ 607.550143][T13012] __get_compat_msghdr+0x5be/0x890 [ 608.698095][T13012] get_compat_msghdr+0x108/0x270 [ 608.698095][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 608.698095][T13012] __sys_recvmmsg+0x4ca/0x510 [ 608.698095][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.698095][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.720975][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 608.698095][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 608.698095][T13012] do_fast_syscall_32+0x6b/0xd0 [ 608.698095][T13012] do_SYSENTER_32+0x73/0x90 [ 608.698095][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.698095][T13012] [ 608.698095][T13012] Uninit was stored to memory at: [ 608.698095][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 608.698095][T13012] __msan_chain_origin+0x50/0x90 [ 608.698095][T13012] __get_compat_msghdr+0x5be/0x890 [ 608.698095][T13012] get_compat_msghdr+0x108/0x270 [ 608.698095][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 608.698095][T13012] __sys_recvmmsg+0x4ca/0x510 [ 608.698095][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.698095][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.800755][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 608.800755][T13012] do_fast_syscall_32+0x6b/0xd0 [ 608.800755][T13012] do_SYSENTER_32+0x73/0x90 [ 608.800755][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.800755][T13012] [ 608.800755][T13012] Uninit was stored to memory at: [ 608.800755][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 608.800755][T13012] __msan_chain_origin+0x50/0x90 [ 608.800755][T13012] __get_compat_msghdr+0x5be/0x890 [ 608.800755][T13012] get_compat_msghdr+0x108/0x270 [ 608.800755][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 608.800755][T13012] __sys_recvmmsg+0x4ca/0x510 [ 608.800755][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.800755][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.800755][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 608.800755][T13012] do_fast_syscall_32+0x6b/0xd0 [ 608.800755][T13012] do_SYSENTER_32+0x73/0x90 [ 608.800755][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.800755][T13012] [ 608.800755][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 608.800755][T13012] do_recvmmsg+0xc5/0x1ee0 [ 608.800755][T13012] do_recvmmsg+0xc5/0x1ee0 [ 609.063879][T13021] not chained 2010000 origins [ 609.068582][T13021] CPU: 0 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 609.070179][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 609.070179][T13021] Call Trace: [ 609.070179][T13021] dump_stack+0x1df/0x240 [ 609.070179][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 609.070179][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 609.070179][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 609.070179][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 609.070179][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 609.070179][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 609.070179][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 609.070179][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 609.070179][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 609.070179][T13021] ? _copy_from_user+0x15b/0x260 [ 609.070179][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 609.070179][T13021] __msan_chain_origin+0x50/0x90 [ 609.070179][T13021] __get_compat_msghdr+0x5be/0x890 [ 609.070179][T13021] get_compat_msghdr+0x108/0x270 [ 609.070179][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 609.070179][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 609.070179][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 609.070179][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 609.070179][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 609.192988][T13080] not chained 2020000 origins [ 609.070179][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 609.070179][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 609.070179][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 609.070179][T13021] __sys_recvmmsg+0x4ca/0x510 [ 609.070179][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.070179][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 609.070179][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.070179][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 609.070179][T13021] do_fast_syscall_32+0x6b/0xd0 [ 609.070179][T13021] do_SYSENTER_32+0x73/0x90 [ 609.070179][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.070179][T13021] RIP: 0023:0xf7f4d549 [ 609.070179][T13021] Code: Bad RIP value. [ 609.070179][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 609.070179][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 609.070179][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 609.070179][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 609.070179][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 609.070179][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 609.070179][T13021] Uninit was stored to memory at: [ 609.200143][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 609.200143][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 609.070179][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 609.200143][T13080] Call Trace: [ 609.070179][T13021] __msan_chain_origin+0x50/0x90 [ 609.200143][T13080] dump_stack+0x1df/0x240 [ 609.070179][T13021] __get_compat_msghdr+0x5be/0x890 [ 609.200143][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 609.070179][T13021] get_compat_msghdr+0x108/0x270 [ 609.200143][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 609.070179][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 609.200143][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 609.070179][T13021] __sys_recvmmsg+0x4ca/0x510 [ 609.200143][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 609.070179][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.200143][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 609.070179][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.200143][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 609.070179][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 609.200143][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 609.070179][T13021] do_fast_syscall_32+0x6b/0xd0 [ 609.200143][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 609.070179][T13021] do_SYSENTER_32+0x73/0x90 [ 609.200143][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 609.070179][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.200143][T13080] ? _copy_from_user+0x15b/0x260 [ 609.070179][T13021] [ 609.200143][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 609.070179][T13021] Uninit was stored to memory at: [ 609.200143][T13080] __msan_chain_origin+0x50/0x90 [ 609.070179][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 609.200143][T13080] __get_compat_msghdr+0x5be/0x890 [ 609.070179][T13021] __msan_chain_origin+0x50/0x90 [ 609.200143][T13080] get_compat_msghdr+0x108/0x270 [ 609.070179][T13021] __get_compat_msghdr+0x5be/0x890 [ 609.200143][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 609.070179][T13021] get_compat_msghdr+0x108/0x270 [ 609.200143][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 609.070179][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 609.200143][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 609.070179][T13021] __sys_recvmmsg+0x4ca/0x510 [ 609.200143][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 609.070179][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.200143][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 609.070179][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.200143][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 609.070179][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 609.200143][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 609.070179][T13021] do_fast_syscall_32+0x6b/0xd0 [ 609.200143][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 609.070179][T13021] do_SYSENTER_32+0x73/0x90 [ 609.200143][T13080] __sys_recvmmsg+0x4ca/0x510 [ 609.070179][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.200143][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.070179][T13021] [ 609.200143][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 609.070179][T13021] Uninit was stored to memory at: [ 609.200143][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.070179][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 609.200143][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 609.070179][T13021] __msan_chain_origin+0x50/0x90 [ 609.200143][T13080] do_fast_syscall_32+0x6b/0xd0 [ 609.070179][T13021] __get_compat_msghdr+0x5be/0x890 [ 609.200143][T13080] do_SYSENTER_32+0x73/0x90 [ 609.070179][T13021] get_compat_msghdr+0x108/0x270 [ 609.200143][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.070179][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 609.200143][T13080] RIP: 0023:0xf7fbe549 [ 609.070179][T13021] __sys_recvmmsg+0x4ca/0x510 [ 609.200143][T13080] Code: Bad RIP value. [ 609.070179][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.200143][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 609.070179][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.200143][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 609.070179][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 609.200143][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 609.070179][T13021] do_fast_syscall_32+0x6b/0xd0 [ 609.200143][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 609.070179][T13021] do_SYSENTER_32+0x73/0x90 [ 609.200143][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 609.070179][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.200143][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 609.070179][T13021] [ 609.070179][T13021] Uninit was stored to memory at: [ 609.200143][T13080] Uninit was stored to memory at: [ 609.070179][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 609.200143][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 609.070179][T13021] __msan_chain_origin+0x50/0x90 [ 609.200143][T13080] __msan_chain_origin+0x50/0x90 [ 609.070179][T13021] __get_compat_msghdr+0x5be/0x890 [ 609.200143][T13080] __get_compat_msghdr+0x5be/0x890 [ 609.070179][T13021] get_compat_msghdr+0x108/0x270 [ 609.200143][T13080] get_compat_msghdr+0x108/0x270 [ 609.070179][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 609.200143][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 609.070179][T13021] __sys_recvmmsg+0x4ca/0x510 [ 609.200143][T13080] __sys_recvmmsg+0x4ca/0x510 [ 609.070179][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.200143][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.070179][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.200143][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.070179][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 609.200143][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 609.070179][T13021] do_fast_syscall_32+0x6b/0xd0 [ 609.200143][T13080] do_fast_syscall_32+0x6b/0xd0 [ 609.070179][T13021] do_SYSENTER_32+0x73/0x90 [ 609.200143][T13080] do_SYSENTER_32+0x73/0x90 [ 609.070179][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.200143][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.070179][T13021] [ 609.200143][T13080] [ 609.070179][T13021] Uninit was stored to memory at: [ 609.200143][T13080] Uninit was stored to memory at: [ 609.070179][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 609.070179][T13021] __msan_chain_origin+0x50/0x90 [ 609.200143][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 609.070179][T13021] __get_compat_msghdr+0x5be/0x890 [ 609.200143][T13080] __msan_chain_origin+0x50/0x90 [ 609.070179][T13021] get_compat_msghdr+0x108/0x270 [ 609.200143][T13080] __get_compat_msghdr+0x5be/0x890 [ 609.070179][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 609.200143][T13080] get_compat_msghdr+0x108/0x270 [ 609.070179][T13021] __sys_recvmmsg+0x4ca/0x510 [ 609.200143][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 609.070179][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.200143][T13080] __sys_recvmmsg+0x4ca/0x510 [ 609.070179][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.200143][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.070179][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 609.200143][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.070179][T13021] do_fast_syscall_32+0x6b/0xd0 [ 609.200143][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 609.070179][T13021] do_SYSENTER_32+0x73/0x90 [ 609.200143][T13080] do_fast_syscall_32+0x6b/0xd0 [ 609.070179][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.200143][T13080] do_SYSENTER_32+0x73/0x90 [ 609.070179][T13021] [ 609.200143][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.070179][T13021] Uninit was stored to memory at: [ 609.200143][T13080] [ 609.070179][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 609.200143][T13080] Uninit was stored to memory at: [ 609.070179][T13021] __msan_chain_origin+0x50/0x90 [ 609.200143][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 609.070179][T13021] __get_compat_msghdr+0x5be/0x890 [ 609.200143][T13080] __msan_chain_origin+0x50/0x90 [ 609.070179][T13021] get_compat_msghdr+0x108/0x270 [ 609.200143][T13080] __get_compat_msghdr+0x5be/0x890 [ 609.070179][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 609.200143][T13080] get_compat_msghdr+0x108/0x270 [ 609.070179][T13021] __sys_recvmmsg+0x4ca/0x510 [ 609.200143][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 609.070179][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.200143][T13080] __sys_recvmmsg+0x4ca/0x510 [ 609.070179][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.200143][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.070179][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 609.200143][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.070179][T13021] do_fast_syscall_32+0x6b/0xd0 [ 609.200143][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 609.070179][T13021] do_SYSENTER_32+0x73/0x90 [ 609.200143][T13080] do_fast_syscall_32+0x6b/0xd0 [ 609.070179][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.200143][T13080] do_SYSENTER_32+0x73/0x90 [ 609.070179][T13021] [ 609.200143][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.070179][T13021] Uninit was stored to memory at: [ 609.200143][T13080] [ 609.070179][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 609.200143][T13080] Uninit was stored to memory at: [ 609.070179][T13021] __msan_chain_origin+0x50/0x90 [ 609.200143][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 609.070179][T13021] __get_compat_msghdr+0x5be/0x890 [ 609.200143][T13080] __msan_chain_origin+0x50/0x90 [ 609.070179][T13021] get_compat_msghdr+0x108/0x270 [ 609.200143][T13080] __get_compat_msghdr+0x5be/0x890 [ 609.070179][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 609.200143][T13080] get_compat_msghdr+0x108/0x270 [ 609.070179][T13021] __sys_recvmmsg+0x4ca/0x510 [ 609.200143][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 609.070179][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.200143][T13080] __sys_recvmmsg+0x4ca/0x510 [ 609.070179][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.200143][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.070179][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 609.200143][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.070179][T13021] do_fast_syscall_32+0x6b/0xd0 [ 609.200143][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 609.070179][T13021] do_SYSENTER_32+0x73/0x90 [ 609.200143][T13080] do_fast_syscall_32+0x6b/0xd0 [ 609.070179][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.200143][T13080] do_SYSENTER_32+0x73/0x90 [ 609.070179][T13021] [ 609.200143][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.070179][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 609.200143][T13080] [ 609.070179][T13021] do_recvmmsg+0xc5/0x1ee0 [ 609.200143][T13080] Uninit was stored to memory at: [ 609.070179][T13021] do_recvmmsg+0xc5/0x1ee0 [ 609.200143][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 610.349003][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 610.340254][T13080] __msan_chain_origin+0x50/0x90 [ 610.340254][T13080] __get_compat_msghdr+0x5be/0x890 [ 610.340254][T13080] get_compat_msghdr+0x108/0x270 [ 610.340254][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 610.340254][T13080] __sys_recvmmsg+0x4ca/0x510 [ 610.340254][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.340254][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.340254][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 610.340254][T13080] do_fast_syscall_32+0x6b/0xd0 [ 610.340254][T13080] do_SYSENTER_32+0x73/0x90 [ 610.340254][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.361432][T13080] [ 610.361432][T13080] Uninit was stored to memory at: [ 610.361432][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 610.361432][T13080] __msan_chain_origin+0x50/0x90 [ 610.361432][T13080] __get_compat_msghdr+0x5be/0x890 [ 610.361432][T13080] get_compat_msghdr+0x108/0x270 [ 610.361432][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 610.361432][T13080] __sys_recvmmsg+0x4ca/0x510 [ 610.361432][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.361432][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.361432][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 610.361432][T13080] do_fast_syscall_32+0x6b/0xd0 [ 610.361432][T13080] do_SYSENTER_32+0x73/0x90 [ 610.361432][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.361432][T13080] [ 610.361432][T13080] Uninit was stored to memory at: [ 610.361432][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 610.361432][T13080] __msan_chain_origin+0x50/0x90 [ 610.361432][T13080] __get_compat_msghdr+0x5be/0x890 [ 610.361432][T13080] get_compat_msghdr+0x108/0x270 [ 610.361432][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 610.361432][T13080] __sys_recvmmsg+0x4ca/0x510 [ 610.361432][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.361432][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.361432][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 610.361432][T13080] do_fast_syscall_32+0x6b/0xd0 [ 610.361432][T13080] do_SYSENTER_32+0x73/0x90 [ 610.361432][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.361432][T13080] [ 610.361432][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 610.361432][T13080] do_recvmmsg+0xc5/0x1ee0 [ 610.361432][T13080] do_recvmmsg+0xc5/0x1ee0 [ 610.572765][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 610.823406][T13041] not chained 2030000 origins [ 610.828194][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 610.830275][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 610.830275][T13041] Call Trace: [ 610.830275][T13041] dump_stack+0x1df/0x240 [ 610.830275][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 610.830275][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 610.830275][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 610.830275][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 610.830275][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 610.880543][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 610.880543][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 610.880543][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 610.880543][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 610.880543][T13041] ? _copy_from_user+0x15b/0x260 [ 610.880543][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 610.880543][T13041] __msan_chain_origin+0x50/0x90 [ 610.880543][T13041] __get_compat_msghdr+0x5be/0x890 [ 610.880543][T13041] get_compat_msghdr+0x108/0x270 [ 610.880543][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 610.880543][T13041] ? idle_cpu+0x9a/0x1d0 [ 610.880543][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 610.880543][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 610.880543][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 610.880543][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 610.880543][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 610.880543][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 610.880543][T13041] __sys_recvmmsg+0x4ca/0x510 [ 610.880543][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.880543][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 610.880543][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.880543][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 610.880543][T13041] do_fast_syscall_32+0x6b/0xd0 [ 610.880543][T13041] do_SYSENTER_32+0x73/0x90 [ 610.880543][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.880543][T13041] RIP: 0023:0xf7fd6549 [ 610.880543][T13041] Code: Bad RIP value. [ 610.880543][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 610.880543][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 610.880543][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 610.880543][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 611.046644][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 610.880543][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 610.880543][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 610.880543][T13041] Uninit was stored to memory at: [ 610.880543][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 610.880543][T13041] __msan_chain_origin+0x50/0x90 [ 610.880543][T13041] __get_compat_msghdr+0x5be/0x890 [ 610.880543][T13041] get_compat_msghdr+0x108/0x270 [ 610.880543][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 610.880543][T13041] __sys_recvmmsg+0x4ca/0x510 [ 610.880543][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.880543][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.880543][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 610.880543][T13041] do_fast_syscall_32+0x6b/0xd0 [ 610.880543][T13041] do_SYSENTER_32+0x73/0x90 [ 610.880543][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.106591][T13012] not chained 2040000 origins [ 611.070187][T13041] [ 611.110177][T13012] CPU: 0 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 611.070187][T13041] Uninit was stored to memory at: [ 611.110177][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 611.070187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 611.110177][T13012] Call Trace: [ 611.070187][T13041] __msan_chain_origin+0x50/0x90 [ 611.110177][T13012] dump_stack+0x1df/0x240 [ 611.070187][T13041] __get_compat_msghdr+0x5be/0x890 [ 611.110177][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 611.070187][T13041] get_compat_msghdr+0x108/0x270 [ 611.110177][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 611.070187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 611.110177][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 611.070187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 611.110177][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 611.070187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.110177][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 611.070187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.110177][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 611.070187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 611.110177][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 611.070187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 611.110177][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 611.070187][T13041] do_SYSENTER_32+0x73/0x90 [ 611.110177][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 611.070187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.110177][T13012] ? _copy_from_user+0x15b/0x260 [ 611.070187][T13041] [ 611.110177][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 611.070187][T13041] Uninit was stored to memory at: [ 611.110177][T13012] __msan_chain_origin+0x50/0x90 [ 611.070187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 611.110177][T13012] __get_compat_msghdr+0x5be/0x890 [ 611.070187][T13041] __msan_chain_origin+0x50/0x90 [ 611.110177][T13012] get_compat_msghdr+0x108/0x270 [ 611.070187][T13041] __get_compat_msghdr+0x5be/0x890 [ 611.110177][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 611.070187][T13041] get_compat_msghdr+0x108/0x270 [ 611.110177][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 611.070187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 611.110177][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 611.070187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 611.110177][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 611.070187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.110177][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 611.070187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.110177][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 611.070187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 611.110177][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 611.070187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 611.110177][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 611.070187][T13041] do_SYSENTER_32+0x73/0x90 [ 611.110177][T13012] __sys_recvmmsg+0x4ca/0x510 [ 611.070187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.110177][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.070187][T13041] [ 611.110177][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 611.070187][T13041] Uninit was stored to memory at: [ 611.110177][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.070187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 611.110177][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 611.070187][T13041] __msan_chain_origin+0x50/0x90 [ 611.110177][T13012] do_fast_syscall_32+0x6b/0xd0 [ 611.070187][T13041] __get_compat_msghdr+0x5be/0x890 [ 611.110177][T13012] do_SYSENTER_32+0x73/0x90 [ 611.070187][T13041] get_compat_msghdr+0x108/0x270 [ 611.110177][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.070187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 611.110177][T13012] RIP: 0023:0xf7f4d549 [ 611.070187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 611.110177][T13012] Code: Bad RIP value. [ 611.070187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.110177][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 611.070187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.110177][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 611.070187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 611.110177][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 611.070187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 611.110177][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 611.070187][T13041] do_SYSENTER_32+0x73/0x90 [ 611.110177][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 611.070187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.110177][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 611.070187][T13041] [ 611.110177][T13012] Uninit was stored to memory at: [ 611.070187][T13041] Uninit was stored to memory at: [ 611.110177][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 611.070187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 611.110177][T13012] __msan_chain_origin+0x50/0x90 [ 611.070187][T13041] __msan_chain_origin+0x50/0x90 [ 611.110177][T13012] __get_compat_msghdr+0x5be/0x890 [ 611.070187][T13041] __get_compat_msghdr+0x5be/0x890 [ 611.110177][T13012] get_compat_msghdr+0x108/0x270 [ 611.070187][T13041] get_compat_msghdr+0x108/0x270 [ 611.110177][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 611.070187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 611.110177][T13012] __sys_recvmmsg+0x4ca/0x510 [ 611.070187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 611.110177][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.070187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.110177][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.070187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.110177][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 611.070187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 611.110177][T13012] do_fast_syscall_32+0x6b/0xd0 [ 611.070187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 611.110177][T13012] do_SYSENTER_32+0x73/0x90 [ 611.070187][T13041] do_SYSENTER_32+0x73/0x90 [ 611.110177][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.070187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.110177][T13012] [ 611.070187][T13041] [ 611.110177][T13012] Uninit was stored to memory at: [ 611.070187][T13041] Uninit was stored to memory at: [ 611.110177][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 611.070187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 611.110177][T13012] __msan_chain_origin+0x50/0x90 [ 611.070187][T13041] __msan_chain_origin+0x50/0x90 [ 611.110177][T13012] __get_compat_msghdr+0x5be/0x890 [ 611.070187][T13041] __get_compat_msghdr+0x5be/0x890 [ 611.110177][T13012] get_compat_msghdr+0x108/0x270 [ 611.070187][T13041] get_compat_msghdr+0x108/0x270 [ 611.110177][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 611.070187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 611.110177][T13012] __sys_recvmmsg+0x4ca/0x510 [ 611.070187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 611.110177][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.070187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.110177][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.070187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.110177][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 611.070187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 611.110177][T13012] do_fast_syscall_32+0x6b/0xd0 [ 611.070187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 611.110177][T13012] do_SYSENTER_32+0x73/0x90 [ 611.070187][T13041] do_SYSENTER_32+0x73/0x90 [ 611.110177][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.070187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.110177][T13012] [ 611.070187][T13041] [ 611.110177][T13012] Uninit was stored to memory at: [ 611.070187][T13041] Uninit was stored to memory at: [ 611.110177][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 611.070187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 611.110177][T13012] __msan_chain_origin+0x50/0x90 [ 611.070187][T13041] __msan_chain_origin+0x50/0x90 [ 611.110177][T13012] __get_compat_msghdr+0x5be/0x890 [ 611.070187][T13041] __get_compat_msghdr+0x5be/0x890 [ 611.110177][T13012] get_compat_msghdr+0x108/0x270 [ 611.070187][T13041] get_compat_msghdr+0x108/0x270 [ 611.110177][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 611.070187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 611.110177][T13012] __sys_recvmmsg+0x4ca/0x510 [ 611.070187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 611.110177][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.070187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.110177][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.070187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.110177][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 611.070187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 611.110177][T13012] do_fast_syscall_32+0x6b/0xd0 [ 611.070187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 611.110177][T13012] do_SYSENTER_32+0x73/0x90 [ 611.070187][T13041] do_SYSENTER_32+0x73/0x90 [ 611.110177][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.070187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.110177][T13012] [ 611.070187][T13041] [ 611.110177][T13012] Uninit was stored to memory at: [ 611.070187][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 611.110177][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 611.070187][T13041] do_recvmmsg+0xc5/0x1ee0 [ 611.110177][T13012] __msan_chain_origin+0x50/0x90 [ 611.070187][T13041] do_recvmmsg+0xc5/0x1ee0 [ 611.110177][T13012] __get_compat_msghdr+0x5be/0x890 [ 612.030215][T13012] get_compat_msghdr+0x108/0x270 [ 612.030215][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 612.030215][T13012] __sys_recvmmsg+0x4ca/0x510 [ 612.030215][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.030215][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.030215][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 612.030215][T13012] do_fast_syscall_32+0x6b/0xd0 [ 612.030215][T13012] do_SYSENTER_32+0x73/0x90 [ 612.030215][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.030215][T13012] [ 612.030215][T13012] Uninit was stored to memory at: [ 612.030215][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 612.030215][T13012] __msan_chain_origin+0x50/0x90 [ 612.030215][T13012] __get_compat_msghdr+0x5be/0x890 [ 612.030215][T13012] get_compat_msghdr+0x108/0x270 [ 612.030215][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 612.030215][T13012] __sys_recvmmsg+0x4ca/0x510 [ 612.030215][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.030215][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.030215][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 612.030215][T13012] do_fast_syscall_32+0x6b/0xd0 [ 612.030215][T13012] do_SYSENTER_32+0x73/0x90 [ 612.030215][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.030215][T13012] [ 612.030215][T13012] Uninit was stored to memory at: [ 612.183826][T13072] not chained 2050000 origins [ 612.030215][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 612.189259][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 612.030215][T13012] __msan_chain_origin+0x50/0x90 [ 612.190139][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 612.030215][T13012] __get_compat_msghdr+0x5be/0x890 [ 612.190139][T13072] Call Trace: [ 612.030215][T13012] get_compat_msghdr+0x108/0x270 [ 612.190139][T13072] dump_stack+0x1df/0x240 [ 612.030215][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 612.190139][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 612.030215][T13012] __sys_recvmmsg+0x4ca/0x510 [ 612.190139][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 612.030215][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.190139][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 612.030215][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.190139][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 612.030215][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 612.190139][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 612.030215][T13012] do_fast_syscall_32+0x6b/0xd0 [ 612.190139][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 612.030215][T13012] do_SYSENTER_32+0x73/0x90 [ 612.190139][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 612.030215][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.190139][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 612.030215][T13012] [ 612.190139][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 612.030215][T13012] Uninit was stored to memory at: [ 612.190139][T13072] ? _copy_from_user+0x15b/0x260 [ 612.030215][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 612.190139][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 612.030215][T13012] __msan_chain_origin+0x50/0x90 [ 612.190139][T13072] __msan_chain_origin+0x50/0x90 [ 612.030215][T13012] __get_compat_msghdr+0x5be/0x890 [ 612.190139][T13072] __get_compat_msghdr+0x5be/0x890 [ 612.030215][T13012] get_compat_msghdr+0x108/0x270 [ 612.190139][T13072] get_compat_msghdr+0x108/0x270 [ 612.030215][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 612.190139][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 612.030215][T13012] __sys_recvmmsg+0x4ca/0x510 [ 612.190139][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 612.030215][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.190139][T13072] ? sched_clock_cpu+0x7c/0x930 [ 612.030215][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.190139][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 612.030215][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 612.190139][T13072] ? sched_clock_cpu+0x7c/0x930 [ 612.030215][T13012] do_fast_syscall_32+0x6b/0xd0 [ 612.190139][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 612.030215][T13012] do_SYSENTER_32+0x73/0x90 [ 612.190139][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 612.030215][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.190139][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 612.030215][T13012] [ 612.190139][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 612.030215][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 612.190139][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 612.030215][T13012] do_recvmmsg+0xc5/0x1ee0 [ 612.190139][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 612.030215][T13012] do_recvmmsg+0xc5/0x1ee0 [ 612.190139][T13072] __sys_recvmmsg+0x4ca/0x510 [ 612.499072][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.506553][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 612.506553][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.506553][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 612.525416][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 612.506553][T13072] do_fast_syscall_32+0x6b/0xd0 [ 612.506553][T13072] do_SYSENTER_32+0x73/0x90 [ 612.506553][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.506553][T13072] RIP: 0023:0xf7fbe549 [ 612.506553][T13072] Code: Bad RIP value. [ 612.506553][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 612.562995][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 612.506553][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 612.506553][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 612.590317][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 612.590317][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 612.603886][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 612.590317][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 612.590317][T13072] Uninit was stored to memory at: [ 612.626952][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 612.590317][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 612.590317][T13072] __msan_chain_origin+0x50/0x90 [ 612.590317][T13072] __get_compat_msghdr+0x5be/0x890 [ 612.590317][T13072] get_compat_msghdr+0x108/0x270 [ 612.590317][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 612.660305][T13072] __sys_recvmmsg+0x4ca/0x510 [ 612.665273][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 612.660305][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.660305][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.660305][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 612.660305][T13072] do_fast_syscall_32+0x6b/0xd0 [ 612.660305][T13072] do_SYSENTER_32+0x73/0x90 [ 612.660305][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.703855][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 612.660305][T13072] [ 612.660305][T13072] Uninit was stored to memory at: [ 612.660305][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 612.660305][T13072] __msan_chain_origin+0x50/0x90 [ 612.730962][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 612.660305][T13072] __get_compat_msghdr+0x5be/0x890 [ 612.660305][T13072] get_compat_msghdr+0x108/0x270 [ 612.660305][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 612.660305][T13072] __sys_recvmmsg+0x4ca/0x510 [ 612.660305][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.660305][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.660305][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 612.660305][T13072] do_fast_syscall_32+0x6b/0xd0 [ 612.660305][T13072] do_SYSENTER_32+0x73/0x90 [ 612.660305][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.660305][T13072] [ 612.660305][T13072] Uninit was stored to memory at: [ 612.660305][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 612.660305][T13072] __msan_chain_origin+0x50/0x90 [ 612.660305][T13072] __get_compat_msghdr+0x5be/0x890 [ 612.660305][T13072] get_compat_msghdr+0x108/0x270 [ 612.660305][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 612.660305][T13072] __sys_recvmmsg+0x4ca/0x510 [ 612.660305][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.660305][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.660305][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 612.660305][T13072] do_fast_syscall_32+0x6b/0xd0 [ 612.660305][T13072] do_SYSENTER_32+0x73/0x90 [ 612.660305][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.660305][T13072] [ 612.660305][T13072] Uninit was stored to memory at: [ 612.660305][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 612.660305][T13072] __msan_chain_origin+0x50/0x90 [ 612.880615][T13072] __get_compat_msghdr+0x5be/0x890 [ 612.880615][T13072] get_compat_msghdr+0x108/0x270 [ 612.880615][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 612.880615][T13072] __sys_recvmmsg+0x4ca/0x510 [ 612.880615][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.880615][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.880615][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 612.880615][T13072] do_fast_syscall_32+0x6b/0xd0 [ 612.880615][T13072] do_SYSENTER_32+0x73/0x90 [ 612.880615][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.880615][T13072] [ 612.880615][T13072] Uninit was stored to memory at: [ 612.880615][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 612.880615][T13072] __msan_chain_origin+0x50/0x90 [ 612.880615][T13072] __get_compat_msghdr+0x5be/0x890 [ 612.880615][T13072] get_compat_msghdr+0x108/0x270 [ 612.880615][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 612.880615][T13072] __sys_recvmmsg+0x4ca/0x510 [ 612.880615][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.880615][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.880615][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 612.880615][T13072] do_fast_syscall_32+0x6b/0xd0 [ 612.880615][T13072] do_SYSENTER_32+0x73/0x90 [ 612.880615][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.880615][T13072] [ 612.880615][T13072] Uninit was stored to memory at: [ 612.880615][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 612.880615][T13072] __msan_chain_origin+0x50/0x90 [ 612.880615][T13072] __get_compat_msghdr+0x5be/0x890 [ 612.880615][T13072] get_compat_msghdr+0x108/0x270 [ 612.880615][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 612.880615][T13072] __sys_recvmmsg+0x4ca/0x510 [ 612.880615][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.880615][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.880615][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 612.880615][T13072] do_fast_syscall_32+0x6b/0xd0 [ 612.880615][T13072] do_SYSENTER_32+0x73/0x90 [ 612.880615][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.880615][T13072] [ 612.880615][T13072] Uninit was stored to memory at: [ 612.880615][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 612.880615][T13072] __msan_chain_origin+0x50/0x90 [ 612.880615][T13072] __get_compat_msghdr+0x5be/0x890 [ 612.880615][T13072] get_compat_msghdr+0x108/0x270 [ 612.880615][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 612.880615][T13072] __sys_recvmmsg+0x4ca/0x510 [ 612.880615][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.880615][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.880615][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 612.880615][T13072] do_fast_syscall_32+0x6b/0xd0 [ 612.880615][T13072] do_SYSENTER_32+0x73/0x90 [ 612.880615][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.880615][T13072] [ 612.880615][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 612.880615][T13072] do_recvmmsg+0xc5/0x1ee0 [ 612.880615][T13072] do_recvmmsg+0xc5/0x1ee0 [ 613.350652][T13080] not chained 2060000 origins [ 613.355471][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 613.360168][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 613.360168][T13080] Call Trace: [ 613.360168][T13080] dump_stack+0x1df/0x240 [ 613.360168][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 613.360168][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 613.360168][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 613.360168][T13080] ? sched_clock_cpu+0x37c/0x930 [ 613.360168][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 613.360168][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 613.360168][T13080] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 613.360168][T13080] ? psi_group_change+0x1007/0x13c0 [ 613.360168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 613.360168][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 613.360168][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 613.360168][T13080] ? _copy_from_user+0x15b/0x260 [ 613.360168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 613.360168][T13080] __msan_chain_origin+0x50/0x90 [ 613.360168][T13080] __get_compat_msghdr+0x5be/0x890 [ 613.360168][T13080] get_compat_msghdr+0x108/0x270 [ 613.360168][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 613.360168][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 613.360168][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 613.480895][T13021] not chained 2070000 origins [ 613.360168][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 613.360168][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 613.360168][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 613.360168][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 613.360168][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 613.360168][T13080] __sys_recvmmsg+0x4ca/0x510 [ 613.360168][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.360168][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 613.360168][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.360168][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 613.360168][T13080] do_fast_syscall_32+0x6b/0xd0 [ 613.360168][T13080] do_SYSENTER_32+0x73/0x90 [ 613.360168][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.360168][T13080] RIP: 0023:0xf7fbe549 [ 613.360168][T13080] Code: Bad RIP value. [ 613.360168][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 613.360168][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 613.360168][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 613.360168][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 613.360168][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 613.360168][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 613.360168][T13080] Uninit was stored to memory at: [ 613.490158][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 613.490158][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 613.360168][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 613.490158][T13021] Call Trace: [ 613.360168][T13080] __msan_chain_origin+0x50/0x90 [ 613.490158][T13021] dump_stack+0x1df/0x240 [ 613.360168][T13080] __get_compat_msghdr+0x5be/0x890 [ 613.490158][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 613.360168][T13080] get_compat_msghdr+0x108/0x270 [ 613.490158][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 613.360168][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 613.490158][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 613.360168][T13080] __sys_recvmmsg+0x4ca/0x510 [ 613.490158][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 613.360168][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.490158][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 613.360168][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.490158][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 613.360168][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 613.490158][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 613.360168][T13080] do_fast_syscall_32+0x6b/0xd0 [ 613.490158][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 613.360168][T13080] do_SYSENTER_32+0x73/0x90 [ 613.490158][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 613.360168][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.490158][T13021] ? _copy_from_user+0x15b/0x260 [ 613.360168][T13080] [ 613.490158][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 613.360168][T13080] Uninit was stored to memory at: [ 613.490158][T13021] __msan_chain_origin+0x50/0x90 [ 613.360168][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 613.490158][T13021] __get_compat_msghdr+0x5be/0x890 [ 613.360168][T13080] __msan_chain_origin+0x50/0x90 [ 613.490158][T13021] get_compat_msghdr+0x108/0x270 [ 613.360168][T13080] __get_compat_msghdr+0x5be/0x890 [ 613.490158][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 613.360168][T13080] get_compat_msghdr+0x108/0x270 [ 613.490158][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 613.360168][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 613.490158][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 613.360168][T13080] __sys_recvmmsg+0x4ca/0x510 [ 613.490158][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 613.360168][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.490158][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 613.360168][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.490158][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 613.360168][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 613.490158][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 613.360168][T13080] do_fast_syscall_32+0x6b/0xd0 [ 613.490158][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 613.360168][T13080] do_SYSENTER_32+0x73/0x90 [ 613.490158][T13021] __sys_recvmmsg+0x4ca/0x510 [ 613.360168][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.490158][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.360168][T13080] [ 613.490158][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 613.360168][T13080] Uninit was stored to memory at: [ 613.490158][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.360168][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 613.490158][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 613.360168][T13080] __msan_chain_origin+0x50/0x90 [ 613.490158][T13021] do_fast_syscall_32+0x6b/0xd0 [ 613.360168][T13080] __get_compat_msghdr+0x5be/0x890 [ 613.490158][T13021] do_SYSENTER_32+0x73/0x90 [ 613.360168][T13080] get_compat_msghdr+0x108/0x270 [ 613.490158][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.360168][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 613.490158][T13021] RIP: 0023:0xf7f4d549 [ 613.360168][T13080] __sys_recvmmsg+0x4ca/0x510 [ 613.490158][T13021] Code: Bad RIP value. [ 613.360168][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.490158][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 613.360168][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.490158][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 613.360168][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 613.490158][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 613.360168][T13080] do_fast_syscall_32+0x6b/0xd0 [ 613.490158][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 613.360168][T13080] do_SYSENTER_32+0x73/0x90 [ 613.490158][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 613.360168][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.490158][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 613.360168][T13080] [ 613.490158][T13021] Uninit was stored to memory at: [ 613.360168][T13080] Uninit was stored to memory at: [ 613.490158][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 613.360168][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 613.490158][T13021] __msan_chain_origin+0x50/0x90 [ 613.360168][T13080] __msan_chain_origin+0x50/0x90 [ 613.490158][T13021] __get_compat_msghdr+0x5be/0x890 [ 613.360168][T13080] __get_compat_msghdr+0x5be/0x890 [ 613.490158][T13021] get_compat_msghdr+0x108/0x270 [ 613.360168][T13080] get_compat_msghdr+0x108/0x270 [ 613.490158][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 613.360168][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 613.490158][T13021] __sys_recvmmsg+0x4ca/0x510 [ 613.360168][T13080] __sys_recvmmsg+0x4ca/0x510 [ 613.490158][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.360168][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.490158][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.360168][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.490158][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 613.360168][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 613.490158][T13021] do_fast_syscall_32+0x6b/0xd0 [ 613.360168][T13080] do_fast_syscall_32+0x6b/0xd0 [ 613.490158][T13021] do_SYSENTER_32+0x73/0x90 [ 613.360168][T13080] do_SYSENTER_32+0x73/0x90 [ 613.490158][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.360168][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.490158][T13021] [ 613.360168][T13080] [ 613.490158][T13021] Uninit was stored to memory at: [ 613.360168][T13080] Uninit was stored to memory at: [ 613.490158][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 613.360168][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 613.490158][T13021] __msan_chain_origin+0x50/0x90 [ 613.360168][T13080] __msan_chain_origin+0x50/0x90 [ 613.490158][T13021] __get_compat_msghdr+0x5be/0x890 [ 613.360168][T13080] __get_compat_msghdr+0x5be/0x890 [ 613.490158][T13021] get_compat_msghdr+0x108/0x270 [ 613.360168][T13080] get_compat_msghdr+0x108/0x270 [ 613.490158][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 613.360168][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 613.490158][T13021] __sys_recvmmsg+0x4ca/0x510 [ 613.360168][T13080] __sys_recvmmsg+0x4ca/0x510 [ 613.490158][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.360168][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.490158][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.360168][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.490158][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 613.360168][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 613.490158][T13021] do_fast_syscall_32+0x6b/0xd0 [ 613.360168][T13080] do_fast_syscall_32+0x6b/0xd0 [ 613.490158][T13021] do_SYSENTER_32+0x73/0x90 [ 613.360168][T13080] do_SYSENTER_32+0x73/0x90 [ 613.490158][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.360168][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.490158][T13021] [ 613.360168][T13080] [ 613.490158][T13021] Uninit was stored to memory at: [ 613.360168][T13080] Uninit was stored to memory at: [ 613.490158][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 613.360168][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 613.490158][T13021] __msan_chain_origin+0x50/0x90 [ 613.360168][T13080] __msan_chain_origin+0x50/0x90 [ 613.490158][T13021] __get_compat_msghdr+0x5be/0x890 [ 613.360168][T13080] __get_compat_msghdr+0x5be/0x890 [ 613.490158][T13021] get_compat_msghdr+0x108/0x270 [ 613.360168][T13080] get_compat_msghdr+0x108/0x270 [ 613.490158][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 613.360168][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 613.490158][T13021] __sys_recvmmsg+0x4ca/0x510 [ 613.360168][T13080] __sys_recvmmsg+0x4ca/0x510 [ 613.490158][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.360168][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.490158][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.360168][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.490158][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 613.360168][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 613.490158][T13021] do_fast_syscall_32+0x6b/0xd0 [ 613.360168][T13080] do_fast_syscall_32+0x6b/0xd0 [ 613.490158][T13021] do_SYSENTER_32+0x73/0x90 [ 613.360168][T13080] do_SYSENTER_32+0x73/0x90 [ 613.490158][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.360168][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.490158][T13021] [ 613.360168][T13080] [ 613.490158][T13021] Uninit was stored to memory at: [ 613.360168][T13080] Uninit was stored to memory at: [ 613.490158][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 613.360168][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 613.490158][T13021] __msan_chain_origin+0x50/0x90 [ 613.360168][T13080] __msan_chain_origin+0x50/0x90 [ 613.490158][T13021] __get_compat_msghdr+0x5be/0x890 [ 613.360168][T13080] __get_compat_msghdr+0x5be/0x890 [ 613.490158][T13021] get_compat_msghdr+0x108/0x270 [ 613.360168][T13080] get_compat_msghdr+0x108/0x270 [ 613.490158][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 613.360168][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 613.490158][T13021] __sys_recvmmsg+0x4ca/0x510 [ 613.360168][T13080] __sys_recvmmsg+0x4ca/0x510 [ 613.490158][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.360168][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.490158][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.360168][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.490158][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 613.360168][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 613.490158][T13021] do_fast_syscall_32+0x6b/0xd0 [ 613.360168][T13080] do_fast_syscall_32+0x6b/0xd0 [ 613.490158][T13021] do_SYSENTER_32+0x73/0x90 [ 613.360168][T13080] do_SYSENTER_32+0x73/0x90 [ 613.490158][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.360168][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.490158][T13021] [ 613.360168][T13080] [ 613.490158][T13021] Uninit was stored to memory at: [ 613.360168][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 613.490158][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 613.360168][T13080] do_recvmmsg+0xc5/0x1ee0 [ 613.490158][T13021] __msan_chain_origin+0x50/0x90 [ 613.360168][T13080] do_recvmmsg+0xc5/0x1ee0 [ 613.490158][T13021] __get_compat_msghdr+0x5be/0x890 [ 613.490158][T13021] get_compat_msghdr+0x108/0x270 [ 613.490158][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 614.670555][T13021] __sys_recvmmsg+0x4ca/0x510 [ 614.670555][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.670555][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.670555][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 614.670555][T13021] do_fast_syscall_32+0x6b/0xd0 [ 614.670555][T13021] do_SYSENTER_32+0x73/0x90 [ 614.670555][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.670555][T13021] [ 614.670555][T13021] Uninit was stored to memory at: [ 614.670555][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 614.670555][T13021] __msan_chain_origin+0x50/0x90 [ 614.670555][T13021] __get_compat_msghdr+0x5be/0x890 [ 614.670555][T13021] get_compat_msghdr+0x108/0x270 [ 614.670555][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 614.670555][T13021] __sys_recvmmsg+0x4ca/0x510 [ 614.670555][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.670555][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.670555][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 614.670555][T13021] do_fast_syscall_32+0x6b/0xd0 [ 614.670555][T13021] do_SYSENTER_32+0x73/0x90 [ 614.670555][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.670555][T13021] [ 614.670555][T13021] Uninit was stored to memory at: [ 614.670555][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 614.670555][T13021] __msan_chain_origin+0x50/0x90 [ 614.670555][T13021] __get_compat_msghdr+0x5be/0x890 [ 614.670555][T13021] get_compat_msghdr+0x108/0x270 [ 614.670555][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 614.670555][T13021] __sys_recvmmsg+0x4ca/0x510 [ 614.670555][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.670555][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.670555][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 614.670555][T13021] do_fast_syscall_32+0x6b/0xd0 [ 614.670555][T13021] do_SYSENTER_32+0x73/0x90 [ 614.670555][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.670555][T13021] [ 614.670555][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 614.670555][T13021] do_recvmmsg+0xc5/0x1ee0 [ 614.670555][T13021] do_recvmmsg+0xc5/0x1ee0 [ 615.107310][T13041] not chained 2080000 origins [ 615.110162][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 615.110162][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 615.110162][T13041] Call Trace: [ 615.110162][T13041] dump_stack+0x1df/0x240 [ 615.110162][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 615.110162][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 615.110162][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 615.110162][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 615.110162][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 615.110162][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 615.110162][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 615.110162][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 615.110162][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 615.110162][T13041] ? _copy_from_user+0x15b/0x260 [ 615.110162][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 615.110162][T13041] __msan_chain_origin+0x50/0x90 [ 615.110162][T13041] __get_compat_msghdr+0x5be/0x890 [ 615.110162][T13041] get_compat_msghdr+0x108/0x270 [ 615.110162][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 615.110162][T13041] ? idle_cpu+0x9a/0x1d0 [ 615.110162][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 615.110162][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 615.110162][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 615.110162][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 615.110162][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 615.110162][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 615.110162][T13041] __sys_recvmmsg+0x4ca/0x510 [ 615.110162][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.110162][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 615.110162][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.110162][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 615.110162][T13041] do_fast_syscall_32+0x6b/0xd0 [ 615.110162][T13041] do_SYSENTER_32+0x73/0x90 [ 615.110162][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.110162][T13041] RIP: 0023:0xf7fd6549 [ 615.110162][T13041] Code: Bad RIP value. [ 615.110162][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 615.110162][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 615.110162][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 615.110162][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 615.110162][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 615.110162][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 615.110162][T13041] Uninit was stored to memory at: [ 615.110162][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 615.110162][T13041] __msan_chain_origin+0x50/0x90 [ 615.110162][T13041] __get_compat_msghdr+0x5be/0x890 [ 615.110162][T13041] get_compat_msghdr+0x108/0x270 [ 615.110162][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 615.110162][T13041] __sys_recvmmsg+0x4ca/0x510 [ 615.110162][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.110162][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.110162][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 615.110162][T13041] do_fast_syscall_32+0x6b/0xd0 [ 615.407291][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 615.110162][T13041] do_SYSENTER_32+0x73/0x90 [ 615.420187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.420187][T13041] [ 615.420187][T13041] Uninit was stored to memory at: [ 615.420187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 615.420187][T13041] __msan_chain_origin+0x50/0x90 [ 615.444596][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 615.420187][T13041] __get_compat_msghdr+0x5be/0x890 [ 615.420187][T13041] get_compat_msghdr+0x108/0x270 [ 615.420187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 615.420187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 615.420187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.420187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.420187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 615.420187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 615.420187][T13041] do_SYSENTER_32+0x73/0x90 [ 615.420187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.420187][T13041] [ 615.420187][T13041] Uninit was stored to memory at: [ 615.420187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 615.518732][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 615.420187][T13041] __msan_chain_origin+0x50/0x90 [ 615.420187][T13041] __get_compat_msghdr+0x5be/0x890 [ 615.420187][T13041] get_compat_msghdr+0x108/0x270 [ 615.420187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 615.420187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 615.420187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.420187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.420187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 615.420187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 615.420187][T13041] do_SYSENTER_32+0x73/0x90 [ 615.420187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.420187][T13041] [ 615.420187][T13041] Uninit was stored to memory at: [ 615.420187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 615.420187][T13041] __msan_chain_origin+0x50/0x90 [ 615.420187][T13041] __get_compat_msghdr+0x5be/0x890 [ 615.420187][T13041] get_compat_msghdr+0x108/0x270 [ 615.420187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 615.420187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 615.420187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.420187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.632025][T13072] not chained 2090000 origins [ 615.420187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 615.640182][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 615.420187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 615.640182][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 615.420187][T13041] do_SYSENTER_32+0x73/0x90 [ 615.640182][T13072] Call Trace: [ 615.420187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.640182][T13072] dump_stack+0x1df/0x240 [ 615.420187][T13041] [ 615.640182][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 615.420187][T13041] Uninit was stored to memory at: [ 615.640182][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 615.420187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 615.640182][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 615.420187][T13041] __msan_chain_origin+0x50/0x90 [ 615.640182][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 615.420187][T13041] __get_compat_msghdr+0x5be/0x890 [ 615.640182][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 615.420187][T13041] get_compat_msghdr+0x108/0x270 [ 615.640182][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 615.420187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 615.640182][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 615.420187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 615.640182][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 615.420187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.640182][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 615.420187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.640182][T13072] ? _copy_from_user+0x15b/0x260 [ 615.420187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 615.640182][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 615.420187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 615.640182][T13072] __msan_chain_origin+0x50/0x90 [ 615.420187][T13041] do_SYSENTER_32+0x73/0x90 [ 615.640182][T13072] __get_compat_msghdr+0x5be/0x890 [ 615.420187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.640182][T13072] get_compat_msghdr+0x108/0x270 [ 615.420187][T13041] [ 615.640182][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 615.420187][T13041] Uninit was stored to memory at: [ 615.640182][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 615.420187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 615.640182][T13072] ? sched_clock_cpu+0x7c/0x930 [ 615.420187][T13041] __msan_chain_origin+0x50/0x90 [ 615.640182][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 615.420187][T13041] __get_compat_msghdr+0x5be/0x890 [ 615.640182][T13072] ? sched_clock_cpu+0x7c/0x930 [ 615.420187][T13041] get_compat_msghdr+0x108/0x270 [ 615.640182][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 615.420187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 615.640182][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 615.420187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 615.640182][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 615.420187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.640182][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 615.420187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.640182][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 615.420187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 615.640182][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 615.420187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 615.640182][T13072] __sys_recvmmsg+0x4ca/0x510 [ 615.420187][T13041] do_SYSENTER_32+0x73/0x90 [ 615.640182][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.420187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.640182][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 615.420187][T13041] [ 615.640182][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.420187][T13041] Uninit was stored to memory at: [ 615.640182][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 615.420187][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 615.640182][T13072] do_fast_syscall_32+0x6b/0xd0 [ 615.420187][T13041] __msan_chain_origin+0x50/0x90 [ 615.640182][T13072] do_SYSENTER_32+0x73/0x90 [ 615.420187][T13041] __get_compat_msghdr+0x5be/0x890 [ 615.640182][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.420187][T13041] get_compat_msghdr+0x108/0x270 [ 615.640182][T13072] RIP: 0023:0xf7fbe549 [ 615.420187][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 615.640182][T13072] Code: Bad RIP value. [ 615.420187][T13041] __sys_recvmmsg+0x4ca/0x510 [ 615.640182][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 615.420187][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.640182][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 615.420187][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.640182][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 615.420187][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 615.640182][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 615.420187][T13041] do_fast_syscall_32+0x6b/0xd0 [ 615.640182][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 615.420187][T13041] do_SYSENTER_32+0x73/0x90 [ 615.640182][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 615.420187][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.640182][T13072] Uninit was stored to memory at: [ 615.420187][T13041] [ 615.640182][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 615.420187][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 615.640182][T13072] __msan_chain_origin+0x50/0x90 [ 615.420187][T13041] do_recvmmsg+0xc5/0x1ee0 [ 615.640182][T13072] __get_compat_msghdr+0x5be/0x890 [ 615.420187][T13041] do_recvmmsg+0xc5/0x1ee0 [ 615.640182][T13072] get_compat_msghdr+0x108/0x270 [ 616.170931][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 616.175238][T13072] __sys_recvmmsg+0x4ca/0x510 [ 616.179985][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.179985][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.179985][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 616.179985][T13072] do_fast_syscall_32+0x6b/0xd0 [ 616.179985][T13072] do_SYSENTER_32+0x73/0x90 [ 616.179985][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.179985][T13072] [ 616.179985][T13072] Uninit was stored to memory at: [ 616.179985][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 616.179985][T13072] __msan_chain_origin+0x50/0x90 [ 616.179985][T13072] __get_compat_msghdr+0x5be/0x890 [ 616.179985][T13072] get_compat_msghdr+0x108/0x270 [ 616.179985][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 616.179985][T13072] __sys_recvmmsg+0x4ca/0x510 [ 616.179985][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.179985][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.179985][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 616.179985][T13072] do_fast_syscall_32+0x6b/0xd0 [ 616.179985][T13072] do_SYSENTER_32+0x73/0x90 [ 616.179985][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.179985][T13072] [ 616.179985][T13072] Uninit was stored to memory at: [ 616.179985][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 616.179985][T13072] __msan_chain_origin+0x50/0x90 [ 616.179985][T13072] __get_compat_msghdr+0x5be/0x890 [ 616.179985][T13072] get_compat_msghdr+0x108/0x270 [ 616.179985][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 616.179985][T13072] __sys_recvmmsg+0x4ca/0x510 [ 616.179985][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.179985][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.179985][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 616.179985][T13072] do_fast_syscall_32+0x6b/0xd0 [ 616.179985][T13072] do_SYSENTER_32+0x73/0x90 [ 616.179985][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.352270][T13012] not chained 2100000 origins [ 616.179985][T13072] [ 616.360144][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 616.179985][T13072] Uninit was stored to memory at: [ 616.360144][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 616.179985][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 616.360144][T13012] Call Trace: [ 616.179985][T13072] __msan_chain_origin+0x50/0x90 [ 616.360144][T13012] dump_stack+0x1df/0x240 [ 616.179985][T13072] __get_compat_msghdr+0x5be/0x890 [ 616.360144][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 616.179985][T13072] get_compat_msghdr+0x108/0x270 [ 616.360144][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 616.179985][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 616.360144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 616.179985][T13072] __sys_recvmmsg+0x4ca/0x510 [ 616.360144][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 616.179985][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.360144][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 616.179985][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.360144][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 616.179985][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 616.360144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 616.179985][T13072] do_fast_syscall_32+0x6b/0xd0 [ 616.360144][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 616.179985][T13072] do_SYSENTER_32+0x73/0x90 [ 616.360144][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 616.179985][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.360144][T13012] ? _copy_from_user+0x15b/0x260 [ 616.179985][T13072] [ 616.360144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 616.179985][T13072] Uninit was stored to memory at: [ 616.360144][T13012] __msan_chain_origin+0x50/0x90 [ 616.179985][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 616.360144][T13012] __get_compat_msghdr+0x5be/0x890 [ 616.179985][T13072] __msan_chain_origin+0x50/0x90 [ 616.360144][T13012] get_compat_msghdr+0x108/0x270 [ 616.179985][T13072] __get_compat_msghdr+0x5be/0x890 [ 616.360144][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 616.179985][T13072] get_compat_msghdr+0x108/0x270 [ 616.360144][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 616.179985][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 616.360144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 616.179985][T13072] __sys_recvmmsg+0x4ca/0x510 [ 616.360144][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 616.179985][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.360144][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 616.179985][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.360144][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 616.179985][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 616.360144][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 616.179985][T13072] do_fast_syscall_32+0x6b/0xd0 [ 616.360144][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 616.179985][T13072] do_SYSENTER_32+0x73/0x90 [ 616.360144][T13012] __sys_recvmmsg+0x4ca/0x510 [ 616.179985][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.360144][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.179985][T13072] [ 616.360144][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 616.179985][T13072] Uninit was stored to memory at: [ 616.360144][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.179985][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 616.360144][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 616.179985][T13072] __msan_chain_origin+0x50/0x90 [ 616.360144][T13012] do_fast_syscall_32+0x6b/0xd0 [ 616.179985][T13072] __get_compat_msghdr+0x5be/0x890 [ 616.360144][T13012] do_SYSENTER_32+0x73/0x90 [ 616.179985][T13072] get_compat_msghdr+0x108/0x270 [ 616.360144][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.179985][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 616.360144][T13012] RIP: 0023:0xf7f4d549 [ 616.179985][T13072] __sys_recvmmsg+0x4ca/0x510 [ 616.360144][T13012] Code: Bad RIP value. [ 616.179985][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.360144][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 616.179985][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.360144][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 616.179985][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 616.360144][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 616.179985][T13072] do_fast_syscall_32+0x6b/0xd0 [ 616.360144][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 616.179985][T13072] do_SYSENTER_32+0x73/0x90 [ 616.360144][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 616.179985][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.360144][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 616.179985][T13072] [ 616.360144][T13012] Uninit was stored to memory at: [ 616.179985][T13072] Uninit was stored to memory at: [ 616.360144][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 616.179985][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 616.360144][T13012] __msan_chain_origin+0x50/0x90 [ 616.179985][T13072] __msan_chain_origin+0x50/0x90 [ 616.360144][T13012] __get_compat_msghdr+0x5be/0x890 [ 616.179985][T13072] __get_compat_msghdr+0x5be/0x890 [ 616.360144][T13012] get_compat_msghdr+0x108/0x270 [ 616.179985][T13072] get_compat_msghdr+0x108/0x270 [ 616.360144][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 616.179985][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 616.360144][T13012] __sys_recvmmsg+0x4ca/0x510 [ 616.179985][T13072] __sys_recvmmsg+0x4ca/0x510 [ 616.360144][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.179985][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.360144][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.179985][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.360144][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 616.179985][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 616.360144][T13012] do_fast_syscall_32+0x6b/0xd0 [ 616.179985][T13072] do_fast_syscall_32+0x6b/0xd0 [ 616.360144][T13012] do_SYSENTER_32+0x73/0x90 [ 616.179985][T13072] do_SYSENTER_32+0x73/0x90 [ 616.360144][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.179985][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.360144][T13012] [ 616.179985][T13072] [ 616.360144][T13012] Uninit was stored to memory at: [ 616.179985][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 616.360144][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 616.179985][T13072] do_recvmmsg+0xc5/0x1ee0 [ 616.360144][T13012] __msan_chain_origin+0x50/0x90 [ 616.179985][T13072] do_recvmmsg+0xc5/0x1ee0 [ 616.360144][T13012] __get_compat_msghdr+0x5be/0x890 [ 616.987441][T13012] get_compat_msghdr+0x108/0x270 [ 616.995364][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 616.997782][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 616.995364][T13012] __sys_recvmmsg+0x4ca/0x510 [ 616.995364][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.995364][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.995364][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 616.995364][T13012] do_fast_syscall_32+0x6b/0xd0 [ 616.995364][T13012] do_SYSENTER_32+0x73/0x90 [ 617.037126][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 616.995364][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.995364][T13012] [ 616.995364][T13012] Uninit was stored to memory at: [ 616.995364][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 616.995364][T13012] __msan_chain_origin+0x50/0x90 [ 616.995364][T13012] __get_compat_msghdr+0x5be/0x890 [ 617.076559][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 616.995364][T13012] get_compat_msghdr+0x108/0x270 [ 617.086379][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 617.086379][T13012] __sys_recvmmsg+0x4ca/0x510 [ 617.086379][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.086379][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.086379][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 617.086379][T13012] do_fast_syscall_32+0x6b/0xd0 [ 617.121992][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 617.086379][T13012] do_SYSENTER_32+0x73/0x90 [ 617.086379][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.086379][T13012] [ 617.086379][T13012] Uninit was stored to memory at: [ 617.086379][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 617.150282][T13012] __msan_chain_origin+0x50/0x90 [ 617.159172][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 617.150282][T13012] __get_compat_msghdr+0x5be/0x890 [ 617.150282][T13012] get_compat_msghdr+0x108/0x270 [ 617.150282][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 617.150282][T13012] __sys_recvmmsg+0x4ca/0x510 [ 617.150282][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.150282][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.196120][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 617.150282][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 617.150282][T13012] do_fast_syscall_32+0x6b/0xd0 [ 617.150282][T13012] do_SYSENTER_32+0x73/0x90 [ 617.220938][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 617.220347][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.220347][T13012] [ 617.220347][T13012] Uninit was stored to memory at: [ 617.220347][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 617.220347][T13012] __msan_chain_origin+0x50/0x90 [ 617.220347][T13012] __get_compat_msghdr+0x5be/0x890 [ 617.220347][T13012] get_compat_msghdr+0x108/0x270 [ 617.220347][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 617.220347][T13012] __sys_recvmmsg+0x4ca/0x510 [ 617.220347][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.220347][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.220347][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 617.220347][T13012] do_fast_syscall_32+0x6b/0xd0 [ 617.220347][T13012] do_SYSENTER_32+0x73/0x90 [ 617.220347][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.220347][T13012] [ 617.220347][T13012] Uninit was stored to memory at: [ 617.220347][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 617.220347][T13012] __msan_chain_origin+0x50/0x90 [ 617.220347][T13012] __get_compat_msghdr+0x5be/0x890 [ 617.220347][T13012] get_compat_msghdr+0x108/0x270 [ 617.220347][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 617.220347][T13012] __sys_recvmmsg+0x4ca/0x510 [ 617.220347][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.220347][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.220347][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 617.220347][T13012] do_fast_syscall_32+0x6b/0xd0 [ 617.220347][T13012] do_SYSENTER_32+0x73/0x90 [ 617.220347][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.220347][T13012] [ 617.220347][T13012] Uninit was stored to memory at: [ 617.220347][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 617.220347][T13012] __msan_chain_origin+0x50/0x90 [ 617.220347][T13012] __get_compat_msghdr+0x5be/0x890 [ 617.220347][T13012] get_compat_msghdr+0x108/0x270 [ 617.220347][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 617.220347][T13012] __sys_recvmmsg+0x4ca/0x510 [ 617.220347][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.220347][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.220347][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 617.220347][T13012] do_fast_syscall_32+0x6b/0xd0 [ 617.220347][T13012] do_SYSENTER_32+0x73/0x90 [ 617.220347][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.220347][T13012] [ 617.220347][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 617.220347][T13012] do_recvmmsg+0xc5/0x1ee0 [ 617.220347][T13012] do_recvmmsg+0xc5/0x1ee0 [ 617.653009][T13041] not chained 2110000 origins [ 617.657742][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 617.660434][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 617.660434][T13041] Call Trace: [ 617.660434][T13041] dump_stack+0x1df/0x240 [ 617.660434][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 617.660434][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 617.660434][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 617.660434][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 617.660434][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 617.660434][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 617.660434][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 617.660434][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 617.660434][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 617.660434][T13041] ? _copy_from_user+0x15b/0x260 [ 617.660434][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 617.660434][T13041] __msan_chain_origin+0x50/0x90 [ 617.660434][T13041] __get_compat_msghdr+0x5be/0x890 [ 617.660434][T13041] get_compat_msghdr+0x108/0x270 [ 617.660434][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 617.760672][T13041] ? idle_cpu+0x9a/0x1d0 [ 617.760672][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 617.760672][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 617.760672][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 617.760672][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 617.760672][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 617.760672][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 617.760672][T13041] __sys_recvmmsg+0x4ca/0x510 [ 617.760672][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.760672][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 617.760672][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.760672][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 617.760672][T13041] do_fast_syscall_32+0x6b/0xd0 [ 617.760672][T13041] do_SYSENTER_32+0x73/0x90 [ 617.760672][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.760672][T13041] RIP: 0023:0xf7fd6549 [ 617.760672][T13041] Code: Bad RIP value. [ 617.760672][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 617.760672][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 617.760672][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 617.760672][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 617.760672][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 617.760672][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 617.760672][T13041] Uninit was stored to memory at: [ 617.760672][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 617.760672][T13041] __msan_chain_origin+0x50/0x90 [ 617.760672][T13041] __get_compat_msghdr+0x5be/0x890 [ 617.760672][T13041] get_compat_msghdr+0x108/0x270 [ 617.760672][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 617.760672][T13041] __sys_recvmmsg+0x4ca/0x510 [ 617.760672][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.760672][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.760672][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 617.760672][T13041] do_fast_syscall_32+0x6b/0xd0 [ 617.760672][T13041] do_SYSENTER_32+0x73/0x90 [ 617.760672][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.760672][T13041] [ 617.760672][T13041] Uninit was stored to memory at: [ 617.760672][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 617.760672][T13041] __msan_chain_origin+0x50/0x90 [ 617.760672][T13041] __get_compat_msghdr+0x5be/0x890 [ 617.760672][T13041] get_compat_msghdr+0x108/0x270 [ 617.760672][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 617.760672][T13041] __sys_recvmmsg+0x4ca/0x510 [ 617.760672][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.760672][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.760672][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 617.760672][T13041] do_fast_syscall_32+0x6b/0xd0 [ 617.760672][T13041] do_SYSENTER_32+0x73/0x90 [ 617.760672][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.760672][T13041] [ 617.760672][T13041] Uninit was stored to memory at: [ 617.760672][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 617.760672][T13041] __msan_chain_origin+0x50/0x90 [ 617.760672][T13041] __get_compat_msghdr+0x5be/0x890 [ 617.760672][T13041] get_compat_msghdr+0x108/0x270 [ 617.760672][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 617.760672][T13041] __sys_recvmmsg+0x4ca/0x510 [ 617.760672][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.760672][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.760672][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 617.760672][T13041] do_fast_syscall_32+0x6b/0xd0 [ 617.760672][T13041] do_SYSENTER_32+0x73/0x90 [ 617.760672][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.760672][T13041] [ 617.760672][T13041] Uninit was stored to memory at: [ 617.760672][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 617.760672][T13041] __msan_chain_origin+0x50/0x90 [ 617.760672][T13041] __get_compat_msghdr+0x5be/0x890 [ 617.760672][T13041] get_compat_msghdr+0x108/0x270 [ 617.760672][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 617.760672][T13041] __sys_recvmmsg+0x4ca/0x510 [ 617.760672][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.760672][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.760672][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 617.760672][T13041] do_fast_syscall_32+0x6b/0xd0 [ 617.760672][T13041] do_SYSENTER_32+0x73/0x90 [ 617.760672][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.760672][T13041] [ 617.760672][T13041] Uninit was stored to memory at: [ 617.760672][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 617.760672][T13041] __msan_chain_origin+0x50/0x90 [ 617.760672][T13041] __get_compat_msghdr+0x5be/0x890 [ 617.760672][T13041] get_compat_msghdr+0x108/0x270 [ 617.760672][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 617.760672][T13041] __sys_recvmmsg+0x4ca/0x510 [ 617.760672][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.760672][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.760672][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 617.760672][T13041] do_fast_syscall_32+0x6b/0xd0 [ 617.760672][T13041] do_SYSENTER_32+0x73/0x90 [ 617.760672][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.760672][T13041] [ 617.760672][T13041] Uninit was stored to memory at: [ 617.760672][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 617.760672][T13041] __msan_chain_origin+0x50/0x90 [ 617.760672][T13041] __get_compat_msghdr+0x5be/0x890 [ 617.760672][T13041] get_compat_msghdr+0x108/0x270 [ 617.760672][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 617.760672][T13041] __sys_recvmmsg+0x4ca/0x510 [ 617.760672][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.760672][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.760672][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 617.760672][T13041] do_fast_syscall_32+0x6b/0xd0 [ 617.760672][T13041] do_SYSENTER_32+0x73/0x90 [ 617.760672][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.760672][T13041] [ 617.760672][T13041] Uninit was stored to memory at: [ 617.760672][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 617.760672][T13041] __msan_chain_origin+0x50/0x90 [ 617.760672][T13041] __get_compat_msghdr+0x5be/0x890 [ 617.760672][T13041] get_compat_msghdr+0x108/0x270 [ 617.760672][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 617.760672][T13041] __sys_recvmmsg+0x4ca/0x510 [ 617.760672][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.760672][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.760672][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 617.760672][T13041] do_fast_syscall_32+0x6b/0xd0 [ 617.760672][T13041] do_SYSENTER_32+0x73/0x90 [ 617.760672][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.760672][T13041] [ 617.760672][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 617.760672][T13041] do_recvmmsg+0xc5/0x1ee0 [ 617.760672][T13041] do_recvmmsg+0xc5/0x1ee0 [ 618.474286][T13021] not chained 2120000 origins [ 618.479008][T13021] CPU: 0 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 618.480206][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 618.480206][T13021] Call Trace: [ 618.480206][T13021] dump_stack+0x1df/0x240 [ 618.480206][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 618.480206][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 618.480206][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 618.480206][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 618.480206][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 618.480206][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 618.480206][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 618.480206][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 618.480206][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 618.480206][T13021] ? _copy_from_user+0x15b/0x260 [ 618.480206][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 618.480206][T13021] __msan_chain_origin+0x50/0x90 [ 618.480206][T13021] __get_compat_msghdr+0x5be/0x890 [ 618.480206][T13021] get_compat_msghdr+0x108/0x270 [ 618.480206][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 618.480206][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 618.480206][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 618.480206][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 618.599721][T13080] not chained 2130000 origins [ 618.480206][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 618.480206][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 618.480206][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 618.480206][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 618.480206][T13021] __sys_recvmmsg+0x4ca/0x510 [ 618.480206][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.480206][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 618.480206][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.480206][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 618.480206][T13021] do_fast_syscall_32+0x6b/0xd0 [ 618.480206][T13021] do_SYSENTER_32+0x73/0x90 [ 618.480206][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.480206][T13021] RIP: 0023:0xf7f4d549 [ 618.480206][T13021] Code: Bad RIP value. [ 618.480206][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 618.480206][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 618.480206][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 618.480206][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 618.480206][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 618.480206][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 618.480206][T13021] Uninit was stored to memory at: [ 618.600136][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 618.600136][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 618.480206][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 618.600136][T13080] Call Trace: [ 618.480206][T13021] __msan_chain_origin+0x50/0x90 [ 618.600136][T13080] dump_stack+0x1df/0x240 [ 618.480206][T13021] __get_compat_msghdr+0x5be/0x890 [ 618.600136][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 618.480206][T13021] get_compat_msghdr+0x108/0x270 [ 618.600136][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 618.480206][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 618.600136][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 618.480206][T13021] __sys_recvmmsg+0x4ca/0x510 [ 618.600136][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 618.480206][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.600136][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 618.480206][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.600136][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 618.480206][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 618.600136][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 618.480206][T13021] do_fast_syscall_32+0x6b/0xd0 [ 618.600136][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 618.480206][T13021] do_SYSENTER_32+0x73/0x90 [ 618.600136][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 618.480206][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.600136][T13080] ? _copy_from_user+0x15b/0x260 [ 618.480206][T13021] [ 618.600136][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 618.480206][T13021] Uninit was stored to memory at: [ 618.600136][T13080] __msan_chain_origin+0x50/0x90 [ 618.480206][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 618.600136][T13080] __get_compat_msghdr+0x5be/0x890 [ 618.480206][T13021] __msan_chain_origin+0x50/0x90 [ 618.600136][T13080] get_compat_msghdr+0x108/0x270 [ 618.480206][T13021] __get_compat_msghdr+0x5be/0x890 [ 618.600136][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 618.480206][T13021] get_compat_msghdr+0x108/0x270 [ 618.600136][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 618.480206][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 618.600136][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 618.480206][T13021] __sys_recvmmsg+0x4ca/0x510 [ 618.600136][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 618.480206][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.600136][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 618.480206][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.600136][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 618.480206][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 618.600136][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 618.480206][T13021] do_fast_syscall_32+0x6b/0xd0 [ 618.600136][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 618.480206][T13021] do_SYSENTER_32+0x73/0x90 [ 618.600136][T13080] __sys_recvmmsg+0x4ca/0x510 [ 618.480206][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.600136][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.480206][T13021] [ 618.600136][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 618.480206][T13021] Uninit was stored to memory at: [ 618.600136][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.480206][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 618.600136][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 618.480206][T13021] __msan_chain_origin+0x50/0x90 [ 618.600136][T13080] do_fast_syscall_32+0x6b/0xd0 [ 618.480206][T13021] __get_compat_msghdr+0x5be/0x890 [ 618.600136][T13080] do_SYSENTER_32+0x73/0x90 [ 618.480206][T13021] get_compat_msghdr+0x108/0x270 [ 618.600136][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.480206][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 618.600136][T13080] RIP: 0023:0xf7fbe549 [ 618.480206][T13021] __sys_recvmmsg+0x4ca/0x510 [ 618.600136][T13080] Code: Bad RIP value. [ 618.480206][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.600136][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 618.480206][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.600136][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 618.480206][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 618.600136][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 618.480206][T13021] do_fast_syscall_32+0x6b/0xd0 [ 618.600136][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 618.480206][T13021] do_SYSENTER_32+0x73/0x90 [ 618.600136][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 618.480206][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.600136][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 618.480206][T13021] [ 618.600136][T13080] Uninit was stored to memory at: [ 618.480206][T13021] Uninit was stored to memory at: [ 618.600136][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 618.480206][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 618.600136][T13080] __msan_chain_origin+0x50/0x90 [ 618.480206][T13021] __msan_chain_origin+0x50/0x90 [ 618.600136][T13080] __get_compat_msghdr+0x5be/0x890 [ 618.480206][T13021] __get_compat_msghdr+0x5be/0x890 [ 618.600136][T13080] get_compat_msghdr+0x108/0x270 [ 618.480206][T13021] get_compat_msghdr+0x108/0x270 [ 618.600136][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 618.480206][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 618.600136][T13080] __sys_recvmmsg+0x4ca/0x510 [ 618.480206][T13021] __sys_recvmmsg+0x4ca/0x510 [ 618.600136][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.480206][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.600136][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.480206][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.600136][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 618.480206][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 618.600136][T13080] do_fast_syscall_32+0x6b/0xd0 [ 618.480206][T13021] do_fast_syscall_32+0x6b/0xd0 [ 618.600136][T13080] do_SYSENTER_32+0x73/0x90 [ 618.480206][T13021] do_SYSENTER_32+0x73/0x90 [ 618.600136][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.480206][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.600136][T13080] [ 618.480206][T13021] [ 618.600136][T13080] Uninit was stored to memory at: [ 618.480206][T13021] Uninit was stored to memory at: [ 618.600136][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 618.480206][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 618.600136][T13080] __msan_chain_origin+0x50/0x90 [ 618.480206][T13021] __msan_chain_origin+0x50/0x90 [ 618.600136][T13080] __get_compat_msghdr+0x5be/0x890 [ 618.480206][T13021] __get_compat_msghdr+0x5be/0x890 [ 618.600136][T13080] get_compat_msghdr+0x108/0x270 [ 618.480206][T13021] get_compat_msghdr+0x108/0x270 [ 618.600136][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 618.480206][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 618.600136][T13080] __sys_recvmmsg+0x4ca/0x510 [ 618.480206][T13021] __sys_recvmmsg+0x4ca/0x510 [ 618.600136][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.480206][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.600136][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.480206][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.600136][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 618.480206][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 618.600136][T13080] do_fast_syscall_32+0x6b/0xd0 [ 618.480206][T13021] do_fast_syscall_32+0x6b/0xd0 [ 618.600136][T13080] do_SYSENTER_32+0x73/0x90 [ 618.480206][T13021] do_SYSENTER_32+0x73/0x90 [ 618.600136][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.480206][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.600136][T13080] [ 618.480206][T13021] [ 618.600136][T13080] Uninit was stored to memory at: [ 618.480206][T13021] Uninit was stored to memory at: [ 618.600136][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 618.480206][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 618.600136][T13080] __msan_chain_origin+0x50/0x90 [ 618.480206][T13021] __msan_chain_origin+0x50/0x90 [ 618.600136][T13080] __get_compat_msghdr+0x5be/0x890 [ 618.480206][T13021] __get_compat_msghdr+0x5be/0x890 [ 618.600136][T13080] get_compat_msghdr+0x108/0x270 [ 618.480206][T13021] get_compat_msghdr+0x108/0x270 [ 618.600136][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 618.480206][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 618.600136][T13080] __sys_recvmmsg+0x4ca/0x510 [ 618.480206][T13021] __sys_recvmmsg+0x4ca/0x510 [ 618.600136][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.480206][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.600136][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.480206][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.600136][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 618.480206][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 618.600136][T13080] do_fast_syscall_32+0x6b/0xd0 [ 618.480206][T13021] do_fast_syscall_32+0x6b/0xd0 [ 618.600136][T13080] do_SYSENTER_32+0x73/0x90 [ 618.480206][T13021] do_SYSENTER_32+0x73/0x90 [ 618.600136][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.480206][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.600136][T13080] [ 618.480206][T13021] [ 618.600136][T13080] Uninit was stored to memory at: [ 618.480206][T13021] Uninit was stored to memory at: [ 618.600136][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 618.480206][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 618.600136][T13080] __msan_chain_origin+0x50/0x90 [ 618.480206][T13021] __msan_chain_origin+0x50/0x90 [ 618.600136][T13080] __get_compat_msghdr+0x5be/0x890 [ 618.480206][T13021] __get_compat_msghdr+0x5be/0x890 [ 618.600136][T13080] get_compat_msghdr+0x108/0x270 [ 618.480206][T13021] get_compat_msghdr+0x108/0x270 [ 618.600136][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 618.480206][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 618.600136][T13080] __sys_recvmmsg+0x4ca/0x510 [ 618.480206][T13021] __sys_recvmmsg+0x4ca/0x510 [ 618.600136][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.480206][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.600136][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.480206][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.600136][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 618.480206][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 618.600136][T13080] do_fast_syscall_32+0x6b/0xd0 [ 618.480206][T13021] do_fast_syscall_32+0x6b/0xd0 [ 618.480206][T13021] do_SYSENTER_32+0x73/0x90 [ 618.600136][T13080] do_SYSENTER_32+0x73/0x90 [ 618.480206][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.600136][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.480206][T13021] [ 618.600136][T13080] [ 618.480206][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 618.600136][T13080] Uninit was stored to memory at: [ 618.480206][T13021] do_recvmmsg+0xc5/0x1ee0 [ 618.600136][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 618.480206][T13021] do_recvmmsg+0xc5/0x1ee0 [ 618.600136][T13080] __msan_chain_origin+0x50/0x90 [ 618.600136][T13080] __get_compat_msghdr+0x5be/0x890 [ 619.768232][T13080] get_compat_msghdr+0x108/0x270 [ 619.777371][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 619.777371][T13080] __sys_recvmmsg+0x4ca/0x510 [ 619.777371][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.790497][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.790497][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 619.790497][T13080] do_fast_syscall_32+0x6b/0xd0 [ 619.790497][T13080] do_SYSENTER_32+0x73/0x90 [ 619.790497][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.790497][T13080] [ 619.790497][T13080] Uninit was stored to memory at: [ 619.790497][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 619.790497][T13080] __msan_chain_origin+0x50/0x90 [ 619.790497][T13080] __get_compat_msghdr+0x5be/0x890 [ 619.790497][T13080] get_compat_msghdr+0x108/0x270 [ 619.790497][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 619.790497][T13080] __sys_recvmmsg+0x4ca/0x510 [ 619.790497][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.790497][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.790497][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 619.790497][T13080] do_fast_syscall_32+0x6b/0xd0 [ 619.790497][T13080] do_SYSENTER_32+0x73/0x90 [ 619.790497][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.790497][T13080] [ 619.790497][T13080] Uninit was stored to memory at: [ 619.790497][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 619.790497][T13080] __msan_chain_origin+0x50/0x90 [ 619.790497][T13080] __get_compat_msghdr+0x5be/0x890 [ 619.790497][T13080] get_compat_msghdr+0x108/0x270 [ 619.790497][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 619.790497][T13080] __sys_recvmmsg+0x4ca/0x510 [ 619.790497][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.790497][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.790497][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 619.790497][T13080] do_fast_syscall_32+0x6b/0xd0 [ 619.790497][T13080] do_SYSENTER_32+0x73/0x90 [ 619.950319][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.950319][T13080] [ 619.950319][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 619.950319][T13080] do_recvmmsg+0xc5/0x1ee0 [ 619.950319][T13080] do_recvmmsg+0xc5/0x1ee0 [ 620.157209][T13012] not chained 2140000 origins [ 620.160323][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 620.160323][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 620.160323][T13012] Call Trace: [ 620.160323][T13012] dump_stack+0x1df/0x240 [ 620.160323][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 620.160323][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 620.160323][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 620.160323][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 620.160323][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 620.160323][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 620.160323][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 620.160323][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 620.160323][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 620.160323][T13012] ? _copy_from_user+0x15b/0x260 [ 620.160323][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 620.160323][T13012] __msan_chain_origin+0x50/0x90 [ 620.160323][T13012] __get_compat_msghdr+0x5be/0x890 [ 620.160323][T13012] get_compat_msghdr+0x108/0x270 [ 620.160323][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 620.160323][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 620.160323][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 620.160323][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 620.160323][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 620.160323][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 620.160323][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 620.160323][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 620.160323][T13012] __sys_recvmmsg+0x4ca/0x510 [ 620.160323][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.160323][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 620.160323][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.160323][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 620.160323][T13012] do_fast_syscall_32+0x6b/0xd0 [ 620.160323][T13012] do_SYSENTER_32+0x73/0x90 [ 620.160323][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.160323][T13012] RIP: 0023:0xf7f4d549 [ 620.160323][T13012] Code: Bad RIP value. [ 620.160323][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 620.160323][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 620.160323][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 620.160323][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 620.160323][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 620.160323][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 620.160323][T13012] Uninit was stored to memory at: [ 620.160323][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 620.160323][T13012] __msan_chain_origin+0x50/0x90 [ 620.160323][T13012] __get_compat_msghdr+0x5be/0x890 [ 620.160323][T13012] get_compat_msghdr+0x108/0x270 [ 620.160323][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 620.160323][T13012] __sys_recvmmsg+0x4ca/0x510 [ 620.160323][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.160323][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.449972][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 620.160323][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 620.160323][T13012] do_fast_syscall_32+0x6b/0xd0 [ 620.160323][T13012] do_SYSENTER_32+0x73/0x90 [ 620.160323][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.160323][T13012] [ 620.160323][T13012] Uninit was stored to memory at: [ 620.160323][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 620.160323][T13012] __msan_chain_origin+0x50/0x90 [ 620.160323][T13012] __get_compat_msghdr+0x5be/0x890 [ 620.160323][T13012] get_compat_msghdr+0x108/0x270 [ 620.160323][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 620.160323][T13012] __sys_recvmmsg+0x4ca/0x510 [ 620.479871][T13072] not chained 2150000 origins [ 620.460184][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.480168][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 620.460184][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.480168][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 620.460184][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 620.480168][T13072] Call Trace: [ 620.460184][T13012] do_fast_syscall_32+0x6b/0xd0 [ 620.480168][T13072] dump_stack+0x1df/0x240 [ 620.460184][T13012] do_SYSENTER_32+0x73/0x90 [ 620.480168][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 620.460184][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.480168][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 620.460184][T13012] [ 620.480168][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 620.460184][T13012] Uninit was stored to memory at: [ 620.480168][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 620.460184][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 620.480168][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 620.460184][T13012] __msan_chain_origin+0x50/0x90 [ 620.480168][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 620.460184][T13012] __get_compat_msghdr+0x5be/0x890 [ 620.480168][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 620.460184][T13012] get_compat_msghdr+0x108/0x270 [ 620.480168][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 620.460184][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 620.480168][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 620.460184][T13012] __sys_recvmmsg+0x4ca/0x510 [ 620.480168][T13072] ? _copy_from_user+0x15b/0x260 [ 620.460184][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.480168][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 620.460184][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.480168][T13072] __msan_chain_origin+0x50/0x90 [ 620.460184][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 620.480168][T13072] __get_compat_msghdr+0x5be/0x890 [ 620.460184][T13012] do_fast_syscall_32+0x6b/0xd0 [ 620.480168][T13072] get_compat_msghdr+0x108/0x270 [ 620.460184][T13012] do_SYSENTER_32+0x73/0x90 [ 620.480168][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 620.460184][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.480168][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 620.460184][T13012] [ 620.480168][T13072] ? sched_clock_cpu+0x7c/0x930 [ 620.460184][T13012] Uninit was stored to memory at: [ 620.480168][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 620.460184][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 620.480168][T13072] ? sched_clock_cpu+0x7c/0x930 [ 620.460184][T13012] __msan_chain_origin+0x50/0x90 [ 620.480168][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 620.460184][T13012] __get_compat_msghdr+0x5be/0x890 [ 620.480168][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 620.460184][T13012] get_compat_msghdr+0x108/0x270 [ 620.480168][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 620.460184][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 620.480168][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 620.460184][T13012] __sys_recvmmsg+0x4ca/0x510 [ 620.480168][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 620.460184][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.480168][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 620.460184][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.480168][T13072] __sys_recvmmsg+0x4ca/0x510 [ 620.460184][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 620.480168][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.460184][T13012] do_fast_syscall_32+0x6b/0xd0 [ 620.480168][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 620.460184][T13012] do_SYSENTER_32+0x73/0x90 [ 620.480168][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.460184][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.460184][T13012] [ 620.480168][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 620.460184][T13012] Uninit was stored to memory at: [ 620.480168][T13072] do_fast_syscall_32+0x6b/0xd0 [ 620.460184][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 620.480168][T13072] do_SYSENTER_32+0x73/0x90 [ 620.460184][T13012] __msan_chain_origin+0x50/0x90 [ 620.480168][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.460184][T13012] __get_compat_msghdr+0x5be/0x890 [ 620.480168][T13072] RIP: 0023:0xf7fbe549 [ 620.460184][T13012] get_compat_msghdr+0x108/0x270 [ 620.480168][T13072] Code: Bad RIP value. [ 620.460184][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 620.480168][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 620.460184][T13012] __sys_recvmmsg+0x4ca/0x510 [ 620.480168][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 620.460184][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.480168][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 620.460184][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.480168][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 620.460184][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 620.480168][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 620.460184][T13012] do_fast_syscall_32+0x6b/0xd0 [ 620.480168][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 620.460184][T13012] do_SYSENTER_32+0x73/0x90 [ 620.480168][T13072] Uninit was stored to memory at: [ 620.460184][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.480168][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 620.460184][T13012] [ 620.480168][T13072] __msan_chain_origin+0x50/0x90 [ 620.460184][T13012] Uninit was stored to memory at: [ 620.480168][T13072] __get_compat_msghdr+0x5be/0x890 [ 620.460184][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 620.480168][T13072] get_compat_msghdr+0x108/0x270 [ 620.460184][T13012] __msan_chain_origin+0x50/0x90 [ 620.480168][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 620.460184][T13012] __get_compat_msghdr+0x5be/0x890 [ 620.480168][T13072] __sys_recvmmsg+0x4ca/0x510 [ 620.460184][T13012] get_compat_msghdr+0x108/0x270 [ 620.480168][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.460184][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 620.480168][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.460184][T13012] __sys_recvmmsg+0x4ca/0x510 [ 620.480168][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 620.460184][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.480168][T13072] do_fast_syscall_32+0x6b/0xd0 [ 620.460184][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.480168][T13072] do_SYSENTER_32+0x73/0x90 [ 620.460184][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 620.480168][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.460184][T13012] do_fast_syscall_32+0x6b/0xd0 [ 620.480168][T13072] [ 620.460184][T13012] do_SYSENTER_32+0x73/0x90 [ 620.480168][T13072] Uninit was stored to memory at: [ 620.460184][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.480168][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 620.460184][T13012] [ 620.480168][T13072] __msan_chain_origin+0x50/0x90 [ 620.460184][T13012] Uninit was stored to memory at: [ 620.480168][T13072] __get_compat_msghdr+0x5be/0x890 [ 620.460184][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 620.480168][T13072] get_compat_msghdr+0x108/0x270 [ 620.460184][T13012] __msan_chain_origin+0x50/0x90 [ 620.480168][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 620.460184][T13012] __get_compat_msghdr+0x5be/0x890 [ 620.480168][T13072] __sys_recvmmsg+0x4ca/0x510 [ 620.460184][T13012] get_compat_msghdr+0x108/0x270 [ 620.480168][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.460184][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 620.480168][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.460184][T13012] __sys_recvmmsg+0x4ca/0x510 [ 620.480168][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 620.460184][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.480168][T13072] do_fast_syscall_32+0x6b/0xd0 [ 620.460184][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.480168][T13072] do_SYSENTER_32+0x73/0x90 [ 620.460184][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 620.480168][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.460184][T13012] do_fast_syscall_32+0x6b/0xd0 [ 620.480168][T13072] [ 620.460184][T13012] do_SYSENTER_32+0x73/0x90 [ 620.480168][T13072] Uninit was stored to memory at: [ 620.460184][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.480168][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 620.460184][T13012] [ 620.480168][T13072] __msan_chain_origin+0x50/0x90 [ 620.460184][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 620.480168][T13072] __get_compat_msghdr+0x5be/0x890 [ 620.460184][T13012] do_recvmmsg+0xc5/0x1ee0 [ 620.480168][T13072] get_compat_msghdr+0x108/0x270 [ 620.460184][T13012] do_recvmmsg+0xc5/0x1ee0 [ 620.480168][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 620.480168][T13072] __sys_recvmmsg+0x4ca/0x510 [ 620.480168][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.480168][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.480168][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 620.480168][T13072] do_fast_syscall_32+0x6b/0xd0 [ 620.480168][T13072] do_SYSENTER_32+0x73/0x90 [ 620.480168][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.388617][T13072] [ 621.388617][T13072] Uninit was stored to memory at: [ 621.388617][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 621.388617][T13072] __msan_chain_origin+0x50/0x90 [ 621.388617][T13072] __get_compat_msghdr+0x5be/0x890 [ 621.388617][T13072] get_compat_msghdr+0x108/0x270 [ 621.388617][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 621.388617][T13072] __sys_recvmmsg+0x4ca/0x510 [ 621.388617][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.388617][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.388617][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 621.388617][T13072] do_fast_syscall_32+0x6b/0xd0 [ 621.388617][T13072] do_SYSENTER_32+0x73/0x90 [ 621.450603][T13041] not chained 2160000 origins [ 621.388617][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.457948][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 621.388617][T13072] [ 621.460149][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 621.388617][T13072] Uninit was stored to memory at: [ 621.460149][T13041] Call Trace: [ 621.388617][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 621.460149][T13041] dump_stack+0x1df/0x240 [ 621.388617][T13072] __msan_chain_origin+0x50/0x90 [ 621.460149][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 621.388617][T13072] __get_compat_msghdr+0x5be/0x890 [ 621.460149][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 621.388617][T13072] get_compat_msghdr+0x108/0x270 [ 621.460149][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 621.388617][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 621.460149][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 621.388617][T13072] __sys_recvmmsg+0x4ca/0x510 [ 621.460149][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 621.388617][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.460149][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 621.388617][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.460149][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 621.388617][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 621.460149][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 621.388617][T13072] do_fast_syscall_32+0x6b/0xd0 [ 621.460149][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 621.388617][T13072] do_SYSENTER_32+0x73/0x90 [ 621.460149][T13041] ? _copy_from_user+0x15b/0x260 [ 621.388617][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.460149][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 621.388617][T13072] [ 621.460149][T13041] __msan_chain_origin+0x50/0x90 [ 621.388617][T13072] Uninit was stored to memory at: [ 621.388617][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 621.460149][T13041] __get_compat_msghdr+0x5be/0x890 [ 621.388617][T13072] __msan_chain_origin+0x50/0x90 [ 621.460149][T13041] get_compat_msghdr+0x108/0x270 [ 621.388617][T13072] __get_compat_msghdr+0x5be/0x890 [ 621.460149][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 621.388617][T13072] get_compat_msghdr+0x108/0x270 [ 621.460149][T13041] ? idle_cpu+0x9a/0x1d0 [ 621.388617][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 621.460149][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 621.388617][T13072] __sys_recvmmsg+0x4ca/0x510 [ 621.460149][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 621.388617][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.460149][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 621.388617][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.460149][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 621.388617][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 621.460149][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 621.388617][T13072] do_fast_syscall_32+0x6b/0xd0 [ 621.460149][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 621.388617][T13072] do_SYSENTER_32+0x73/0x90 [ 621.460149][T13041] __sys_recvmmsg+0x4ca/0x510 [ 621.388617][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.460149][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.388617][T13072] [ 621.460149][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 621.388617][T13072] Uninit was stored to memory at: [ 621.460149][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.388617][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 621.460149][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 621.388617][T13072] __msan_chain_origin+0x50/0x90 [ 621.460149][T13041] do_fast_syscall_32+0x6b/0xd0 [ 621.388617][T13072] __get_compat_msghdr+0x5be/0x890 [ 621.460149][T13041] do_SYSENTER_32+0x73/0x90 [ 621.388617][T13072] get_compat_msghdr+0x108/0x270 [ 621.460149][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.388617][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 621.460149][T13041] RIP: 0023:0xf7fd6549 [ 621.388617][T13072] __sys_recvmmsg+0x4ca/0x510 [ 621.460149][T13041] Code: Bad RIP value. [ 621.388617][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.460149][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 621.388617][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.460149][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 621.388617][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 621.460149][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 621.388617][T13072] do_fast_syscall_32+0x6b/0xd0 [ 621.460149][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 621.388617][T13072] do_SYSENTER_32+0x73/0x90 [ 621.460149][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 621.388617][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.460149][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 621.388617][T13072] [ 621.460149][T13041] Uninit was stored to memory at: [ 621.388617][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 621.460149][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 621.388617][T13072] do_recvmmsg+0xc5/0x1ee0 [ 621.460149][T13041] __msan_chain_origin+0x50/0x90 [ 621.388617][T13072] do_recvmmsg+0xc5/0x1ee0 [ 621.460149][T13041] __get_compat_msghdr+0x5be/0x890 [ 621.460149][T13041] get_compat_msghdr+0x108/0x270 [ 621.460149][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 621.460149][T13041] __sys_recvmmsg+0x4ca/0x510 [ 621.460149][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.968928][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.968928][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 621.968928][T13041] do_fast_syscall_32+0x6b/0xd0 [ 621.968928][T13041] do_SYSENTER_32+0x73/0x90 [ 621.989629][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.989629][T13041] [ 621.989629][T13041] Uninit was stored to memory at: [ 621.989629][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 621.989629][T13041] __msan_chain_origin+0x50/0x90 [ 621.989629][T13041] __get_compat_msghdr+0x5be/0x890 [ 621.989629][T13041] get_compat_msghdr+0x108/0x270 [ 622.025692][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 621.989629][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 621.989629][T13041] __sys_recvmmsg+0x4ca/0x510 [ 622.043210][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 621.989629][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.989629][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.989629][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 621.989629][T13041] do_fast_syscall_32+0x6b/0xd0 [ 621.989629][T13041] do_SYSENTER_32+0x73/0x90 [ 621.989629][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.989629][T13041] [ 621.989629][T13041] Uninit was stored to memory at: [ 621.989629][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 622.096951][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 621.989629][T13041] __msan_chain_origin+0x50/0x90 [ 621.989629][T13041] __get_compat_msghdr+0x5be/0x890 [ 622.115306][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 621.989629][T13041] get_compat_msghdr+0x108/0x270 [ 621.989629][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 621.989629][T13041] __sys_recvmmsg+0x4ca/0x510 [ 622.140407][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.140407][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.140407][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 622.140407][T13041] do_fast_syscall_32+0x6b/0xd0 [ 622.140407][T13041] do_SYSENTER_32+0x73/0x90 [ 622.140407][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.140407][T13041] [ 622.140407][T13041] Uninit was stored to memory at: [ 622.140407][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 622.140407][T13041] __msan_chain_origin+0x50/0x90 [ 622.140407][T13041] __get_compat_msghdr+0x5be/0x890 [ 622.140407][T13041] get_compat_msghdr+0x108/0x270 [ 622.140407][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 622.140407][T13041] __sys_recvmmsg+0x4ca/0x510 [ 622.140407][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.140407][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.140407][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 622.140407][T13041] do_fast_syscall_32+0x6b/0xd0 [ 622.140407][T13041] do_SYSENTER_32+0x73/0x90 [ 622.236075][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 622.140407][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.140407][T13041] [ 622.140407][T13041] Uninit was stored to memory at: [ 622.140407][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 622.140407][T13041] __msan_chain_origin+0x50/0x90 [ 622.140407][T13041] __get_compat_msghdr+0x5be/0x890 [ 622.140407][T13041] get_compat_msghdr+0x108/0x270 [ 622.280093][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 622.140407][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 622.140407][T13041] __sys_recvmmsg+0x4ca/0x510 [ 622.140407][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.140407][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.140407][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 622.140407][T13041] do_fast_syscall_32+0x6b/0xd0 [ 622.140407][T13041] do_SYSENTER_32+0x73/0x90 [ 622.140407][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.140407][T13041] [ 622.140407][T13041] Uninit was stored to memory at: [ 622.140407][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 622.140407][T13041] __msan_chain_origin+0x50/0x90 [ 622.140407][T13041] __get_compat_msghdr+0x5be/0x890 [ 622.140407][T13041] get_compat_msghdr+0x108/0x270 [ 622.140407][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 622.140407][T13041] __sys_recvmmsg+0x4ca/0x510 [ 622.140407][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.140407][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.140407][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 622.140407][T13041] do_fast_syscall_32+0x6b/0xd0 [ 622.140407][T13041] do_SYSENTER_32+0x73/0x90 [ 622.140407][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.140407][T13041] [ 622.140407][T13041] Uninit was stored to memory at: [ 622.140407][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 622.410378][T13041] __msan_chain_origin+0x50/0x90 [ 622.410378][T13041] __get_compat_msghdr+0x5be/0x890 [ 622.410378][T13041] get_compat_msghdr+0x108/0x270 [ 622.410378][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 622.410378][T13041] __sys_recvmmsg+0x4ca/0x510 [ 622.410378][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.410378][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.410378][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 622.410378][T13041] do_fast_syscall_32+0x6b/0xd0 [ 622.410378][T13041] do_SYSENTER_32+0x73/0x90 [ 622.410378][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.410378][T13041] [ 622.410378][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 622.480324][T13041] do_recvmmsg+0xc5/0x1ee0 [ 622.480324][T13041] do_recvmmsg+0xc5/0x1ee0 [ 622.668041][T13021] not chained 2170000 origins [ 622.670170][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 622.670170][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 622.670170][T13021] Call Trace: [ 622.670170][T13021] dump_stack+0x1df/0x240 [ 622.670170][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 622.670170][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 622.670170][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 622.670170][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 622.670170][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 622.670170][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 622.670170][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 622.670170][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 622.670170][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 622.670170][T13021] ? _copy_from_user+0x15b/0x260 [ 622.670170][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 622.670170][T13021] __msan_chain_origin+0x50/0x90 [ 622.670170][T13021] __get_compat_msghdr+0x5be/0x890 [ 622.670170][T13021] get_compat_msghdr+0x108/0x270 [ 622.670170][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 622.670170][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 622.670170][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 622.670170][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 622.670170][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 622.670170][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 622.670170][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 622.670170][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 622.670170][T13021] __sys_recvmmsg+0x4ca/0x510 [ 622.670170][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.670170][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 622.670170][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.670170][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 622.670170][T13021] do_fast_syscall_32+0x6b/0xd0 [ 622.670170][T13021] do_SYSENTER_32+0x73/0x90 [ 622.670170][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.670170][T13021] RIP: 0023:0xf7f4d549 [ 622.670170][T13021] Code: Bad RIP value. [ 622.670170][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 622.670170][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 622.880705][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 622.880705][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 622.896290][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 622.880705][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 622.910183][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 622.910183][T13021] Uninit was stored to memory at: [ 622.910183][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 622.910183][T13021] __msan_chain_origin+0x50/0x90 [ 622.910183][T13021] __get_compat_msghdr+0x5be/0x890 [ 622.910183][T13021] get_compat_msghdr+0x108/0x270 [ 622.910183][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 622.910183][T13021] __sys_recvmmsg+0x4ca/0x510 [ 622.910183][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.910183][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.910183][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 622.910183][T13021] do_fast_syscall_32+0x6b/0xd0 [ 622.979627][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 622.910183][T13021] do_SYSENTER_32+0x73/0x90 [ 622.910183][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.910183][T13021] [ 622.910183][T13021] Uninit was stored to memory at: [ 622.910183][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 622.910183][T13021] __msan_chain_origin+0x50/0x90 [ 622.910183][T13021] __get_compat_msghdr+0x5be/0x890 [ 622.910183][T13021] get_compat_msghdr+0x108/0x270 [ 622.910183][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 622.910183][T13021] __sys_recvmmsg+0x4ca/0x510 [ 622.910183][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.910183][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.910183][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 622.910183][T13021] do_fast_syscall_32+0x6b/0xd0 [ 622.910183][T13021] do_SYSENTER_32+0x73/0x90 [ 622.910183][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.910183][T13021] [ 622.910183][T13021] Uninit was stored to memory at: [ 622.910183][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 622.910183][T13021] __msan_chain_origin+0x50/0x90 [ 622.910183][T13021] __get_compat_msghdr+0x5be/0x890 [ 622.910183][T13021] get_compat_msghdr+0x108/0x270 [ 622.910183][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 622.910183][T13021] __sys_recvmmsg+0x4ca/0x510 [ 622.910183][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.910183][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.910183][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 622.910183][T13021] do_fast_syscall_32+0x6b/0xd0 [ 622.910183][T13021] do_SYSENTER_32+0x73/0x90 [ 622.910183][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.137310][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 622.910183][T13021] [ 622.910183][T13021] Uninit was stored to memory at: [ 622.910183][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 622.910183][T13021] __msan_chain_origin+0x50/0x90 [ 622.910183][T13021] __get_compat_msghdr+0x5be/0x890 [ 622.910183][T13021] get_compat_msghdr+0x108/0x270 [ 622.910183][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 622.910183][T13021] __sys_recvmmsg+0x4ca/0x510 [ 622.910183][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.910183][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.910183][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 622.910183][T13021] do_fast_syscall_32+0x6b/0xd0 [ 622.910183][T13021] do_SYSENTER_32+0x73/0x90 [ 622.910183][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.910183][T13021] [ 622.910183][T13021] Uninit was stored to memory at: [ 622.910183][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 622.910183][T13021] __msan_chain_origin+0x50/0x90 [ 622.910183][T13021] __get_compat_msghdr+0x5be/0x890 [ 622.910183][T13021] get_compat_msghdr+0x108/0x270 [ 622.910183][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 622.910183][T13021] __sys_recvmmsg+0x4ca/0x510 [ 622.910183][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.910183][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.910183][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 622.910183][T13021] do_fast_syscall_32+0x6b/0xd0 [ 622.910183][T13021] do_SYSENTER_32+0x73/0x90 [ 622.910183][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.910183][T13021] [ 622.910183][T13021] Uninit was stored to memory at: [ 622.910183][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 622.910183][T13021] __msan_chain_origin+0x50/0x90 [ 622.910183][T13021] __get_compat_msghdr+0x5be/0x890 [ 622.910183][T13021] get_compat_msghdr+0x108/0x270 [ 622.910183][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 622.910183][T13021] __sys_recvmmsg+0x4ca/0x510 [ 622.910183][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.910183][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.910183][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 622.910183][T13021] do_fast_syscall_32+0x6b/0xd0 [ 622.910183][T13021] do_SYSENTER_32+0x73/0x90 [ 622.910183][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.910183][T13021] [ 622.910183][T13021] Uninit was stored to memory at: [ 622.910183][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 622.910183][T13021] __msan_chain_origin+0x50/0x90 [ 622.910183][T13021] __get_compat_msghdr+0x5be/0x890 [ 622.910183][T13021] get_compat_msghdr+0x108/0x270 [ 622.910183][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 622.910183][T13021] __sys_recvmmsg+0x4ca/0x510 [ 622.910183][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.910183][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.910183][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 622.910183][T13021] do_fast_syscall_32+0x6b/0xd0 [ 622.910183][T13021] do_SYSENTER_32+0x73/0x90 [ 622.910183][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.910183][T13021] [ 622.910183][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 622.910183][T13021] do_recvmmsg+0xc5/0x1ee0 [ 622.910183][T13021] do_recvmmsg+0xc5/0x1ee0 [ 623.553959][T13080] not chained 2180000 origins [ 623.558667][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 623.560173][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 623.560173][T13080] Call Trace: [ 623.560173][T13080] dump_stack+0x1df/0x240 [ 623.560173][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 623.560173][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 623.560173][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 623.560173][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 623.560173][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 623.560173][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 623.560173][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 623.560173][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 623.560173][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 623.560173][T13080] ? _copy_from_user+0x15b/0x260 [ 623.560173][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 623.560173][T13080] __msan_chain_origin+0x50/0x90 [ 623.560173][T13080] __get_compat_msghdr+0x5be/0x890 [ 623.560173][T13080] get_compat_msghdr+0x108/0x270 [ 623.560173][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 623.560173][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 623.560173][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 623.560173][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 623.560173][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 623.681334][T13012] not chained 2190000 origins [ 623.560173][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 623.560173][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 623.560173][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 623.560173][T13080] __sys_recvmmsg+0x4ca/0x510 [ 623.560173][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.560173][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 623.560173][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.560173][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 623.560173][T13080] do_fast_syscall_32+0x6b/0xd0 [ 623.560173][T13080] do_SYSENTER_32+0x73/0x90 [ 623.560173][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.560173][T13080] RIP: 0023:0xf7fbe549 [ 623.560173][T13080] Code: Bad RIP value. [ 623.560173][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 623.560173][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 623.560173][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 623.560173][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 623.560173][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 623.560173][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 623.560173][T13080] Uninit was stored to memory at: [ 623.690144][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 623.690144][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 623.560173][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 623.690144][T13012] Call Trace: [ 623.560173][T13080] __msan_chain_origin+0x50/0x90 [ 623.690144][T13012] dump_stack+0x1df/0x240 [ 623.560173][T13080] __get_compat_msghdr+0x5be/0x890 [ 623.690144][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 623.560173][T13080] get_compat_msghdr+0x108/0x270 [ 623.690144][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 623.560173][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 623.690144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 623.560173][T13080] __sys_recvmmsg+0x4ca/0x510 [ 623.690144][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 623.560173][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.690144][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 623.560173][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.690144][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 623.560173][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 623.690144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 623.560173][T13080] do_fast_syscall_32+0x6b/0xd0 [ 623.690144][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 623.560173][T13080] do_SYSENTER_32+0x73/0x90 [ 623.690144][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 623.560173][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.690144][T13012] ? _copy_from_user+0x15b/0x260 [ 623.560173][T13080] [ 623.690144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 623.560173][T13080] Uninit was stored to memory at: [ 623.690144][T13012] __msan_chain_origin+0x50/0x90 [ 623.560173][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 623.690144][T13012] __get_compat_msghdr+0x5be/0x890 [ 623.560173][T13080] __msan_chain_origin+0x50/0x90 [ 623.690144][T13012] get_compat_msghdr+0x108/0x270 [ 623.560173][T13080] __get_compat_msghdr+0x5be/0x890 [ 623.690144][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 623.560173][T13080] get_compat_msghdr+0x108/0x270 [ 623.690144][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 623.560173][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 623.690144][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 623.560173][T13080] __sys_recvmmsg+0x4ca/0x510 [ 623.690144][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 623.560173][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.690144][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 623.560173][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.690144][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 623.560173][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 623.690144][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 623.560173][T13080] do_fast_syscall_32+0x6b/0xd0 [ 623.690144][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 623.560173][T13080] do_SYSENTER_32+0x73/0x90 [ 623.690144][T13012] __sys_recvmmsg+0x4ca/0x510 [ 623.560173][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.690144][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.560173][T13080] [ 623.690144][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 623.560173][T13080] Uninit was stored to memory at: [ 623.690144][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.560173][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 623.690144][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 623.560173][T13080] __msan_chain_origin+0x50/0x90 [ 623.690144][T13012] do_fast_syscall_32+0x6b/0xd0 [ 623.560173][T13080] __get_compat_msghdr+0x5be/0x890 [ 623.690144][T13012] do_SYSENTER_32+0x73/0x90 [ 623.560173][T13080] get_compat_msghdr+0x108/0x270 [ 623.690144][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.560173][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 623.690144][T13012] RIP: 0023:0xf7f4d549 [ 623.560173][T13080] __sys_recvmmsg+0x4ca/0x510 [ 623.690144][T13012] Code: Bad RIP value. [ 623.560173][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.690144][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 623.560173][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.690144][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 623.560173][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 623.690144][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 623.560173][T13080] do_fast_syscall_32+0x6b/0xd0 [ 623.690144][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 623.560173][T13080] do_SYSENTER_32+0x73/0x90 [ 623.690144][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 623.560173][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.690144][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 623.560173][T13080] [ 623.690144][T13012] Uninit was stored to memory at: [ 623.560173][T13080] Uninit was stored to memory at: [ 623.690144][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 623.560173][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 623.690144][T13012] __msan_chain_origin+0x50/0x90 [ 623.560173][T13080] __msan_chain_origin+0x50/0x90 [ 623.690144][T13012] __get_compat_msghdr+0x5be/0x890 [ 623.560173][T13080] __get_compat_msghdr+0x5be/0x890 [ 623.690144][T13012] get_compat_msghdr+0x108/0x270 [ 623.560173][T13080] get_compat_msghdr+0x108/0x270 [ 623.690144][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 623.560173][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 623.690144][T13012] __sys_recvmmsg+0x4ca/0x510 [ 623.560173][T13080] __sys_recvmmsg+0x4ca/0x510 [ 623.690144][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.560173][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.690144][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.560173][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.690144][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 623.560173][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 623.690144][T13012] do_fast_syscall_32+0x6b/0xd0 [ 623.560173][T13080] do_fast_syscall_32+0x6b/0xd0 [ 623.690144][T13012] do_SYSENTER_32+0x73/0x90 [ 623.560173][T13080] do_SYSENTER_32+0x73/0x90 [ 623.690144][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.560173][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.690144][T13012] [ 623.560173][T13080] [ 623.690144][T13012] Uninit was stored to memory at: [ 623.560173][T13080] Uninit was stored to memory at: [ 623.690144][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 623.560173][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 623.690144][T13012] __msan_chain_origin+0x50/0x90 [ 623.560173][T13080] __msan_chain_origin+0x50/0x90 [ 623.690144][T13012] __get_compat_msghdr+0x5be/0x890 [ 623.560173][T13080] __get_compat_msghdr+0x5be/0x890 [ 623.690144][T13012] get_compat_msghdr+0x108/0x270 [ 623.560173][T13080] get_compat_msghdr+0x108/0x270 [ 623.690144][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 623.560173][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 623.690144][T13012] __sys_recvmmsg+0x4ca/0x510 [ 623.560173][T13080] __sys_recvmmsg+0x4ca/0x510 [ 623.690144][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.560173][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.690144][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.560173][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.690144][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 623.560173][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 623.690144][T13012] do_fast_syscall_32+0x6b/0xd0 [ 623.560173][T13080] do_fast_syscall_32+0x6b/0xd0 [ 623.690144][T13012] do_SYSENTER_32+0x73/0x90 [ 623.560173][T13080] do_SYSENTER_32+0x73/0x90 [ 623.690144][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.560173][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.690144][T13012] [ 623.560173][T13080] [ 623.690144][T13012] Uninit was stored to memory at: [ 623.560173][T13080] Uninit was stored to memory at: [ 623.690144][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 623.560173][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 623.690144][T13012] __msan_chain_origin+0x50/0x90 [ 623.560173][T13080] __msan_chain_origin+0x50/0x90 [ 623.690144][T13012] __get_compat_msghdr+0x5be/0x890 [ 623.560173][T13080] __get_compat_msghdr+0x5be/0x890 [ 623.690144][T13012] get_compat_msghdr+0x108/0x270 [ 623.560173][T13080] get_compat_msghdr+0x108/0x270 [ 623.690144][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 623.560173][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 623.690144][T13012] __sys_recvmmsg+0x4ca/0x510 [ 623.560173][T13080] __sys_recvmmsg+0x4ca/0x510 [ 623.690144][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.560173][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.690144][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.560173][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.690144][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 623.560173][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 623.690144][T13012] do_fast_syscall_32+0x6b/0xd0 [ 623.560173][T13080] do_fast_syscall_32+0x6b/0xd0 [ 623.690144][T13012] do_SYSENTER_32+0x73/0x90 [ 623.560173][T13080] do_SYSENTER_32+0x73/0x90 [ 623.690144][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.560173][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.690144][T13012] [ 623.560173][T13080] [ 623.690144][T13012] Uninit was stored to memory at: [ 623.560173][T13080] Uninit was stored to memory at: [ 623.690144][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 623.560173][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 623.690144][T13012] __msan_chain_origin+0x50/0x90 [ 623.560173][T13080] __msan_chain_origin+0x50/0x90 [ 623.690144][T13012] __get_compat_msghdr+0x5be/0x890 [ 623.560173][T13080] __get_compat_msghdr+0x5be/0x890 [ 623.690144][T13012] get_compat_msghdr+0x108/0x270 [ 623.560173][T13080] get_compat_msghdr+0x108/0x270 [ 623.690144][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 623.560173][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 623.690144][T13012] __sys_recvmmsg+0x4ca/0x510 [ 623.560173][T13080] __sys_recvmmsg+0x4ca/0x510 [ 623.690144][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.560173][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.690144][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.560173][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.690144][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 623.560173][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 623.690144][T13012] do_fast_syscall_32+0x6b/0xd0 [ 623.560173][T13080] do_fast_syscall_32+0x6b/0xd0 [ 623.690144][T13012] do_SYSENTER_32+0x73/0x90 [ 623.560173][T13080] do_SYSENTER_32+0x73/0x90 [ 623.690144][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.560173][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.690144][T13012] [ 623.560173][T13080] [ 623.690144][T13012] Uninit was stored to memory at: [ 623.560173][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 623.690144][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 623.560173][T13080] do_recvmmsg+0xc5/0x1ee0 [ 623.690144][T13012] __msan_chain_origin+0x50/0x90 [ 623.560173][T13080] do_recvmmsg+0xc5/0x1ee0 [ 623.690144][T13012] __get_compat_msghdr+0x5be/0x890 [ 623.690144][T13012] get_compat_msghdr+0x108/0x270 [ 624.857408][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 624.857852][T13012] __sys_recvmmsg+0x4ca/0x510 [ 624.857852][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.857852][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.857852][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 624.857852][T13012] do_fast_syscall_32+0x6b/0xd0 [ 624.857852][T13012] do_SYSENTER_32+0x73/0x90 [ 624.857852][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.857852][T13012] [ 624.857852][T13012] Uninit was stored to memory at: [ 624.857852][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 624.857852][T13012] __msan_chain_origin+0x50/0x90 [ 624.857852][T13012] __get_compat_msghdr+0x5be/0x890 [ 624.857852][T13012] get_compat_msghdr+0x108/0x270 [ 624.857852][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 624.857852][T13012] __sys_recvmmsg+0x4ca/0x510 [ 624.857852][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.940336][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.940336][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 624.940336][T13012] do_fast_syscall_32+0x6b/0xd0 [ 624.940336][T13012] do_SYSENTER_32+0x73/0x90 [ 624.960433][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.960433][T13012] [ 624.960433][T13012] Uninit was stored to memory at: [ 624.960433][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 624.960433][T13012] __msan_chain_origin+0x50/0x90 [ 624.960433][T13012] __get_compat_msghdr+0x5be/0x890 [ 624.960433][T13012] get_compat_msghdr+0x108/0x270 [ 624.960433][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 624.960433][T13012] __sys_recvmmsg+0x4ca/0x510 [ 624.960433][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.010350][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.010350][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 625.010350][T13012] do_fast_syscall_32+0x6b/0xd0 [ 625.010350][T13012] do_SYSENTER_32+0x73/0x90 [ 625.010350][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.010350][T13012] [ 625.010350][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 625.010350][T13012] do_recvmmsg+0xc5/0x1ee0 [ 625.010350][T13012] do_recvmmsg+0xc5/0x1ee0 [ 625.227496][T13041] not chained 2200000 origins [ 625.230171][T13041] CPU: 0 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 625.230171][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 625.230171][T13041] Call Trace: [ 625.230171][T13041] dump_stack+0x1df/0x240 [ 625.230171][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 625.230171][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 625.230171][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 625.230171][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 625.230171][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 625.230171][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 625.230171][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 625.230171][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 625.230171][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 625.230171][T13041] ? _copy_from_user+0x15b/0x260 [ 625.230171][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 625.230171][T13041] __msan_chain_origin+0x50/0x90 [ 625.230171][T13041] __get_compat_msghdr+0x5be/0x890 [ 625.230171][T13041] get_compat_msghdr+0x108/0x270 [ 625.230171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 625.230171][T13041] ? idle_cpu+0x9a/0x1d0 [ 625.230171][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 625.230171][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 625.230171][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 625.352708][T13072] not chained 2210000 origins [ 625.230171][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 625.230171][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 625.230171][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 625.230171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 625.230171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.230171][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 625.230171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.230171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 625.230171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 625.230171][T13041] do_SYSENTER_32+0x73/0x90 [ 625.230171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.230171][T13041] RIP: 0023:0xf7fd6549 [ 625.230171][T13041] Code: Bad RIP value. [ 625.230171][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 625.230171][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 625.230171][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 625.230171][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 625.230171][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 625.230171][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 625.230171][T13041] Uninit was stored to memory at: [ 625.360135][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 625.360135][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 625.230171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 625.360135][T13072] Call Trace: [ 625.230171][T13041] __msan_chain_origin+0x50/0x90 [ 625.360135][T13072] dump_stack+0x1df/0x240 [ 625.230171][T13041] __get_compat_msghdr+0x5be/0x890 [ 625.360135][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 625.230171][T13041] get_compat_msghdr+0x108/0x270 [ 625.360135][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 625.230171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 625.360135][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 625.230171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 625.360135][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 625.230171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.360135][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 625.230171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.360135][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 625.230171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 625.360135][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 625.230171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 625.360135][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 625.230171][T13041] do_SYSENTER_32+0x73/0x90 [ 625.360135][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 625.230171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.360135][T13072] ? _copy_from_user+0x15b/0x260 [ 625.230171][T13041] [ 625.360135][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 625.230171][T13041] Uninit was stored to memory at: [ 625.360135][T13072] __msan_chain_origin+0x50/0x90 [ 625.230171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 625.360135][T13072] __get_compat_msghdr+0x5be/0x890 [ 625.230171][T13041] __msan_chain_origin+0x50/0x90 [ 625.360135][T13072] get_compat_msghdr+0x108/0x270 [ 625.230171][T13041] __get_compat_msghdr+0x5be/0x890 [ 625.360135][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 625.230171][T13041] get_compat_msghdr+0x108/0x270 [ 625.360135][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 625.230171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 625.360135][T13072] ? sched_clock_cpu+0x7c/0x930 [ 625.230171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 625.360135][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 625.230171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.360135][T13072] ? sched_clock_cpu+0x7c/0x930 [ 625.230171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.360135][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 625.230171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 625.360135][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 625.230171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 625.360135][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 625.230171][T13041] do_SYSENTER_32+0x73/0x90 [ 625.360135][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 625.230171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.360135][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 625.230171][T13041] [ 625.360135][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 625.230171][T13041] Uninit was stored to memory at: [ 625.360135][T13072] __sys_recvmmsg+0x4ca/0x510 [ 625.230171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 625.360135][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.230171][T13041] __msan_chain_origin+0x50/0x90 [ 625.360135][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 625.230171][T13041] __get_compat_msghdr+0x5be/0x890 [ 625.360135][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.230171][T13041] get_compat_msghdr+0x108/0x270 [ 625.360135][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 625.230171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 625.360135][T13072] do_fast_syscall_32+0x6b/0xd0 [ 625.230171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 625.360135][T13072] do_SYSENTER_32+0x73/0x90 [ 625.230171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.360135][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.230171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.360135][T13072] RIP: 0023:0xf7fbe549 [ 625.230171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 625.360135][T13072] Code: Bad RIP value. [ 625.230171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 625.360135][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 625.230171][T13041] do_SYSENTER_32+0x73/0x90 [ 625.360135][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 625.230171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.360135][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 625.230171][T13041] [ 625.360135][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 625.230171][T13041] Uninit was stored to memory at: [ 625.360135][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 625.230171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 625.360135][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 625.230171][T13041] __msan_chain_origin+0x50/0x90 [ 625.360135][T13072] Uninit was stored to memory at: [ 625.230171][T13041] __get_compat_msghdr+0x5be/0x890 [ 625.360135][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 625.230171][T13041] get_compat_msghdr+0x108/0x270 [ 625.360135][T13072] __msan_chain_origin+0x50/0x90 [ 625.230171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 625.360135][T13072] __get_compat_msghdr+0x5be/0x890 [ 625.230171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 625.360135][T13072] get_compat_msghdr+0x108/0x270 [ 625.230171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.360135][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 625.230171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.360135][T13072] __sys_recvmmsg+0x4ca/0x510 [ 625.230171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 625.360135][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.230171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 625.360135][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.230171][T13041] do_SYSENTER_32+0x73/0x90 [ 625.360135][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 625.230171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.360135][T13072] do_fast_syscall_32+0x6b/0xd0 [ 625.230171][T13041] [ 625.360135][T13072] do_SYSENTER_32+0x73/0x90 [ 625.230171][T13041] Uninit was stored to memory at: [ 625.360135][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.230171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 625.360135][T13072] [ 625.230171][T13041] __msan_chain_origin+0x50/0x90 [ 625.360135][T13072] Uninit was stored to memory at: [ 625.230171][T13041] __get_compat_msghdr+0x5be/0x890 [ 625.360135][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 625.230171][T13041] get_compat_msghdr+0x108/0x270 [ 625.360135][T13072] __msan_chain_origin+0x50/0x90 [ 625.230171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 625.360135][T13072] __get_compat_msghdr+0x5be/0x890 [ 625.230171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 625.360135][T13072] get_compat_msghdr+0x108/0x270 [ 625.230171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.360135][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 625.230171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.360135][T13072] __sys_recvmmsg+0x4ca/0x510 [ 625.230171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 625.360135][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.230171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 625.360135][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.230171][T13041] do_SYSENTER_32+0x73/0x90 [ 625.360135][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 625.230171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.360135][T13072] do_fast_syscall_32+0x6b/0xd0 [ 625.230171][T13041] [ 625.360135][T13072] do_SYSENTER_32+0x73/0x90 [ 625.230171][T13041] Uninit was stored to memory at: [ 625.360135][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.230171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 625.360135][T13072] [ 625.230171][T13041] __msan_chain_origin+0x50/0x90 [ 625.360135][T13072] Uninit was stored to memory at: [ 625.230171][T13041] __get_compat_msghdr+0x5be/0x890 [ 625.360135][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 625.230171][T13041] get_compat_msghdr+0x108/0x270 [ 625.360135][T13072] __msan_chain_origin+0x50/0x90 [ 625.230171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 625.360135][T13072] __get_compat_msghdr+0x5be/0x890 [ 625.230171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 625.360135][T13072] get_compat_msghdr+0x108/0x270 [ 625.230171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.360135][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 625.230171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.360135][T13072] __sys_recvmmsg+0x4ca/0x510 [ 625.230171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 625.360135][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.230171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 625.360135][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.230171][T13041] do_SYSENTER_32+0x73/0x90 [ 625.360135][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 625.230171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.360135][T13072] do_fast_syscall_32+0x6b/0xd0 [ 625.230171][T13041] [ 625.360135][T13072] do_SYSENTER_32+0x73/0x90 [ 625.230171][T13041] Uninit was stored to memory at: [ 625.360135][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.230171][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 625.360135][T13072] [ 625.230171][T13041] __msan_chain_origin+0x50/0x90 [ 625.360135][T13072] Uninit was stored to memory at: [ 625.230171][T13041] __get_compat_msghdr+0x5be/0x890 [ 625.360135][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 625.230171][T13041] get_compat_msghdr+0x108/0x270 [ 625.360135][T13072] __msan_chain_origin+0x50/0x90 [ 625.230171][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 625.360135][T13072] __get_compat_msghdr+0x5be/0x890 [ 625.230171][T13041] __sys_recvmmsg+0x4ca/0x510 [ 625.360135][T13072] get_compat_msghdr+0x108/0x270 [ 625.230171][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.360135][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 625.230171][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.360135][T13072] __sys_recvmmsg+0x4ca/0x510 [ 625.230171][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 625.360135][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.230171][T13041] do_fast_syscall_32+0x6b/0xd0 [ 625.360135][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.230171][T13041] do_SYSENTER_32+0x73/0x90 [ 625.360135][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 625.230171][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.360135][T13072] do_fast_syscall_32+0x6b/0xd0 [ 625.230171][T13041] [ 625.360135][T13072] do_SYSENTER_32+0x73/0x90 [ 625.230171][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 625.360135][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.230171][T13041] do_recvmmsg+0xc5/0x1ee0 [ 625.360135][T13072] [ 625.230171][T13041] do_recvmmsg+0xc5/0x1ee0 [ 625.360135][T13072] Uninit was stored to memory at: [ 626.530254][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 626.537570][T13072] __msan_chain_origin+0x50/0x90 [ 626.537570][T13072] __get_compat_msghdr+0x5be/0x890 [ 626.547477][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 626.537570][T13072] get_compat_msghdr+0x108/0x270 [ 626.537570][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 626.537570][T13072] __sys_recvmmsg+0x4ca/0x510 [ 626.537570][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.575372][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 626.537570][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.537570][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 626.537570][T13072] do_fast_syscall_32+0x6b/0xd0 [ 626.537570][T13072] do_SYSENTER_32+0x73/0x90 [ 626.537570][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.537570][T13072] [ 626.537570][T13072] Uninit was stored to memory at: [ 626.620665][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 626.620368][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 626.620368][T13072] __msan_chain_origin+0x50/0x90 [ 626.620368][T13072] __get_compat_msghdr+0x5be/0x890 [ 626.620368][T13072] get_compat_msghdr+0x108/0x270 [ 626.620368][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 626.620368][T13072] __sys_recvmmsg+0x4ca/0x510 [ 626.620368][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.620368][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.620368][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 626.673041][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 626.620368][T13072] do_fast_syscall_32+0x6b/0xd0 [ 626.620368][T13072] do_SYSENTER_32+0x73/0x90 [ 626.620368][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.620368][T13072] [ 626.620368][T13072] Uninit was stored to memory at: [ 626.620368][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 626.620368][T13072] __msan_chain_origin+0x50/0x90 [ 626.718100][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 626.620368][T13072] __get_compat_msghdr+0x5be/0x890 [ 626.620368][T13072] get_compat_msghdr+0x108/0x270 [ 626.733797][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 626.620368][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 626.620368][T13072] __sys_recvmmsg+0x4ca/0x510 [ 626.620368][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.759296][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 626.620368][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.620368][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 626.620368][T13072] do_fast_syscall_32+0x6b/0xd0 [ 626.620368][T13072] do_SYSENTER_32+0x73/0x90 [ 626.620368][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.620368][T13072] [ 626.620368][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 626.620368][T13072] do_recvmmsg+0xc5/0x1ee0 [ 626.620368][T13072] do_recvmmsg+0xc5/0x1ee0 [ 626.946063][T13021] not chained 2220000 origins [ 626.950328][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 626.950328][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 626.960404][T13021] Call Trace: [ 626.960404][T13021] dump_stack+0x1df/0x240 [ 626.960404][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 626.960404][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 626.960404][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 626.960404][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 626.960404][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 626.960404][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 626.960404][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 626.960404][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 626.960404][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 626.960404][T13021] ? _copy_from_user+0x15b/0x260 [ 626.960404][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 626.960404][T13021] __msan_chain_origin+0x50/0x90 [ 626.960404][T13021] __get_compat_msghdr+0x5be/0x890 [ 626.960404][T13021] get_compat_msghdr+0x108/0x270 [ 626.960404][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 626.960404][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 626.960404][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 626.960404][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 627.070596][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 626.960404][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 626.960404][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 627.090202][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 627.095662][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 627.090202][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 627.090202][T13021] __sys_recvmmsg+0x4ca/0x510 [ 627.090202][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.090202][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 627.090202][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.090202][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 627.090202][T13021] do_fast_syscall_32+0x6b/0xd0 [ 627.090202][T13021] do_SYSENTER_32+0x73/0x90 [ 627.144350][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 627.090202][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.090202][T13021] RIP: 0023:0xf7f4d549 [ 627.090202][T13021] Code: Bad RIP value. [ 627.090202][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 627.090202][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 627.090202][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 627.190423][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 627.197436][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 627.197436][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 627.197436][T13021] Uninit was stored to memory at: [ 627.197436][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 627.197436][T13021] __msan_chain_origin+0x50/0x90 [ 627.197436][T13021] __get_compat_msghdr+0x5be/0x890 [ 627.197436][T13021] get_compat_msghdr+0x108/0x270 [ 627.197436][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 627.197436][T13021] __sys_recvmmsg+0x4ca/0x510 [ 627.197436][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.197436][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.260424][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 627.260424][T13021] do_fast_syscall_32+0x6b/0xd0 [ 627.260424][T13021] do_SYSENTER_32+0x73/0x90 [ 627.260424][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.260424][T13021] [ 627.260424][T13021] Uninit was stored to memory at: [ 627.260424][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 627.260424][T13021] __msan_chain_origin+0x50/0x90 [ 627.260424][T13021] __get_compat_msghdr+0x5be/0x890 [ 627.260424][T13021] get_compat_msghdr+0x108/0x270 [ 627.260424][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 627.260424][T13021] __sys_recvmmsg+0x4ca/0x510 [ 627.260424][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.260424][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.330266][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 627.330266][T13021] do_fast_syscall_32+0x6b/0xd0 [ 627.330266][T13021] do_SYSENTER_32+0x73/0x90 [ 627.330266][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.330266][T13021] [ 627.330266][T13021] Uninit was stored to memory at: [ 627.330266][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 627.330266][T13021] __msan_chain_origin+0x50/0x90 [ 627.330266][T13021] __get_compat_msghdr+0x5be/0x890 [ 627.330266][T13021] get_compat_msghdr+0x108/0x270 [ 627.330266][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 627.330266][T13021] __sys_recvmmsg+0x4ca/0x510 [ 627.330266][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.330266][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.400386][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 627.400386][T13021] do_fast_syscall_32+0x6b/0xd0 [ 627.400386][T13021] do_SYSENTER_32+0x73/0x90 [ 627.400386][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.400386][T13021] [ 627.400386][T13021] Uninit was stored to memory at: [ 627.400386][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 627.400386][T13021] __msan_chain_origin+0x50/0x90 [ 627.400386][T13021] __get_compat_msghdr+0x5be/0x890 [ 627.400386][T13021] get_compat_msghdr+0x108/0x270 [ 627.400386][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 627.400386][T13021] __sys_recvmmsg+0x4ca/0x510 [ 627.400386][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.400386][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.400386][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 627.400386][T13021] do_fast_syscall_32+0x6b/0xd0 [ 627.400386][T13021] do_SYSENTER_32+0x73/0x90 [ 627.400386][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.400386][T13021] [ 627.400386][T13021] Uninit was stored to memory at: [ 627.400386][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 627.400386][T13021] __msan_chain_origin+0x50/0x90 [ 627.400386][T13021] __get_compat_msghdr+0x5be/0x890 [ 627.400386][T13021] get_compat_msghdr+0x108/0x270 [ 627.400386][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 627.400386][T13021] __sys_recvmmsg+0x4ca/0x510 [ 627.400386][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.400386][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.400386][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 627.400386][T13021] do_fast_syscall_32+0x6b/0xd0 [ 627.400386][T13021] do_SYSENTER_32+0x73/0x90 [ 627.400386][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.400386][T13021] [ 627.400386][T13021] Uninit was stored to memory at: [ 627.400386][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 627.400386][T13021] __msan_chain_origin+0x50/0x90 [ 627.400386][T13021] __get_compat_msghdr+0x5be/0x890 [ 627.400386][T13021] get_compat_msghdr+0x108/0x270 [ 627.400386][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 627.400386][T13021] __sys_recvmmsg+0x4ca/0x510 [ 627.400386][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.400386][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.400386][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 627.400386][T13021] do_fast_syscall_32+0x6b/0xd0 [ 627.400386][T13021] do_SYSENTER_32+0x73/0x90 [ 627.400386][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.400386][T13021] [ 627.400386][T13021] Uninit was stored to memory at: [ 627.400386][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 627.400386][T13021] __msan_chain_origin+0x50/0x90 [ 627.400386][T13021] __get_compat_msghdr+0x5be/0x890 [ 627.400386][T13021] get_compat_msghdr+0x108/0x270 [ 627.400386][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 627.400386][T13021] __sys_recvmmsg+0x4ca/0x510 [ 627.400386][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.400386][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.400386][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 627.400386][T13021] do_fast_syscall_32+0x6b/0xd0 [ 627.400386][T13021] do_SYSENTER_32+0x73/0x90 [ 627.400386][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.400386][T13021] [ 627.400386][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 627.400386][T13021] do_recvmmsg+0xc5/0x1ee0 [ 627.400386][T13021] do_recvmmsg+0xc5/0x1ee0 [ 627.898123][T13080] not chained 2230000 origins [ 627.900162][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 627.900162][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 627.900162][T13080] Call Trace: [ 627.900162][T13080] dump_stack+0x1df/0x240 [ 627.900162][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 627.900162][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 627.900162][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 627.900162][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 627.900162][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 627.900162][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 627.900162][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 627.900162][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 627.900162][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 627.900162][T13080] ? _copy_from_user+0x15b/0x260 [ 627.900162][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 627.900162][T13080] __msan_chain_origin+0x50/0x90 [ 627.900162][T13080] __get_compat_msghdr+0x5be/0x890 [ 627.900162][T13080] get_compat_msghdr+0x108/0x270 [ 627.900162][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 627.900162][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 627.900162][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 627.900162][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 627.900162][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 627.900162][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 627.900162][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 627.900162][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 627.900162][T13080] __sys_recvmmsg+0x4ca/0x510 [ 627.900162][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.900162][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 627.900162][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.900162][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 627.900162][T13080] do_fast_syscall_32+0x6b/0xd0 [ 627.900162][T13080] do_SYSENTER_32+0x73/0x90 [ 627.900162][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.900162][T13080] RIP: 0023:0xf7fbe549 [ 627.900162][T13080] Code: Bad RIP value. [ 627.900162][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 627.900162][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 627.900162][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 627.900162][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 627.900162][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 627.900162][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 627.900162][T13080] Uninit was stored to memory at: [ 627.900162][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 627.900162][T13080] __msan_chain_origin+0x50/0x90 [ 627.900162][T13080] __get_compat_msghdr+0x5be/0x890 [ 627.900162][T13080] get_compat_msghdr+0x108/0x270 [ 627.900162][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 627.900162][T13080] __sys_recvmmsg+0x4ca/0x510 [ 627.900162][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.900162][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.900162][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 627.900162][T13080] do_fast_syscall_32+0x6b/0xd0 [ 627.900162][T13080] do_SYSENTER_32+0x73/0x90 [ 627.900162][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.900162][T13080] [ 627.900162][T13080] Uninit was stored to memory at: [ 627.900162][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 627.900162][T13080] __msan_chain_origin+0x50/0x90 [ 627.900162][T13080] __get_compat_msghdr+0x5be/0x890 [ 627.900162][T13080] get_compat_msghdr+0x108/0x270 [ 627.900162][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 627.900162][T13080] __sys_recvmmsg+0x4ca/0x510 [ 627.900162][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.900162][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.900162][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 627.900162][T13080] do_fast_syscall_32+0x6b/0xd0 [ 628.270267][T13080] do_SYSENTER_32+0x73/0x90 [ 628.270267][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.270267][T13080] [ 628.270267][T13080] Uninit was stored to memory at: [ 628.270267][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 628.270267][T13080] __msan_chain_origin+0x50/0x90 [ 628.298660][T13012] not chained 2240000 origins [ 628.270267][T13080] __get_compat_msghdr+0x5be/0x890 [ 628.300166][T13012] CPU: 0 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 628.270267][T13080] get_compat_msghdr+0x108/0x270 [ 628.300166][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 628.270267][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 628.300166][T13012] Call Trace: [ 628.270267][T13080] __sys_recvmmsg+0x4ca/0x510 [ 628.300166][T13012] dump_stack+0x1df/0x240 [ 628.270267][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.300166][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 628.270267][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.300166][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 628.270267][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 628.300166][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 628.270267][T13080] do_fast_syscall_32+0x6b/0xd0 [ 628.300166][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 628.270267][T13080] do_SYSENTER_32+0x73/0x90 [ 628.300166][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 628.270267][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.300166][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 628.270267][T13080] [ 628.300166][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 628.270267][T13080] Uninit was stored to memory at: [ 628.300166][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 628.270267][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 628.300166][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 628.270267][T13080] __msan_chain_origin+0x50/0x90 [ 628.300166][T13012] ? _copy_from_user+0x15b/0x260 [ 628.270267][T13080] __get_compat_msghdr+0x5be/0x890 [ 628.300166][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 628.270267][T13080] get_compat_msghdr+0x108/0x270 [ 628.300166][T13012] __msan_chain_origin+0x50/0x90 [ 628.270267][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 628.300166][T13012] __get_compat_msghdr+0x5be/0x890 [ 628.270267][T13080] __sys_recvmmsg+0x4ca/0x510 [ 628.300166][T13012] get_compat_msghdr+0x108/0x270 [ 628.270267][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.300166][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 628.270267][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.300166][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 628.270267][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 628.300166][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 628.270267][T13080] do_fast_syscall_32+0x6b/0xd0 [ 628.300166][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 628.270267][T13080] do_SYSENTER_32+0x73/0x90 [ 628.300166][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 628.270267][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.300166][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 628.270267][T13080] [ 628.300166][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 628.270267][T13080] Uninit was stored to memory at: [ 628.300166][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 628.270267][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 628.300166][T13012] __sys_recvmmsg+0x4ca/0x510 [ 628.270267][T13080] __msan_chain_origin+0x50/0x90 [ 628.300166][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.270267][T13080] __get_compat_msghdr+0x5be/0x890 [ 628.300166][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 628.270267][T13080] get_compat_msghdr+0x108/0x270 [ 628.300166][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.270267][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 628.300166][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 628.270267][T13080] __sys_recvmmsg+0x4ca/0x510 [ 628.300166][T13012] do_fast_syscall_32+0x6b/0xd0 [ 628.270267][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.300166][T13012] do_SYSENTER_32+0x73/0x90 [ 628.270267][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.300166][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.270267][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 628.300166][T13012] RIP: 0023:0xf7f4d549 [ 628.270267][T13080] do_fast_syscall_32+0x6b/0xd0 [ 628.300166][T13012] Code: Bad RIP value. [ 628.270267][T13080] do_SYSENTER_32+0x73/0x90 [ 628.300166][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 628.270267][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.300166][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 628.270267][T13080] [ 628.300166][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 628.270267][T13080] Uninit was stored to memory at: [ 628.300166][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 628.270267][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 628.300166][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 628.270267][T13080] __msan_chain_origin+0x50/0x90 [ 628.300166][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 628.270267][T13080] __get_compat_msghdr+0x5be/0x890 [ 628.300166][T13012] Uninit was stored to memory at: [ 628.270267][T13080] get_compat_msghdr+0x108/0x270 [ 628.300166][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 628.270267][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 628.300166][T13012] __msan_chain_origin+0x50/0x90 [ 628.270267][T13080] __sys_recvmmsg+0x4ca/0x510 [ 628.300166][T13012] __get_compat_msghdr+0x5be/0x890 [ 628.270267][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.300166][T13012] get_compat_msghdr+0x108/0x270 [ 628.270267][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.300166][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 628.270267][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 628.300166][T13012] __sys_recvmmsg+0x4ca/0x510 [ 628.270267][T13080] do_fast_syscall_32+0x6b/0xd0 [ 628.300166][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.270267][T13080] do_SYSENTER_32+0x73/0x90 [ 628.300166][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.270267][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.300166][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 628.270267][T13080] [ 628.300166][T13012] do_fast_syscall_32+0x6b/0xd0 [ 628.270267][T13080] Uninit was stored to memory at: [ 628.300166][T13012] do_SYSENTER_32+0x73/0x90 [ 628.270267][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 628.300166][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.270267][T13080] __msan_chain_origin+0x50/0x90 [ 628.300166][T13012] [ 628.270267][T13080] __get_compat_msghdr+0x5be/0x890 [ 628.300166][T13012] Uninit was stored to memory at: [ 628.270267][T13080] get_compat_msghdr+0x108/0x270 [ 628.300166][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 628.270267][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 628.300166][T13012] __msan_chain_origin+0x50/0x90 [ 628.270267][T13080] __sys_recvmmsg+0x4ca/0x510 [ 628.300166][T13012] __get_compat_msghdr+0x5be/0x890 [ 628.270267][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.300166][T13012] get_compat_msghdr+0x108/0x270 [ 628.270267][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.300166][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 628.270267][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 628.300166][T13012] __sys_recvmmsg+0x4ca/0x510 [ 628.270267][T13080] do_fast_syscall_32+0x6b/0xd0 [ 628.300166][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.270267][T13080] do_SYSENTER_32+0x73/0x90 [ 628.300166][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.270267][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.300166][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 628.270267][T13080] [ 628.300166][T13012] do_fast_syscall_32+0x6b/0xd0 [ 628.270267][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 628.300166][T13012] do_SYSENTER_32+0x73/0x90 [ 628.270267][T13080] do_recvmmsg+0xc5/0x1ee0 [ 628.300166][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.270267][T13080] do_recvmmsg+0xc5/0x1ee0 [ 628.300166][T13012] [ 629.035572][T13012] Uninit was stored to memory at: [ 629.037568][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 629.037568][T13012] __msan_chain_origin+0x50/0x90 [ 629.037568][T13012] __get_compat_msghdr+0x5be/0x890 [ 629.037568][T13012] get_compat_msghdr+0x108/0x270 [ 629.037568][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 629.037568][T13012] __sys_recvmmsg+0x4ca/0x510 [ 629.037568][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.037568][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.037568][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 629.037568][T13012] do_fast_syscall_32+0x6b/0xd0 [ 629.037568][T13012] do_SYSENTER_32+0x73/0x90 [ 629.037568][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.037568][T13012] [ 629.037568][T13012] Uninit was stored to memory at: [ 629.037568][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 629.037568][T13012] __msan_chain_origin+0x50/0x90 [ 629.037568][T13012] __get_compat_msghdr+0x5be/0x890 [ 629.037568][T13012] get_compat_msghdr+0x108/0x270 [ 629.037568][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 629.037568][T13012] __sys_recvmmsg+0x4ca/0x510 [ 629.037568][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.037568][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.037568][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 629.037568][T13012] do_fast_syscall_32+0x6b/0xd0 [ 629.037568][T13012] do_SYSENTER_32+0x73/0x90 [ 629.164846][T13041] not chained 2250000 origins [ 629.037568][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.170138][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 629.037568][T13012] [ 629.170138][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 629.037568][T13012] Uninit was stored to memory at: [ 629.170138][T13041] Call Trace: [ 629.037568][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 629.170138][T13041] dump_stack+0x1df/0x240 [ 629.037568][T13012] __msan_chain_origin+0x50/0x90 [ 629.170138][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 629.037568][T13012] __get_compat_msghdr+0x5be/0x890 [ 629.170138][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 629.037568][T13012] get_compat_msghdr+0x108/0x270 [ 629.170138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 629.037568][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 629.170138][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 629.037568][T13012] __sys_recvmmsg+0x4ca/0x510 [ 629.170138][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 629.037568][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.170138][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 629.037568][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.170138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 629.037568][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 629.170138][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 629.037568][T13012] do_fast_syscall_32+0x6b/0xd0 [ 629.170138][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 629.037568][T13012] do_SYSENTER_32+0x73/0x90 [ 629.170138][T13041] ? _copy_from_user+0x15b/0x260 [ 629.037568][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.170138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 629.037568][T13012] [ 629.170138][T13041] __msan_chain_origin+0x50/0x90 [ 629.037568][T13012] Uninit was stored to memory at: [ 629.170138][T13041] __get_compat_msghdr+0x5be/0x890 [ 629.037568][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 629.170138][T13041] get_compat_msghdr+0x108/0x270 [ 629.037568][T13012] __msan_chain_origin+0x50/0x90 [ 629.170138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 629.037568][T13012] __get_compat_msghdr+0x5be/0x890 [ 629.170138][T13041] ? idle_cpu+0x9a/0x1d0 [ 629.037568][T13012] get_compat_msghdr+0x108/0x270 [ 629.170138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 629.037568][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 629.170138][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 629.037568][T13012] __sys_recvmmsg+0x4ca/0x510 [ 629.170138][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 629.037568][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.170138][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 629.037568][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.170138][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 629.037568][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 629.170138][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 629.037568][T13012] do_fast_syscall_32+0x6b/0xd0 [ 629.170138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 629.037568][T13012] do_SYSENTER_32+0x73/0x90 [ 629.170138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.037568][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.170138][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 629.037568][T13012] [ 629.170138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.037568][T13012] Uninit was stored to memory at: [ 629.170138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 629.037568][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 629.170138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 629.037568][T13012] __msan_chain_origin+0x50/0x90 [ 629.170138][T13041] do_SYSENTER_32+0x73/0x90 [ 629.037568][T13012] __get_compat_msghdr+0x5be/0x890 [ 629.170138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.037568][T13012] get_compat_msghdr+0x108/0x270 [ 629.170138][T13041] RIP: 0023:0xf7fd6549 [ 629.037568][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 629.170138][T13041] Code: Bad RIP value. [ 629.037568][T13012] __sys_recvmmsg+0x4ca/0x510 [ 629.170138][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 629.037568][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.170138][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 629.037568][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.170138][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 629.037568][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 629.170138][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 629.037568][T13012] do_fast_syscall_32+0x6b/0xd0 [ 629.170138][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 629.037568][T13012] do_SYSENTER_32+0x73/0x90 [ 629.170138][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 629.037568][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.170138][T13041] Uninit was stored to memory at: [ 629.037568][T13012] [ 629.170138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 629.037568][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 629.170138][T13041] __msan_chain_origin+0x50/0x90 [ 629.037568][T13012] do_recvmmsg+0xc5/0x1ee0 [ 629.170138][T13041] __get_compat_msghdr+0x5be/0x890 [ 629.037568][T13012] do_recvmmsg+0xc5/0x1ee0 [ 629.170138][T13041] get_compat_msghdr+0x108/0x270 [ 629.170138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 629.674681][T13041] __sys_recvmmsg+0x4ca/0x510 [ 629.681967][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.681967][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.689239][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 629.689239][T13041] do_fast_syscall_32+0x6b/0xd0 [ 629.689239][T13041] do_SYSENTER_32+0x73/0x90 [ 629.689239][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.689239][T13041] [ 629.689239][T13041] Uninit was stored to memory at: [ 629.689239][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 629.689239][T13041] __msan_chain_origin+0x50/0x90 [ 629.689239][T13041] __get_compat_msghdr+0x5be/0x890 [ 629.689239][T13041] get_compat_msghdr+0x108/0x270 [ 629.689239][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 629.689239][T13041] __sys_recvmmsg+0x4ca/0x510 [ 629.689239][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.689239][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.689239][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 629.689239][T13041] do_fast_syscall_32+0x6b/0xd0 [ 629.689239][T13041] do_SYSENTER_32+0x73/0x90 [ 629.689239][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.689239][T13041] [ 629.689239][T13041] Uninit was stored to memory at: [ 629.689239][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 629.689239][T13041] __msan_chain_origin+0x50/0x90 [ 629.689239][T13041] __get_compat_msghdr+0x5be/0x890 [ 629.689239][T13041] get_compat_msghdr+0x108/0x270 [ 629.689239][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 629.689239][T13041] __sys_recvmmsg+0x4ca/0x510 [ 629.689239][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.689239][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.689239][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 629.689239][T13041] do_fast_syscall_32+0x6b/0xd0 [ 629.840620][T13041] do_SYSENTER_32+0x73/0x90 [ 629.840620][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.840620][T13041] [ 629.840620][T13041] Uninit was stored to memory at: [ 629.860313][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 629.860313][T13041] __msan_chain_origin+0x50/0x90 [ 629.860313][T13041] __get_compat_msghdr+0x5be/0x890 [ 629.860313][T13041] get_compat_msghdr+0x108/0x270 [ 629.860313][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 629.860313][T13041] __sys_recvmmsg+0x4ca/0x510 [ 629.860313][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.860313][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.860313][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 629.860313][T13041] do_fast_syscall_32+0x6b/0xd0 [ 629.860313][T13041] do_SYSENTER_32+0x73/0x90 [ 629.860313][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.860313][T13041] [ 629.860313][T13041] Uninit was stored to memory at: [ 629.930393][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 629.930393][T13041] __msan_chain_origin+0x50/0x90 [ 629.930393][T13041] __get_compat_msghdr+0x5be/0x890 [ 629.930393][T13041] get_compat_msghdr+0x108/0x270 [ 629.930393][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 629.930393][T13041] __sys_recvmmsg+0x4ca/0x510 [ 629.930393][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.930393][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.930393][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 629.930393][T13041] do_fast_syscall_32+0x6b/0xd0 [ 629.930393][T13041] do_SYSENTER_32+0x73/0x90 [ 629.930393][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.930393][T13041] [ 629.930393][T13041] Uninit was stored to memory at: [ 629.930393][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 629.930393][T13041] __msan_chain_origin+0x50/0x90 [ 629.930393][T13041] __get_compat_msghdr+0x5be/0x890 [ 629.930393][T13041] get_compat_msghdr+0x108/0x270 [ 629.930393][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 629.930393][T13041] __sys_recvmmsg+0x4ca/0x510 [ 629.930393][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.930393][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.930393][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 629.930393][T13041] do_fast_syscall_32+0x6b/0xd0 [ 629.930393][T13041] do_SYSENTER_32+0x73/0x90 [ 629.930393][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.930393][T13041] [ 629.930393][T13041] Uninit was stored to memory at: [ 629.930393][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 629.930393][T13041] __msan_chain_origin+0x50/0x90 [ 629.930393][T13041] __get_compat_msghdr+0x5be/0x890 [ 629.930393][T13041] get_compat_msghdr+0x108/0x270 [ 629.930393][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 629.930393][T13041] __sys_recvmmsg+0x4ca/0x510 [ 629.930393][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.930393][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.930393][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 629.930393][T13041] do_fast_syscall_32+0x6b/0xd0 [ 629.930393][T13041] do_SYSENTER_32+0x73/0x90 [ 629.930393][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.930393][T13041] [ 629.930393][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 629.930393][T13041] do_recvmmsg+0xc5/0x1ee0 [ 629.930393][T13041] do_recvmmsg+0xc5/0x1ee0 [ 630.354497][T13021] not chained 2260000 origins [ 630.359292][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 630.360172][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 630.360172][T13021] Call Trace: [ 630.360172][T13021] dump_stack+0x1df/0x240 [ 630.360172][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 630.360172][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 630.360172][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 630.360172][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 630.360172][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 630.360172][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 630.360172][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 630.360172][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 630.360172][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 630.360172][T13021] ? _copy_from_user+0x15b/0x260 [ 630.360172][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 630.360172][T13021] __msan_chain_origin+0x50/0x90 [ 630.360172][T13021] __get_compat_msghdr+0x5be/0x890 [ 630.360172][T13021] get_compat_msghdr+0x108/0x270 [ 630.360172][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 630.360172][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 630.360172][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 630.360172][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 630.360172][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 630.360172][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 630.360172][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 630.360172][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 630.360172][T13021] __sys_recvmmsg+0x4ca/0x510 [ 630.360172][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.360172][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 630.360172][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.360172][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 630.360172][T13021] do_fast_syscall_32+0x6b/0xd0 [ 630.360172][T13021] do_SYSENTER_32+0x73/0x90 [ 630.360172][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.360172][T13021] RIP: 0023:0xf7f4d549 [ 630.360172][T13021] Code: Bad RIP value. [ 630.360172][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 630.360172][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 630.360172][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 630.360172][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 630.360172][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 630.360172][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 630.360172][T13021] Uninit was stored to memory at: [ 630.360172][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 630.360172][T13021] __msan_chain_origin+0x50/0x90 [ 630.360172][T13021] __get_compat_msghdr+0x5be/0x890 [ 630.360172][T13021] get_compat_msghdr+0x108/0x270 [ 630.360172][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 630.360172][T13021] __sys_recvmmsg+0x4ca/0x510 [ 630.360172][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.360172][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.360172][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 630.653509][T13072] not chained 2270000 origins [ 630.360172][T13021] do_fast_syscall_32+0x6b/0xd0 [ 630.659247][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 630.360172][T13021] do_SYSENTER_32+0x73/0x90 [ 630.360172][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.660189][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 630.360172][T13021] [ 630.660189][T13072] Call Trace: [ 630.360172][T13021] Uninit was stored to memory at: [ 630.660189][T13072] dump_stack+0x1df/0x240 [ 630.360172][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 630.660189][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 630.360172][T13021] __msan_chain_origin+0x50/0x90 [ 630.660189][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 630.360172][T13021] __get_compat_msghdr+0x5be/0x890 [ 630.660189][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 630.360172][T13021] get_compat_msghdr+0x108/0x270 [ 630.660189][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 630.360172][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 630.660189][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 630.360172][T13021] __sys_recvmmsg+0x4ca/0x510 [ 630.660189][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 630.360172][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.660189][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 630.360172][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.660189][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 630.360172][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 630.660189][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 630.360172][T13021] do_fast_syscall_32+0x6b/0xd0 [ 630.660189][T13072] ? _copy_from_user+0x15b/0x260 [ 630.360172][T13021] do_SYSENTER_32+0x73/0x90 [ 630.660189][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 630.360172][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.660189][T13072] __msan_chain_origin+0x50/0x90 [ 630.360172][T13021] [ 630.660189][T13072] __get_compat_msghdr+0x5be/0x890 [ 630.360172][T13021] Uninit was stored to memory at: [ 630.660189][T13072] get_compat_msghdr+0x108/0x270 [ 630.360172][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 630.660189][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 630.360172][T13021] __msan_chain_origin+0x50/0x90 [ 630.660189][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 630.360172][T13021] __get_compat_msghdr+0x5be/0x890 [ 630.660189][T13072] ? sched_clock_cpu+0x7c/0x930 [ 630.360172][T13021] get_compat_msghdr+0x108/0x270 [ 630.660189][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 630.360172][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 630.660189][T13072] ? sched_clock_cpu+0x7c/0x930 [ 630.360172][T13021] __sys_recvmmsg+0x4ca/0x510 [ 630.660189][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 630.360172][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.660189][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 630.360172][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.660189][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 630.360172][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 630.660189][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 630.360172][T13021] do_fast_syscall_32+0x6b/0xd0 [ 630.660189][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 630.360172][T13021] do_SYSENTER_32+0x73/0x90 [ 630.660189][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 630.360172][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.660189][T13072] __sys_recvmmsg+0x4ca/0x510 [ 630.360172][T13021] [ 630.660189][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.360172][T13021] Uninit was stored to memory at: [ 630.660189][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 630.360172][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 630.660189][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.360172][T13021] __msan_chain_origin+0x50/0x90 [ 630.660189][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 630.360172][T13021] __get_compat_msghdr+0x5be/0x890 [ 630.660189][T13072] do_fast_syscall_32+0x6b/0xd0 [ 630.360172][T13021] get_compat_msghdr+0x108/0x270 [ 630.660189][T13072] do_SYSENTER_32+0x73/0x90 [ 630.360172][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 630.660189][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.360172][T13021] __sys_recvmmsg+0x4ca/0x510 [ 630.660189][T13072] RIP: 0023:0xf7fbe549 [ 630.360172][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.660189][T13072] Code: Bad RIP value. [ 630.360172][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.660189][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 630.360172][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 630.660189][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 630.360172][T13021] do_fast_syscall_32+0x6b/0xd0 [ 630.660189][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 630.360172][T13021] do_SYSENTER_32+0x73/0x90 [ 630.660189][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 630.360172][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.660189][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 630.360172][T13021] [ 630.660189][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 630.360172][T13021] Uninit was stored to memory at: [ 630.660189][T13072] Uninit was stored to memory at: [ 630.360172][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 630.660189][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 630.360172][T13021] __msan_chain_origin+0x50/0x90 [ 630.660189][T13072] __msan_chain_origin+0x50/0x90 [ 630.360172][T13021] __get_compat_msghdr+0x5be/0x890 [ 630.660189][T13072] __get_compat_msghdr+0x5be/0x890 [ 630.360172][T13021] get_compat_msghdr+0x108/0x270 [ 630.660189][T13072] get_compat_msghdr+0x108/0x270 [ 630.360172][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 630.660189][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 630.360172][T13021] __sys_recvmmsg+0x4ca/0x510 [ 630.660189][T13072] __sys_recvmmsg+0x4ca/0x510 [ 630.360172][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.660189][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.360172][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.660189][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.360172][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 630.660189][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 630.360172][T13021] do_fast_syscall_32+0x6b/0xd0 [ 630.660189][T13072] do_fast_syscall_32+0x6b/0xd0 [ 630.360172][T13021] do_SYSENTER_32+0x73/0x90 [ 630.660189][T13072] do_SYSENTER_32+0x73/0x90 [ 630.360172][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.660189][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.360172][T13021] [ 630.660189][T13072] [ 630.360172][T13021] Uninit was stored to memory at: [ 630.660189][T13072] Uninit was stored to memory at: [ 630.360172][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 630.660189][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 630.360172][T13021] __msan_chain_origin+0x50/0x90 [ 630.660189][T13072] __msan_chain_origin+0x50/0x90 [ 630.360172][T13021] __get_compat_msghdr+0x5be/0x890 [ 630.660189][T13072] __get_compat_msghdr+0x5be/0x890 [ 630.360172][T13021] get_compat_msghdr+0x108/0x270 [ 630.660189][T13072] get_compat_msghdr+0x108/0x270 [ 630.360172][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 630.660189][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 630.360172][T13021] __sys_recvmmsg+0x4ca/0x510 [ 630.660189][T13072] __sys_recvmmsg+0x4ca/0x510 [ 630.360172][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.660189][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.360172][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.660189][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.360172][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 630.660189][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 630.360172][T13021] do_fast_syscall_32+0x6b/0xd0 [ 630.660189][T13072] do_fast_syscall_32+0x6b/0xd0 [ 630.360172][T13021] do_SYSENTER_32+0x73/0x90 [ 630.660189][T13072] do_SYSENTER_32+0x73/0x90 [ 630.360172][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.660189][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.360172][T13021] [ 630.660189][T13072] [ 630.360172][T13021] Uninit was stored to memory at: [ 630.660189][T13072] Uninit was stored to memory at: [ 630.360172][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 630.660189][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 630.360172][T13021] __msan_chain_origin+0x50/0x90 [ 630.660189][T13072] __msan_chain_origin+0x50/0x90 [ 630.360172][T13021] __get_compat_msghdr+0x5be/0x890 [ 630.660189][T13072] __get_compat_msghdr+0x5be/0x890 [ 630.360172][T13021] get_compat_msghdr+0x108/0x270 [ 630.660189][T13072] get_compat_msghdr+0x108/0x270 [ 630.360172][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 630.660189][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 630.360172][T13021] __sys_recvmmsg+0x4ca/0x510 [ 630.660189][T13072] __sys_recvmmsg+0x4ca/0x510 [ 630.360172][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.660189][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.360172][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.660189][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.360172][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 630.660189][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 630.360172][T13021] do_fast_syscall_32+0x6b/0xd0 [ 630.660189][T13072] do_fast_syscall_32+0x6b/0xd0 [ 630.360172][T13021] do_SYSENTER_32+0x73/0x90 [ 630.660189][T13072] do_SYSENTER_32+0x73/0x90 [ 630.360172][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.660189][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.360172][T13021] [ 630.660189][T13072] [ 630.360172][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 630.660189][T13072] Uninit was stored to memory at: [ 630.360172][T13021] do_recvmmsg+0xc5/0x1ee0 [ 630.660189][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 630.360172][T13021] do_recvmmsg+0xc5/0x1ee0 [ 630.660189][T13072] __msan_chain_origin+0x50/0x90 [ 630.660189][T13072] __get_compat_msghdr+0x5be/0x890 [ 630.660189][T13072] get_compat_msghdr+0x108/0x270 [ 630.660189][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 630.660189][T13072] __sys_recvmmsg+0x4ca/0x510 [ 630.660189][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.660189][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.660189][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 630.660189][T13072] do_fast_syscall_32+0x6b/0xd0 [ 630.660189][T13072] do_SYSENTER_32+0x73/0x90 [ 630.660189][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.660189][T13072] [ 630.660189][T13072] Uninit was stored to memory at: [ 630.660189][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 630.660189][T13072] __msan_chain_origin+0x50/0x90 [ 630.660189][T13072] __get_compat_msghdr+0x5be/0x890 [ 630.660189][T13072] get_compat_msghdr+0x108/0x270 [ 630.660189][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 630.660189][T13072] __sys_recvmmsg+0x4ca/0x510 [ 630.660189][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.660189][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.660189][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 630.660189][T13072] do_fast_syscall_32+0x6b/0xd0 [ 630.660189][T13072] do_SYSENTER_32+0x73/0x90 [ 630.660189][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.660189][T13072] [ 631.721083][T13041] not chained 2280000 origins [ 630.660189][T13072] Uninit was stored to memory at: [ 631.725810][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 630.660189][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 631.730143][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 630.660189][T13072] __msan_chain_origin+0x50/0x90 [ 631.730143][T13041] Call Trace: [ 630.660189][T13072] __get_compat_msghdr+0x5be/0x890 [ 631.730143][T13041] dump_stack+0x1df/0x240 [ 630.660189][T13072] get_compat_msghdr+0x108/0x270 [ 631.730143][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 630.660189][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 631.730143][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 630.660189][T13072] __sys_recvmmsg+0x4ca/0x510 [ 631.730143][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 630.660189][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 631.730143][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 630.660189][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 631.730143][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 630.660189][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 631.730143][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 630.660189][T13072] do_fast_syscall_32+0x6b/0xd0 [ 631.730143][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 630.660189][T13072] do_SYSENTER_32+0x73/0x90 [ 631.730143][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 630.660189][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 631.730143][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 630.660189][T13072] [ 631.730143][T13041] ? _copy_from_user+0x15b/0x260 [ 630.660189][T13072] Uninit was stored to memory at: [ 631.730143][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 630.660189][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 631.730143][T13041] __msan_chain_origin+0x50/0x90 [ 630.660189][T13072] __msan_chain_origin+0x50/0x90 [ 631.730143][T13041] __get_compat_msghdr+0x5be/0x890 [ 630.660189][T13072] __get_compat_msghdr+0x5be/0x890 [ 631.730143][T13041] get_compat_msghdr+0x108/0x270 [ 630.660189][T13072] get_compat_msghdr+0x108/0x270 [ 631.730143][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 630.660189][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 631.730143][T13041] ? idle_cpu+0x9a/0x1d0 [ 630.660189][T13072] __sys_recvmmsg+0x4ca/0x510 [ 631.730143][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 630.660189][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 631.730143][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 630.660189][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 631.730143][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 630.660189][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 631.730143][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 630.660189][T13072] do_fast_syscall_32+0x6b/0xd0 [ 631.730143][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 630.660189][T13072] do_SYSENTER_32+0x73/0x90 [ 631.730143][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 630.660189][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 631.730143][T13041] __sys_recvmmsg+0x4ca/0x510 [ 630.660189][T13072] [ 631.730143][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.660189][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 631.730143][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 630.660189][T13072] do_recvmmsg+0xc5/0x1ee0 [ 631.730143][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.660189][T13072] do_recvmmsg+0xc5/0x1ee0 [ 631.730143][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 632.044461][T13041] do_fast_syscall_32+0x6b/0xd0 [ 632.044461][T13041] do_SYSENTER_32+0x73/0x90 [ 632.044461][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.059907][T13041] RIP: 0023:0xf7fd6549 [ 632.059907][T13041] Code: Bad RIP value. [ 632.059907][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 632.073557][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 632.059907][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 632.059907][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 632.059907][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 632.059907][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 632.059907][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 632.059907][T13041] Uninit was stored to memory at: [ 632.059907][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 632.059907][T13041] __msan_chain_origin+0x50/0x90 [ 632.059907][T13041] __get_compat_msghdr+0x5be/0x890 [ 632.059907][T13041] get_compat_msghdr+0x108/0x270 [ 632.059907][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 632.059907][T13041] __sys_recvmmsg+0x4ca/0x510 [ 632.059907][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.059907][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.059907][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 632.059907][T13041] do_fast_syscall_32+0x6b/0xd0 [ 632.059907][T13041] do_SYSENTER_32+0x73/0x90 [ 632.059907][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.059907][T13041] [ 632.059907][T13041] Uninit was stored to memory at: [ 632.059907][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 632.059907][T13041] __msan_chain_origin+0x50/0x90 [ 632.213634][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 632.059907][T13041] __get_compat_msghdr+0x5be/0x890 [ 632.059907][T13041] get_compat_msghdr+0x108/0x270 [ 632.059907][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 632.059907][T13041] __sys_recvmmsg+0x4ca/0x510 [ 632.059907][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.059907][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.059907][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 632.059907][T13041] do_fast_syscall_32+0x6b/0xd0 [ 632.059907][T13041] do_SYSENTER_32+0x73/0x90 [ 632.059907][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.059907][T13041] [ 632.059907][T13041] Uninit was stored to memory at: [ 632.059907][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 632.289479][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 632.059907][T13041] __msan_chain_origin+0x50/0x90 [ 632.059907][T13041] __get_compat_msghdr+0x5be/0x890 [ 632.059907][T13041] get_compat_msghdr+0x108/0x270 [ 632.059907][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 632.059907][T13041] __sys_recvmmsg+0x4ca/0x510 [ 632.059907][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.324218][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 632.059907][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.059907][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 632.059907][T13041] do_fast_syscall_32+0x6b/0xd0 [ 632.059907][T13041] do_SYSENTER_32+0x73/0x90 [ 632.059907][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.059907][T13041] [ 632.059907][T13041] Uninit was stored to memory at: [ 632.059907][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 632.059907][T13041] __msan_chain_origin+0x50/0x90 [ 632.059907][T13041] __get_compat_msghdr+0x5be/0x890 [ 632.059907][T13041] get_compat_msghdr+0x108/0x270 [ 632.059907][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 632.059907][T13041] __sys_recvmmsg+0x4ca/0x510 [ 632.059907][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.059907][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.059907][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 632.415106][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 632.059907][T13041] do_fast_syscall_32+0x6b/0xd0 [ 632.059907][T13041] do_SYSENTER_32+0x73/0x90 [ 632.059907][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.059907][T13041] [ 632.444245][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 632.059907][T13041] Uninit was stored to memory at: [ 632.059907][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 632.459659][T13080] not chained 2290000 origins [ 632.059907][T13041] __msan_chain_origin+0x50/0x90 [ 632.463123][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 632.059907][T13041] __get_compat_msghdr+0x5be/0x890 [ 632.463123][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 632.059907][T13041] get_compat_msghdr+0x108/0x270 [ 632.463123][T13080] Call Trace: [ 632.059907][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 632.463123][T13080] dump_stack+0x1df/0x240 [ 632.059907][T13041] __sys_recvmmsg+0x4ca/0x510 [ 632.463123][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 632.059907][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.463123][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 632.059907][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.463123][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 632.059907][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 632.463123][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 632.059907][T13041] do_fast_syscall_32+0x6b/0xd0 [ 632.463123][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 632.059907][T13041] do_SYSENTER_32+0x73/0x90 [ 632.463123][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 632.059907][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.463123][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 632.059907][T13041] [ 632.463123][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 632.059907][T13041] Uninit was stored to memory at: [ 632.463123][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 632.059907][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 632.463123][T13080] ? _copy_from_user+0x15b/0x260 [ 632.059907][T13041] __msan_chain_origin+0x50/0x90 [ 632.463123][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 632.059907][T13041] __get_compat_msghdr+0x5be/0x890 [ 632.463123][T13080] __msan_chain_origin+0x50/0x90 [ 632.059907][T13041] get_compat_msghdr+0x108/0x270 [ 632.463123][T13080] __get_compat_msghdr+0x5be/0x890 [ 632.059907][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 632.463123][T13080] get_compat_msghdr+0x108/0x270 [ 632.059907][T13041] __sys_recvmmsg+0x4ca/0x510 [ 632.463123][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 632.059907][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.463123][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 632.059907][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.463123][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 632.059907][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 632.463123][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 632.059907][T13041] do_fast_syscall_32+0x6b/0xd0 [ 632.463123][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 632.059907][T13041] do_SYSENTER_32+0x73/0x90 [ 632.463123][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 632.059907][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.463123][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 632.059907][T13041] [ 632.463123][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 632.059907][T13041] Uninit was stored to memory at: [ 632.463123][T13080] __sys_recvmmsg+0x4ca/0x510 [ 632.059907][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 632.463123][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.059907][T13041] __msan_chain_origin+0x50/0x90 [ 632.463123][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 632.059907][T13041] __get_compat_msghdr+0x5be/0x890 [ 632.463123][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.059907][T13041] get_compat_msghdr+0x108/0x270 [ 632.463123][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 632.059907][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 632.463123][T13080] do_fast_syscall_32+0x6b/0xd0 [ 632.059907][T13041] __sys_recvmmsg+0x4ca/0x510 [ 632.463123][T13080] do_SYSENTER_32+0x73/0x90 [ 632.059907][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.463123][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.059907][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.463123][T13080] RIP: 0023:0xf7fbe549 [ 632.059907][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 632.463123][T13080] Code: Bad RIP value. [ 632.059907][T13041] do_fast_syscall_32+0x6b/0xd0 [ 632.463123][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 632.059907][T13041] do_SYSENTER_32+0x73/0x90 [ 632.463123][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 632.059907][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.463123][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 632.059907][T13041] [ 632.463123][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 632.059907][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 632.463123][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 632.059907][T13041] do_recvmmsg+0xc5/0x1ee0 [ 632.463123][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 632.059907][T13041] do_recvmmsg+0xc5/0x1ee0 [ 632.463123][T13080] Uninit was stored to memory at: [ 632.463123][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 632.933045][T13080] __msan_chain_origin+0x50/0x90 [ 632.933045][T13080] __get_compat_msghdr+0x5be/0x890 [ 632.933045][T13080] get_compat_msghdr+0x108/0x270 [ 632.933045][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 632.933045][T13080] __sys_recvmmsg+0x4ca/0x510 [ 632.933045][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.933045][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.933045][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 632.933045][T13080] do_fast_syscall_32+0x6b/0xd0 [ 632.933045][T13080] do_SYSENTER_32+0x73/0x90 [ 632.933045][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.933045][T13080] [ 632.933045][T13080] Uninit was stored to memory at: [ 632.933045][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 632.933045][T13080] __msan_chain_origin+0x50/0x90 [ 632.933045][T13080] __get_compat_msghdr+0x5be/0x890 [ 632.933045][T13080] get_compat_msghdr+0x108/0x270 [ 632.933045][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 632.933045][T13080] __sys_recvmmsg+0x4ca/0x510 [ 632.933045][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.933045][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.933045][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 632.933045][T13080] do_fast_syscall_32+0x6b/0xd0 [ 632.933045][T13080] do_SYSENTER_32+0x73/0x90 [ 632.933045][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.933045][T13080] [ 632.933045][T13080] Uninit was stored to memory at: [ 632.933045][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 632.933045][T13080] __msan_chain_origin+0x50/0x90 [ 633.076311][T13012] not chained 2300000 origins [ 632.933045][T13080] __get_compat_msghdr+0x5be/0x890 [ 633.080140][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 632.933045][T13080] get_compat_msghdr+0x108/0x270 [ 633.080140][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 632.933045][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 633.080140][T13012] Call Trace: [ 632.933045][T13080] __sys_recvmmsg+0x4ca/0x510 [ 633.080140][T13012] dump_stack+0x1df/0x240 [ 632.933045][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.080140][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 632.933045][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.080140][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 632.933045][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 633.080140][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 632.933045][T13080] do_fast_syscall_32+0x6b/0xd0 [ 633.080140][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 632.933045][T13080] do_SYSENTER_32+0x73/0x90 [ 633.080140][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 632.933045][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.080140][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 632.933045][T13080] [ 633.080140][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 632.933045][T13080] Uninit was stored to memory at: [ 633.080140][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 632.933045][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 633.080140][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 632.933045][T13080] __msan_chain_origin+0x50/0x90 [ 633.080140][T13012] ? _copy_from_user+0x15b/0x260 [ 632.933045][T13080] __get_compat_msghdr+0x5be/0x890 [ 633.080140][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 632.933045][T13080] get_compat_msghdr+0x108/0x270 [ 633.080140][T13012] __msan_chain_origin+0x50/0x90 [ 632.933045][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 633.080140][T13012] __get_compat_msghdr+0x5be/0x890 [ 632.933045][T13080] __sys_recvmmsg+0x4ca/0x510 [ 633.080140][T13012] get_compat_msghdr+0x108/0x270 [ 632.933045][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.080140][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 632.933045][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.080140][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 632.933045][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 633.080140][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 632.933045][T13080] do_fast_syscall_32+0x6b/0xd0 [ 633.080140][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 632.933045][T13080] do_SYSENTER_32+0x73/0x90 [ 633.080140][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 632.933045][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.080140][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 632.933045][T13080] [ 633.080140][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 632.933045][T13080] Uninit was stored to memory at: [ 633.080140][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 632.933045][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 633.080140][T13012] __sys_recvmmsg+0x4ca/0x510 [ 632.933045][T13080] __msan_chain_origin+0x50/0x90 [ 633.080140][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.933045][T13080] __get_compat_msghdr+0x5be/0x890 [ 633.080140][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 632.933045][T13080] get_compat_msghdr+0x108/0x270 [ 633.080140][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.933045][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 633.080140][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 632.933045][T13080] __sys_recvmmsg+0x4ca/0x510 [ 633.080140][T13012] do_fast_syscall_32+0x6b/0xd0 [ 632.933045][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.080140][T13012] do_SYSENTER_32+0x73/0x90 [ 632.933045][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.080140][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.933045][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 633.080140][T13012] RIP: 0023:0xf7f4d549 [ 632.933045][T13080] do_fast_syscall_32+0x6b/0xd0 [ 633.080140][T13012] Code: Bad RIP value. [ 632.933045][T13080] do_SYSENTER_32+0x73/0x90 [ 633.080140][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 632.933045][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.080140][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 632.933045][T13080] [ 633.080140][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 632.933045][T13080] Uninit was stored to memory at: [ 633.080140][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 632.933045][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 633.080140][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 632.933045][T13080] __msan_chain_origin+0x50/0x90 [ 633.080140][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 632.933045][T13080] __get_compat_msghdr+0x5be/0x890 [ 633.080140][T13012] Uninit was stored to memory at: [ 632.933045][T13080] get_compat_msghdr+0x108/0x270 [ 633.080140][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 632.933045][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 633.080140][T13012] __msan_chain_origin+0x50/0x90 [ 632.933045][T13080] __sys_recvmmsg+0x4ca/0x510 [ 633.080140][T13012] __get_compat_msghdr+0x5be/0x890 [ 632.933045][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.080140][T13012] get_compat_msghdr+0x108/0x270 [ 632.933045][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.080140][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 632.933045][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 633.080140][T13012] __sys_recvmmsg+0x4ca/0x510 [ 632.933045][T13080] do_fast_syscall_32+0x6b/0xd0 [ 633.080140][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.933045][T13080] do_SYSENTER_32+0x73/0x90 [ 633.080140][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.933045][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.080140][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 632.933045][T13080] [ 633.080140][T13012] do_fast_syscall_32+0x6b/0xd0 [ 632.933045][T13080] Uninit was stored to memory at: [ 633.080140][T13012] do_SYSENTER_32+0x73/0x90 [ 632.933045][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 633.080140][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.933045][T13080] __msan_chain_origin+0x50/0x90 [ 633.080140][T13012] [ 632.933045][T13080] __get_compat_msghdr+0x5be/0x890 [ 633.080140][T13012] Uninit was stored to memory at: [ 632.933045][T13080] get_compat_msghdr+0x108/0x270 [ 633.080140][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 632.933045][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 633.080140][T13012] __msan_chain_origin+0x50/0x90 [ 632.933045][T13080] __sys_recvmmsg+0x4ca/0x510 [ 633.080140][T13012] __get_compat_msghdr+0x5be/0x890 [ 632.933045][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.080140][T13012] get_compat_msghdr+0x108/0x270 [ 632.933045][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.080140][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 632.933045][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 633.080140][T13012] __sys_recvmmsg+0x4ca/0x510 [ 632.933045][T13080] do_fast_syscall_32+0x6b/0xd0 [ 633.080140][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.933045][T13080] do_SYSENTER_32+0x73/0x90 [ 633.080140][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.933045][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.080140][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 632.933045][T13080] [ 633.080140][T13012] do_fast_syscall_32+0x6b/0xd0 [ 632.933045][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 633.080140][T13012] do_SYSENTER_32+0x73/0x90 [ 632.933045][T13080] do_recvmmsg+0xc5/0x1ee0 [ 633.080140][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.933045][T13080] do_recvmmsg+0xc5/0x1ee0 [ 633.080140][T13012] [ 633.816790][T13012] Uninit was stored to memory at: [ 633.816790][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 633.816790][T13012] __msan_chain_origin+0x50/0x90 [ 633.830449][T13012] __get_compat_msghdr+0x5be/0x890 [ 633.830449][T13012] get_compat_msghdr+0x108/0x270 [ 633.830449][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 633.844387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 633.844387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.844387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.844387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 633.844387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 633.844387][T13012] do_SYSENTER_32+0x73/0x90 [ 633.844387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.844387][T13012] [ 633.844387][T13012] Uninit was stored to memory at: [ 633.844387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 633.896367][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 633.844387][T13012] __msan_chain_origin+0x50/0x90 [ 633.844387][T13012] __get_compat_msghdr+0x5be/0x890 [ 633.844387][T13012] get_compat_msghdr+0x108/0x270 [ 633.844387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 633.844387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 633.844387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.844387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.942323][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 633.844387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 633.844387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 633.844387][T13012] do_SYSENTER_32+0x73/0x90 [ 633.844387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.844387][T13012] [ 633.844387][T13012] Uninit was stored to memory at: [ 633.844387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 633.980497][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 633.844387][T13012] __msan_chain_origin+0x50/0x90 [ 633.844387][T13012] __get_compat_msghdr+0x5be/0x890 [ 633.844387][T13012] get_compat_msghdr+0x108/0x270 [ 633.844387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 633.844387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 633.844387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.022209][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 633.844387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.844387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 633.844387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 633.844387][T13012] do_SYSENTER_32+0x73/0x90 [ 633.844387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.844387][T13012] [ 633.844387][T13012] Uninit was stored to memory at: [ 633.844387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 633.844387][T13012] __msan_chain_origin+0x50/0x90 [ 633.844387][T13012] __get_compat_msghdr+0x5be/0x890 [ 633.844387][T13012] get_compat_msghdr+0x108/0x270 [ 633.844387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 633.844387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 633.844387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.844387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.844387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 633.844387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 633.844387][T13012] do_SYSENTER_32+0x73/0x90 [ 633.844387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.844387][T13012] [ 633.844387][T13012] Uninit was stored to memory at: [ 633.844387][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 633.844387][T13012] __msan_chain_origin+0x50/0x90 [ 633.844387][T13012] __get_compat_msghdr+0x5be/0x890 [ 633.844387][T13012] get_compat_msghdr+0x108/0x270 [ 633.844387][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 633.844387][T13012] __sys_recvmmsg+0x4ca/0x510 [ 633.844387][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.844387][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.844387][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 633.844387][T13012] do_fast_syscall_32+0x6b/0xd0 [ 633.844387][T13012] do_SYSENTER_32+0x73/0x90 [ 633.844387][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.844387][T13012] [ 633.844387][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 633.844387][T13012] do_recvmmsg+0xc5/0x1ee0 [ 633.844387][T13012] do_recvmmsg+0xc5/0x1ee0 [ 634.422036][T13021] not chained 2310000 origins [ 634.426818][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 634.430157][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 634.430157][T13021] Call Trace: [ 634.430157][T13021] dump_stack+0x1df/0x240 [ 634.430157][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 634.430157][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 634.430157][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 634.430157][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 634.430157][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 634.430157][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 634.430157][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 634.430157][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 634.430157][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 634.430157][T13021] ? _copy_from_user+0x15b/0x260 [ 634.430157][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 634.430157][T13021] __msan_chain_origin+0x50/0x90 [ 634.430157][T13021] __get_compat_msghdr+0x5be/0x890 [ 634.430157][T13021] get_compat_msghdr+0x108/0x270 [ 634.430157][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 634.430157][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 634.430157][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 634.430157][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 634.430157][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 634.430157][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 634.430157][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 634.430157][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 634.430157][T13021] __sys_recvmmsg+0x4ca/0x510 [ 634.430157][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.430157][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 634.430157][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.430157][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 634.430157][T13021] do_fast_syscall_32+0x6b/0xd0 [ 634.430157][T13021] do_SYSENTER_32+0x73/0x90 [ 634.430157][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.430157][T13021] RIP: 0023:0xf7f4d549 [ 634.430157][T13021] Code: Bad RIP value. [ 634.430157][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 634.430157][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 634.430157][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 634.430157][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 634.430157][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 634.430157][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 634.430157][T13021] Uninit was stored to memory at: [ 634.430157][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 634.430157][T13021] __msan_chain_origin+0x50/0x90 [ 634.430157][T13021] __get_compat_msghdr+0x5be/0x890 [ 634.430157][T13021] get_compat_msghdr+0x108/0x270 [ 634.430157][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 634.430157][T13021] __sys_recvmmsg+0x4ca/0x510 [ 634.430157][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.430157][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.430157][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 634.720287][T13021] do_fast_syscall_32+0x6b/0xd0 [ 634.720287][T13021] do_SYSENTER_32+0x73/0x90 [ 634.720287][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.720287][T13021] [ 634.720287][T13021] Uninit was stored to memory at: [ 634.720287][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 634.720287][T13021] __msan_chain_origin+0x50/0x90 [ 634.720287][T13021] __get_compat_msghdr+0x5be/0x890 [ 634.720287][T13021] get_compat_msghdr+0x108/0x270 [ 634.720287][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 634.720287][T13021] __sys_recvmmsg+0x4ca/0x510 [ 634.720287][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.720287][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.720287][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 634.720287][T13021] do_fast_syscall_32+0x6b/0xd0 [ 634.720287][T13021] do_SYSENTER_32+0x73/0x90 [ 634.720287][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.720287][T13021] [ 634.720287][T13021] Uninit was stored to memory at: [ 634.720287][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 634.720287][T13021] __msan_chain_origin+0x50/0x90 [ 634.720287][T13021] __get_compat_msghdr+0x5be/0x890 [ 634.720287][T13021] get_compat_msghdr+0x108/0x270 [ 634.720287][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 634.720287][T13021] __sys_recvmmsg+0x4ca/0x510 [ 634.720287][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.720287][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.720287][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 634.720287][T13021] do_fast_syscall_32+0x6b/0xd0 [ 634.720287][T13021] do_SYSENTER_32+0x73/0x90 [ 634.720287][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.720287][T13021] [ 634.720287][T13021] Uninit was stored to memory at: [ 634.720287][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 634.720287][T13021] __msan_chain_origin+0x50/0x90 [ 634.720287][T13021] __get_compat_msghdr+0x5be/0x890 [ 634.720287][T13021] get_compat_msghdr+0x108/0x270 [ 634.720287][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 634.720287][T13021] __sys_recvmmsg+0x4ca/0x510 [ 634.720287][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.720287][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.720287][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 634.720287][T13021] do_fast_syscall_32+0x6b/0xd0 [ 634.720287][T13021] do_SYSENTER_32+0x73/0x90 [ 634.720287][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.720287][T13021] [ 634.720287][T13021] Uninit was stored to memory at: [ 634.720287][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 634.960617][T13021] __msan_chain_origin+0x50/0x90 [ 634.960617][T13021] __get_compat_msghdr+0x5be/0x890 [ 634.960617][T13021] get_compat_msghdr+0x108/0x270 [ 634.960617][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 634.960617][T13021] __sys_recvmmsg+0x4ca/0x510 [ 634.960617][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.960617][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.960617][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 634.960617][T13021] do_fast_syscall_32+0x6b/0xd0 [ 634.960617][T13021] do_SYSENTER_32+0x73/0x90 [ 634.960617][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.960617][T13021] [ 634.960617][T13021] Uninit was stored to memory at: [ 634.960617][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 634.960617][T13021] __msan_chain_origin+0x50/0x90 [ 634.960617][T13021] __get_compat_msghdr+0x5be/0x890 [ 634.960617][T13021] get_compat_msghdr+0x108/0x270 [ 634.960617][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 634.960617][T13021] __sys_recvmmsg+0x4ca/0x510 [ 634.960617][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.960617][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.960617][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 634.960617][T13021] do_fast_syscall_32+0x6b/0xd0 [ 634.960617][T13021] do_SYSENTER_32+0x73/0x90 [ 634.960617][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.960617][T13021] [ 634.960617][T13021] Uninit was stored to memory at: [ 634.960617][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 634.960617][T13021] __msan_chain_origin+0x50/0x90 [ 634.960617][T13021] __get_compat_msghdr+0x5be/0x890 [ 634.960617][T13021] get_compat_msghdr+0x108/0x270 [ 634.960617][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 634.960617][T13021] __sys_recvmmsg+0x4ca/0x510 [ 634.960617][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.960617][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.960617][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 634.960617][T13021] do_fast_syscall_32+0x6b/0xd0 [ 634.960617][T13021] do_SYSENTER_32+0x73/0x90 [ 634.960617][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.960617][T13021] [ 634.960617][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 634.960617][T13021] do_recvmmsg+0xc5/0x1ee0 [ 634.960617][T13021] do_recvmmsg+0xc5/0x1ee0 [ 635.340564][T13072] not chained 2320000 origins [ 635.345368][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 635.350234][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 635.350234][T13072] Call Trace: [ 635.350234][T13072] dump_stack+0x1df/0x240 [ 635.350234][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 635.350234][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 635.350234][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 635.350234][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 635.350234][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 635.350234][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 635.350234][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 635.350234][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 635.350234][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 635.350234][T13072] ? _copy_from_user+0x15b/0x260 [ 635.350234][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 635.350234][T13072] __msan_chain_origin+0x50/0x90 [ 635.350234][T13072] __get_compat_msghdr+0x5be/0x890 [ 635.350234][T13072] get_compat_msghdr+0x108/0x270 [ 635.350234][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 635.350234][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 635.350234][T13072] ? sched_clock_cpu+0x7c/0x930 [ 635.350234][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 635.350234][T13072] ? sched_clock_cpu+0x7c/0x930 [ 635.468940][T13012] not chained 2330000 origins [ 635.350234][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 635.350234][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 635.350234][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 635.350234][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 635.350234][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 635.350234][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 635.350234][T13072] __sys_recvmmsg+0x4ca/0x510 [ 635.350234][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.350234][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 635.350234][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.350234][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 635.350234][T13072] do_fast_syscall_32+0x6b/0xd0 [ 635.350234][T13072] do_SYSENTER_32+0x73/0x90 [ 635.350234][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.350234][T13072] RIP: 0023:0xf7fbe549 [ 635.350234][T13072] Code: Bad RIP value. [ 635.350234][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 635.350234][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 635.350234][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 635.350234][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 635.350234][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 635.350234][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 635.350234][T13072] Uninit was stored to memory at: [ 635.470140][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 635.470140][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 635.350234][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 635.470140][T13012] Call Trace: [ 635.350234][T13072] __msan_chain_origin+0x50/0x90 [ 635.470140][T13012] dump_stack+0x1df/0x240 [ 635.350234][T13072] __get_compat_msghdr+0x5be/0x890 [ 635.470140][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 635.350234][T13072] get_compat_msghdr+0x108/0x270 [ 635.470140][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 635.350234][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 635.470140][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 635.350234][T13072] __sys_recvmmsg+0x4ca/0x510 [ 635.470140][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 635.350234][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.470140][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 635.350234][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.470140][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 635.350234][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 635.470140][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 635.350234][T13072] do_fast_syscall_32+0x6b/0xd0 [ 635.470140][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 635.350234][T13072] do_SYSENTER_32+0x73/0x90 [ 635.470140][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 635.350234][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.470140][T13012] ? _copy_from_user+0x15b/0x260 [ 635.350234][T13072] [ 635.470140][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 635.350234][T13072] Uninit was stored to memory at: [ 635.470140][T13012] __msan_chain_origin+0x50/0x90 [ 635.350234][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 635.470140][T13012] __get_compat_msghdr+0x5be/0x890 [ 635.350234][T13072] __msan_chain_origin+0x50/0x90 [ 635.470140][T13012] get_compat_msghdr+0x108/0x270 [ 635.350234][T13072] __get_compat_msghdr+0x5be/0x890 [ 635.470140][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 635.350234][T13072] get_compat_msghdr+0x108/0x270 [ 635.470140][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 635.350234][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 635.470140][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 635.350234][T13072] __sys_recvmmsg+0x4ca/0x510 [ 635.470140][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 635.350234][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.470140][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 635.350234][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.470140][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 635.350234][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 635.470140][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 635.350234][T13072] do_fast_syscall_32+0x6b/0xd0 [ 635.470140][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 635.350234][T13072] do_SYSENTER_32+0x73/0x90 [ 635.470140][T13012] __sys_recvmmsg+0x4ca/0x510 [ 635.350234][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.470140][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.350234][T13072] [ 635.470140][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 635.350234][T13072] Uninit was stored to memory at: [ 635.470140][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.350234][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 635.470140][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 635.350234][T13072] __msan_chain_origin+0x50/0x90 [ 635.470140][T13012] do_fast_syscall_32+0x6b/0xd0 [ 635.350234][T13072] __get_compat_msghdr+0x5be/0x890 [ 635.470140][T13012] do_SYSENTER_32+0x73/0x90 [ 635.350234][T13072] get_compat_msghdr+0x108/0x270 [ 635.470140][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.350234][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 635.470140][T13012] RIP: 0023:0xf7f4d549 [ 635.350234][T13072] __sys_recvmmsg+0x4ca/0x510 [ 635.470140][T13012] Code: Bad RIP value. [ 635.350234][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.470140][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 635.350234][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.470140][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 635.350234][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 635.470140][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 635.350234][T13072] do_fast_syscall_32+0x6b/0xd0 [ 635.470140][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 635.350234][T13072] do_SYSENTER_32+0x73/0x90 [ 635.470140][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 635.350234][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.470140][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 635.350234][T13072] [ 635.470140][T13012] Uninit was stored to memory at: [ 635.350234][T13072] Uninit was stored to memory at: [ 635.470140][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 635.350234][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 635.470140][T13012] __msan_chain_origin+0x50/0x90 [ 635.350234][T13072] __msan_chain_origin+0x50/0x90 [ 635.470140][T13012] __get_compat_msghdr+0x5be/0x890 [ 635.350234][T13072] __get_compat_msghdr+0x5be/0x890 [ 635.470140][T13012] get_compat_msghdr+0x108/0x270 [ 635.350234][T13072] get_compat_msghdr+0x108/0x270 [ 635.470140][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 635.350234][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 635.470140][T13012] __sys_recvmmsg+0x4ca/0x510 [ 635.350234][T13072] __sys_recvmmsg+0x4ca/0x510 [ 635.470140][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.350234][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.470140][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.350234][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.470140][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 635.350234][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 635.470140][T13012] do_fast_syscall_32+0x6b/0xd0 [ 635.350234][T13072] do_fast_syscall_32+0x6b/0xd0 [ 635.470140][T13012] do_SYSENTER_32+0x73/0x90 [ 635.350234][T13072] do_SYSENTER_32+0x73/0x90 [ 635.470140][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.350234][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.470140][T13012] [ 635.350234][T13072] [ 635.470140][T13012] Uninit was stored to memory at: [ 635.350234][T13072] Uninit was stored to memory at: [ 635.470140][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 635.350234][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 635.470140][T13012] __msan_chain_origin+0x50/0x90 [ 635.350234][T13072] __msan_chain_origin+0x50/0x90 [ 635.470140][T13012] __get_compat_msghdr+0x5be/0x890 [ 635.350234][T13072] __get_compat_msghdr+0x5be/0x890 [ 635.470140][T13012] get_compat_msghdr+0x108/0x270 [ 635.350234][T13072] get_compat_msghdr+0x108/0x270 [ 635.470140][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 635.350234][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 635.470140][T13012] __sys_recvmmsg+0x4ca/0x510 [ 635.350234][T13072] __sys_recvmmsg+0x4ca/0x510 [ 635.470140][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.350234][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.470140][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.350234][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.470140][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 635.350234][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 635.470140][T13012] do_fast_syscall_32+0x6b/0xd0 [ 635.350234][T13072] do_fast_syscall_32+0x6b/0xd0 [ 635.470140][T13012] do_SYSENTER_32+0x73/0x90 [ 635.350234][T13072] do_SYSENTER_32+0x73/0x90 [ 635.470140][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.350234][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.470140][T13012] [ 635.350234][T13072] [ 635.470140][T13012] Uninit was stored to memory at: [ 635.350234][T13072] Uninit was stored to memory at: [ 635.470140][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 635.350234][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 635.470140][T13012] __msan_chain_origin+0x50/0x90 [ 635.350234][T13072] __msan_chain_origin+0x50/0x90 [ 635.470140][T13012] __get_compat_msghdr+0x5be/0x890 [ 635.350234][T13072] __get_compat_msghdr+0x5be/0x890 [ 635.470140][T13012] get_compat_msghdr+0x108/0x270 [ 635.350234][T13072] get_compat_msghdr+0x108/0x270 [ 635.470140][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 635.470140][T13012] __sys_recvmmsg+0x4ca/0x510 [ 635.350234][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 635.470140][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.350234][T13072] __sys_recvmmsg+0x4ca/0x510 [ 635.470140][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.350234][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.470140][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 635.350234][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.470140][T13012] do_fast_syscall_32+0x6b/0xd0 [ 635.350234][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 635.470140][T13012] do_SYSENTER_32+0x73/0x90 [ 635.350234][T13072] do_fast_syscall_32+0x6b/0xd0 [ 635.470140][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.350234][T13072] do_SYSENTER_32+0x73/0x90 [ 635.470140][T13012] [ 635.350234][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.470140][T13012] Uninit was stored to memory at: [ 635.350234][T13072] [ 635.470140][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 635.350234][T13072] Uninit was stored to memory at: [ 635.470140][T13012] __msan_chain_origin+0x50/0x90 [ 635.350234][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 635.470140][T13012] __get_compat_msghdr+0x5be/0x890 [ 635.350234][T13072] __msan_chain_origin+0x50/0x90 [ 635.470140][T13012] get_compat_msghdr+0x108/0x270 [ 635.350234][T13072] __get_compat_msghdr+0x5be/0x890 [ 635.470140][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 635.350234][T13072] get_compat_msghdr+0x108/0x270 [ 635.470140][T13012] __sys_recvmmsg+0x4ca/0x510 [ 635.350234][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 635.470140][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.350234][T13072] __sys_recvmmsg+0x4ca/0x510 [ 635.470140][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.350234][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.470140][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 635.350234][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.470140][T13012] do_fast_syscall_32+0x6b/0xd0 [ 635.350234][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 635.470140][T13012] do_SYSENTER_32+0x73/0x90 [ 635.350234][T13072] do_fast_syscall_32+0x6b/0xd0 [ 635.470140][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.350234][T13072] do_SYSENTER_32+0x73/0x90 [ 635.470140][T13012] [ 635.350234][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.470140][T13012] Uninit was stored to memory at: [ 635.350234][T13072] [ 635.470140][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 635.350234][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 635.470140][T13012] __msan_chain_origin+0x50/0x90 [ 635.350234][T13072] do_recvmmsg+0xc5/0x1ee0 [ 635.470140][T13012] __get_compat_msghdr+0x5be/0x890 [ 635.350234][T13072] do_recvmmsg+0xc5/0x1ee0 [ 635.470140][T13012] get_compat_msghdr+0x108/0x270 [ 636.647955][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 636.647955][T13012] __sys_recvmmsg+0x4ca/0x510 [ 636.647955][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.647955][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.680643][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 636.680643][T13012] do_fast_syscall_32+0x6b/0xd0 [ 636.680643][T13012] do_SYSENTER_32+0x73/0x90 [ 636.680643][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.680643][T13012] [ 636.680643][T13012] Uninit was stored to memory at: [ 636.680643][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 636.680643][T13012] __msan_chain_origin+0x50/0x90 [ 636.680643][T13012] __get_compat_msghdr+0x5be/0x890 [ 636.680643][T13012] get_compat_msghdr+0x108/0x270 [ 636.680643][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 636.680643][T13012] __sys_recvmmsg+0x4ca/0x510 [ 636.680643][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.680643][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.680643][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 636.680643][T13012] do_fast_syscall_32+0x6b/0xd0 [ 636.680643][T13012] do_SYSENTER_32+0x73/0x90 [ 636.680643][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.680643][T13012] [ 636.680643][T13012] Uninit was stored to memory at: [ 636.680643][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 636.680643][T13012] __msan_chain_origin+0x50/0x90 [ 636.680643][T13012] __get_compat_msghdr+0x5be/0x890 [ 636.680643][T13012] get_compat_msghdr+0x108/0x270 [ 636.680643][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 636.680643][T13012] __sys_recvmmsg+0x4ca/0x510 [ 636.680643][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.680643][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.680643][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 636.680643][T13012] do_fast_syscall_32+0x6b/0xd0 [ 636.680643][T13012] do_SYSENTER_32+0x73/0x90 [ 636.680643][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.680643][T13012] [ 636.680643][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 636.680643][T13012] do_recvmmsg+0xc5/0x1ee0 [ 636.680643][T13012] do_recvmmsg+0xc5/0x1ee0 [ 636.974210][T13041] not chained 2340000 origins [ 636.978916][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 636.980175][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 636.980175][T13041] Call Trace: [ 636.980175][T13041] dump_stack+0x1df/0x240 [ 636.980175][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 637.010298][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 637.010298][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 637.010298][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 637.010298][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 637.010298][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 637.010298][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 637.010298][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 637.010298][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 637.010298][T13041] ? _copy_from_user+0x15b/0x260 [ 637.010298][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 637.010298][T13041] __msan_chain_origin+0x50/0x90 [ 637.010298][T13041] __get_compat_msghdr+0x5be/0x890 [ 637.010298][T13041] get_compat_msghdr+0x108/0x270 [ 637.010298][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 637.010298][T13041] ? idle_cpu+0x9a/0x1d0 [ 637.010298][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 637.010298][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 637.010298][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 637.010298][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 637.010298][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 637.010298][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 637.010298][T13041] __sys_recvmmsg+0x4ca/0x510 [ 637.010298][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.010298][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 637.010298][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.010298][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 637.010298][T13041] do_fast_syscall_32+0x6b/0xd0 [ 637.150605][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 637.010298][T13041] do_SYSENTER_32+0x73/0x90 [ 637.010298][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.010298][T13041] RIP: 0023:0xf7fd6549 [ 637.010298][T13041] Code: Bad RIP value. [ 637.010298][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 637.010298][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 637.010298][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 637.010298][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 637.010298][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 637.010298][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 637.010298][T13041] Uninit was stored to memory at: [ 637.010298][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 637.235781][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 637.010298][T13041] __msan_chain_origin+0x50/0x90 [ 637.010298][T13041] __get_compat_msghdr+0x5be/0x890 [ 637.010298][T13041] get_compat_msghdr+0x108/0x270 [ 637.261479][T13080] not chained 2350000 origins [ 637.010298][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 637.267045][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 637.010298][T13041] __sys_recvmmsg+0x4ca/0x510 [ 637.270180][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 637.010298][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.270180][T13080] Call Trace: [ 637.010298][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.270180][T13080] dump_stack+0x1df/0x240 [ 637.010298][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 637.270180][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 637.010298][T13041] do_fast_syscall_32+0x6b/0xd0 [ 637.270180][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 637.010298][T13041] do_SYSENTER_32+0x73/0x90 [ 637.270180][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 637.010298][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.270180][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 637.010298][T13041] [ 637.270180][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 637.010298][T13041] Uninit was stored to memory at: [ 637.270180][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 637.010298][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 637.270180][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 637.010298][T13041] __msan_chain_origin+0x50/0x90 [ 637.270180][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 637.010298][T13041] __get_compat_msghdr+0x5be/0x890 [ 637.270180][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 637.010298][T13041] get_compat_msghdr+0x108/0x270 [ 637.270180][T13080] ? _copy_from_user+0x15b/0x260 [ 637.010298][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 637.270180][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 637.010298][T13041] __sys_recvmmsg+0x4ca/0x510 [ 637.270180][T13080] __msan_chain_origin+0x50/0x90 [ 637.010298][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.270180][T13080] __get_compat_msghdr+0x5be/0x890 [ 637.010298][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.270180][T13080] get_compat_msghdr+0x108/0x270 [ 637.010298][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 637.270180][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 637.010298][T13041] do_fast_syscall_32+0x6b/0xd0 [ 637.270180][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 637.010298][T13041] do_SYSENTER_32+0x73/0x90 [ 637.270180][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 637.010298][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.270180][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 637.010298][T13041] [ 637.270180][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 637.010298][T13041] Uninit was stored to memory at: [ 637.270180][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 637.010298][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 637.270180][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 637.010298][T13041] __msan_chain_origin+0x50/0x90 [ 637.270180][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 637.010298][T13041] __get_compat_msghdr+0x5be/0x890 [ 637.270180][T13080] __sys_recvmmsg+0x4ca/0x510 [ 637.010298][T13041] get_compat_msghdr+0x108/0x270 [ 637.270180][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.010298][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 637.270180][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 637.010298][T13041] __sys_recvmmsg+0x4ca/0x510 [ 637.270180][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.010298][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.270180][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 637.010298][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.270180][T13080] do_fast_syscall_32+0x6b/0xd0 [ 637.010298][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 637.270180][T13080] do_SYSENTER_32+0x73/0x90 [ 637.010298][T13041] do_fast_syscall_32+0x6b/0xd0 [ 637.270180][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.010298][T13041] do_SYSENTER_32+0x73/0x90 [ 637.270180][T13080] RIP: 0023:0xf7fbe549 [ 637.010298][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.270180][T13080] Code: Bad RIP value. [ 637.010298][T13041] [ 637.270180][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 637.010298][T13041] Uninit was stored to memory at: [ 637.270180][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 637.010298][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 637.270180][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 637.010298][T13041] __msan_chain_origin+0x50/0x90 [ 637.270180][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 637.010298][T13041] __get_compat_msghdr+0x5be/0x890 [ 637.270180][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 637.010298][T13041] get_compat_msghdr+0x108/0x270 [ 637.270180][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 637.010298][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 637.270180][T13080] Uninit was stored to memory at: [ 637.010298][T13041] __sys_recvmmsg+0x4ca/0x510 [ 637.270180][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 637.010298][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.270180][T13080] __msan_chain_origin+0x50/0x90 [ 637.010298][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.270180][T13080] __get_compat_msghdr+0x5be/0x890 [ 637.010298][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 637.270180][T13080] get_compat_msghdr+0x108/0x270 [ 637.010298][T13041] do_fast_syscall_32+0x6b/0xd0 [ 637.270180][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 637.010298][T13041] do_SYSENTER_32+0x73/0x90 [ 637.270180][T13080] __sys_recvmmsg+0x4ca/0x510 [ 637.010298][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.270180][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.010298][T13041] [ 637.270180][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.010298][T13041] Uninit was stored to memory at: [ 637.270180][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 637.010298][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 637.270180][T13080] do_fast_syscall_32+0x6b/0xd0 [ 637.010298][T13041] __msan_chain_origin+0x50/0x90 [ 637.270180][T13080] do_SYSENTER_32+0x73/0x90 [ 637.010298][T13041] __get_compat_msghdr+0x5be/0x890 [ 637.270180][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.010298][T13041] get_compat_msghdr+0x108/0x270 [ 637.270180][T13080] [ 637.010298][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 637.270180][T13080] Uninit was stored to memory at: [ 637.010298][T13041] __sys_recvmmsg+0x4ca/0x510 [ 637.270180][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 637.010298][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.270180][T13080] __msan_chain_origin+0x50/0x90 [ 637.010298][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.270180][T13080] __get_compat_msghdr+0x5be/0x890 [ 637.010298][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 637.270180][T13080] get_compat_msghdr+0x108/0x270 [ 637.010298][T13041] do_fast_syscall_32+0x6b/0xd0 [ 637.270180][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 637.010298][T13041] do_SYSENTER_32+0x73/0x90 [ 637.270180][T13080] __sys_recvmmsg+0x4ca/0x510 [ 637.010298][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.270180][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.010298][T13041] [ 637.270180][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.010298][T13041] Uninit was stored to memory at: [ 637.270180][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 637.010298][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 637.270180][T13080] do_fast_syscall_32+0x6b/0xd0 [ 637.010298][T13041] __msan_chain_origin+0x50/0x90 [ 637.270180][T13080] do_SYSENTER_32+0x73/0x90 [ 637.010298][T13041] __get_compat_msghdr+0x5be/0x890 [ 637.270180][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.010298][T13041] get_compat_msghdr+0x108/0x270 [ 637.270180][T13080] [ 637.010298][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 637.270180][T13080] Uninit was stored to memory at: [ 637.010298][T13041] __sys_recvmmsg+0x4ca/0x510 [ 637.270180][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 637.010298][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.270180][T13080] __msan_chain_origin+0x50/0x90 [ 637.010298][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.270180][T13080] __get_compat_msghdr+0x5be/0x890 [ 637.010298][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 637.270180][T13080] get_compat_msghdr+0x108/0x270 [ 637.010298][T13041] do_fast_syscall_32+0x6b/0xd0 [ 637.270180][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 637.010298][T13041] do_SYSENTER_32+0x73/0x90 [ 637.270180][T13080] __sys_recvmmsg+0x4ca/0x510 [ 637.010298][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.270180][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.010298][T13041] [ 637.270180][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.010298][T13041] Uninit was stored to memory at: [ 637.270180][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 637.010298][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 637.270180][T13080] do_fast_syscall_32+0x6b/0xd0 [ 637.010298][T13041] __msan_chain_origin+0x50/0x90 [ 637.270180][T13080] do_SYSENTER_32+0x73/0x90 [ 637.010298][T13041] __get_compat_msghdr+0x5be/0x890 [ 637.270180][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.010298][T13041] get_compat_msghdr+0x108/0x270 [ 637.270180][T13080] [ 637.010298][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 637.270180][T13080] Uninit was stored to memory at: [ 637.010298][T13041] __sys_recvmmsg+0x4ca/0x510 [ 637.270180][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 637.010298][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.270180][T13080] __msan_chain_origin+0x50/0x90 [ 637.010298][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.270180][T13080] __get_compat_msghdr+0x5be/0x890 [ 637.010298][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 637.270180][T13080] get_compat_msghdr+0x108/0x270 [ 637.010298][T13041] do_fast_syscall_32+0x6b/0xd0 [ 637.270180][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 637.010298][T13041] do_SYSENTER_32+0x73/0x90 [ 637.270180][T13080] __sys_recvmmsg+0x4ca/0x510 [ 637.010298][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.270180][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.010298][T13041] [ 637.270180][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.010298][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 637.270180][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 637.010298][T13041] do_recvmmsg+0xc5/0x1ee0 [ 637.270180][T13080] do_fast_syscall_32+0x6b/0xd0 [ 637.270180][T13080] do_SYSENTER_32+0x73/0x90 [ 637.010298][T13041] do_recvmmsg+0xc5/0x1ee0 [ 637.270180][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.264045][T13080] [ 638.264045][T13080] Uninit was stored to memory at: [ 638.264045][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 638.264045][T13080] __msan_chain_origin+0x50/0x90 [ 638.264045][T13080] __get_compat_msghdr+0x5be/0x890 [ 638.264045][T13080] get_compat_msghdr+0x108/0x270 [ 638.264045][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 638.264045][T13080] __sys_recvmmsg+0x4ca/0x510 [ 638.264045][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.264045][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.264045][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 638.264045][T13080] do_fast_syscall_32+0x6b/0xd0 [ 638.264045][T13080] do_SYSENTER_32+0x73/0x90 [ 638.264045][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.264045][T13080] [ 638.264045][T13080] Uninit was stored to memory at: [ 638.264045][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 638.264045][T13080] __msan_chain_origin+0x50/0x90 [ 638.264045][T13080] __get_compat_msghdr+0x5be/0x890 [ 638.264045][T13080] get_compat_msghdr+0x108/0x270 [ 638.264045][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 638.264045][T13080] __sys_recvmmsg+0x4ca/0x510 [ 638.264045][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.264045][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.264045][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 638.264045][T13080] do_fast_syscall_32+0x6b/0xd0 [ 638.264045][T13080] do_SYSENTER_32+0x73/0x90 [ 638.264045][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.264045][T13080] [ 638.408771][T13021] not chained 2360000 origins [ 638.264045][T13080] Uninit was stored to memory at: [ 638.410154][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 638.264045][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 638.410154][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 638.264045][T13080] __msan_chain_origin+0x50/0x90 [ 638.410154][T13021] Call Trace: [ 638.264045][T13080] __get_compat_msghdr+0x5be/0x890 [ 638.410154][T13021] dump_stack+0x1df/0x240 [ 638.264045][T13080] get_compat_msghdr+0x108/0x270 [ 638.410154][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 638.264045][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 638.410154][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 638.264045][T13080] __sys_recvmmsg+0x4ca/0x510 [ 638.410154][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 638.264045][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.410154][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 638.264045][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.410154][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 638.264045][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 638.410154][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 638.264045][T13080] do_fast_syscall_32+0x6b/0xd0 [ 638.410154][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 638.264045][T13080] do_SYSENTER_32+0x73/0x90 [ 638.410154][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 638.264045][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.410154][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 638.264045][T13080] [ 638.410154][T13021] ? _copy_from_user+0x15b/0x260 [ 638.264045][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 638.410154][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 638.264045][T13080] do_recvmmsg+0xc5/0x1ee0 [ 638.410154][T13021] __msan_chain_origin+0x50/0x90 [ 638.264045][T13080] do_recvmmsg+0xc5/0x1ee0 [ 638.410154][T13021] __get_compat_msghdr+0x5be/0x890 [ 638.410154][T13021] get_compat_msghdr+0x108/0x270 [ 638.410154][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 638.601089][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 638.601089][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 638.601089][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 638.601089][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 638.601089][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 638.601089][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 638.633012][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 638.601089][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 638.601089][T13021] __sys_recvmmsg+0x4ca/0x510 [ 638.601089][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.601089][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 638.601089][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.601089][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 638.672903][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 638.601089][T13021] do_fast_syscall_32+0x6b/0xd0 [ 638.601089][T13021] do_SYSENTER_32+0x73/0x90 [ 638.601089][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.601089][T13021] RIP: 0023:0xf7f4d549 [ 638.601089][T13021] Code: Bad RIP value. [ 638.601089][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 638.601089][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 638.722352][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 638.601089][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 638.601089][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 638.601089][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 638.601089][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 638.762944][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 638.601089][T13021] Uninit was stored to memory at: [ 638.601089][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 638.601089][T13021] __msan_chain_origin+0x50/0x90 [ 638.601089][T13021] __get_compat_msghdr+0x5be/0x890 [ 638.601089][T13021] get_compat_msghdr+0x108/0x270 [ 638.601089][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 638.803237][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 638.601089][T13021] __sys_recvmmsg+0x4ca/0x510 [ 638.601089][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.601089][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.601089][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 638.601089][T13021] do_fast_syscall_32+0x6b/0xd0 [ 638.601089][T13021] do_SYSENTER_32+0x73/0x90 [ 638.601089][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.601089][T13021] [ 638.852411][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 638.601089][T13021] Uninit was stored to memory at: [ 638.601089][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 638.601089][T13021] __msan_chain_origin+0x50/0x90 [ 638.601089][T13021] __get_compat_msghdr+0x5be/0x890 [ 638.601089][T13021] get_compat_msghdr+0x108/0x270 [ 638.601089][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 638.889748][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 638.601089][T13021] __sys_recvmmsg+0x4ca/0x510 [ 638.601089][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.601089][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.601089][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 638.601089][T13021] do_fast_syscall_32+0x6b/0xd0 [ 638.601089][T13021] do_SYSENTER_32+0x73/0x90 [ 638.601089][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.601089][T13021] [ 638.601089][T13021] Uninit was stored to memory at: [ 638.601089][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 638.601089][T13021] __msan_chain_origin+0x50/0x90 [ 638.601089][T13021] __get_compat_msghdr+0x5be/0x890 [ 638.601089][T13021] get_compat_msghdr+0x108/0x270 [ 638.601089][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 638.601089][T13021] __sys_recvmmsg+0x4ca/0x510 [ 638.960363][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.960363][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.960363][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 638.960363][T13021] do_fast_syscall_32+0x6b/0xd0 [ 638.960363][T13021] do_SYSENTER_32+0x73/0x90 [ 638.960363][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.960363][T13021] [ 638.960363][T13021] Uninit was stored to memory at: [ 638.960363][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 638.960363][T13021] __msan_chain_origin+0x50/0x90 [ 638.960363][T13021] __get_compat_msghdr+0x5be/0x890 [ 638.960363][T13021] get_compat_msghdr+0x108/0x270 [ 638.960363][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 638.960363][T13021] __sys_recvmmsg+0x4ca/0x510 [ 638.960363][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.960363][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.960363][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 638.960363][T13021] do_fast_syscall_32+0x6b/0xd0 [ 638.960363][T13021] do_SYSENTER_32+0x73/0x90 [ 638.960363][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.076720][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 638.960363][T13021] [ 638.960363][T13021] Uninit was stored to memory at: [ 638.960363][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 638.960363][T13021] __msan_chain_origin+0x50/0x90 [ 638.960363][T13021] __get_compat_msghdr+0x5be/0x890 [ 638.960363][T13021] get_compat_msghdr+0x108/0x270 [ 638.960363][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 638.960363][T13021] __sys_recvmmsg+0x4ca/0x510 [ 638.960363][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.960363][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.960363][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 638.960363][T13021] do_fast_syscall_32+0x6b/0xd0 [ 638.960363][T13021] do_SYSENTER_32+0x73/0x90 [ 638.960363][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.960363][T13021] [ 638.960363][T13021] Uninit was stored to memory at: [ 638.960363][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 638.960363][T13021] __msan_chain_origin+0x50/0x90 [ 638.960363][T13021] __get_compat_msghdr+0x5be/0x890 [ 638.960363][T13021] get_compat_msghdr+0x108/0x270 [ 638.960363][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 638.960363][T13021] __sys_recvmmsg+0x4ca/0x510 [ 638.960363][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.960363][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.960363][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 638.960363][T13021] do_fast_syscall_32+0x6b/0xd0 [ 638.960363][T13021] do_SYSENTER_32+0x73/0x90 [ 638.960363][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.960363][T13021] [ 638.960363][T13021] Uninit was stored to memory at: [ 638.960363][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 638.960363][T13021] __msan_chain_origin+0x50/0x90 [ 638.960363][T13021] __get_compat_msghdr+0x5be/0x890 [ 638.960363][T13021] get_compat_msghdr+0x108/0x270 [ 638.960363][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 638.960363][T13021] __sys_recvmmsg+0x4ca/0x510 [ 638.960363][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.960363][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.960363][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 638.960363][T13021] do_fast_syscall_32+0x6b/0xd0 [ 638.960363][T13021] do_SYSENTER_32+0x73/0x90 [ 638.960363][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.960363][T13021] [ 638.960363][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 638.960363][T13021] do_recvmmsg+0xc5/0x1ee0 [ 638.960363][T13021] do_recvmmsg+0xc5/0x1ee0 [ 639.592366][T13021] not chained 2370000 origins [ 639.597061][T13021] CPU: 1 PID: 13021 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 639.600183][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 639.600183][T13021] Call Trace: [ 639.600183][T13021] dump_stack+0x1df/0x240 [ 639.600183][T13021] kmsan_internal_chain_origin+0x6f/0x130 [ 639.600183][T13021] ? skb_recv_datagram+0x3ec/0x480 [ 639.600183][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 639.600183][T13021] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 639.600183][T13021] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 639.600183][T13021] ? bt_sock_recvmsg+0x564/0xa00 [ 639.600183][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 639.600183][T13021] ? kmsan_set_origin_checked+0x95/0xf0 [ 639.600183][T13021] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 639.600183][T13021] ? _copy_from_user+0x15b/0x260 [ 639.600183][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 639.600183][T13021] __msan_chain_origin+0x50/0x90 [ 639.600183][T13021] __get_compat_msghdr+0x5be/0x890 [ 639.600183][T13021] get_compat_msghdr+0x108/0x270 [ 639.600183][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 639.600183][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 639.600183][T13021] ? kmsan_get_metadata+0x4f/0x180 [ 639.600183][T13021] ? kmsan_internal_set_origin+0x75/0xb0 [ 639.600183][T13021] ? __msan_poison_alloca+0xf0/0x120 [ 639.600183][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 639.600183][T13021] ? __sys_recvmmsg+0xb4/0x510 [ 639.600183][T13021] ? kmsan_get_metadata+0x11d/0x180 [ 639.600183][T13021] __sys_recvmmsg+0x4ca/0x510 [ 639.600183][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.600183][T13021] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 639.600183][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.600183][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 639.600183][T13021] do_fast_syscall_32+0x6b/0xd0 [ 639.600183][T13021] do_SYSENTER_32+0x73/0x90 [ 639.600183][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.600183][T13021] RIP: 0023:0xf7f4d549 [ 639.600183][T13021] Code: Bad RIP value. [ 639.600183][T13021] RSP: 002b:00000000f5d060cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 639.600183][T13021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 639.600183][T13021] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 639.600183][T13021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 639.600183][T13021] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 639.600183][T13021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 639.600183][T13021] Uninit was stored to memory at: [ 639.840495][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 639.840495][T13021] __msan_chain_origin+0x50/0x90 [ 639.840495][T13021] __get_compat_msghdr+0x5be/0x890 [ 639.840495][T13021] get_compat_msghdr+0x108/0x270 [ 639.840495][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 639.840495][T13021] __sys_recvmmsg+0x4ca/0x510 [ 639.840495][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.840495][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.840495][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 639.840495][T13021] do_fast_syscall_32+0x6b/0xd0 [ 639.840495][T13021] do_SYSENTER_32+0x73/0x90 [ 639.840495][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.840495][T13021] [ 639.840495][T13021] Uninit was stored to memory at: [ 639.840495][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 639.840495][T13021] __msan_chain_origin+0x50/0x90 [ 639.840495][T13021] __get_compat_msghdr+0x5be/0x890 [ 639.840495][T13021] get_compat_msghdr+0x108/0x270 [ 639.840495][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 639.840495][T13021] __sys_recvmmsg+0x4ca/0x510 [ 639.840495][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.840495][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.840495][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 639.840495][T13021] do_fast_syscall_32+0x6b/0xd0 [ 639.840495][T13021] do_SYSENTER_32+0x73/0x90 [ 639.840495][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.840495][T13021] [ 639.840495][T13021] Uninit was stored to memory at: [ 639.840495][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 639.840495][T13021] __msan_chain_origin+0x50/0x90 [ 639.840495][T13021] __get_compat_msghdr+0x5be/0x890 [ 639.840495][T13021] get_compat_msghdr+0x108/0x270 [ 639.840495][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 639.840495][T13021] __sys_recvmmsg+0x4ca/0x510 [ 639.840495][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.840495][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.840495][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 639.840495][T13021] do_fast_syscall_32+0x6b/0xd0 [ 639.840495][T13021] do_SYSENTER_32+0x73/0x90 [ 639.840495][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.840495][T13021] [ 639.840495][T13021] Uninit was stored to memory at: [ 639.840495][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 639.840495][T13021] __msan_chain_origin+0x50/0x90 [ 639.840495][T13021] __get_compat_msghdr+0x5be/0x890 [ 639.840495][T13021] get_compat_msghdr+0x108/0x270 [ 639.840495][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 639.840495][T13021] __sys_recvmmsg+0x4ca/0x510 [ 639.840495][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.840495][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.840495][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 639.840495][T13021] do_fast_syscall_32+0x6b/0xd0 [ 639.840495][T13021] do_SYSENTER_32+0x73/0x90 [ 639.840495][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.840495][T13021] [ 639.840495][T13021] Uninit was stored to memory at: [ 639.840495][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 639.840495][T13021] __msan_chain_origin+0x50/0x90 [ 639.840495][T13021] __get_compat_msghdr+0x5be/0x890 [ 639.840495][T13021] get_compat_msghdr+0x108/0x270 [ 639.840495][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 639.840495][T13021] __sys_recvmmsg+0x4ca/0x510 [ 639.840495][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.840495][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.840495][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 639.840495][T13021] do_fast_syscall_32+0x6b/0xd0 [ 639.840495][T13021] do_SYSENTER_32+0x73/0x90 [ 639.840495][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.840495][T13021] [ 639.840495][T13021] Uninit was stored to memory at: [ 639.840495][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 640.201419][T13080] not chained 2380000 origins [ 639.840495][T13021] __msan_chain_origin+0x50/0x90 [ 640.209416][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 639.840495][T13021] __get_compat_msghdr+0x5be/0x890 [ 640.210169][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 639.840495][T13021] get_compat_msghdr+0x108/0x270 [ 640.210169][T13080] Call Trace: [ 639.840495][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 640.210169][T13080] dump_stack+0x1df/0x240 [ 639.840495][T13021] __sys_recvmmsg+0x4ca/0x510 [ 640.210169][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 639.840495][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.210169][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 639.840495][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.210169][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 639.840495][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 640.210169][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 639.840495][T13021] do_fast_syscall_32+0x6b/0xd0 [ 640.210169][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 639.840495][T13021] do_SYSENTER_32+0x73/0x90 [ 640.210169][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 639.840495][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.210169][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 639.840495][T13021] [ 640.210169][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 639.840495][T13021] Uninit was stored to memory at: [ 640.210169][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 639.840495][T13021] kmsan_internal_chain_origin+0xad/0x130 [ 640.210169][T13080] ? _copy_from_user+0x15b/0x260 [ 639.840495][T13021] __msan_chain_origin+0x50/0x90 [ 640.210169][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 639.840495][T13021] __get_compat_msghdr+0x5be/0x890 [ 640.210169][T13080] __msan_chain_origin+0x50/0x90 [ 639.840495][T13021] get_compat_msghdr+0x108/0x270 [ 640.210169][T13080] __get_compat_msghdr+0x5be/0x890 [ 639.840495][T13021] do_recvmmsg+0xa6a/0x1ee0 [ 640.210169][T13080] get_compat_msghdr+0x108/0x270 [ 639.840495][T13021] __sys_recvmmsg+0x4ca/0x510 [ 640.210169][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 639.840495][T13021] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.210169][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 639.840495][T13021] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.210169][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 639.840495][T13021] __do_fast_syscall_32+0x2aa/0x400 [ 640.210169][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 639.840495][T13021] do_fast_syscall_32+0x6b/0xd0 [ 640.210169][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 639.840495][T13021] do_SYSENTER_32+0x73/0x90 [ 640.210169][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 639.840495][T13021] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.210169][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 639.840495][T13021] [ 640.210169][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 639.840495][T13021] Local variable ----msg_sys@do_recvmmsg created at: [ 640.210169][T13080] __sys_recvmmsg+0x4ca/0x510 [ 639.840495][T13021] do_recvmmsg+0xc5/0x1ee0 [ 640.210169][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.840495][T13021] do_recvmmsg+0xc5/0x1ee0 [ 640.210169][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 640.210169][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.512808][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 640.512808][T13080] do_fast_syscall_32+0x6b/0xd0 [ 640.512808][T13080] do_SYSENTER_32+0x73/0x90 [ 640.512808][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.512808][T13080] RIP: 0023:0xf7fbe549 [ 640.512808][T13080] Code: Bad RIP value. [ 640.512808][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 640.512808][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 640.512808][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 640.512808][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 640.512808][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 640.512808][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 640.512808][T13080] Uninit was stored to memory at: [ 640.512808][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 640.512808][T13080] __msan_chain_origin+0x50/0x90 [ 640.512808][T13080] __get_compat_msghdr+0x5be/0x890 [ 640.512808][T13080] get_compat_msghdr+0x108/0x270 [ 640.512808][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 640.512808][T13080] __sys_recvmmsg+0x4ca/0x510 [ 640.512808][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.512808][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.512808][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 640.512808][T13080] do_fast_syscall_32+0x6b/0xd0 [ 640.512808][T13080] do_SYSENTER_32+0x73/0x90 [ 640.512808][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.512808][T13080] [ 640.512808][T13080] Uninit was stored to memory at: [ 640.512808][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 640.512808][T13080] __msan_chain_origin+0x50/0x90 [ 640.512808][T13080] __get_compat_msghdr+0x5be/0x890 [ 640.512808][T13080] get_compat_msghdr+0x108/0x270 [ 640.512808][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 640.512808][T13080] __sys_recvmmsg+0x4ca/0x510 [ 640.512808][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.512808][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.512808][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 640.512808][T13080] do_fast_syscall_32+0x6b/0xd0 [ 640.512808][T13080] do_SYSENTER_32+0x73/0x90 [ 640.512808][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.512808][T13080] [ 640.512808][T13080] Uninit was stored to memory at: [ 640.512808][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 640.512808][T13080] __msan_chain_origin+0x50/0x90 [ 640.512808][T13080] __get_compat_msghdr+0x5be/0x890 [ 640.512808][T13080] get_compat_msghdr+0x108/0x270 [ 640.512808][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 640.512808][T13080] __sys_recvmmsg+0x4ca/0x510 [ 640.512808][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.512808][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.512808][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 640.512808][T13080] do_fast_syscall_32+0x6b/0xd0 [ 640.512808][T13080] do_SYSENTER_32+0x73/0x90 [ 640.512808][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.512808][T13080] [ 640.512808][T13080] Uninit was stored to memory at: [ 640.512808][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 640.512808][T13080] __msan_chain_origin+0x50/0x90 [ 640.512808][T13080] __get_compat_msghdr+0x5be/0x890 [ 640.512808][T13080] get_compat_msghdr+0x108/0x270 [ 640.512808][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 640.512808][T13080] __sys_recvmmsg+0x4ca/0x510 [ 640.512808][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.512808][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.512808][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 640.512808][T13080] do_fast_syscall_32+0x6b/0xd0 [ 640.512808][T13080] do_SYSENTER_32+0x73/0x90 [ 640.512808][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.512808][T13080] [ 640.512808][T13080] Uninit was stored to memory at: [ 640.512808][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 640.512808][T13080] __msan_chain_origin+0x50/0x90 [ 640.512808][T13080] __get_compat_msghdr+0x5be/0x890 [ 640.512808][T13080] get_compat_msghdr+0x108/0x270 [ 640.512808][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 640.512808][T13080] __sys_recvmmsg+0x4ca/0x510 [ 640.512808][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.512808][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.512808][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 640.512808][T13080] do_fast_syscall_32+0x6b/0xd0 [ 640.512808][T13080] do_SYSENTER_32+0x73/0x90 [ 640.512808][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.512808][T13080] [ 640.512808][T13080] Uninit was stored to memory at: [ 640.512808][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 640.512808][T13080] __msan_chain_origin+0x50/0x90 [ 640.512808][T13080] __get_compat_msghdr+0x5be/0x890 [ 640.512808][T13080] get_compat_msghdr+0x108/0x270 [ 640.512808][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 640.512808][T13080] __sys_recvmmsg+0x4ca/0x510 [ 640.512808][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.512808][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.512808][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 640.512808][T13080] do_fast_syscall_32+0x6b/0xd0 [ 640.512808][T13080] do_SYSENTER_32+0x73/0x90 [ 640.512808][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.512808][T13080] [ 640.512808][T13080] Uninit was stored to memory at: [ 640.512808][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 640.512808][T13080] __msan_chain_origin+0x50/0x90 [ 640.512808][T13080] __get_compat_msghdr+0x5be/0x890 [ 640.512808][T13080] get_compat_msghdr+0x108/0x270 [ 640.512808][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 640.512808][T13080] __sys_recvmmsg+0x4ca/0x510 [ 640.512808][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.512808][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.512808][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 640.512808][T13080] do_fast_syscall_32+0x6b/0xd0 [ 640.512808][T13080] do_SYSENTER_32+0x73/0x90 [ 640.512808][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.512808][T13080] [ 640.512808][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 640.512808][T13080] do_recvmmsg+0xc5/0x1ee0 [ 640.512808][T13080] do_recvmmsg+0xc5/0x1ee0 [ 641.118538][T13012] not chained 2390000 origins [ 641.120176][T13012] CPU: 0 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 641.120176][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 641.120176][T13012] Call Trace: [ 641.120176][T13012] dump_stack+0x1df/0x240 [ 641.120176][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 641.120176][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 641.120176][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 641.120176][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 641.120176][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 641.120176][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 641.120176][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 641.120176][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 641.120176][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 641.120176][T13012] ? _copy_from_user+0x15b/0x260 [ 641.120176][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 641.120176][T13012] __msan_chain_origin+0x50/0x90 [ 641.120176][T13012] __get_compat_msghdr+0x5be/0x890 [ 641.120176][T13012] get_compat_msghdr+0x108/0x270 [ 641.120176][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 641.120176][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 641.120176][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 641.120176][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 641.120176][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 641.120176][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 641.120176][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 641.120176][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 641.120176][T13012] __sys_recvmmsg+0x4ca/0x510 [ 641.120176][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.273880][T13041] not chained 2400000 origins [ 641.120176][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 641.120176][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.120176][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 641.120176][T13012] do_fast_syscall_32+0x6b/0xd0 [ 641.120176][T13012] do_SYSENTER_32+0x73/0x90 [ 641.120176][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.120176][T13012] RIP: 0023:0xf7f4d549 [ 641.120176][T13012] Code: Bad RIP value. [ 641.120176][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 641.120176][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 641.120176][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 641.120176][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 641.120176][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 641.120176][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 641.120176][T13012] Uninit was stored to memory at: [ 641.280138][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 641.280138][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 641.120176][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 641.280138][T13041] Call Trace: [ 641.120176][T13012] __msan_chain_origin+0x50/0x90 [ 641.280138][T13041] dump_stack+0x1df/0x240 [ 641.120176][T13012] __get_compat_msghdr+0x5be/0x890 [ 641.280138][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 641.120176][T13012] get_compat_msghdr+0x108/0x270 [ 641.280138][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 641.120176][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 641.280138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 641.120176][T13012] __sys_recvmmsg+0x4ca/0x510 [ 641.280138][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 641.120176][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.280138][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 641.120176][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.280138][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 641.120176][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 641.280138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 641.120176][T13012] do_fast_syscall_32+0x6b/0xd0 [ 641.280138][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 641.120176][T13012] do_SYSENTER_32+0x73/0x90 [ 641.280138][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 641.120176][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.280138][T13041] ? _copy_from_user+0x15b/0x260 [ 641.120176][T13012] [ 641.280138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 641.120176][T13012] Uninit was stored to memory at: [ 641.280138][T13041] __msan_chain_origin+0x50/0x90 [ 641.120176][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 641.280138][T13041] __get_compat_msghdr+0x5be/0x890 [ 641.120176][T13012] __msan_chain_origin+0x50/0x90 [ 641.280138][T13041] get_compat_msghdr+0x108/0x270 [ 641.120176][T13012] __get_compat_msghdr+0x5be/0x890 [ 641.280138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 641.120176][T13012] get_compat_msghdr+0x108/0x270 [ 641.280138][T13041] ? idle_cpu+0x9a/0x1d0 [ 641.120176][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 641.280138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 641.120176][T13012] __sys_recvmmsg+0x4ca/0x510 [ 641.280138][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 641.120176][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.280138][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 641.120176][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.280138][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 641.120176][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 641.280138][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 641.120176][T13012] do_fast_syscall_32+0x6b/0xd0 [ 641.280138][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 641.120176][T13012] do_SYSENTER_32+0x73/0x90 [ 641.280138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 641.120176][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.280138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.120176][T13012] [ 641.280138][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 641.120176][T13012] Uninit was stored to memory at: [ 641.280138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.120176][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 641.280138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 641.120176][T13012] __msan_chain_origin+0x50/0x90 [ 641.280138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 641.120176][T13012] __get_compat_msghdr+0x5be/0x890 [ 641.280138][T13041] do_SYSENTER_32+0x73/0x90 [ 641.120176][T13012] get_compat_msghdr+0x108/0x270 [ 641.280138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.120176][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 641.280138][T13041] RIP: 0023:0xf7fd6549 [ 641.120176][T13012] __sys_recvmmsg+0x4ca/0x510 [ 641.280138][T13041] Code: Bad RIP value. [ 641.120176][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.280138][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 641.120176][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.280138][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 641.120176][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 641.280138][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 641.120176][T13012] do_fast_syscall_32+0x6b/0xd0 [ 641.280138][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 641.120176][T13012] do_SYSENTER_32+0x73/0x90 [ 641.280138][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 641.120176][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.280138][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 641.120176][T13012] [ 641.280138][T13041] Uninit was stored to memory at: [ 641.120176][T13012] Uninit was stored to memory at: [ 641.280138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 641.120176][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 641.280138][T13041] __msan_chain_origin+0x50/0x90 [ 641.120176][T13012] __msan_chain_origin+0x50/0x90 [ 641.280138][T13041] __get_compat_msghdr+0x5be/0x890 [ 641.120176][T13012] __get_compat_msghdr+0x5be/0x890 [ 641.280138][T13041] get_compat_msghdr+0x108/0x270 [ 641.120176][T13012] get_compat_msghdr+0x108/0x270 [ 641.280138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 641.120176][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 641.280138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 641.120176][T13012] __sys_recvmmsg+0x4ca/0x510 [ 641.280138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.120176][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.280138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.120176][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.280138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 641.120176][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 641.280138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 641.120176][T13012] do_fast_syscall_32+0x6b/0xd0 [ 641.280138][T13041] do_SYSENTER_32+0x73/0x90 [ 641.120176][T13012] do_SYSENTER_32+0x73/0x90 [ 641.120176][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.280138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.120176][T13012] [ 641.280138][T13041] [ 641.120176][T13012] Uninit was stored to memory at: [ 641.280138][T13041] Uninit was stored to memory at: [ 641.120176][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 641.280138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 641.120176][T13012] __msan_chain_origin+0x50/0x90 [ 641.280138][T13041] __msan_chain_origin+0x50/0x90 [ 641.120176][T13012] __get_compat_msghdr+0x5be/0x890 [ 641.280138][T13041] __get_compat_msghdr+0x5be/0x890 [ 641.120176][T13012] get_compat_msghdr+0x108/0x270 [ 641.280138][T13041] get_compat_msghdr+0x108/0x270 [ 641.120176][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 641.280138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 641.120176][T13012] __sys_recvmmsg+0x4ca/0x510 [ 641.280138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 641.120176][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.280138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.120176][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.280138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.120176][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 641.280138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 641.120176][T13012] do_fast_syscall_32+0x6b/0xd0 [ 641.280138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 641.120176][T13012] do_SYSENTER_32+0x73/0x90 [ 641.280138][T13041] do_SYSENTER_32+0x73/0x90 [ 641.120176][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.280138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.120176][T13012] [ 641.280138][T13041] [ 641.120176][T13012] Uninit was stored to memory at: [ 641.280138][T13041] Uninit was stored to memory at: [ 641.120176][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 641.280138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 641.120176][T13012] __msan_chain_origin+0x50/0x90 [ 641.280138][T13041] __msan_chain_origin+0x50/0x90 [ 641.120176][T13012] __get_compat_msghdr+0x5be/0x890 [ 641.280138][T13041] __get_compat_msghdr+0x5be/0x890 [ 641.120176][T13012] get_compat_msghdr+0x108/0x270 [ 641.280138][T13041] get_compat_msghdr+0x108/0x270 [ 641.120176][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 641.280138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 641.120176][T13012] __sys_recvmmsg+0x4ca/0x510 [ 641.280138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 641.120176][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.280138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.120176][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.280138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.120176][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 641.280138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 641.120176][T13012] do_fast_syscall_32+0x6b/0xd0 [ 641.280138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 641.120176][T13012] do_SYSENTER_32+0x73/0x90 [ 641.280138][T13041] do_SYSENTER_32+0x73/0x90 [ 641.120176][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.280138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.120176][T13012] [ 641.280138][T13041] [ 641.120176][T13012] Uninit was stored to memory at: [ 641.280138][T13041] Uninit was stored to memory at: [ 641.120176][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 641.280138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 641.120176][T13012] __msan_chain_origin+0x50/0x90 [ 641.280138][T13041] __msan_chain_origin+0x50/0x90 [ 641.120176][T13012] __get_compat_msghdr+0x5be/0x890 [ 641.280138][T13041] __get_compat_msghdr+0x5be/0x890 [ 641.120176][T13012] get_compat_msghdr+0x108/0x270 [ 641.280138][T13041] get_compat_msghdr+0x108/0x270 [ 641.120176][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 641.280138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 641.120176][T13012] __sys_recvmmsg+0x4ca/0x510 [ 641.280138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 641.120176][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.280138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.120176][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.280138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.120176][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 641.280138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 641.120176][T13012] do_fast_syscall_32+0x6b/0xd0 [ 641.280138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 641.120176][T13012] do_SYSENTER_32+0x73/0x90 [ 641.280138][T13041] do_SYSENTER_32+0x73/0x90 [ 641.120176][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.280138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.120176][T13012] [ 641.280138][T13041] [ 641.120176][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 641.280138][T13041] Uninit was stored to memory at: [ 641.120176][T13012] do_recvmmsg+0xc5/0x1ee0 [ 641.280138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 641.120176][T13012] do_recvmmsg+0xc5/0x1ee0 [ 641.280138][T13041] __msan_chain_origin+0x50/0x90 [ 642.406775][T13041] __get_compat_msghdr+0x5be/0x890 [ 642.415456][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 642.406775][T13041] get_compat_msghdr+0x108/0x270 [ 642.406775][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 642.406775][T13041] __sys_recvmmsg+0x4ca/0x510 [ 642.406775][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.406775][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.406775][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 642.453941][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 642.406775][T13041] do_fast_syscall_32+0x6b/0xd0 [ 642.406775][T13041] do_SYSENTER_32+0x73/0x90 [ 642.406775][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.406775][T13041] [ 642.406775][T13041] Uninit was stored to memory at: [ 642.406775][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 642.490366][T13041] __msan_chain_origin+0x50/0x90 [ 642.494591][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 642.490366][T13041] __get_compat_msghdr+0x5be/0x890 [ 642.490366][T13041] get_compat_msghdr+0x108/0x270 [ 642.490366][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 642.521282][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 642.490366][T13041] __sys_recvmmsg+0x4ca/0x510 [ 642.490366][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.490366][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.490366][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 642.490366][T13041] do_fast_syscall_32+0x6b/0xd0 [ 642.490366][T13041] do_SYSENTER_32+0x73/0x90 [ 642.560323][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.560323][T13041] [ 642.560323][T13041] Uninit was stored to memory at: [ 642.560323][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 642.579561][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 642.560323][T13041] __msan_chain_origin+0x50/0x90 [ 642.560323][T13041] __get_compat_msghdr+0x5be/0x890 [ 642.560323][T13041] get_compat_msghdr+0x108/0x270 [ 642.560323][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 642.560323][T13041] __sys_recvmmsg+0x4ca/0x510 [ 642.560323][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.560323][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.560323][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 642.560323][T13041] do_fast_syscall_32+0x6b/0xd0 [ 642.560323][T13041] do_SYSENTER_32+0x73/0x90 [ 642.560323][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.560323][T13041] [ 642.560323][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 642.560323][T13041] do_recvmmsg+0xc5/0x1ee0 [ 642.630317][T13041] do_recvmmsg+0xc5/0x1ee0 [ 642.897074][T13080] not chained 2410000 origins [ 642.900162][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 642.900162][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 642.900162][T13080] Call Trace: [ 642.900162][T13080] dump_stack+0x1df/0x240 [ 642.900162][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 642.900162][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 642.900162][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 642.900162][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 642.900162][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 642.900162][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 642.900162][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 642.900162][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 642.900162][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 642.900162][T13080] ? _copy_from_user+0x15b/0x260 [ 642.980682][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 642.980682][T13080] __msan_chain_origin+0x50/0x90 [ 642.980682][T13080] __get_compat_msghdr+0x5be/0x890 [ 642.980682][T13080] get_compat_msghdr+0x108/0x270 [ 642.980682][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 642.980682][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 642.980682][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 642.980682][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 642.980682][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 642.980682][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 642.980682][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 642.980682][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 642.980682][T13080] __sys_recvmmsg+0x4ca/0x510 [ 642.980682][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.980682][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 642.980682][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.980682][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 642.980682][T13080] do_fast_syscall_32+0x6b/0xd0 [ 642.980682][T13080] do_SYSENTER_32+0x73/0x90 [ 642.980682][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.980682][T13080] RIP: 0023:0xf7fbe549 [ 642.980682][T13080] Code: Bad RIP value. [ 642.980682][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 642.980682][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 642.980682][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 642.980682][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 642.980682][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 642.980682][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 642.980682][T13080] Uninit was stored to memory at: [ 642.980682][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 642.980682][T13080] __msan_chain_origin+0x50/0x90 [ 642.980682][T13080] __get_compat_msghdr+0x5be/0x890 [ 642.980682][T13080] get_compat_msghdr+0x108/0x270 [ 642.980682][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 642.980682][T13080] __sys_recvmmsg+0x4ca/0x510 [ 642.980682][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.980682][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.980682][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 642.980682][T13080] do_fast_syscall_32+0x6b/0xd0 [ 642.980682][T13080] do_SYSENTER_32+0x73/0x90 [ 642.980682][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.980682][T13080] [ 642.980682][T13080] Uninit was stored to memory at: [ 642.980682][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 642.980682][T13080] __msan_chain_origin+0x50/0x90 [ 642.980682][T13080] __get_compat_msghdr+0x5be/0x890 [ 642.980682][T13080] get_compat_msghdr+0x108/0x270 [ 642.980682][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 642.980682][T13080] __sys_recvmmsg+0x4ca/0x510 [ 643.246650][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 642.980682][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.260182][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.260182][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 643.260182][T13080] do_fast_syscall_32+0x6b/0xd0 [ 643.260182][T13080] do_SYSENTER_32+0x73/0x90 [ 643.260182][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.260182][T13080] [ 643.260182][T13080] Uninit was stored to memory at: [ 643.260182][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 643.260182][T13080] __msan_chain_origin+0x50/0x90 [ 643.260182][T13080] __get_compat_msghdr+0x5be/0x890 [ 643.260182][T13080] get_compat_msghdr+0x108/0x270 [ 643.260182][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 643.260182][T13080] __sys_recvmmsg+0x4ca/0x510 [ 643.260182][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.260182][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.334811][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 643.260182][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 643.260182][T13080] do_fast_syscall_32+0x6b/0xd0 [ 643.260182][T13080] do_SYSENTER_32+0x73/0x90 [ 643.260182][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.260182][T13080] [ 643.260182][T13080] Uninit was stored to memory at: [ 643.260182][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 643.260182][T13080] __msan_chain_origin+0x50/0x90 [ 643.260182][T13080] __get_compat_msghdr+0x5be/0x890 [ 643.260182][T13080] get_compat_msghdr+0x108/0x270 [ 643.260182][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 643.260182][T13080] __sys_recvmmsg+0x4ca/0x510 [ 643.260182][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.260182][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.260182][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 643.260182][T13080] do_fast_syscall_32+0x6b/0xd0 [ 643.260182][T13080] do_SYSENTER_32+0x73/0x90 [ 643.352765][T13072] not chained 2420000 origins [ 643.260182][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.358804][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 643.260182][T13080] [ 643.360170][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 643.260182][T13080] Uninit was stored to memory at: [ 643.360170][T13072] Call Trace: [ 643.260182][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 643.360170][T13072] dump_stack+0x1df/0x240 [ 643.260182][T13080] __msan_chain_origin+0x50/0x90 [ 643.360170][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 643.260182][T13080] __get_compat_msghdr+0x5be/0x890 [ 643.360170][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 643.260182][T13080] get_compat_msghdr+0x108/0x270 [ 643.360170][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 643.260182][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 643.360170][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 643.260182][T13080] __sys_recvmmsg+0x4ca/0x510 [ 643.360170][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 643.260182][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.360170][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 643.260182][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.360170][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 643.260182][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 643.360170][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 643.260182][T13080] do_fast_syscall_32+0x6b/0xd0 [ 643.360170][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 643.260182][T13080] do_SYSENTER_32+0x73/0x90 [ 643.360170][T13072] ? _copy_from_user+0x15b/0x260 [ 643.260182][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.360170][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 643.260182][T13080] [ 643.360170][T13072] __msan_chain_origin+0x50/0x90 [ 643.260182][T13080] Uninit was stored to memory at: [ 643.360170][T13072] __get_compat_msghdr+0x5be/0x890 [ 643.260182][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 643.360170][T13072] get_compat_msghdr+0x108/0x270 [ 643.260182][T13080] __msan_chain_origin+0x50/0x90 [ 643.360170][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 643.260182][T13080] __get_compat_msghdr+0x5be/0x890 [ 643.360170][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 643.260182][T13080] get_compat_msghdr+0x108/0x270 [ 643.360170][T13072] ? sched_clock_cpu+0x7c/0x930 [ 643.260182][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 643.360170][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 643.260182][T13080] __sys_recvmmsg+0x4ca/0x510 [ 643.360170][T13072] ? sched_clock_cpu+0x7c/0x930 [ 643.260182][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.360170][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 643.260182][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.360170][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 643.260182][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 643.360170][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 643.260182][T13080] do_fast_syscall_32+0x6b/0xd0 [ 643.360170][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 643.260182][T13080] do_SYSENTER_32+0x73/0x90 [ 643.360170][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 643.260182][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.360170][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 643.260182][T13080] [ 643.360170][T13072] __sys_recvmmsg+0x4ca/0x510 [ 643.260182][T13080] Uninit was stored to memory at: [ 643.360170][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.260182][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 643.360170][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 643.260182][T13080] __msan_chain_origin+0x50/0x90 [ 643.360170][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.260182][T13080] __get_compat_msghdr+0x5be/0x890 [ 643.360170][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 643.260182][T13080] get_compat_msghdr+0x108/0x270 [ 643.360170][T13072] do_fast_syscall_32+0x6b/0xd0 [ 643.260182][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 643.360170][T13072] do_SYSENTER_32+0x73/0x90 [ 643.260182][T13080] __sys_recvmmsg+0x4ca/0x510 [ 643.360170][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.260182][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.360170][T13072] RIP: 0023:0xf7fbe549 [ 643.260182][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.360170][T13072] Code: Bad RIP value. [ 643.260182][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 643.360170][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 643.260182][T13080] do_fast_syscall_32+0x6b/0xd0 [ 643.360170][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 643.260182][T13080] do_SYSENTER_32+0x73/0x90 [ 643.360170][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 643.260182][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.360170][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 643.260182][T13080] [ 643.360170][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 643.260182][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 643.360170][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 643.260182][T13080] do_recvmmsg+0xc5/0x1ee0 [ 643.360170][T13072] Uninit was stored to memory at: [ 643.260182][T13080] do_recvmmsg+0xc5/0x1ee0 [ 643.360170][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 643.849788][T13072] __msan_chain_origin+0x50/0x90 [ 643.849788][T13072] __get_compat_msghdr+0x5be/0x890 [ 643.849788][T13072] get_compat_msghdr+0x108/0x270 [ 643.849788][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 643.849788][T13072] __sys_recvmmsg+0x4ca/0x510 [ 643.849788][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.849788][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.849788][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 643.981557][T13041] not chained 2430000 origins [ 643.849788][T13072] do_fast_syscall_32+0x6b/0xd0 [ 643.986783][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 643.849788][T13072] do_SYSENTER_32+0x73/0x90 [ 643.990138][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 643.849788][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.990138][T13041] Call Trace: [ 643.849788][T13072] [ 643.990138][T13041] dump_stack+0x1df/0x240 [ 643.849788][T13072] Uninit was stored to memory at: [ 643.990138][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 643.849788][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 643.990138][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 643.849788][T13072] __msan_chain_origin+0x50/0x90 [ 643.990138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 643.849788][T13072] __get_compat_msghdr+0x5be/0x890 [ 643.990138][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 643.849788][T13072] get_compat_msghdr+0x108/0x270 [ 643.990138][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 643.849788][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 643.990138][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 643.849788][T13072] __sys_recvmmsg+0x4ca/0x510 [ 643.990138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 643.849788][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.990138][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 643.849788][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.990138][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 643.849788][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 643.990138][T13041] ? _copy_from_user+0x15b/0x260 [ 643.849788][T13072] do_fast_syscall_32+0x6b/0xd0 [ 643.990138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 643.849788][T13072] do_SYSENTER_32+0x73/0x90 [ 643.990138][T13041] __msan_chain_origin+0x50/0x90 [ 643.849788][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.990138][T13041] __get_compat_msghdr+0x5be/0x890 [ 643.849788][T13072] [ 643.990138][T13041] get_compat_msghdr+0x108/0x270 [ 643.849788][T13072] Uninit was stored to memory at: [ 643.990138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 643.849788][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 643.990138][T13041] ? idle_cpu+0x9a/0x1d0 [ 643.849788][T13072] __msan_chain_origin+0x50/0x90 [ 643.990138][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 643.849788][T13072] __get_compat_msghdr+0x5be/0x890 [ 643.990138][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 643.849788][T13072] get_compat_msghdr+0x108/0x270 [ 643.990138][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 643.849788][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 643.990138][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 643.849788][T13072] __sys_recvmmsg+0x4ca/0x510 [ 643.990138][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 643.849788][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.990138][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 643.849788][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.990138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 643.849788][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 643.990138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.849788][T13072] do_fast_syscall_32+0x6b/0xd0 [ 643.990138][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 643.849788][T13072] do_SYSENTER_32+0x73/0x90 [ 643.990138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.849788][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.990138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 643.849788][T13072] [ 643.990138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 643.849788][T13072] Uninit was stored to memory at: [ 643.990138][T13041] do_SYSENTER_32+0x73/0x90 [ 643.849788][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 643.990138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.849788][T13072] __msan_chain_origin+0x50/0x90 [ 643.990138][T13041] RIP: 0023:0xf7fd6549 [ 643.849788][T13072] __get_compat_msghdr+0x5be/0x890 [ 643.990138][T13041] Code: Bad RIP value. [ 643.849788][T13072] get_compat_msghdr+0x108/0x270 [ 643.990138][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 643.849788][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 643.990138][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 643.849788][T13072] __sys_recvmmsg+0x4ca/0x510 [ 643.990138][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 643.849788][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.990138][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 643.849788][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.990138][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 643.849788][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 643.990138][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 643.849788][T13072] do_fast_syscall_32+0x6b/0xd0 [ 643.990138][T13041] Uninit was stored to memory at: [ 643.849788][T13072] do_SYSENTER_32+0x73/0x90 [ 643.990138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 643.849788][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.990138][T13041] __msan_chain_origin+0x50/0x90 [ 643.849788][T13072] [ 643.990138][T13041] __get_compat_msghdr+0x5be/0x890 [ 643.849788][T13072] Uninit was stored to memory at: [ 643.990138][T13041] get_compat_msghdr+0x108/0x270 [ 643.849788][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 643.990138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 643.849788][T13072] __msan_chain_origin+0x50/0x90 [ 643.990138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 643.849788][T13072] __get_compat_msghdr+0x5be/0x890 [ 643.990138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.849788][T13072] get_compat_msghdr+0x108/0x270 [ 643.990138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.849788][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 643.990138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 643.849788][T13072] __sys_recvmmsg+0x4ca/0x510 [ 643.990138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 643.849788][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.990138][T13041] do_SYSENTER_32+0x73/0x90 [ 643.849788][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.990138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.849788][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 643.990138][T13041] [ 643.849788][T13072] do_fast_syscall_32+0x6b/0xd0 [ 643.990138][T13041] Uninit was stored to memory at: [ 643.849788][T13072] do_SYSENTER_32+0x73/0x90 [ 643.990138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 643.849788][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.990138][T13041] __msan_chain_origin+0x50/0x90 [ 643.849788][T13072] [ 643.990138][T13041] __get_compat_msghdr+0x5be/0x890 [ 643.849788][T13072] Uninit was stored to memory at: [ 643.990138][T13041] get_compat_msghdr+0x108/0x270 [ 643.849788][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 643.990138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 643.849788][T13072] __msan_chain_origin+0x50/0x90 [ 643.990138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 643.849788][T13072] __get_compat_msghdr+0x5be/0x890 [ 643.990138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.849788][T13072] get_compat_msghdr+0x108/0x270 [ 643.990138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.849788][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 643.990138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 643.849788][T13072] __sys_recvmmsg+0x4ca/0x510 [ 643.990138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 643.849788][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.990138][T13041] do_SYSENTER_32+0x73/0x90 [ 643.849788][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.990138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.849788][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 643.990138][T13041] [ 643.849788][T13072] do_fast_syscall_32+0x6b/0xd0 [ 643.990138][T13041] Uninit was stored to memory at: [ 643.849788][T13072] do_SYSENTER_32+0x73/0x90 [ 643.990138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 643.849788][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.990138][T13041] __msan_chain_origin+0x50/0x90 [ 643.849788][T13072] [ 643.990138][T13041] __get_compat_msghdr+0x5be/0x890 [ 643.849788][T13072] Uninit was stored to memory at: [ 643.990138][T13041] get_compat_msghdr+0x108/0x270 [ 643.849788][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 643.990138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 643.849788][T13072] __msan_chain_origin+0x50/0x90 [ 643.849788][T13072] __get_compat_msghdr+0x5be/0x890 [ 643.990138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 643.849788][T13072] get_compat_msghdr+0x108/0x270 [ 643.990138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.849788][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 643.990138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.849788][T13072] __sys_recvmmsg+0x4ca/0x510 [ 643.990138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 643.849788][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.990138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 643.849788][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.990138][T13041] do_SYSENTER_32+0x73/0x90 [ 643.849788][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 643.990138][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.849788][T13072] do_fast_syscall_32+0x6b/0xd0 [ 643.990138][T13041] [ 643.849788][T13072] do_SYSENTER_32+0x73/0x90 [ 643.990138][T13041] Uninit was stored to memory at: [ 643.849788][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.990138][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 643.849788][T13072] [ 643.990138][T13041] __msan_chain_origin+0x50/0x90 [ 643.849788][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 643.990138][T13041] __get_compat_msghdr+0x5be/0x890 [ 643.849788][T13072] do_recvmmsg+0xc5/0x1ee0 [ 643.990138][T13041] get_compat_msghdr+0x108/0x270 [ 643.849788][T13072] do_recvmmsg+0xc5/0x1ee0 [ 643.990138][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 643.990138][T13041] __sys_recvmmsg+0x4ca/0x510 [ 643.990138][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.990138][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.990138][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 643.990138][T13041] do_fast_syscall_32+0x6b/0xd0 [ 644.943173][T13041] do_SYSENTER_32+0x73/0x90 [ 644.943173][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 644.943173][T13041] [ 644.943173][T13041] Uninit was stored to memory at: [ 644.943173][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 644.943173][T13041] __msan_chain_origin+0x50/0x90 [ 644.943173][T13041] __get_compat_msghdr+0x5be/0x890 [ 644.943173][T13041] get_compat_msghdr+0x108/0x270 [ 644.943173][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 644.943173][T13041] __sys_recvmmsg+0x4ca/0x510 [ 644.943173][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 644.943173][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 644.943173][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 644.943173][T13041] do_fast_syscall_32+0x6b/0xd0 [ 644.943173][T13041] do_SYSENTER_32+0x73/0x90 [ 644.943173][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 644.943173][T13041] [ 644.943173][T13041] Uninit was stored to memory at: [ 644.943173][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 645.038912][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 644.943173][T13041] __msan_chain_origin+0x50/0x90 [ 644.943173][T13041] __get_compat_msghdr+0x5be/0x890 [ 644.943173][T13041] get_compat_msghdr+0x108/0x270 [ 644.943173][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 644.943173][T13041] __sys_recvmmsg+0x4ca/0x510 [ 644.943173][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 644.943173][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 644.943173][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 644.943173][T13041] do_fast_syscall_32+0x6b/0xd0 [ 644.943173][T13041] do_SYSENTER_32+0x73/0x90 [ 644.943173][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 644.943173][T13041] [ 644.943173][T13041] Uninit was stored to memory at: [ 644.943173][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 644.943173][T13041] __msan_chain_origin+0x50/0x90 [ 644.943173][T13041] __get_compat_msghdr+0x5be/0x890 [ 644.943173][T13041] get_compat_msghdr+0x108/0x270 [ 644.943173][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 644.943173][T13041] __sys_recvmmsg+0x4ca/0x510 [ 644.943173][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 644.943173][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 645.050427][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 645.050427][T13041] do_fast_syscall_32+0x6b/0xd0 [ 645.050427][T13041] do_SYSENTER_32+0x73/0x90 [ 645.050427][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 645.176750][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 645.050427][T13041] [ 645.050427][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 645.050427][T13041] do_recvmmsg+0xc5/0x1ee0 [ 645.050427][T13041] do_recvmmsg+0xc5/0x1ee0 [ 645.417828][T13080] not chained 2440000 origins [ 645.420167][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 645.420167][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 645.420167][T13080] Call Trace: [ 645.420167][T13080] dump_stack+0x1df/0x240 [ 645.420167][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 645.420167][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 645.420167][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 645.420167][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 645.420167][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 645.420167][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 645.420167][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 645.420167][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 645.420167][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 645.420167][T13080] ? _copy_from_user+0x15b/0x260 [ 645.420167][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 645.420167][T13080] __msan_chain_origin+0x50/0x90 [ 645.420167][T13080] __get_compat_msghdr+0x5be/0x890 [ 645.420167][T13080] get_compat_msghdr+0x108/0x270 [ 645.420167][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 645.420167][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 645.420167][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 645.420167][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 645.420167][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 645.545806][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 645.420167][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 645.560194][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 645.560194][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 645.560194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 645.560194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 645.560194][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 645.560194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 645.560194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 645.560194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 645.560194][T13080] do_SYSENTER_32+0x73/0x90 [ 645.560194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 645.560194][T13080] RIP: 0023:0xf7fbe549 [ 645.560194][T13080] Code: Bad RIP value. [ 645.560194][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 645.560194][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 645.560194][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 645.560194][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 645.560194][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 645.560194][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 645.560194][T13080] Uninit was stored to memory at: [ 645.560194][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 645.560194][T13080] __msan_chain_origin+0x50/0x90 [ 645.560194][T13080] __get_compat_msghdr+0x5be/0x890 [ 645.560194][T13080] get_compat_msghdr+0x108/0x270 [ 645.560194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 645.560194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 645.560194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 645.560194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 645.560194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 645.560194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 645.560194][T13080] do_SYSENTER_32+0x73/0x90 [ 645.560194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 645.560194][T13080] [ 645.560194][T13080] Uninit was stored to memory at: [ 645.560194][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 645.560194][T13080] __msan_chain_origin+0x50/0x90 [ 645.560194][T13080] __get_compat_msghdr+0x5be/0x890 [ 645.560194][T13080] get_compat_msghdr+0x108/0x270 [ 645.560194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 645.560194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 645.560194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 645.560194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 645.560194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 645.560194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 645.560194][T13080] do_SYSENTER_32+0x73/0x90 [ 645.560194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 645.560194][T13080] [ 645.560194][T13080] Uninit was stored to memory at: [ 645.560194][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 645.560194][T13080] __msan_chain_origin+0x50/0x90 [ 645.560194][T13080] __get_compat_msghdr+0x5be/0x890 [ 645.560194][T13080] get_compat_msghdr+0x108/0x270 [ 645.560194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 645.560194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 645.560194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 645.560194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 645.560194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 645.560194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 645.560194][T13080] do_SYSENTER_32+0x73/0x90 [ 645.560194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 645.880269][T13080] [ 645.880269][T13080] Uninit was stored to memory at: [ 645.880269][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 645.880269][T13080] __msan_chain_origin+0x50/0x90 [ 645.880269][T13080] __get_compat_msghdr+0x5be/0x890 [ 645.880269][T13080] get_compat_msghdr+0x108/0x270 [ 645.880269][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 645.880269][T13080] __sys_recvmmsg+0x4ca/0x510 [ 645.880269][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 645.920511][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 645.920511][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 645.920511][T13080] do_fast_syscall_32+0x6b/0xd0 [ 645.920511][T13080] do_SYSENTER_32+0x73/0x90 [ 645.920511][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 645.950296][T13080] [ 645.950296][T13080] Uninit was stored to memory at: [ 645.950296][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 645.950296][T13080] __msan_chain_origin+0x50/0x90 [ 645.950296][T13080] __get_compat_msghdr+0x5be/0x890 [ 645.950296][T13080] get_compat_msghdr+0x108/0x270 [ 645.950296][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 645.950296][T13080] __sys_recvmmsg+0x4ca/0x510 [ 645.950296][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 645.950296][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 645.950296][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 645.950296][T13080] do_fast_syscall_32+0x6b/0xd0 [ 645.950296][T13080] do_SYSENTER_32+0x73/0x90 [ 645.950296][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 645.950296][T13080] [ 645.950296][T13080] Uninit was stored to memory at: [ 645.950296][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 645.950296][T13080] __msan_chain_origin+0x50/0x90 [ 645.950296][T13080] __get_compat_msghdr+0x5be/0x890 [ 645.950296][T13080] get_compat_msghdr+0x108/0x270 [ 645.950296][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 645.950296][T13080] __sys_recvmmsg+0x4ca/0x510 [ 645.950296][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 645.950296][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 645.950296][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 645.950296][T13080] do_fast_syscall_32+0x6b/0xd0 [ 645.950296][T13080] do_SYSENTER_32+0x73/0x90 [ 645.950296][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 645.950296][T13080] [ 645.950296][T13080] Uninit was stored to memory at: [ 645.950296][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 645.950296][T13080] __msan_chain_origin+0x50/0x90 [ 645.950296][T13080] __get_compat_msghdr+0x5be/0x890 [ 645.950296][T13080] get_compat_msghdr+0x108/0x270 [ 645.950296][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 645.950296][T13080] __sys_recvmmsg+0x4ca/0x510 [ 645.950296][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 645.950296][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 645.950296][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 645.950296][T13080] do_fast_syscall_32+0x6b/0xd0 [ 645.950296][T13080] do_SYSENTER_32+0x73/0x90 [ 645.950296][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 645.950296][T13080] [ 645.950296][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 645.950296][T13080] do_recvmmsg+0xc5/0x1ee0 [ 645.950296][T13080] do_recvmmsg+0xc5/0x1ee0 [ 646.476450][T13012] not chained 2450000 origins [ 646.480155][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 646.480155][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 646.480155][T13012] Call Trace: [ 646.480155][T13012] dump_stack+0x1df/0x240 [ 646.480155][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 646.480155][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 646.480155][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 646.480155][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 646.480155][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 646.480155][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 646.480155][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 646.480155][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 646.480155][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 646.480155][T13012] ? _copy_from_user+0x15b/0x260 [ 646.480155][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 646.480155][T13012] __msan_chain_origin+0x50/0x90 [ 646.480155][T13012] __get_compat_msghdr+0x5be/0x890 [ 646.480155][T13012] get_compat_msghdr+0x108/0x270 [ 646.480155][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 646.480155][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 646.480155][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 646.480155][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 646.480155][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 646.480155][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 646.480155][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 646.480155][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 646.480155][T13012] __sys_recvmmsg+0x4ca/0x510 [ 646.480155][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 646.480155][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 646.480155][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 646.480155][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 646.480155][T13012] do_fast_syscall_32+0x6b/0xd0 [ 646.480155][T13012] do_SYSENTER_32+0x73/0x90 [ 646.480155][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 646.480155][T13012] RIP: 0023:0xf7f4d549 [ 646.480155][T13012] Code: Bad RIP value. [ 646.480155][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 646.480155][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 646.480155][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 646.480155][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 646.480155][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 646.480155][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 646.480155][T13012] Uninit was stored to memory at: [ 646.480155][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 646.480155][T13012] __msan_chain_origin+0x50/0x90 [ 646.480155][T13012] __get_compat_msghdr+0x5be/0x890 [ 646.480155][T13012] get_compat_msghdr+0x108/0x270 [ 646.480155][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 646.480155][T13012] __sys_recvmmsg+0x4ca/0x510 [ 646.480155][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 646.480155][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 646.480155][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 646.480155][T13012] do_fast_syscall_32+0x6b/0xd0 [ 646.480155][T13012] do_SYSENTER_32+0x73/0x90 [ 646.480155][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 646.480155][T13012] [ 646.480155][T13012] Uninit was stored to memory at: [ 646.480155][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 646.480155][T13012] __msan_chain_origin+0x50/0x90 [ 646.480155][T13012] __get_compat_msghdr+0x5be/0x890 [ 646.480155][T13012] get_compat_msghdr+0x108/0x270 [ 646.480155][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 646.480155][T13012] __sys_recvmmsg+0x4ca/0x510 [ 646.480155][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 646.480155][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 646.480155][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 646.480155][T13012] do_fast_syscall_32+0x6b/0xd0 [ 646.480155][T13012] do_SYSENTER_32+0x73/0x90 [ 646.480155][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 646.480155][T13012] [ 646.480155][T13012] Uninit was stored to memory at: [ 646.480155][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 646.480155][T13012] __msan_chain_origin+0x50/0x90 [ 646.480155][T13012] __get_compat_msghdr+0x5be/0x890 [ 646.480155][T13012] get_compat_msghdr+0x108/0x270 [ 646.480155][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 646.480155][T13012] __sys_recvmmsg+0x4ca/0x510 [ 646.480155][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 646.480155][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 646.480155][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 646.480155][T13012] do_fast_syscall_32+0x6b/0xd0 [ 646.480155][T13012] do_SYSENTER_32+0x73/0x90 [ 646.480155][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 646.480155][T13012] [ 646.480155][T13012] Uninit was stored to memory at: [ 646.480155][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 646.480155][T13012] __msan_chain_origin+0x50/0x90 [ 646.480155][T13012] __get_compat_msghdr+0x5be/0x890 [ 646.480155][T13012] get_compat_msghdr+0x108/0x270 [ 646.480155][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 646.480155][T13012] __sys_recvmmsg+0x4ca/0x510 [ 646.480155][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 646.480155][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 646.480155][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 646.480155][T13012] do_fast_syscall_32+0x6b/0xd0 [ 646.480155][T13012] do_SYSENTER_32+0x73/0x90 [ 646.480155][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 646.480155][T13012] [ 646.480155][T13012] Uninit was stored to memory at: [ 646.480155][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 646.480155][T13012] __msan_chain_origin+0x50/0x90 [ 646.480155][T13012] __get_compat_msghdr+0x5be/0x890 [ 646.480155][T13012] get_compat_msghdr+0x108/0x270 [ 646.480155][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 646.480155][T13012] __sys_recvmmsg+0x4ca/0x510 [ 646.480155][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.040820][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.040820][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 647.040820][T13012] do_fast_syscall_32+0x6b/0xd0 [ 647.040820][T13012] do_SYSENTER_32+0x73/0x90 [ 647.040820][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.040820][T13012] [ 647.040820][T13012] Uninit was stored to memory at: [ 647.040820][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 647.040820][T13012] __msan_chain_origin+0x50/0x90 [ 647.040820][T13012] __get_compat_msghdr+0x5be/0x890 [ 647.040820][T13012] get_compat_msghdr+0x108/0x270 [ 647.040820][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 647.040820][T13012] __sys_recvmmsg+0x4ca/0x510 [ 647.040820][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.040820][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.040820][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 647.040820][T13012] do_fast_syscall_32+0x6b/0xd0 [ 647.040820][T13012] do_SYSENTER_32+0x73/0x90 [ 647.040820][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.040820][T13012] [ 647.040820][T13012] Uninit was stored to memory at: [ 647.040820][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 647.040820][T13012] __msan_chain_origin+0x50/0x90 [ 647.040820][T13012] __get_compat_msghdr+0x5be/0x890 [ 647.040820][T13012] get_compat_msghdr+0x108/0x270 [ 647.040820][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 647.040820][T13012] __sys_recvmmsg+0x4ca/0x510 [ 647.040820][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.040820][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.040820][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 647.040820][T13012] do_fast_syscall_32+0x6b/0xd0 [ 647.040820][T13012] do_SYSENTER_32+0x73/0x90 [ 647.040820][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.040820][T13012] [ 647.040820][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 647.040820][T13012] do_recvmmsg+0xc5/0x1ee0 [ 647.040820][T13012] do_recvmmsg+0xc5/0x1ee0 [ 647.329743][T13072] not chained 2460000 origins [ 647.330158][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 647.330158][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 647.330158][T13072] Call Trace: [ 647.330158][T13072] dump_stack+0x1df/0x240 [ 647.330158][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 647.330158][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 647.330158][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 647.330158][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 647.330158][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 647.330158][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 647.330158][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 647.330158][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 647.330158][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 647.330158][T13072] ? _copy_from_user+0x15b/0x260 [ 647.330158][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 647.330158][T13072] __msan_chain_origin+0x50/0x90 [ 647.330158][T13072] __get_compat_msghdr+0x5be/0x890 [ 647.330158][T13072] get_compat_msghdr+0x108/0x270 [ 647.330158][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 647.330158][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 647.330158][T13072] ? sched_clock_cpu+0x7c/0x930 [ 647.330158][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 647.330158][T13072] ? sched_clock_cpu+0x7c/0x930 [ 647.330158][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 647.330158][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 647.330158][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 647.473641][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 647.330158][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 647.490190][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 647.490190][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 647.490190][T13072] __sys_recvmmsg+0x4ca/0x510 [ 647.490190][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.490190][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 647.490190][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.490190][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 647.490190][T13072] do_fast_syscall_32+0x6b/0xd0 [ 647.490190][T13072] do_SYSENTER_32+0x73/0x90 [ 647.490190][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.490190][T13072] RIP: 0023:0xf7fbe549 [ 647.490190][T13072] Code: Bad RIP value. [ 647.490190][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 647.490190][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 647.567379][T13080] not chained 2470000 origins [ 647.490190][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 647.490190][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 647.490190][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 647.490190][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 647.490190][T13072] Uninit was stored to memory at: [ 647.570179][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 647.570179][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 647.490190][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 647.570179][T13080] Call Trace: [ 647.490190][T13072] __msan_chain_origin+0x50/0x90 [ 647.570179][T13080] dump_stack+0x1df/0x240 [ 647.490190][T13072] __get_compat_msghdr+0x5be/0x890 [ 647.570179][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 647.490190][T13072] get_compat_msghdr+0x108/0x270 [ 647.570179][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 647.490190][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 647.570179][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 647.490190][T13072] __sys_recvmmsg+0x4ca/0x510 [ 647.570179][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 647.490190][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.570179][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 647.490190][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.570179][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 647.490190][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 647.570179][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 647.490190][T13072] do_fast_syscall_32+0x6b/0xd0 [ 647.570179][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 647.490190][T13072] do_SYSENTER_32+0x73/0x90 [ 647.570179][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 647.490190][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.570179][T13080] ? _copy_from_user+0x15b/0x260 [ 647.490190][T13072] [ 647.570179][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 647.490190][T13072] Uninit was stored to memory at: [ 647.570179][T13080] __msan_chain_origin+0x50/0x90 [ 647.490190][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 647.570179][T13080] __get_compat_msghdr+0x5be/0x890 [ 647.490190][T13072] __msan_chain_origin+0x50/0x90 [ 647.570179][T13080] get_compat_msghdr+0x108/0x270 [ 647.490190][T13072] __get_compat_msghdr+0x5be/0x890 [ 647.570179][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 647.490190][T13072] get_compat_msghdr+0x108/0x270 [ 647.570179][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 647.490190][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 647.570179][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 647.490190][T13072] __sys_recvmmsg+0x4ca/0x510 [ 647.570179][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 647.490190][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.570179][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 647.490190][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.570179][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 647.490190][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 647.570179][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 647.490190][T13072] do_fast_syscall_32+0x6b/0xd0 [ 647.570179][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 647.490190][T13072] do_SYSENTER_32+0x73/0x90 [ 647.570179][T13080] __sys_recvmmsg+0x4ca/0x510 [ 647.490190][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.570179][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.490190][T13072] [ 647.570179][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 647.490190][T13072] Uninit was stored to memory at: [ 647.570179][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.490190][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 647.570179][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 647.490190][T13072] __msan_chain_origin+0x50/0x90 [ 647.570179][T13080] do_fast_syscall_32+0x6b/0xd0 [ 647.490190][T13072] __get_compat_msghdr+0x5be/0x890 [ 647.570179][T13080] do_SYSENTER_32+0x73/0x90 [ 647.490190][T13072] get_compat_msghdr+0x108/0x270 [ 647.570179][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.490190][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 647.570179][T13080] RIP: 0023:0xf7fbe549 [ 647.490190][T13072] __sys_recvmmsg+0x4ca/0x510 [ 647.570179][T13080] Code: Bad RIP value. [ 647.490190][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.570179][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 647.490190][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.570179][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 647.490190][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 647.570179][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 647.490190][T13072] do_fast_syscall_32+0x6b/0xd0 [ 647.570179][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 647.490190][T13072] do_SYSENTER_32+0x73/0x90 [ 647.570179][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 647.490190][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.570179][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 647.490190][T13072] [ 647.570179][T13080] Uninit was stored to memory at: [ 647.490190][T13072] Uninit was stored to memory at: [ 647.570179][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 647.490190][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 647.570179][T13080] __msan_chain_origin+0x50/0x90 [ 647.490190][T13072] __msan_chain_origin+0x50/0x90 [ 647.570179][T13080] __get_compat_msghdr+0x5be/0x890 [ 647.490190][T13072] __get_compat_msghdr+0x5be/0x890 [ 647.570179][T13080] get_compat_msghdr+0x108/0x270 [ 647.490190][T13072] get_compat_msghdr+0x108/0x270 [ 647.570179][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 647.490190][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 647.570179][T13080] __sys_recvmmsg+0x4ca/0x510 [ 647.490190][T13072] __sys_recvmmsg+0x4ca/0x510 [ 647.570179][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.490190][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.570179][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.490190][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.570179][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 647.490190][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 647.570179][T13080] do_fast_syscall_32+0x6b/0xd0 [ 647.490190][T13072] do_fast_syscall_32+0x6b/0xd0 [ 647.570179][T13080] do_SYSENTER_32+0x73/0x90 [ 647.490190][T13072] do_SYSENTER_32+0x73/0x90 [ 647.570179][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.490190][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.570179][T13080] [ 647.490190][T13072] [ 647.570179][T13080] Uninit was stored to memory at: [ 647.490190][T13072] Uninit was stored to memory at: [ 647.570179][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 647.490190][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 647.570179][T13080] __msan_chain_origin+0x50/0x90 [ 647.490190][T13072] __msan_chain_origin+0x50/0x90 [ 647.570179][T13080] __get_compat_msghdr+0x5be/0x890 [ 647.490190][T13072] __get_compat_msghdr+0x5be/0x890 [ 647.570179][T13080] get_compat_msghdr+0x108/0x270 [ 647.490190][T13072] get_compat_msghdr+0x108/0x270 [ 647.570179][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 647.490190][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 647.570179][T13080] __sys_recvmmsg+0x4ca/0x510 [ 647.490190][T13072] __sys_recvmmsg+0x4ca/0x510 [ 647.570179][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.490190][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.570179][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.490190][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.570179][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 647.490190][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 647.570179][T13080] do_fast_syscall_32+0x6b/0xd0 [ 647.490190][T13072] do_fast_syscall_32+0x6b/0xd0 [ 647.570179][T13080] do_SYSENTER_32+0x73/0x90 [ 647.490190][T13072] do_SYSENTER_32+0x73/0x90 [ 647.570179][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.490190][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.570179][T13080] [ 647.490190][T13072] [ 647.570179][T13080] Uninit was stored to memory at: [ 647.490190][T13072] Uninit was stored to memory at: [ 647.570179][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 647.490190][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 647.570179][T13080] __msan_chain_origin+0x50/0x90 [ 647.490190][T13072] __msan_chain_origin+0x50/0x90 [ 647.570179][T13080] __get_compat_msghdr+0x5be/0x890 [ 647.490190][T13072] __get_compat_msghdr+0x5be/0x890 [ 647.570179][T13080] get_compat_msghdr+0x108/0x270 [ 647.490190][T13072] get_compat_msghdr+0x108/0x270 [ 647.570179][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 647.490190][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 647.570179][T13080] __sys_recvmmsg+0x4ca/0x510 [ 647.490190][T13072] __sys_recvmmsg+0x4ca/0x510 [ 647.570179][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.490190][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.570179][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.490190][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.570179][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 647.490190][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 647.570179][T13080] do_fast_syscall_32+0x6b/0xd0 [ 647.490190][T13072] do_fast_syscall_32+0x6b/0xd0 [ 647.570179][T13080] do_SYSENTER_32+0x73/0x90 [ 647.490190][T13072] do_SYSENTER_32+0x73/0x90 [ 647.570179][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.490190][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.570179][T13080] [ 647.490190][T13072] [ 647.570179][T13080] Uninit was stored to memory at: [ 647.490190][T13072] Uninit was stored to memory at: [ 647.570179][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 647.490190][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 647.570179][T13080] __msan_chain_origin+0x50/0x90 [ 647.490190][T13072] __msan_chain_origin+0x50/0x90 [ 647.570179][T13080] __get_compat_msghdr+0x5be/0x890 [ 647.490190][T13072] __get_compat_msghdr+0x5be/0x890 [ 647.570179][T13080] get_compat_msghdr+0x108/0x270 [ 647.490190][T13072] get_compat_msghdr+0x108/0x270 [ 647.570179][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 647.490190][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 647.570179][T13080] __sys_recvmmsg+0x4ca/0x510 [ 647.490190][T13072] __sys_recvmmsg+0x4ca/0x510 [ 647.570179][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.490190][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.570179][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.490190][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.570179][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 647.490190][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 647.570179][T13080] do_fast_syscall_32+0x6b/0xd0 [ 647.490190][T13072] do_fast_syscall_32+0x6b/0xd0 [ 647.570179][T13080] do_SYSENTER_32+0x73/0x90 [ 647.490190][T13072] do_SYSENTER_32+0x73/0x90 [ 647.570179][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.490190][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.570179][T13080] [ 647.490190][T13072] [ 647.570179][T13080] Uninit was stored to memory at: [ 647.490190][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 647.570179][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 647.490190][T13072] do_recvmmsg+0xc5/0x1ee0 [ 647.570179][T13080] __msan_chain_origin+0x50/0x90 [ 647.490190][T13072] do_recvmmsg+0xc5/0x1ee0 [ 647.570179][T13080] __get_compat_msghdr+0x5be/0x890 [ 647.570179][T13080] get_compat_msghdr+0x108/0x270 [ 647.570179][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 647.570179][T13080] __sys_recvmmsg+0x4ca/0x510 [ 647.570179][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.570179][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.570179][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 647.570179][T13080] do_fast_syscall_32+0x6b/0xd0 [ 647.570179][T13080] do_SYSENTER_32+0x73/0x90 [ 647.570179][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.570179][T13080] [ 647.570179][T13080] Uninit was stored to memory at: [ 647.570179][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 647.570179][T13080] __msan_chain_origin+0x50/0x90 [ 647.570179][T13080] __get_compat_msghdr+0x5be/0x890 [ 647.570179][T13080] get_compat_msghdr+0x108/0x270 [ 647.570179][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 647.570179][T13080] __sys_recvmmsg+0x4ca/0x510 [ 647.570179][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 647.570179][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 647.570179][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 647.570179][T13080] do_fast_syscall_32+0x6b/0xd0 [ 647.570179][T13080] do_SYSENTER_32+0x73/0x90 [ 647.570179][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 647.570179][T13080] [ 647.570179][T13080] Uninit was stored to memory at: [ 647.570179][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 647.570179][T13080] __msan_chain_origin+0x50/0x90 [ 647.570179][T13080] __get_compat_msghdr+0x5be/0x890 [ 647.570179][T13080] get_compat_msghdr+0x108/0x270 [ 647.570179][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 647.570179][T13080] __sys_recvmmsg+0x4ca/0x510 [ 647.570179][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 648.812955][T13012] not chained 2480000 origins [ 647.570179][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 648.819907][T13012] CPU: 1 PID: 13012 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 647.570179][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 648.820136][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 647.570179][T13080] do_fast_syscall_32+0x6b/0xd0 [ 648.820136][T13012] Call Trace: [ 647.570179][T13080] do_SYSENTER_32+0x73/0x90 [ 648.820136][T13012] dump_stack+0x1df/0x240 [ 647.570179][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 648.820136][T13012] kmsan_internal_chain_origin+0x6f/0x130 [ 647.570179][T13080] [ 648.820136][T13012] ? skb_recv_datagram+0x3ec/0x480 [ 647.570179][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 648.820136][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 647.570179][T13080] do_recvmmsg+0xc5/0x1ee0 [ 648.820136][T13012] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 647.570179][T13080] do_recvmmsg+0xc5/0x1ee0 [ 648.820136][T13012] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 648.914204][T13012] ? bt_sock_recvmsg+0x564/0xa00 [ 648.920247][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 648.927316][T13012] ? kmsan_set_origin_checked+0x95/0xf0 [ 648.927316][T13012] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 648.927316][T13012] ? _copy_from_user+0x15b/0x260 [ 648.927316][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 648.927316][T13012] __msan_chain_origin+0x50/0x90 [ 648.927316][T13012] __get_compat_msghdr+0x5be/0x890 [ 648.927316][T13012] get_compat_msghdr+0x108/0x270 [ 648.961848][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 648.927316][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 648.927316][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 648.927316][T13012] ? kmsan_get_metadata+0x4f/0x180 [ 648.927316][T13012] ? kmsan_internal_set_origin+0x75/0xb0 [ 648.927316][T13012] ? __msan_poison_alloca+0xf0/0x120 [ 648.927316][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 648.927316][T13012] ? __sys_recvmmsg+0xb4/0x510 [ 648.927316][T13012] ? kmsan_get_metadata+0x11d/0x180 [ 648.927316][T13012] __sys_recvmmsg+0x4ca/0x510 [ 648.927316][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 648.927316][T13012] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 648.927316][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 648.927316][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 649.040671][T13012] do_fast_syscall_32+0x6b/0xd0 [ 649.040671][T13012] do_SYSENTER_32+0x73/0x90 [ 649.051633][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 649.040671][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 649.040671][T13012] RIP: 0023:0xf7f4d549 [ 649.040671][T13012] Code: Bad RIP value. [ 649.040671][T13012] RSP: 002b:00000000f5d480cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 649.040671][T13012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 649.040671][T13012] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 649.040671][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 649.040671][T13012] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 649.040671][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 649.040671][T13012] Uninit was stored to memory at: [ 649.040671][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 649.040671][T13012] __msan_chain_origin+0x50/0x90 [ 649.040671][T13012] __get_compat_msghdr+0x5be/0x890 [ 649.040671][T13012] get_compat_msghdr+0x108/0x270 [ 649.040671][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 649.040671][T13012] __sys_recvmmsg+0x4ca/0x510 [ 649.040671][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 649.040671][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 649.040671][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 649.040671][T13012] do_fast_syscall_32+0x6b/0xd0 [ 649.040671][T13012] do_SYSENTER_32+0x73/0x90 [ 649.040671][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 649.040671][T13012] [ 649.040671][T13012] Uninit was stored to memory at: [ 649.040671][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 649.040671][T13012] __msan_chain_origin+0x50/0x90 [ 649.040671][T13012] __get_compat_msghdr+0x5be/0x890 [ 649.040671][T13012] get_compat_msghdr+0x108/0x270 [ 649.040671][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 649.040671][T13012] __sys_recvmmsg+0x4ca/0x510 [ 649.040671][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 649.040671][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 649.040671][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 649.040671][T13012] do_fast_syscall_32+0x6b/0xd0 [ 649.040671][T13012] do_SYSENTER_32+0x73/0x90 [ 649.040671][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 649.040671][T13012] [ 649.040671][T13012] Uninit was stored to memory at: [ 649.040671][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 649.040671][T13012] __msan_chain_origin+0x50/0x90 [ 649.040671][T13012] __get_compat_msghdr+0x5be/0x890 [ 649.040671][T13012] get_compat_msghdr+0x108/0x270 [ 649.040671][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 649.040671][T13012] __sys_recvmmsg+0x4ca/0x510 [ 649.040671][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 649.040671][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 649.040671][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 649.040671][T13012] do_fast_syscall_32+0x6b/0xd0 [ 649.040671][T13012] do_SYSENTER_32+0x73/0x90 [ 649.040671][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 649.040671][T13012] [ 649.040671][T13012] Uninit was stored to memory at: [ 649.040671][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 649.040671][T13012] __msan_chain_origin+0x50/0x90 [ 649.040671][T13012] __get_compat_msghdr+0x5be/0x890 [ 649.040671][T13012] get_compat_msghdr+0x108/0x270 [ 649.040671][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 649.040671][T13012] __sys_recvmmsg+0x4ca/0x510 [ 649.040671][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 649.040671][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 649.040671][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 649.040671][T13012] do_fast_syscall_32+0x6b/0xd0 [ 649.040671][T13012] do_SYSENTER_32+0x73/0x90 [ 649.040671][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 649.040671][T13012] [ 649.040671][T13012] Uninit was stored to memory at: [ 649.040671][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 649.040671][T13012] __msan_chain_origin+0x50/0x90 [ 649.040671][T13012] __get_compat_msghdr+0x5be/0x890 [ 649.040671][T13012] get_compat_msghdr+0x108/0x270 [ 649.040671][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 649.040671][T13012] __sys_recvmmsg+0x4ca/0x510 [ 649.040671][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 649.040671][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 649.040671][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 649.040671][T13012] do_fast_syscall_32+0x6b/0xd0 [ 649.040671][T13012] do_SYSENTER_32+0x73/0x90 [ 649.040671][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 649.040671][T13012] [ 649.040671][T13012] Uninit was stored to memory at: [ 649.040671][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 649.040671][T13012] __msan_chain_origin+0x50/0x90 [ 649.040671][T13012] __get_compat_msghdr+0x5be/0x890 [ 649.040671][T13012] get_compat_msghdr+0x108/0x270 [ 649.040671][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 649.040671][T13012] __sys_recvmmsg+0x4ca/0x510 [ 649.040671][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 649.040671][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 649.040671][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 649.040671][T13012] do_fast_syscall_32+0x6b/0xd0 [ 649.040671][T13012] do_SYSENTER_32+0x73/0x90 [ 649.040671][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 649.040671][T13012] [ 649.040671][T13012] Uninit was stored to memory at: [ 649.040671][T13012] kmsan_internal_chain_origin+0xad/0x130 [ 649.040671][T13012] __msan_chain_origin+0x50/0x90 [ 649.040671][T13012] __get_compat_msghdr+0x5be/0x890 [ 649.040671][T13012] get_compat_msghdr+0x108/0x270 [ 649.040671][T13012] do_recvmmsg+0xa6a/0x1ee0 [ 649.040671][T13012] __sys_recvmmsg+0x4ca/0x510 [ 649.040671][T13012] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 649.040671][T13012] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 649.040671][T13012] __do_fast_syscall_32+0x2aa/0x400 [ 649.040671][T13012] do_fast_syscall_32+0x6b/0xd0 [ 649.040671][T13012] do_SYSENTER_32+0x73/0x90 [ 649.040671][T13012] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 649.040671][T13012] [ 649.040671][T13012] Local variable ----msg_sys@do_recvmmsg created at: [ 649.040671][T13012] do_recvmmsg+0xc5/0x1ee0 [ 649.040671][T13012] do_recvmmsg+0xc5/0x1ee0 [ 649.687337][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 649.727814][T13041] not chained 2490000 origins [ 649.730181][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 649.734469][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 649.730181][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 649.730181][T13041] Call Trace: [ 649.730181][T13041] dump_stack+0x1df/0x240 [ 649.730181][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 649.730181][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 649.730181][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 649.730181][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 649.730181][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 649.730181][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 649.730181][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 649.730181][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 649.730181][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 649.730181][T13041] ? _copy_from_user+0x15b/0x260 [ 649.730181][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 649.730181][T13041] __msan_chain_origin+0x50/0x90 [ 649.730181][T13041] __get_compat_msghdr+0x5be/0x890 [ 649.730181][T13041] get_compat_msghdr+0x108/0x270 [ 649.770275][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 649.770275][T13041] ? idle_cpu+0x9a/0x1d0 [ 649.770275][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 649.770275][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 649.770275][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 649.770275][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 649.770275][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 649.770275][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 649.770275][T13041] __sys_recvmmsg+0x4ca/0x510 [ 649.770275][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 649.770275][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 649.770275][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 649.900306][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 649.900306][T13041] do_fast_syscall_32+0x6b/0xd0 [ 649.900306][T13041] do_SYSENTER_32+0x73/0x90 [ 649.900306][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 649.920486][T13041] RIP: 0023:0xf7fd6549 [ 649.920486][T13041] Code: Bad RIP value. [ 649.920486][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 649.938324][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 649.920486][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 649.920486][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 649.920486][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 649.920486][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 649.920486][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 649.920486][T13041] Uninit was stored to memory at: [ 649.920486][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 649.920486][T13041] __msan_chain_origin+0x50/0x90 [ 649.920486][T13041] __get_compat_msghdr+0x5be/0x890 [ 649.920486][T13041] get_compat_msghdr+0x108/0x270 [ 649.920486][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 649.920486][T13041] __sys_recvmmsg+0x4ca/0x510 [ 649.920486][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 649.970421][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 649.970421][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.040286][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.040286][T13041] do_SYSENTER_32+0x73/0x90 [ 650.040286][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.040286][T13041] [ 650.040286][T13041] Uninit was stored to memory at: [ 650.040286][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 650.040286][T13041] __msan_chain_origin+0x50/0x90 [ 650.040286][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.040286][T13041] get_compat_msghdr+0x108/0x270 [ 650.040286][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.040286][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.040286][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.040286][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.040286][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.040286][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.040286][T13041] do_SYSENTER_32+0x73/0x90 [ 650.040286][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.124492][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 650.040286][T13041] [ 650.040286][T13041] Uninit was stored to memory at: [ 650.040286][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 650.040286][T13041] __msan_chain_origin+0x50/0x90 [ 650.040286][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.040286][T13041] get_compat_msghdr+0x108/0x270 [ 650.040286][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.040286][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.040286][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.174361][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 650.040286][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.040286][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.040286][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.040286][T13041] do_SYSENTER_32+0x73/0x90 [ 650.040286][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.214996][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 650.040286][T13041] [ 650.040286][T13041] Uninit was stored to memory at: [ 650.228297][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 650.040286][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 650.040286][T13041] __msan_chain_origin+0x50/0x90 [ 650.040286][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.040286][T13041] get_compat_msghdr+0x108/0x270 [ 650.040286][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.040286][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.040286][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.040286][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.040286][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.040286][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.040286][T13041] do_SYSENTER_32+0x73/0x90 [ 650.040286][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.040286][T13041] [ 650.040286][T13041] Uninit was stored to memory at: [ 650.040286][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 650.040286][T13041] __msan_chain_origin+0x50/0x90 [ 650.040286][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.040286][T13041] get_compat_msghdr+0x108/0x270 [ 650.040286][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.040286][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.040286][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.040286][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.040286][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.040286][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.040286][T13041] do_SYSENTER_32+0x73/0x90 [ 650.040286][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.040286][T13041] [ 650.040286][T13041] Uninit was stored to memory at: [ 650.040286][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 650.040286][T13041] __msan_chain_origin+0x50/0x90 [ 650.040286][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.040286][T13041] get_compat_msghdr+0x108/0x270 [ 650.040286][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.040286][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.040286][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.040286][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.040286][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.040286][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.040286][T13041] do_SYSENTER_32+0x73/0x90 [ 650.040286][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.040286][T13041] [ 650.040286][T13041] Uninit was stored to memory at: [ 650.040286][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 650.040286][T13041] __msan_chain_origin+0x50/0x90 [ 650.040286][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.040286][T13041] get_compat_msghdr+0x108/0x270 [ 650.040286][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.040286][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.040286][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.040286][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.040286][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.040286][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.040286][T13041] do_SYSENTER_32+0x73/0x90 [ 650.040286][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.040286][T13041] [ 650.040286][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 650.040286][T13041] do_recvmmsg+0xc5/0x1ee0 [ 650.040286][T13041] do_recvmmsg+0xc5/0x1ee0 [ 650.815480][T13072] not chained 2500000 origins [ 650.820179][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 650.820186][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 650.820186][T13072] Call Trace: [ 650.820186][T13072] dump_stack+0x1df/0x240 [ 650.845883][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 650.845883][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 650.845883][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 650.845883][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 650.845883][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 650.872514][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 650.872514][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 650.872514][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 650.872514][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 650.872514][T13072] ? _copy_from_user+0x15b/0x260 [ 650.872514][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 650.872514][T13072] __msan_chain_origin+0x50/0x90 [ 650.872514][T13072] __get_compat_msghdr+0x5be/0x890 [ 650.872514][T13072] get_compat_msghdr+0x108/0x270 [ 650.872514][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 650.872514][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 650.872514][T13072] ? sched_clock_cpu+0x7c/0x930 [ 650.872514][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 650.872514][T13072] ? sched_clock_cpu+0x7c/0x930 [ 650.872514][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 650.872514][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 650.872514][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 650.872514][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 650.872514][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 650.872514][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 650.872514][T13072] __sys_recvmmsg+0x4ca/0x510 [ 650.872514][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.872514][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 650.872514][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.872514][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 650.872514][T13072] do_fast_syscall_32+0x6b/0xd0 [ 650.872514][T13072] do_SYSENTER_32+0x73/0x90 [ 650.872514][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.872514][T13072] RIP: 0023:0xf7fbe549 [ 650.872514][T13072] Code: Bad RIP value. [ 650.872514][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 650.872514][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 650.872514][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 650.872514][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 650.872514][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 650.872514][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 650.872514][T13072] Uninit was stored to memory at: [ 650.872514][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 650.872514][T13072] __msan_chain_origin+0x50/0x90 [ 651.094090][T13041] not chained 2510000 origins [ 650.872514][T13072] __get_compat_msghdr+0x5be/0x890 [ 651.099440][T13041] CPU: 1 PID: 13041 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 650.872514][T13072] get_compat_msghdr+0x108/0x270 [ 651.100139][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 650.872514][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 651.100139][T13041] Call Trace: [ 650.872514][T13072] __sys_recvmmsg+0x4ca/0x510 [ 651.100139][T13041] dump_stack+0x1df/0x240 [ 650.872514][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 651.100139][T13041] kmsan_internal_chain_origin+0x6f/0x130 [ 650.872514][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 651.100139][T13041] ? skb_recv_datagram+0x3ec/0x480 [ 650.872514][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 651.100139][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 650.872514][T13072] do_fast_syscall_32+0x6b/0xd0 [ 651.100139][T13041] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 650.872514][T13072] do_SYSENTER_32+0x73/0x90 [ 651.100139][T13041] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 650.872514][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 651.100139][T13041] ? bt_sock_recvmsg+0x564/0xa00 [ 650.872514][T13072] [ 651.100139][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 650.872514][T13072] Uninit was stored to memory at: [ 651.100139][T13041] ? kmsan_set_origin_checked+0x95/0xf0 [ 650.872514][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 651.100139][T13041] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 650.872514][T13072] __msan_chain_origin+0x50/0x90 [ 651.100139][T13041] ? _copy_from_user+0x15b/0x260 [ 650.872514][T13072] __get_compat_msghdr+0x5be/0x890 [ 651.100139][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 650.872514][T13072] get_compat_msghdr+0x108/0x270 [ 651.100139][T13041] __msan_chain_origin+0x50/0x90 [ 650.872514][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 651.100139][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.872514][T13072] __sys_recvmmsg+0x4ca/0x510 [ 651.100139][T13041] get_compat_msghdr+0x108/0x270 [ 650.872514][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 651.100139][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.872514][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 651.100139][T13041] ? idle_cpu+0x9a/0x1d0 [ 650.872514][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 651.100139][T13041] ? kmsan_get_metadata+0x4f/0x180 [ 650.872514][T13072] do_fast_syscall_32+0x6b/0xd0 [ 651.100139][T13041] ? kmsan_internal_set_origin+0x75/0xb0 [ 650.872514][T13072] do_SYSENTER_32+0x73/0x90 [ 651.100139][T13041] ? __msan_poison_alloca+0xf0/0x120 [ 650.872514][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 651.100139][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 650.872514][T13072] [ 651.100139][T13041] ? __sys_recvmmsg+0xb4/0x510 [ 650.872514][T13072] Uninit was stored to memory at: [ 651.100139][T13041] ? kmsan_get_metadata+0x11d/0x180 [ 650.872514][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 651.100139][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.872514][T13072] __msan_chain_origin+0x50/0x90 [ 651.100139][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.872514][T13072] __get_compat_msghdr+0x5be/0x890 [ 651.100139][T13041] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 650.872514][T13072] get_compat_msghdr+0x108/0x270 [ 651.100139][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.872514][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 651.100139][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.872514][T13072] __sys_recvmmsg+0x4ca/0x510 [ 651.100139][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.872514][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 651.100139][T13041] do_SYSENTER_32+0x73/0x90 [ 650.872514][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 651.100139][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.872514][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 651.100139][T13041] RIP: 0023:0xf7fd6549 [ 650.872514][T13072] do_fast_syscall_32+0x6b/0xd0 [ 651.100139][T13041] Code: Bad RIP value. [ 650.872514][T13072] do_SYSENTER_32+0x73/0x90 [ 651.100139][T13041] RSP: 002b:00000000f5dd10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 650.872514][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 651.100139][T13041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 650.872514][T13072] [ 651.100139][T13041] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 650.872514][T13072] Uninit was stored to memory at: [ 651.100139][T13041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 650.872514][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 651.100139][T13041] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 650.872514][T13072] __msan_chain_origin+0x50/0x90 [ 651.100139][T13041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 650.872514][T13072] __get_compat_msghdr+0x5be/0x890 [ 651.100139][T13041] Uninit was stored to memory at: [ 650.872514][T13072] get_compat_msghdr+0x108/0x270 [ 651.100139][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 650.872514][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 651.100139][T13041] __msan_chain_origin+0x50/0x90 [ 650.872514][T13072] __sys_recvmmsg+0x4ca/0x510 [ 651.100139][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.872514][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 651.100139][T13041] get_compat_msghdr+0x108/0x270 [ 650.872514][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 651.100139][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.872514][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 651.100139][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.872514][T13072] do_fast_syscall_32+0x6b/0xd0 [ 651.100139][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.872514][T13072] do_SYSENTER_32+0x73/0x90 [ 651.100139][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.872514][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 651.100139][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.872514][T13072] [ 651.100139][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.872514][T13072] Uninit was stored to memory at: [ 651.100139][T13041] do_SYSENTER_32+0x73/0x90 [ 650.872514][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 651.100139][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.872514][T13072] __msan_chain_origin+0x50/0x90 [ 651.100139][T13041] [ 650.872514][T13072] __get_compat_msghdr+0x5be/0x890 [ 651.100139][T13041] Uninit was stored to memory at: [ 650.872514][T13072] get_compat_msghdr+0x108/0x270 [ 651.100139][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 650.872514][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 651.100139][T13041] __msan_chain_origin+0x50/0x90 [ 650.872514][T13072] __sys_recvmmsg+0x4ca/0x510 [ 651.100139][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.872514][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 651.100139][T13041] get_compat_msghdr+0x108/0x270 [ 650.872514][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 651.100139][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.872514][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 651.100139][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.872514][T13072] do_fast_syscall_32+0x6b/0xd0 [ 651.100139][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.872514][T13072] do_SYSENTER_32+0x73/0x90 [ 651.100139][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.872514][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 651.100139][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.872514][T13072] [ 651.100139][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.872514][T13072] Uninit was stored to memory at: [ 651.100139][T13041] do_SYSENTER_32+0x73/0x90 [ 650.872514][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 651.100139][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.872514][T13072] __msan_chain_origin+0x50/0x90 [ 651.100139][T13041] [ 650.872514][T13072] __get_compat_msghdr+0x5be/0x890 [ 651.100139][T13041] Uninit was stored to memory at: [ 650.872514][T13072] get_compat_msghdr+0x108/0x270 [ 651.100139][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 650.872514][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 651.100139][T13041] __msan_chain_origin+0x50/0x90 [ 650.872514][T13072] __sys_recvmmsg+0x4ca/0x510 [ 651.100139][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.872514][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 651.100139][T13041] get_compat_msghdr+0x108/0x270 [ 650.872514][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 651.100139][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.872514][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 651.100139][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.872514][T13072] do_fast_syscall_32+0x6b/0xd0 [ 651.100139][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.872514][T13072] do_SYSENTER_32+0x73/0x90 [ 651.100139][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.872514][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 651.100139][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.872514][T13072] [ 651.100139][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.872514][T13072] Uninit was stored to memory at: [ 651.100139][T13041] do_SYSENTER_32+0x73/0x90 [ 650.872514][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 651.100139][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.872514][T13072] __msan_chain_origin+0x50/0x90 [ 651.100139][T13041] [ 650.872514][T13072] __get_compat_msghdr+0x5be/0x890 [ 651.100139][T13041] Uninit was stored to memory at: [ 650.872514][T13072] get_compat_msghdr+0x108/0x270 [ 651.100139][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 650.872514][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 651.100139][T13041] __msan_chain_origin+0x50/0x90 [ 650.872514][T13072] __sys_recvmmsg+0x4ca/0x510 [ 651.100139][T13041] __get_compat_msghdr+0x5be/0x890 [ 650.872514][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 651.100139][T13041] get_compat_msghdr+0x108/0x270 [ 650.872514][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 651.100139][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 650.872514][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 651.100139][T13041] __sys_recvmmsg+0x4ca/0x510 [ 650.872514][T13072] do_fast_syscall_32+0x6b/0xd0 [ 651.100139][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 650.872514][T13072] do_SYSENTER_32+0x73/0x90 [ 651.100139][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 650.872514][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 651.100139][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 650.872514][T13072] [ 651.100139][T13041] do_fast_syscall_32+0x6b/0xd0 [ 650.872514][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 651.100139][T13041] do_SYSENTER_32+0x73/0x90 [ 650.872514][T13072] do_recvmmsg+0xc5/0x1ee0 [ 651.100139][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 650.872514][T13072] do_recvmmsg+0xc5/0x1ee0 [ 651.100139][T13041] [ 652.109177][T13041] Uninit was stored to memory at: [ 652.109177][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 652.115272][T13041] __msan_chain_origin+0x50/0x90 [ 652.115272][T13041] __get_compat_msghdr+0x5be/0x890 [ 652.115272][T13041] get_compat_msghdr+0x108/0x270 [ 652.132970][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 652.132970][T13041] __sys_recvmmsg+0x4ca/0x510 [ 652.132970][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 652.132970][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 652.132970][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 652.132970][T13041] do_fast_syscall_32+0x6b/0xd0 [ 652.132970][T13041] do_SYSENTER_32+0x73/0x90 [ 652.132970][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 652.132970][T13041] [ 652.132970][T13041] Uninit was stored to memory at: [ 652.132970][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 652.132970][T13041] __msan_chain_origin+0x50/0x90 [ 652.132970][T13041] __get_compat_msghdr+0x5be/0x890 [ 652.132970][T13041] get_compat_msghdr+0x108/0x270 [ 652.132970][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 652.132970][T13041] __sys_recvmmsg+0x4ca/0x510 [ 652.132970][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 652.132970][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 652.132970][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 652.132970][T13041] do_fast_syscall_32+0x6b/0xd0 [ 652.132970][T13041] do_SYSENTER_32+0x73/0x90 [ 652.132970][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 652.132970][T13041] [ 652.132970][T13041] Uninit was stored to memory at: [ 652.132970][T13041] kmsan_internal_chain_origin+0xad/0x130 [ 652.132970][T13041] __msan_chain_origin+0x50/0x90 [ 652.132970][T13041] __get_compat_msghdr+0x5be/0x890 [ 652.132970][T13041] get_compat_msghdr+0x108/0x270 [ 652.132970][T13041] do_recvmmsg+0xa6a/0x1ee0 [ 652.132970][T13041] __sys_recvmmsg+0x4ca/0x510 [ 652.132970][T13041] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 652.132970][T13041] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 652.132970][T13041] __do_fast_syscall_32+0x2aa/0x400 [ 652.132970][T13041] do_fast_syscall_32+0x6b/0xd0 [ 652.132970][T13041] do_SYSENTER_32+0x73/0x90 [ 652.132970][T13041] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 652.132970][T13041] [ 652.132970][T13041] Local variable ----msg_sys@do_recvmmsg created at: [ 652.132970][T13041] do_recvmmsg+0xc5/0x1ee0 [ 652.132970][T13041] do_recvmmsg+0xc5/0x1ee0 [ 652.627503][T13080] not chained 2520000 origins [ 652.630154][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 652.630154][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 652.643700][T13080] Call Trace: [ 652.643700][T13080] dump_stack+0x1df/0x240 [ 652.643700][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 652.643700][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 652.643700][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 652.643700][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 652.676360][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 652.676360][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 652.676360][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 652.695282][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 652.676360][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 652.710180][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 652.710180][T13080] ? _copy_from_user+0x15b/0x260 [ 652.710180][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 652.724472][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 652.710180][T13080] __msan_chain_origin+0x50/0x90 [ 652.710180][T13080] __get_compat_msghdr+0x5be/0x890 [ 652.744267][T13080] get_compat_msghdr+0x108/0x270 [ 652.748452][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 652.744267][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 652.744267][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 652.765330][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 652.744267][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 652.777313][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 652.777313][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 652.777313][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 652.777313][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 652.777313][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 652.777313][T13080] __sys_recvmmsg+0x4ca/0x510 [ 652.777313][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 652.777313][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 652.777313][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 652.777313][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 652.834340][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 652.777313][T13080] do_fast_syscall_32+0x6b/0xd0 [ 652.844953][T13080] do_SYSENTER_32+0x73/0x90 [ 652.844953][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 652.844953][T13080] RIP: 0023:0xf7fbe549 [ 652.844953][T13080] Code: Bad RIP value. [ 652.844953][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 652.844953][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 652.844953][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 652.885965][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 652.844953][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 652.844953][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 652.844953][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 652.844953][T13080] Uninit was stored to memory at: [ 652.844953][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 652.844953][T13080] __msan_chain_origin+0x50/0x90 [ 652.844953][T13080] __get_compat_msghdr+0x5be/0x890 [ 652.844953][T13080] get_compat_msghdr+0x108/0x270 [ 652.844953][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 652.844953][T13080] __sys_recvmmsg+0x4ca/0x510 [ 652.844953][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 652.844953][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 652.844953][T13080] __do_fast_syscall_32+0x2aa/0x400 14:03:10 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, 0x0, 0x22b41b9a8748b1b5, 0x0, 0x0, 0x800e00510) readv(r0, &(0x7f0000001740)=[{&(0x7f00000001c0)=""/130, 0x82}], 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)=""/177, 0xb1}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r2, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00515) shutdown(r1, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x712, 0x0) r4 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fcntl$lock(r4, 0x8, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x100000001}) flock(r3, 0x40000003) shutdown(r2, 0x0) 14:03:10 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)=@in6={0x1c, 0x1c, 0x3}, 0x1c) setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x32, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYBLOB=' \x00@'], 0x8) 14:03:10 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)=@in6={0x1c, 0x1c, 0x3}, 0x1c) setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x32, &(0x7f0000000200)=ANY=[], 0x8) 14:03:10 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/if_inet6\x00') sendfile(r0, r1, 0x0, 0x320f) [ 652.844953][T13080] do_fast_syscall_32+0x6b/0xd0 [ 652.844953][T13080] do_SYSENTER_32+0x73/0x90 [ 652.844953][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 652.991827][T13080] [ 652.991827][T13080] Uninit was stored to memory at: [ 652.991827][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 652.991827][T13080] __msan_chain_origin+0x50/0x90 [ 652.991827][T13080] __get_compat_msghdr+0x5be/0x890 [ 652.991827][T13080] get_compat_msghdr+0x108/0x270 [ 652.991827][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 652.991827][T13080] __sys_recvmmsg+0x4ca/0x510 [ 652.991827][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 652.991827][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 653.043236][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 653.043236][T13080] do_fast_syscall_32+0x6b/0xd0 [ 653.050364][T13080] do_SYSENTER_32+0x73/0x90 [ 653.050364][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 653.050364][T13080] [ 653.050364][T13080] Uninit was stored to memory at: [ 653.050364][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 653.050364][T13080] __msan_chain_origin+0x50/0x90 [ 653.050364][T13080] __get_compat_msghdr+0x5be/0x890 [ 653.050364][T13080] get_compat_msghdr+0x108/0x270 [ 653.050364][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 653.050364][T13080] __sys_recvmmsg+0x4ca/0x510 [ 653.050364][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 653.050364][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 653.050364][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 653.050364][T13080] do_fast_syscall_32+0x6b/0xd0 [ 653.120320][T13080] do_SYSENTER_32+0x73/0x90 [ 653.120320][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 653.120320][T13080] [ 653.120320][T13080] Uninit was stored to memory at: [ 653.120320][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 653.120320][T13080] __msan_chain_origin+0x50/0x90 [ 653.120320][T13080] __get_compat_msghdr+0x5be/0x890 [ 653.120320][T13080] get_compat_msghdr+0x108/0x270 [ 653.120320][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 653.120320][T13080] __sys_recvmmsg+0x4ca/0x510 [ 653.120320][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 653.120320][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 653.120320][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 653.120320][T13080] do_fast_syscall_32+0x6b/0xd0 [ 653.190233][T13080] do_SYSENTER_32+0x73/0x90 [ 653.190233][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 653.190233][T13080] [ 653.190233][T13080] Uninit was stored to memory at: [ 653.190233][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 653.190233][T13080] __msan_chain_origin+0x50/0x90 [ 653.190233][T13080] __get_compat_msghdr+0x5be/0x890 [ 653.190233][T13080] get_compat_msghdr+0x108/0x270 [ 653.190233][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 653.190233][T13080] __sys_recvmmsg+0x4ca/0x510 [ 653.190233][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 653.190233][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 653.190233][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 653.190233][T13080] do_fast_syscall_32+0x6b/0xd0 [ 653.260268][T13080] do_SYSENTER_32+0x73/0x90 [ 653.260268][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 653.260268][T13080] [ 653.260268][T13080] Uninit was stored to memory at: [ 653.260268][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 653.260268][T13080] __msan_chain_origin+0x50/0x90 [ 653.260268][T13080] __get_compat_msghdr+0x5be/0x890 [ 653.260268][T13080] get_compat_msghdr+0x108/0x270 [ 653.260268][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 653.260268][T13080] __sys_recvmmsg+0x4ca/0x510 [ 653.260268][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 653.260268][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 653.260268][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 653.260268][T13080] do_fast_syscall_32+0x6b/0xd0 [ 653.260268][T13080] do_SYSENTER_32+0x73/0x90 [ 653.260268][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 653.260268][T13080] [ 653.260268][T13080] Uninit was stored to memory at: [ 653.260268][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 653.260268][T13080] __msan_chain_origin+0x50/0x90 [ 653.360308][T13080] __get_compat_msghdr+0x5be/0x890 [ 653.360308][T13080] get_compat_msghdr+0x108/0x270 [ 653.360308][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 653.360308][T13080] __sys_recvmmsg+0x4ca/0x510 [ 653.360308][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 653.360308][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 653.360308][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 653.360308][T13080] do_fast_syscall_32+0x6b/0xd0 [ 653.360308][T13080] do_SYSENTER_32+0x73/0x90 [ 653.360308][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 653.360308][T13080] [ 653.360308][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 653.360308][T13080] do_recvmmsg+0xc5/0x1ee0 [ 653.360308][T13080] do_recvmmsg+0xc5/0x1ee0 [ 653.445938][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 654.304869][T13072] not chained 2530000 origins [ 654.309580][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 654.310146][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 654.310146][T13072] Call Trace: [ 654.310146][T13072] dump_stack+0x1df/0x240 [ 654.310146][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 654.310146][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 654.310146][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 654.310146][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 654.310146][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 654.310146][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 654.310146][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 654.310146][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 654.310146][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 654.310146][T13072] ? _copy_from_user+0x15b/0x260 [ 654.310146][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 654.310146][T13072] __msan_chain_origin+0x50/0x90 [ 654.310146][T13072] __get_compat_msghdr+0x5be/0x890 [ 654.310146][T13072] get_compat_msghdr+0x108/0x270 [ 654.310146][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 654.310146][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 654.310146][T13072] ? sched_clock_cpu+0x7c/0x930 [ 654.310146][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 654.310146][T13072] ? sched_clock_cpu+0x7c/0x930 [ 654.310146][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 654.310146][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 654.310146][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 654.310146][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 654.310146][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 654.310146][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 654.310146][T13072] __sys_recvmmsg+0x4ca/0x510 [ 654.310146][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 654.310146][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 654.310146][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 654.310146][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 654.310146][T13072] do_fast_syscall_32+0x6b/0xd0 [ 654.310146][T13072] do_SYSENTER_32+0x73/0x90 [ 654.310146][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 654.310146][T13072] RIP: 0023:0xf7fbe549 [ 654.310146][T13072] Code: Bad RIP value. [ 654.310146][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 654.310146][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 654.310146][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 654.310146][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 654.310146][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 654.310146][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 654.310146][T13072] Uninit was stored to memory at: [ 654.310146][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 654.310146][T13072] __msan_chain_origin+0x50/0x90 [ 654.310146][T13072] __get_compat_msghdr+0x5be/0x890 [ 654.310146][T13072] get_compat_msghdr+0x108/0x270 [ 654.310146][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 654.310146][T13072] __sys_recvmmsg+0x4ca/0x510 [ 654.310146][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 654.310146][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 654.310146][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 654.310146][T13072] do_fast_syscall_32+0x6b/0xd0 [ 654.310146][T13072] do_SYSENTER_32+0x73/0x90 [ 654.310146][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 654.310146][T13072] [ 654.310146][T13072] Uninit was stored to memory at: [ 654.310146][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 654.310146][T13072] __msan_chain_origin+0x50/0x90 [ 654.310146][T13072] __get_compat_msghdr+0x5be/0x890 [ 654.310146][T13072] get_compat_msghdr+0x108/0x270 [ 654.310146][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 654.310146][T13072] __sys_recvmmsg+0x4ca/0x510 [ 654.310146][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 654.310146][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 654.310146][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 654.310146][T13072] do_fast_syscall_32+0x6b/0xd0 [ 654.310146][T13072] do_SYSENTER_32+0x73/0x90 [ 654.310146][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 654.310146][T13072] [ 654.310146][T13072] Uninit was stored to memory at: [ 654.310146][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 654.310146][T13072] __msan_chain_origin+0x50/0x90 [ 654.310146][T13072] __get_compat_msghdr+0x5be/0x890 [ 654.310146][T13072] get_compat_msghdr+0x108/0x270 [ 654.310146][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 654.310146][T13072] __sys_recvmmsg+0x4ca/0x510 [ 654.310146][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 654.310146][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 654.310146][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 654.310146][T13072] do_fast_syscall_32+0x6b/0xd0 [ 654.310146][T13072] do_SYSENTER_32+0x73/0x90 [ 654.310146][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 654.310146][T13072] [ 654.310146][T13072] Uninit was stored to memory at: [ 654.310146][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 654.310146][T13072] __msan_chain_origin+0x50/0x90 [ 654.310146][T13072] __get_compat_msghdr+0x5be/0x890 [ 654.310146][T13072] get_compat_msghdr+0x108/0x270 [ 654.310146][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 654.310146][T13072] __sys_recvmmsg+0x4ca/0x510 [ 654.310146][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 654.310146][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 654.310146][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 654.310146][T13072] do_fast_syscall_32+0x6b/0xd0 [ 654.310146][T13072] do_SYSENTER_32+0x73/0x90 [ 654.310146][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 654.310146][T13072] [ 654.310146][T13072] Uninit was stored to memory at: [ 654.310146][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 654.310146][T13072] __msan_chain_origin+0x50/0x90 [ 654.310146][T13072] __get_compat_msghdr+0x5be/0x890 [ 654.310146][T13072] get_compat_msghdr+0x108/0x270 [ 654.310146][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 654.310146][T13072] __sys_recvmmsg+0x4ca/0x510 [ 654.310146][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 654.310146][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 654.310146][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 654.310146][T13072] do_fast_syscall_32+0x6b/0xd0 [ 654.310146][T13072] do_SYSENTER_32+0x73/0x90 [ 654.310146][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 654.310146][T13072] [ 654.310146][T13072] Uninit was stored to memory at: [ 654.310146][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 654.310146][T13072] __msan_chain_origin+0x50/0x90 [ 654.310146][T13072] __get_compat_msghdr+0x5be/0x890 [ 654.310146][T13072] get_compat_msghdr+0x108/0x270 [ 654.310146][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 654.310146][T13072] __sys_recvmmsg+0x4ca/0x510 [ 654.310146][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 654.310146][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 654.310146][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 654.310146][T13072] do_fast_syscall_32+0x6b/0xd0 [ 654.310146][T13072] do_SYSENTER_32+0x73/0x90 [ 654.310146][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 654.310146][T13072] [ 654.310146][T13072] Uninit was stored to memory at: [ 654.310146][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 654.310146][T13072] __msan_chain_origin+0x50/0x90 [ 654.310146][T13072] __get_compat_msghdr+0x5be/0x890 [ 654.310146][T13072] get_compat_msghdr+0x108/0x270 [ 654.310146][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 654.310146][T13072] __sys_recvmmsg+0x4ca/0x510 [ 654.310146][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 654.310146][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 654.310146][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 654.310146][T13072] do_fast_syscall_32+0x6b/0xd0 [ 654.310146][T13072] do_SYSENTER_32+0x73/0x90 [ 654.310146][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 654.310146][T13072] [ 654.310146][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 654.310146][T13072] do_recvmmsg+0xc5/0x1ee0 [ 654.310146][T13072] do_recvmmsg+0xc5/0x1ee0 [ 655.108637][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. 14:03:12 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r0, &(0x7f0000000300)=[{&(0x7f0000000000)=""/104, 0x68}], 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e) r2 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r2, &(0x7f0000000780)=[{&(0x7f00000004c0)=""/137, 0x89}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9) r3 = dup(r2) r4 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r4, 0x0, 0x896e, 0x0, 0x0, 0x800e00519) shutdown(r3, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r5, &(0x7f0000000640)=[{&(0x7f0000000080)=""/7, 0x7}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6) recvfrom$inet(r6, 0x0, 0xffffff8b, 0x0, 0x0, 0x800e00515) shutdown(r5, 0x0) r7 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r7, &(0x7f00000001c0)={0x10, 0x2}, 0x10) shutdown(r6, 0x0) shutdown(r4, 0x0) 14:03:12 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/if_inet6\x00') sendfile(r0, r1, 0x0, 0x320f) 14:03:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r0, &(0x7f0000000300)=[{&(0x7f0000000000)=""/104, 0x68}], 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e) r2 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r2, &(0x7f0000000780)=[{&(0x7f00000004c0)=""/137, 0x89}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8) r3 = dup(r2) r4 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r4, 0x0, 0x896e, 0x0, 0x0, 0x800e00519) shutdown(r3, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r5, &(0x7f0000000640)=[{&(0x7f0000000080)=""/7, 0x7}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9) recvfrom$inet(r6, 0x0, 0xffffff8b, 0x0, 0x0, 0x800e00515) shutdown(r5, 0x0) r7 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r7, &(0x7f00000001c0)={0x10, 0x2}, 0x10) shutdown(r6, 0x0) shutdown(r4, 0x0) 14:03:12 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) fstat(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x400454ca, 0x0) 14:03:13 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendfile(r0, 0xffffffffffffffff, 0x0, 0x320f) 14:03:13 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendfile(r0, 0xffffffffffffffff, 0x0, 0x320f) 14:03:13 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000001000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=""/77, 0x4d}, 0x9}, {{0x0, 0x0, 0x0}, 0xfff}, {{0x0, 0x0, &(0x7f0000000dc0)=[{0x0}, {&(0x7f0000000440)}, {&(0x7f0000000c40)=""/106, 0x6a}, {&(0x7f0000000cc0)=""/112, 0x70}, {&(0x7f0000000d40)=""/85, 0x55}], 0x5, &(0x7f0000000540)=""/48, 0x30}, 0x5}], 0x3, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000003240)='nl80211\x00') sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={&(0x7f0000001500)=ANY=[@ANYRESOCT=r1, @ANYRESOCT, @ANYBLOB="1a04f20df70651baca87e65ce7507f3873e00dde835d031100161b8a9801180b6e16a64f9876fb1224c93d58b622d3e1f21d209d8a05c725617a4593ff03c5095305698ebf1ccc0d789a47f2ea8300df64157d783b348cba703bba20c0d25245b38dbeb36943d9c6316ce7536e4d92e3e240618c2523953ea024ea00890f7eda78089cf9646a19ad66145aa32e31059de02f206022d62b31722dca976ed62c0400000084329a3d615c2d59f66d18187cffffffffebe8fe4441149ff84519b8d5297c648c66f9c20ccadd6ecf35008a038d249dd9efe8f63c4a3f4f6902014adb8cebce375a4b53ba36181061e4ba6b1594415f770d2cd6c20c1cc8a5670a4d4668c923891883aa82cd79b9266063d9b65244c779a4d64938658338fe131c80018047f7c88cbbb0a8030f2baad22a01000000000000007a7010e407df281cb96a279424ba332b855c97bd6fee1382ce38487e6cd7129d22ad09e761cc05fc35a31b28888829252636de490272e64062fc8fef5c8bc392e354fc1ac606e7ef22e0710c27cd454d84ef181373c71cb3e9b72275f154c0356a0b032a8c11fa408911ca99565eec89905fa1c4e933bb880510000000000000000000000074641e7a84eb11fb0f705989ab9e896dc1406e269600000000000000000000568cd480e871628d92f5d69521d5c43bf42f0023ea3eae72049ebbaa4df34dbcb8762c0249f9fb5f9aaf56882f26f145fd4fa6a9b57c33355c8bc0a23609c5441812ea09", @ANYRES16]}}, 0x801) sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x1, 0x0, 0x0, 0x3}, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000080)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f0000000580)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f00000007c0)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) [ 656.410570][T13080] not chained 2540000 origins [ 656.415283][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 656.420145][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 656.420145][T13080] Call Trace: [ 656.420145][T13080] dump_stack+0x1df/0x240 [ 656.420145][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 656.420145][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 656.420145][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 656.420145][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 656.420145][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 656.420145][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 656.420145][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 656.420145][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 656.420145][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 656.420145][T13080] ? _copy_from_user+0x15b/0x260 [ 656.420145][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 656.420145][T13080] __msan_chain_origin+0x50/0x90 [ 656.420145][T13080] __get_compat_msghdr+0x5be/0x890 [ 656.420145][T13080] get_compat_msghdr+0x108/0x270 [ 656.420145][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 656.420145][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 656.420145][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 656.420145][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 656.420145][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 656.420145][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 656.420145][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 656.420145][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 656.420145][T13080] __sys_recvmmsg+0x4ca/0x510 [ 656.420145][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 656.420145][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 656.420145][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 656.420145][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 656.420145][T13080] do_fast_syscall_32+0x6b/0xd0 [ 656.420145][T13080] do_SYSENTER_32+0x73/0x90 [ 656.420145][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 656.420145][T13080] RIP: 0023:0xf7fbe549 [ 656.420145][T13080] Code: Bad RIP value. [ 656.420145][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 656.420145][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 656.620300][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 656.620300][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 656.620300][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 656.620300][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 656.620300][T13080] Uninit was stored to memory at: [ 656.620300][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 656.620300][T13080] __msan_chain_origin+0x50/0x90 [ 656.620300][T13080] __get_compat_msghdr+0x5be/0x890 [ 656.620300][T13080] get_compat_msghdr+0x108/0x270 [ 656.620300][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 656.620300][T13080] __sys_recvmmsg+0x4ca/0x510 [ 656.620300][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 656.620300][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 656.620300][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 656.620300][T13080] do_fast_syscall_32+0x6b/0xd0 [ 656.620300][T13080] do_SYSENTER_32+0x73/0x90 [ 656.620300][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 656.620300][T13080] [ 656.620300][T13080] Uninit was stored to memory at: [ 656.620300][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 656.620300][T13080] __msan_chain_origin+0x50/0x90 [ 656.620300][T13080] __get_compat_msghdr+0x5be/0x890 [ 656.744695][T13080] get_compat_msghdr+0x108/0x270 [ 656.744695][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 656.744695][T13080] __sys_recvmmsg+0x4ca/0x510 [ 656.744695][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 656.744695][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 656.744695][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 656.744695][T13080] do_fast_syscall_32+0x6b/0xd0 [ 656.744695][T13080] do_SYSENTER_32+0x73/0x90 [ 656.790384][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 656.796145][T13080] [ 656.796145][T13080] Uninit was stored to memory at: [ 656.796145][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 656.796145][T13080] __msan_chain_origin+0x50/0x90 [ 656.796145][T13080] __get_compat_msghdr+0x5be/0x890 [ 656.796145][T13080] get_compat_msghdr+0x108/0x270 [ 656.796145][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 656.796145][T13080] __sys_recvmmsg+0x4ca/0x510 [ 656.796145][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 656.796145][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 656.796145][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 656.796145][T13080] do_fast_syscall_32+0x6b/0xd0 [ 656.796145][T13080] do_SYSENTER_32+0x73/0x90 [ 656.860288][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 656.860288][T13080] [ 656.860288][T13080] Uninit was stored to memory at: [ 656.860288][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 656.860288][T13080] __msan_chain_origin+0x50/0x90 [ 656.860288][T13080] __get_compat_msghdr+0x5be/0x890 [ 656.860288][T13080] get_compat_msghdr+0x108/0x270 [ 656.860288][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 656.860288][T13080] __sys_recvmmsg+0x4ca/0x510 [ 656.860288][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 656.860288][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 656.860288][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 656.860288][T13080] do_fast_syscall_32+0x6b/0xd0 [ 656.860288][T13080] do_SYSENTER_32+0x73/0x90 [ 656.860288][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 656.860288][T13080] [ 656.860288][T13080] Uninit was stored to memory at: [ 656.860288][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 656.860288][T13080] __msan_chain_origin+0x50/0x90 [ 656.860288][T13080] __get_compat_msghdr+0x5be/0x890 [ 656.860288][T13080] get_compat_msghdr+0x108/0x270 [ 656.860288][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 656.860288][T13080] __sys_recvmmsg+0x4ca/0x510 [ 656.860288][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 656.860288][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 656.860288][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 656.860288][T13080] do_fast_syscall_32+0x6b/0xd0 [ 656.860288][T13080] do_SYSENTER_32+0x73/0x90 [ 656.860288][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 656.860288][T13080] [ 656.860288][T13080] Uninit was stored to memory at: [ 656.860288][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 656.860288][T13080] __msan_chain_origin+0x50/0x90 [ 656.860288][T13080] __get_compat_msghdr+0x5be/0x890 [ 656.860288][T13080] get_compat_msghdr+0x108/0x270 [ 656.860288][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 656.860288][T13080] __sys_recvmmsg+0x4ca/0x510 [ 656.860288][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 656.860288][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 656.860288][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 656.860288][T13080] do_fast_syscall_32+0x6b/0xd0 [ 656.860288][T13080] do_SYSENTER_32+0x73/0x90 [ 656.860288][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 656.860288][T13080] [ 656.860288][T13080] Uninit was stored to memory at: [ 656.860288][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 656.860288][T13080] __msan_chain_origin+0x50/0x90 [ 656.860288][T13080] __get_compat_msghdr+0x5be/0x890 [ 656.860288][T13080] get_compat_msghdr+0x108/0x270 [ 656.860288][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 656.860288][T13080] __sys_recvmmsg+0x4ca/0x510 [ 656.860288][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 656.860288][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 656.860288][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 656.860288][T13080] do_fast_syscall_32+0x6b/0xd0 [ 656.860288][T13080] do_SYSENTER_32+0x73/0x90 [ 656.860288][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 656.860288][T13080] [ 656.860288][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 656.860288][T13080] do_recvmmsg+0xc5/0x1ee0 [ 656.860288][T13080] do_recvmmsg+0xc5/0x1ee0 [ 657.207913][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 658.065499][T13139] IPVS: ftp: loaded support on port[0] = 21 [ 658.158616][T13072] not chained 2550000 origins [ 658.160168][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 658.160168][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 658.160168][T13072] Call Trace: [ 658.160168][T13072] dump_stack+0x1df/0x240 [ 658.160168][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 658.160168][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 658.160168][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 658.160168][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 658.160168][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 658.212006][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 658.212006][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 658.212006][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 658.212006][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 658.212006][T13072] ? _copy_from_user+0x15b/0x260 [ 658.212006][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 658.212006][T13072] __msan_chain_origin+0x50/0x90 [ 658.212006][T13072] __get_compat_msghdr+0x5be/0x890 [ 658.212006][T13072] get_compat_msghdr+0x108/0x270 [ 658.212006][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 658.212006][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 658.212006][T13072] ? sched_clock_cpu+0x7c/0x930 [ 658.212006][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 658.212006][T13072] ? sched_clock_cpu+0x7c/0x930 [ 658.212006][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 658.212006][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 658.212006][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 658.212006][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 658.212006][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 658.212006][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 658.212006][T13072] __sys_recvmmsg+0x4ca/0x510 [ 658.212006][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 658.212006][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 658.212006][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 658.212006][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 658.212006][T13072] do_fast_syscall_32+0x6b/0xd0 [ 658.212006][T13072] do_SYSENTER_32+0x73/0x90 [ 658.212006][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 658.212006][T13072] RIP: 0023:0xf7fbe549 [ 658.212006][T13072] Code: Bad RIP value. [ 658.212006][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 658.212006][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 658.212006][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 658.212006][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 658.212006][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 658.212006][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 658.212006][T13072] Uninit was stored to memory at: [ 658.212006][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 658.212006][T13072] __msan_chain_origin+0x50/0x90 [ 658.212006][T13072] __get_compat_msghdr+0x5be/0x890 [ 658.212006][T13072] get_compat_msghdr+0x108/0x270 [ 658.212006][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 658.212006][T13072] __sys_recvmmsg+0x4ca/0x510 [ 658.212006][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 658.212006][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 658.212006][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 658.212006][T13072] do_fast_syscall_32+0x6b/0xd0 [ 658.212006][T13072] do_SYSENTER_32+0x73/0x90 [ 658.212006][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 658.212006][T13072] [ 658.212006][T13072] Uninit was stored to memory at: [ 658.212006][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 658.212006][T13072] __msan_chain_origin+0x50/0x90 [ 658.212006][T13072] __get_compat_msghdr+0x5be/0x890 [ 658.212006][T13072] get_compat_msghdr+0x108/0x270 [ 658.212006][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 658.212006][T13072] __sys_recvmmsg+0x4ca/0x510 [ 658.212006][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 658.212006][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 658.212006][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 658.212006][T13072] do_fast_syscall_32+0x6b/0xd0 [ 658.212006][T13072] do_SYSENTER_32+0x73/0x90 [ 658.212006][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 658.212006][T13072] [ 658.212006][T13072] Uninit was stored to memory at: [ 658.212006][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 658.212006][T13072] __msan_chain_origin+0x50/0x90 [ 658.212006][T13072] __get_compat_msghdr+0x5be/0x890 [ 658.212006][T13072] get_compat_msghdr+0x108/0x270 [ 658.212006][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 658.212006][T13072] __sys_recvmmsg+0x4ca/0x510 [ 658.212006][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 658.212006][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 658.212006][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 658.212006][T13072] do_fast_syscall_32+0x6b/0xd0 [ 658.212006][T13072] do_SYSENTER_32+0x73/0x90 [ 658.212006][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 658.212006][T13072] [ 658.212006][T13072] Uninit was stored to memory at: [ 658.212006][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 658.212006][T13072] __msan_chain_origin+0x50/0x90 [ 658.212006][T13072] __get_compat_msghdr+0x5be/0x890 [ 658.212006][T13072] get_compat_msghdr+0x108/0x270 [ 658.212006][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 658.212006][T13072] __sys_recvmmsg+0x4ca/0x510 [ 658.212006][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 658.212006][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 658.212006][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 658.212006][T13072] do_fast_syscall_32+0x6b/0xd0 [ 658.212006][T13072] do_SYSENTER_32+0x73/0x90 [ 658.212006][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 658.212006][T13072] [ 658.212006][T13072] Uninit was stored to memory at: [ 658.212006][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 658.212006][T13072] __msan_chain_origin+0x50/0x90 [ 658.212006][T13072] __get_compat_msghdr+0x5be/0x890 [ 658.212006][T13072] get_compat_msghdr+0x108/0x270 [ 658.212006][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 658.212006][T13072] __sys_recvmmsg+0x4ca/0x510 [ 658.212006][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 658.212006][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 658.212006][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 658.212006][T13072] do_fast_syscall_32+0x6b/0xd0 [ 658.212006][T13072] do_SYSENTER_32+0x73/0x90 [ 658.212006][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 658.212006][T13072] [ 658.212006][T13072] Uninit was stored to memory at: [ 658.212006][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 658.212006][T13072] __msan_chain_origin+0x50/0x90 [ 658.212006][T13072] __get_compat_msghdr+0x5be/0x890 [ 658.212006][T13072] get_compat_msghdr+0x108/0x270 [ 658.212006][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 658.212006][T13072] __sys_recvmmsg+0x4ca/0x510 [ 658.212006][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 658.212006][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 658.212006][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 658.212006][T13072] do_fast_syscall_32+0x6b/0xd0 [ 658.212006][T13072] do_SYSENTER_32+0x73/0x90 [ 658.212006][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 658.212006][T13072] [ 658.212006][T13072] Uninit was stored to memory at: [ 658.212006][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 658.212006][T13072] __msan_chain_origin+0x50/0x90 [ 658.212006][T13072] __get_compat_msghdr+0x5be/0x890 [ 658.212006][T13072] get_compat_msghdr+0x108/0x270 [ 658.212006][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 658.212006][T13072] __sys_recvmmsg+0x4ca/0x510 [ 658.212006][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 658.212006][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 658.212006][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 658.212006][T13072] do_fast_syscall_32+0x6b/0xd0 [ 658.212006][T13072] do_SYSENTER_32+0x73/0x90 [ 658.212006][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 658.212006][T13072] [ 658.212006][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 658.212006][T13072] do_recvmmsg+0xc5/0x1ee0 [ 658.212006][T13072] do_recvmmsg+0xc5/0x1ee0 [ 658.982820][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 659.090633][ T253] tipc: TX() has been purged, node left! [ 660.626668][T13080] not chained 2560000 origins [ 660.630189][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 660.630189][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 660.630189][T13080] Call Trace: [ 660.630189][T13080] dump_stack+0x1df/0x240 [ 660.630189][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 660.630189][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 660.630189][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 660.630189][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 660.630189][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 660.630189][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 660.630189][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 660.630189][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 660.630189][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 660.630189][T13080] ? _copy_from_user+0x15b/0x260 [ 660.630189][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 660.630189][T13080] __msan_chain_origin+0x50/0x90 [ 660.630189][T13080] __get_compat_msghdr+0x5be/0x890 [ 660.630189][T13080] get_compat_msghdr+0x108/0x270 [ 660.630189][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 660.630189][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 660.630189][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 660.630189][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 660.630189][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 660.630189][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 660.630189][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 660.630189][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 660.630189][T13080] __sys_recvmmsg+0x4ca/0x510 [ 660.630189][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 660.630189][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 660.630189][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 660.630189][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 660.630189][T13080] do_fast_syscall_32+0x6b/0xd0 [ 660.630189][T13080] do_SYSENTER_32+0x73/0x90 [ 660.630189][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 660.630189][T13080] RIP: 0023:0xf7fbe549 [ 660.630189][T13080] Code: Bad RIP value. [ 660.630189][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 660.630189][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 660.630189][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 660.630189][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 660.630189][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 660.630189][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 660.867344][T13080] Uninit was stored to memory at: [ 660.867344][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 660.867344][T13080] __msan_chain_origin+0x50/0x90 [ 660.867344][T13080] __get_compat_msghdr+0x5be/0x890 [ 660.867344][T13080] get_compat_msghdr+0x108/0x270 [ 660.867344][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 660.867344][T13080] __sys_recvmmsg+0x4ca/0x510 [ 660.867344][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 660.867344][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 660.867344][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 660.867344][T13080] do_fast_syscall_32+0x6b/0xd0 [ 660.867344][T13080] do_SYSENTER_32+0x73/0x90 [ 660.931380][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 660.867344][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 660.867344][T13080] [ 660.950175][T13080] Uninit was stored to memory at: [ 660.950175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 660.950175][T13080] __msan_chain_origin+0x50/0x90 [ 660.950175][T13080] __get_compat_msghdr+0x5be/0x890 [ 660.950175][T13080] get_compat_msghdr+0x108/0x270 [ 660.950175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 660.950175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 660.950175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 660.950175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 660.950175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 661.002335][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 660.950175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 660.950175][T13080] do_SYSENTER_32+0x73/0x90 [ 660.950175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 660.950175][T13080] [ 660.950175][T13080] Uninit was stored to memory at: [ 660.950175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 661.040816][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 660.950175][T13080] __msan_chain_origin+0x50/0x90 [ 660.950175][T13080] __get_compat_msghdr+0x5be/0x890 [ 660.950175][T13080] get_compat_msghdr+0x108/0x270 [ 660.950175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 660.950175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 660.950175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 661.077949][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 660.950175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 660.950175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 660.950175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 660.950175][T13080] do_SYSENTER_32+0x73/0x90 [ 660.950175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 660.950175][T13080] [ 660.950175][T13080] Uninit was stored to memory at: [ 660.950175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 660.950175][T13080] __msan_chain_origin+0x50/0x90 [ 660.950175][T13080] __get_compat_msghdr+0x5be/0x890 [ 660.950175][T13080] get_compat_msghdr+0x108/0x270 [ 660.950175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 660.950175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 660.950175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 660.950175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 660.950175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 660.950175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 660.950175][T13080] do_SYSENTER_32+0x73/0x90 [ 660.950175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 660.950175][T13080] [ 660.950175][T13080] Uninit was stored to memory at: [ 660.950175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 660.950175][T13080] __msan_chain_origin+0x50/0x90 [ 660.950175][T13080] __get_compat_msghdr+0x5be/0x890 [ 660.950175][T13080] get_compat_msghdr+0x108/0x270 [ 660.950175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 660.950175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 660.950175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 660.950175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 660.950175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 660.950175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 660.950175][T13080] do_SYSENTER_32+0x73/0x90 [ 661.246486][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 660.950175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 660.950175][T13080] [ 660.950175][T13080] Uninit was stored to memory at: [ 660.950175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 660.950175][T13080] __msan_chain_origin+0x50/0x90 [ 660.950175][T13080] __get_compat_msghdr+0x5be/0x890 [ 660.950175][T13080] get_compat_msghdr+0x108/0x270 [ 660.950175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 660.950175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 660.950175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 660.950175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 660.950175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 660.950175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 660.950175][T13080] do_SYSENTER_32+0x73/0x90 [ 660.950175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 660.950175][T13080] [ 660.950175][T13080] Uninit was stored to memory at: [ 660.950175][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 660.950175][T13080] __msan_chain_origin+0x50/0x90 [ 660.950175][T13080] __get_compat_msghdr+0x5be/0x890 [ 660.950175][T13080] get_compat_msghdr+0x108/0x270 [ 660.950175][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 660.950175][T13080] __sys_recvmmsg+0x4ca/0x510 [ 660.950175][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 661.376923][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 660.950175][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 660.950175][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 660.950175][T13080] do_fast_syscall_32+0x6b/0xd0 [ 660.950175][T13080] do_SYSENTER_32+0x73/0x90 [ 660.950175][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 660.950175][T13080] [ 661.415189][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 660.950175][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 660.950175][T13080] do_recvmmsg+0xc5/0x1ee0 [ 660.950175][T13080] do_recvmmsg+0xc5/0x1ee0 [ 661.496831][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 661.742504][T13080] not chained 2570000 origins [ 661.747215][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 661.750194][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 661.750194][T13080] Call Trace: [ 661.750194][T13080] dump_stack+0x1df/0x240 [ 661.750194][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 661.750194][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 661.750194][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 661.750194][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 661.750194][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 661.750194][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 661.750194][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 661.750194][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 661.750194][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 661.750194][T13080] ? _copy_from_user+0x15b/0x260 [ 661.750194][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 661.750194][T13080] __msan_chain_origin+0x50/0x90 [ 661.750194][T13080] __get_compat_msghdr+0x5be/0x890 [ 661.750194][T13080] get_compat_msghdr+0x108/0x270 [ 661.750194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 661.750194][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 661.750194][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 661.750194][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 661.750194][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 661.750194][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 661.750194][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 661.750194][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 661.750194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 661.750194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 661.750194][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 661.750194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 661.750194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 661.750194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 661.750194][T13080] do_SYSENTER_32+0x73/0x90 [ 661.750194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 661.750194][T13080] RIP: 0023:0xf7fbe549 [ 661.750194][T13080] Code: Bad RIP value. [ 661.750194][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 661.750194][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 661.750194][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 661.750194][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 661.750194][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 661.750194][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 661.750194][T13080] Uninit was stored to memory at: [ 661.750194][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 661.750194][T13080] __msan_chain_origin+0x50/0x90 [ 661.750194][T13080] __get_compat_msghdr+0x5be/0x890 [ 661.750194][T13080] get_compat_msghdr+0x108/0x270 [ 661.750194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 661.750194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 661.750194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 661.750194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 661.750194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 661.750194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 661.750194][T13080] do_SYSENTER_32+0x73/0x90 [ 661.750194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 661.750194][T13080] [ 661.750194][T13080] Uninit was stored to memory at: [ 661.750194][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 661.750194][T13080] __msan_chain_origin+0x50/0x90 [ 661.750194][T13080] __get_compat_msghdr+0x5be/0x890 [ 661.750194][T13080] get_compat_msghdr+0x108/0x270 [ 661.750194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 661.750194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 661.750194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 661.750194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 661.750194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 661.750194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 661.750194][T13080] do_SYSENTER_32+0x73/0x90 [ 661.750194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 661.750194][T13080] [ 661.750194][T13080] Uninit was stored to memory at: [ 661.750194][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 661.750194][T13080] __msan_chain_origin+0x50/0x90 [ 661.750194][T13080] __get_compat_msghdr+0x5be/0x890 [ 661.750194][T13080] get_compat_msghdr+0x108/0x270 [ 661.750194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 661.750194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 661.750194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 661.750194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 661.750194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 661.750194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 661.750194][T13080] do_SYSENTER_32+0x73/0x90 [ 661.750194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 661.750194][T13080] [ 661.750194][T13080] Uninit was stored to memory at: [ 661.750194][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 661.750194][T13080] __msan_chain_origin+0x50/0x90 [ 661.750194][T13080] __get_compat_msghdr+0x5be/0x890 [ 661.750194][T13080] get_compat_msghdr+0x108/0x270 [ 661.750194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 661.750194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 661.750194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 661.750194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 661.750194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 661.750194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 661.750194][T13080] do_SYSENTER_32+0x73/0x90 [ 661.750194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 661.750194][T13080] [ 661.750194][T13080] Uninit was stored to memory at: [ 661.750194][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 661.750194][T13080] __msan_chain_origin+0x50/0x90 [ 661.750194][T13080] __get_compat_msghdr+0x5be/0x890 [ 661.750194][T13080] get_compat_msghdr+0x108/0x270 [ 661.750194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 661.750194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 661.750194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 661.750194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 661.750194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 661.750194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 661.750194][T13080] do_SYSENTER_32+0x73/0x90 [ 661.750194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 661.750194][T13080] [ 661.750194][T13080] Uninit was stored to memory at: [ 661.750194][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 661.750194][T13080] __msan_chain_origin+0x50/0x90 [ 661.750194][T13080] __get_compat_msghdr+0x5be/0x890 [ 661.750194][T13080] get_compat_msghdr+0x108/0x270 [ 661.750194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 661.750194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 661.750194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 661.750194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 661.750194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 661.750194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 661.750194][T13080] do_SYSENTER_32+0x73/0x90 [ 661.750194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 661.750194][T13080] [ 661.750194][T13080] Uninit was stored to memory at: [ 661.750194][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 661.750194][T13080] __msan_chain_origin+0x50/0x90 [ 661.750194][T13080] __get_compat_msghdr+0x5be/0x890 [ 661.750194][T13080] get_compat_msghdr+0x108/0x270 [ 661.750194][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 661.750194][T13080] __sys_recvmmsg+0x4ca/0x510 [ 661.750194][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 661.750194][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 661.750194][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 661.750194][T13080] do_fast_syscall_32+0x6b/0xd0 [ 661.750194][T13080] do_SYSENTER_32+0x73/0x90 [ 661.750194][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 661.750194][T13080] [ 661.750194][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 661.750194][T13080] do_recvmmsg+0xc5/0x1ee0 [ 661.750194][T13080] do_recvmmsg+0xc5/0x1ee0 [ 662.527601][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 662.768026][T13072] not chained 2580000 origins [ 662.770208][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 662.770208][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 662.785120][T13072] Call Trace: [ 662.785120][T13072] dump_stack+0x1df/0x240 [ 662.785120][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 662.785120][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 662.785120][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 662.785120][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 662.785120][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 662.785120][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 662.785120][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 662.785120][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 662.785120][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 662.785120][T13072] ? _copy_from_user+0x15b/0x260 [ 662.785120][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 662.785120][T13072] __msan_chain_origin+0x50/0x90 [ 662.785120][T13072] __get_compat_msghdr+0x5be/0x890 [ 662.785120][T13072] get_compat_msghdr+0x108/0x270 [ 662.785120][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 662.785120][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 662.785120][T13072] ? sched_clock_cpu+0x7c/0x930 [ 662.785120][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 662.785120][T13072] ? sched_clock_cpu+0x7c/0x930 [ 662.785120][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 662.785120][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 662.785120][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 662.785120][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 662.785120][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 662.785120][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 662.785120][T13072] __sys_recvmmsg+0x4ca/0x510 [ 662.785120][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 662.785120][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 662.785120][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 662.785120][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 662.785120][T13072] do_fast_syscall_32+0x6b/0xd0 [ 662.785120][T13072] do_SYSENTER_32+0x73/0x90 [ 662.785120][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 662.785120][T13072] RIP: 0023:0xf7fbe549 [ 662.785120][T13072] Code: Bad RIP value. [ 662.785120][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 662.785120][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 662.785120][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 662.785120][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 662.785120][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 662.785120][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 662.785120][T13072] Uninit was stored to memory at: [ 662.785120][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 662.785120][T13072] __msan_chain_origin+0x50/0x90 [ 662.785120][T13072] __get_compat_msghdr+0x5be/0x890 [ 662.785120][T13072] get_compat_msghdr+0x108/0x270 [ 662.785120][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 662.785120][T13072] __sys_recvmmsg+0x4ca/0x510 [ 662.785120][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 662.785120][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 662.785120][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 662.785120][T13072] do_fast_syscall_32+0x6b/0xd0 [ 662.785120][T13072] do_SYSENTER_32+0x73/0x90 [ 662.785120][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 662.785120][T13072] [ 662.785120][T13072] Uninit was stored to memory at: [ 662.785120][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 662.785120][T13072] __msan_chain_origin+0x50/0x90 [ 662.785120][T13072] __get_compat_msghdr+0x5be/0x890 [ 662.785120][T13072] get_compat_msghdr+0x108/0x270 [ 662.785120][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 662.785120][T13072] __sys_recvmmsg+0x4ca/0x510 [ 662.785120][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 662.785120][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 662.785120][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 662.785120][T13072] do_fast_syscall_32+0x6b/0xd0 [ 662.785120][T13072] do_SYSENTER_32+0x73/0x90 [ 662.785120][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 662.785120][T13072] [ 662.785120][T13072] Uninit was stored to memory at: [ 662.785120][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 662.785120][T13072] __msan_chain_origin+0x50/0x90 [ 662.785120][T13072] __get_compat_msghdr+0x5be/0x890 [ 662.785120][T13072] get_compat_msghdr+0x108/0x270 [ 662.785120][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 662.785120][T13072] __sys_recvmmsg+0x4ca/0x510 [ 662.785120][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 662.785120][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 662.785120][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 662.785120][T13072] do_fast_syscall_32+0x6b/0xd0 [ 662.785120][T13072] do_SYSENTER_32+0x73/0x90 [ 662.785120][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 662.785120][T13072] [ 662.785120][T13072] Uninit was stored to memory at: [ 662.785120][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 662.785120][T13072] __msan_chain_origin+0x50/0x90 [ 662.785120][T13072] __get_compat_msghdr+0x5be/0x890 [ 662.785120][T13072] get_compat_msghdr+0x108/0x270 [ 662.785120][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 662.785120][T13072] __sys_recvmmsg+0x4ca/0x510 [ 662.785120][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 662.785120][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 662.785120][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 662.785120][T13072] do_fast_syscall_32+0x6b/0xd0 [ 662.785120][T13072] do_SYSENTER_32+0x73/0x90 [ 662.785120][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 662.785120][T13072] [ 662.785120][T13072] Uninit was stored to memory at: [ 662.785120][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 662.785120][T13072] __msan_chain_origin+0x50/0x90 [ 662.785120][T13072] __get_compat_msghdr+0x5be/0x890 [ 662.785120][T13072] get_compat_msghdr+0x108/0x270 [ 662.785120][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 662.785120][T13072] __sys_recvmmsg+0x4ca/0x510 [ 662.785120][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 662.785120][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 662.785120][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 662.785120][T13072] do_fast_syscall_32+0x6b/0xd0 [ 662.785120][T13072] do_SYSENTER_32+0x73/0x90 [ 662.785120][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 662.785120][T13072] [ 662.785120][T13072] Uninit was stored to memory at: [ 662.785120][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 662.785120][T13072] __msan_chain_origin+0x50/0x90 [ 662.785120][T13072] __get_compat_msghdr+0x5be/0x890 [ 662.785120][T13072] get_compat_msghdr+0x108/0x270 [ 662.785120][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 662.785120][T13072] __sys_recvmmsg+0x4ca/0x510 [ 662.785120][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 662.785120][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 662.785120][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 662.785120][T13072] do_fast_syscall_32+0x6b/0xd0 [ 662.785120][T13072] do_SYSENTER_32+0x73/0x90 [ 662.785120][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 662.785120][T13072] [ 662.785120][T13072] Uninit was stored to memory at: [ 662.785120][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 662.785120][T13072] __msan_chain_origin+0x50/0x90 [ 662.785120][T13072] __get_compat_msghdr+0x5be/0x890 [ 662.785120][T13072] get_compat_msghdr+0x108/0x270 [ 662.785120][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 662.785120][T13072] __sys_recvmmsg+0x4ca/0x510 [ 662.785120][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 662.785120][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 662.785120][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 662.785120][T13072] do_fast_syscall_32+0x6b/0xd0 [ 662.785120][T13072] do_SYSENTER_32+0x73/0x90 [ 662.785120][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 662.785120][T13072] [ 662.785120][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 662.785120][T13072] do_recvmmsg+0xc5/0x1ee0 [ 662.785120][T13072] do_recvmmsg+0xc5/0x1ee0 [ 663.579826][T13139] chnl_net:caif_netlink_parms(): no params data found [ 663.724018][T13080] not chained 2590000 origins [ 663.728714][T13080] CPU: 0 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 663.730188][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 663.730188][T13080] Call Trace: [ 663.730188][T13080] dump_stack+0x1df/0x240 [ 663.730188][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 663.730188][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 663.730188][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 663.730188][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 663.730188][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 663.730188][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 663.730188][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 663.730188][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 663.730188][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 663.730188][T13080] ? _copy_from_user+0x15b/0x260 [ 663.730188][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 663.730188][T13080] __msan_chain_origin+0x50/0x90 [ 663.730188][T13080] __get_compat_msghdr+0x5be/0x890 [ 663.730188][T13080] get_compat_msghdr+0x108/0x270 [ 663.730188][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 663.730188][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 663.730188][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 663.730188][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 663.730188][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 663.730188][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 663.730188][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 663.730188][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 663.730188][T13080] __sys_recvmmsg+0x4ca/0x510 [ 663.730188][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 663.730188][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 663.730188][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 663.730188][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 663.730188][T13080] do_fast_syscall_32+0x6b/0xd0 [ 663.730188][T13080] do_SYSENTER_32+0x73/0x90 [ 663.730188][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 663.730188][T13080] RIP: 0023:0xf7fbe549 [ 663.730188][T13080] Code: Bad RIP value. [ 663.730188][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 663.730188][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 663.730188][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 663.730188][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 663.730188][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 663.730188][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 663.730188][T13080] Uninit was stored to memory at: [ 663.730188][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 663.730188][T13080] __msan_chain_origin+0x50/0x90 [ 663.730188][T13080] __get_compat_msghdr+0x5be/0x890 [ 663.730188][T13080] get_compat_msghdr+0x108/0x270 [ 663.730188][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 663.730188][T13080] __sys_recvmmsg+0x4ca/0x510 [ 663.730188][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 663.730188][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 663.730188][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 663.730188][T13080] do_fast_syscall_32+0x6b/0xd0 [ 663.730188][T13080] do_SYSENTER_32+0x73/0x90 [ 663.730188][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 663.730188][T13080] [ 663.730188][T13080] Uninit was stored to memory at: [ 663.730188][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 663.730188][T13080] __msan_chain_origin+0x50/0x90 [ 663.730188][T13080] __get_compat_msghdr+0x5be/0x890 [ 663.730188][T13080] get_compat_msghdr+0x108/0x270 [ 663.730188][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 663.730188][T13080] __sys_recvmmsg+0x4ca/0x510 [ 663.730188][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 663.730188][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 663.730188][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 663.730188][T13080] do_fast_syscall_32+0x6b/0xd0 [ 663.730188][T13080] do_SYSENTER_32+0x73/0x90 [ 663.730188][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 663.730188][T13080] [ 663.730188][T13080] Uninit was stored to memory at: [ 663.730188][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 663.730188][T13080] __msan_chain_origin+0x50/0x90 [ 663.730188][T13080] __get_compat_msghdr+0x5be/0x890 [ 663.730188][T13080] get_compat_msghdr+0x108/0x270 [ 663.730188][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 663.730188][T13080] __sys_recvmmsg+0x4ca/0x510 [ 663.730188][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 663.730188][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 663.730188][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 663.730188][T13080] do_fast_syscall_32+0x6b/0xd0 [ 663.730188][T13080] do_SYSENTER_32+0x73/0x90 [ 663.730188][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 663.730188][T13080] [ 663.730188][T13080] Uninit was stored to memory at: [ 663.730188][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 663.730188][T13080] __msan_chain_origin+0x50/0x90 [ 663.730188][T13080] __get_compat_msghdr+0x5be/0x890 [ 663.730188][T13080] get_compat_msghdr+0x108/0x270 [ 663.730188][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 663.730188][T13080] __sys_recvmmsg+0x4ca/0x510 [ 663.730188][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 663.730188][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 663.730188][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 663.730188][T13080] do_fast_syscall_32+0x6b/0xd0 [ 663.730188][T13080] do_SYSENTER_32+0x73/0x90 [ 663.730188][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 663.730188][T13080] [ 663.730188][T13080] Uninit was stored to memory at: [ 663.730188][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 663.730188][T13080] __msan_chain_origin+0x50/0x90 [ 663.730188][T13080] __get_compat_msghdr+0x5be/0x890 [ 663.730188][T13080] get_compat_msghdr+0x108/0x270 [ 663.730188][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 663.730188][T13080] __sys_recvmmsg+0x4ca/0x510 [ 663.730188][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 663.730188][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 663.730188][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 663.730188][T13080] do_fast_syscall_32+0x6b/0xd0 [ 663.730188][T13080] do_SYSENTER_32+0x73/0x90 [ 663.730188][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 663.730188][T13080] [ 663.730188][T13080] Uninit was stored to memory at: [ 663.730188][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 663.730188][T13080] __msan_chain_origin+0x50/0x90 [ 663.730188][T13080] __get_compat_msghdr+0x5be/0x890 [ 663.730188][T13080] get_compat_msghdr+0x108/0x270 [ 663.730188][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 663.730188][T13080] __sys_recvmmsg+0x4ca/0x510 [ 663.730188][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 663.730188][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 663.730188][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 663.730188][T13080] do_fast_syscall_32+0x6b/0xd0 [ 663.730188][T13080] do_SYSENTER_32+0x73/0x90 [ 663.730188][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 663.730188][T13080] [ 663.730188][T13080] Uninit was stored to memory at: [ 663.730188][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 663.730188][T13080] __msan_chain_origin+0x50/0x90 [ 663.730188][T13080] __get_compat_msghdr+0x5be/0x890 [ 663.730188][T13080] get_compat_msghdr+0x108/0x270 [ 663.730188][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 663.730188][T13080] __sys_recvmmsg+0x4ca/0x510 [ 663.730188][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 663.730188][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 663.730188][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 663.730188][T13080] do_fast_syscall_32+0x6b/0xd0 [ 663.730188][T13080] do_SYSENTER_32+0x73/0x90 [ 663.730188][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 663.730188][T13080] [ 663.730188][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 663.730188][T13080] do_recvmmsg+0xc5/0x1ee0 [ 663.730188][T13080] do_recvmmsg+0xc5/0x1ee0 [ 664.515550][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 664.646279][T13139] bridge0: port 1(bridge_slave_0) entered blocking state [ 664.654372][T13139] bridge0: port 1(bridge_slave_0) entered disabled state [ 664.664104][T13139] device bridge_slave_0 entered promiscuous mode [ 664.692375][T13139] bridge0: port 2(bridge_slave_1) entered blocking state [ 664.699572][T13139] bridge0: port 2(bridge_slave_1) entered disabled state [ 664.710348][T13139] device bridge_slave_1 entered promiscuous mode [ 664.733537][T13291] IPVS: ftp: loaded support on port[0] = 21 [ 664.779205][T13139] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 664.804238][T13139] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 664.928169][T13139] team0: Port device team_slave_0 added [ 664.963353][T13139] team0: Port device team_slave_1 added [ 665.047189][T13139] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 665.054520][T13139] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 665.081379][T13139] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 665.237189][T13139] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 665.244527][T13139] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 665.270645][T13139] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 665.310637][T13291] chnl_net:caif_netlink_parms(): no params data found [ 665.323859][T13080] not chained 2600000 origins [ 665.328552][T13080] CPU: 1 PID: 13080 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 665.330161][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.330161][T13080] Call Trace: [ 665.330161][T13080] dump_stack+0x1df/0x240 [ 665.330161][T13080] kmsan_internal_chain_origin+0x6f/0x130 [ 665.330161][T13080] ? skb_recv_datagram+0x3ec/0x480 [ 665.330161][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 665.330161][T13080] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 665.330161][T13080] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 665.380312][T13080] ? bt_sock_recvmsg+0x564/0xa00 [ 665.380312][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 665.380312][T13080] ? kmsan_set_origin_checked+0x95/0xf0 [ 665.380312][T13080] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 665.380312][T13080] ? _copy_from_user+0x15b/0x260 [ 665.380312][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 665.380312][T13080] __msan_chain_origin+0x50/0x90 [ 665.380312][T13080] __get_compat_msghdr+0x5be/0x890 [ 665.380312][T13080] get_compat_msghdr+0x108/0x270 [ 665.380312][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 665.380312][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 665.380312][T13080] ? kmsan_get_metadata+0x4f/0x180 [ 665.380312][T13080] ? kmsan_internal_set_origin+0x75/0xb0 [ 665.380312][T13080] ? __msan_poison_alloca+0xf0/0x120 [ 665.380312][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 665.380312][T13080] ? __sys_recvmmsg+0xb4/0x510 [ 665.380312][T13080] ? kmsan_get_metadata+0x11d/0x180 [ 665.380312][T13080] __sys_recvmmsg+0x4ca/0x510 [ 665.380312][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 665.380312][T13080] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 665.380312][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 665.380312][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 665.380312][T13080] do_fast_syscall_32+0x6b/0xd0 [ 665.380312][T13080] do_SYSENTER_32+0x73/0x90 [ 665.380312][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 665.380312][T13080] RIP: 0023:0xf7fbe549 [ 665.380312][T13080] Code: Bad RIP value. [ 665.380312][T13080] RSP: 002b:00000000f5d770cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 665.380312][T13080] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 665.380312][T13080] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 665.380312][T13080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 665.380312][T13080] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 665.380312][T13080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 665.380312][T13080] Uninit was stored to memory at: [ 665.380312][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 665.380312][T13080] __msan_chain_origin+0x50/0x90 [ 665.380312][T13080] __get_compat_msghdr+0x5be/0x890 [ 665.380312][T13080] get_compat_msghdr+0x108/0x270 [ 665.380312][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 665.380312][T13080] __sys_recvmmsg+0x4ca/0x510 [ 665.380312][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 665.380312][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 665.380312][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 665.380312][T13080] do_fast_syscall_32+0x6b/0xd0 [ 665.380312][T13080] do_SYSENTER_32+0x73/0x90 [ 665.380312][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 665.380312][T13080] [ 665.380312][T13080] Uninit was stored to memory at: [ 665.380312][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 665.380312][T13080] __msan_chain_origin+0x50/0x90 [ 665.380312][T13080] __get_compat_msghdr+0x5be/0x890 [ 665.380312][T13080] get_compat_msghdr+0x108/0x270 [ 665.380312][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 665.380312][T13080] __sys_recvmmsg+0x4ca/0x510 [ 665.380312][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 665.380312][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 665.380312][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 665.380312][T13080] do_fast_syscall_32+0x6b/0xd0 [ 665.380312][T13080] do_SYSENTER_32+0x73/0x90 [ 665.380312][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 665.380312][T13080] [ 665.380312][T13080] Uninit was stored to memory at: [ 665.380312][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 665.380312][T13080] __msan_chain_origin+0x50/0x90 [ 665.380312][T13080] __get_compat_msghdr+0x5be/0x890 [ 665.380312][T13080] get_compat_msghdr+0x108/0x270 [ 665.380312][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 665.380312][T13080] __sys_recvmmsg+0x4ca/0x510 [ 665.380312][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 665.380312][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 665.380312][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 665.380312][T13080] do_fast_syscall_32+0x6b/0xd0 [ 665.380312][T13080] do_SYSENTER_32+0x73/0x90 [ 665.380312][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 665.380312][T13080] [ 665.380312][T13080] Uninit was stored to memory at: [ 665.380312][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 665.380312][T13080] __msan_chain_origin+0x50/0x90 [ 665.380312][T13080] __get_compat_msghdr+0x5be/0x890 [ 665.380312][T13080] get_compat_msghdr+0x108/0x270 [ 665.380312][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 665.380312][T13080] __sys_recvmmsg+0x4ca/0x510 [ 665.380312][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 665.380312][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 665.380312][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 665.380312][T13080] do_fast_syscall_32+0x6b/0xd0 [ 665.380312][T13080] do_SYSENTER_32+0x73/0x90 [ 665.380312][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 665.380312][T13080] [ 665.380312][T13080] Uninit was stored to memory at: [ 665.380312][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 665.380312][T13080] __msan_chain_origin+0x50/0x90 [ 665.380312][T13080] __get_compat_msghdr+0x5be/0x890 [ 665.380312][T13080] get_compat_msghdr+0x108/0x270 [ 665.380312][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 665.380312][T13080] __sys_recvmmsg+0x4ca/0x510 [ 665.380312][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 665.380312][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 665.380312][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 665.380312][T13080] do_fast_syscall_32+0x6b/0xd0 [ 665.380312][T13080] do_SYSENTER_32+0x73/0x90 [ 665.380312][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 665.380312][T13080] [ 665.380312][T13080] Uninit was stored to memory at: [ 665.380312][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 665.380312][T13080] __msan_chain_origin+0x50/0x90 [ 665.380312][T13080] __get_compat_msghdr+0x5be/0x890 [ 665.380312][T13080] get_compat_msghdr+0x108/0x270 [ 665.380312][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 665.380312][T13080] __sys_recvmmsg+0x4ca/0x510 [ 665.380312][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 665.380312][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 665.380312][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 665.380312][T13080] do_fast_syscall_32+0x6b/0xd0 [ 665.380312][T13080] do_SYSENTER_32+0x73/0x90 [ 665.380312][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 665.380312][T13080] [ 665.380312][T13080] Uninit was stored to memory at: [ 665.380312][T13080] kmsan_internal_chain_origin+0xad/0x130 [ 665.380312][T13080] __msan_chain_origin+0x50/0x90 [ 665.380312][T13080] __get_compat_msghdr+0x5be/0x890 [ 665.380312][T13080] get_compat_msghdr+0x108/0x270 [ 665.380312][T13080] do_recvmmsg+0xa6a/0x1ee0 [ 665.380312][T13080] __sys_recvmmsg+0x4ca/0x510 [ 665.380312][T13080] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 665.380312][T13080] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 665.380312][T13080] __do_fast_syscall_32+0x2aa/0x400 [ 665.380312][T13080] do_fast_syscall_32+0x6b/0xd0 [ 665.380312][T13080] do_SYSENTER_32+0x73/0x90 [ 665.380312][T13080] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 665.380312][T13080] [ 665.380312][T13080] Local variable ----msg_sys@do_recvmmsg created at: [ 665.380312][T13080] do_recvmmsg+0xc5/0x1ee0 [ 665.380312][T13080] do_recvmmsg+0xc5/0x1ee0 [ 666.089940][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 666.218354][T13139] device hsr_slave_0 entered promiscuous mode [ 666.251503][T13139] device hsr_slave_1 entered promiscuous mode [ 666.290723][T13139] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 666.298323][T13139] Cannot create hsr debugfs directory [ 666.572337][T13291] bridge0: port 1(bridge_slave_0) entered blocking state [ 666.579545][T13291] bridge0: port 1(bridge_slave_0) entered disabled state [ 666.589223][T13291] device bridge_slave_0 entered promiscuous mode [ 666.623672][T13072] not chained 2610000 origins [ 666.628372][T13072] CPU: 0 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 666.630184][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 666.630184][T13072] Call Trace: [ 666.630184][T13072] dump_stack+0x1df/0x240 [ 666.630184][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 666.630184][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 666.630184][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 666.630184][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 666.630184][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 666.630184][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 666.630184][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 666.630184][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 666.630184][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 666.630184][T13072] ? _copy_from_user+0x15b/0x260 [ 666.630184][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 666.630184][T13072] __msan_chain_origin+0x50/0x90 [ 666.630184][T13072] __get_compat_msghdr+0x5be/0x890 [ 666.630184][T13072] get_compat_msghdr+0x108/0x270 [ 666.630184][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 666.630184][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 666.630184][T13072] ? sched_clock_cpu+0x7c/0x930 [ 666.630184][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 666.630184][T13072] ? sched_clock_cpu+0x7c/0x930 [ 666.630184][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 666.630184][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 666.630184][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 666.630184][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 666.630184][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 666.630184][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 666.630184][T13072] __sys_recvmmsg+0x4ca/0x510 [ 666.630184][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 666.630184][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 666.630184][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 666.630184][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 666.630184][T13072] do_fast_syscall_32+0x6b/0xd0 [ 666.630184][T13072] do_SYSENTER_32+0x73/0x90 [ 666.630184][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 666.630184][T13072] RIP: 0023:0xf7fbe549 [ 666.630184][T13072] Code: Bad RIP value. [ 666.630184][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 666.630184][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 666.630184][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 666.630184][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 666.630184][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 666.630184][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 666.630184][T13072] Uninit was stored to memory at: [ 666.630184][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 666.630184][T13072] __msan_chain_origin+0x50/0x90 [ 666.630184][T13072] __get_compat_msghdr+0x5be/0x890 [ 666.630184][T13072] get_compat_msghdr+0x108/0x270 [ 666.630184][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 666.630184][T13072] __sys_recvmmsg+0x4ca/0x510 [ 666.630184][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 666.630184][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 666.630184][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 666.630184][T13072] do_fast_syscall_32+0x6b/0xd0 [ 666.630184][T13072] do_SYSENTER_32+0x73/0x90 [ 666.630184][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 666.630184][T13072] [ 666.630184][T13072] Uninit was stored to memory at: [ 666.630184][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 666.630184][T13072] __msan_chain_origin+0x50/0x90 [ 666.630184][T13072] __get_compat_msghdr+0x5be/0x890 [ 666.630184][T13072] get_compat_msghdr+0x108/0x270 [ 666.630184][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 666.630184][T13072] __sys_recvmmsg+0x4ca/0x510 [ 666.630184][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 666.630184][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 666.630184][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 666.630184][T13072] do_fast_syscall_32+0x6b/0xd0 [ 666.630184][T13072] do_SYSENTER_32+0x73/0x90 [ 666.630184][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 666.630184][T13072] [ 666.630184][T13072] Uninit was stored to memory at: [ 666.630184][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 666.630184][T13072] __msan_chain_origin+0x50/0x90 [ 666.630184][T13072] __get_compat_msghdr+0x5be/0x890 [ 666.630184][T13072] get_compat_msghdr+0x108/0x270 [ 666.630184][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 666.630184][T13072] __sys_recvmmsg+0x4ca/0x510 [ 666.630184][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 666.630184][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 666.630184][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 666.630184][T13072] do_fast_syscall_32+0x6b/0xd0 [ 666.630184][T13072] do_SYSENTER_32+0x73/0x90 [ 666.630184][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 666.630184][T13072] [ 666.630184][T13072] Uninit was stored to memory at: [ 666.630184][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 666.630184][T13072] __msan_chain_origin+0x50/0x90 [ 666.630184][T13072] __get_compat_msghdr+0x5be/0x890 [ 666.630184][T13072] get_compat_msghdr+0x108/0x270 [ 666.630184][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 666.630184][T13072] __sys_recvmmsg+0x4ca/0x510 [ 666.630184][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 666.630184][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 666.630184][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 666.630184][T13072] do_fast_syscall_32+0x6b/0xd0 [ 666.630184][T13072] do_SYSENTER_32+0x73/0x90 [ 666.630184][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 666.630184][T13072] [ 666.630184][T13072] Uninit was stored to memory at: [ 666.630184][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 666.630184][T13072] __msan_chain_origin+0x50/0x90 [ 666.630184][T13072] __get_compat_msghdr+0x5be/0x890 [ 666.630184][T13072] get_compat_msghdr+0x108/0x270 [ 666.630184][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 666.630184][T13072] __sys_recvmmsg+0x4ca/0x510 [ 666.630184][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 666.630184][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 666.630184][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 666.630184][T13072] do_fast_syscall_32+0x6b/0xd0 [ 666.630184][T13072] do_SYSENTER_32+0x73/0x90 [ 666.630184][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 666.630184][T13072] [ 666.630184][T13072] Uninit was stored to memory at: [ 666.630184][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 666.630184][T13072] __msan_chain_origin+0x50/0x90 [ 666.630184][T13072] __get_compat_msghdr+0x5be/0x890 [ 666.630184][T13072] get_compat_msghdr+0x108/0x270 [ 666.630184][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 666.630184][T13072] __sys_recvmmsg+0x4ca/0x510 [ 666.630184][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 666.630184][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 666.630184][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 666.630184][T13072] do_fast_syscall_32+0x6b/0xd0 [ 666.630184][T13072] do_SYSENTER_32+0x73/0x90 [ 666.630184][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 666.630184][T13072] [ 666.630184][T13072] Uninit was stored to memory at: [ 666.630184][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 666.630184][T13072] __msan_chain_origin+0x50/0x90 [ 666.630184][T13072] __get_compat_msghdr+0x5be/0x890 [ 666.630184][T13072] get_compat_msghdr+0x108/0x270 [ 666.630184][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 666.630184][T13072] __sys_recvmmsg+0x4ca/0x510 [ 666.630184][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 666.630184][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 666.630184][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 666.630184][T13072] do_fast_syscall_32+0x6b/0xd0 [ 666.630184][T13072] do_SYSENTER_32+0x73/0x90 [ 666.630184][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 666.630184][T13072] [ 666.630184][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 666.630184][T13072] do_recvmmsg+0xc5/0x1ee0 [ 666.630184][T13072] do_recvmmsg+0xc5/0x1ee0 [ 667.425146][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 667.449874][T13291] bridge0: port 2(bridge_slave_1) entered blocking state [ 667.457349][T13291] bridge0: port 2(bridge_slave_1) entered disabled state [ 667.467270][T13291] device bridge_slave_1 entered promiscuous mode [ 667.479300][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 667.804266][T13072] not chained 2620000 origins [ 667.808993][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 667.810156][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 667.810156][T13072] Call Trace: [ 667.810156][T13072] dump_stack+0x1df/0x240 [ 667.810156][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 667.810156][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 667.810156][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 667.810156][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 667.810156][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 667.860391][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 667.860391][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 667.860391][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 667.860391][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 667.860391][T13072] ? _copy_from_user+0x15b/0x260 [ 667.860391][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 667.860391][T13072] __msan_chain_origin+0x50/0x90 [ 667.860391][T13072] __get_compat_msghdr+0x5be/0x890 [ 667.860391][T13072] get_compat_msghdr+0x108/0x270 [ 667.860391][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 667.860391][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 667.860391][T13072] ? sched_clock_cpu+0x7c/0x930 [ 667.860391][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 667.860391][T13072] ? sched_clock_cpu+0x7c/0x930 [ 667.860391][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 667.860391][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 667.860391][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 667.860391][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 667.860391][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 667.860391][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 667.860391][T13072] __sys_recvmmsg+0x4ca/0x510 [ 667.860391][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 667.860391][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 667.860391][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 667.860391][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 667.860391][T13072] do_fast_syscall_32+0x6b/0xd0 [ 667.860391][T13072] do_SYSENTER_32+0x73/0x90 [ 667.860391][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 667.860391][T13072] RIP: 0023:0xf7fbe549 [ 667.860391][T13072] Code: Bad RIP value. [ 667.860391][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 667.860391][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 667.860391][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 667.860391][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 667.860391][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 667.860391][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 667.860391][T13072] Uninit was stored to memory at: [ 667.860391][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 667.860391][T13072] __msan_chain_origin+0x50/0x90 [ 667.860391][T13072] __get_compat_msghdr+0x5be/0x890 [ 667.860391][T13072] get_compat_msghdr+0x108/0x270 [ 667.860391][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 667.860391][T13072] __sys_recvmmsg+0x4ca/0x510 [ 667.860391][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 667.860391][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 667.860391][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 667.860391][T13072] do_fast_syscall_32+0x6b/0xd0 [ 667.860391][T13072] do_SYSENTER_32+0x73/0x90 [ 667.860391][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 667.860391][T13072] [ 667.860391][T13072] Uninit was stored to memory at: [ 667.860391][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 667.860391][T13072] __msan_chain_origin+0x50/0x90 [ 667.860391][T13072] __get_compat_msghdr+0x5be/0x890 [ 667.860391][T13072] get_compat_msghdr+0x108/0x270 [ 667.860391][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 667.860391][T13072] __sys_recvmmsg+0x4ca/0x510 [ 667.860391][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 667.860391][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 667.860391][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 667.860391][T13072] do_fast_syscall_32+0x6b/0xd0 [ 667.860391][T13072] do_SYSENTER_32+0x73/0x90 [ 667.860391][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 667.860391][T13072] [ 668.207289][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 667.860391][T13072] Uninit was stored to memory at: [ 668.220183][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 668.220183][T13072] __msan_chain_origin+0x50/0x90 [ 668.220183][T13072] __get_compat_msghdr+0x5be/0x890 [ 668.220183][T13072] get_compat_msghdr+0x108/0x270 [ 668.241437][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 668.220183][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 668.220183][T13072] __sys_recvmmsg+0x4ca/0x510 [ 668.220183][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 668.220183][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 668.220183][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 668.220183][T13072] do_fast_syscall_32+0x6b/0xd0 [ 668.278884][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 668.220183][T13072] do_SYSENTER_32+0x73/0x90 [ 668.220183][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 668.220183][T13072] [ 668.220183][T13072] Uninit was stored to memory at: [ 668.220183][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 668.220183][T13072] __msan_chain_origin+0x50/0x90 [ 668.220183][T13072] __get_compat_msghdr+0x5be/0x890 [ 668.220183][T13072] get_compat_msghdr+0x108/0x270 [ 668.220183][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 668.220183][T13072] __sys_recvmmsg+0x4ca/0x510 [ 668.220183][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 668.220183][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 668.220183][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 668.220183][T13072] do_fast_syscall_32+0x6b/0xd0 [ 668.220183][T13072] do_SYSENTER_32+0x73/0x90 [ 668.220183][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 668.220183][T13072] [ 668.220183][T13072] Uninit was stored to memory at: [ 668.220183][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 668.220183][T13072] __msan_chain_origin+0x50/0x90 [ 668.220183][T13072] __get_compat_msghdr+0x5be/0x890 [ 668.220183][T13072] get_compat_msghdr+0x108/0x270 [ 668.220183][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 668.220183][T13072] __sys_recvmmsg+0x4ca/0x510 [ 668.220183][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 668.220183][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 668.220183][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 668.220183][T13072] do_fast_syscall_32+0x6b/0xd0 [ 668.220183][T13072] do_SYSENTER_32+0x73/0x90 [ 668.220183][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 668.220183][T13072] [ 668.220183][T13072] Uninit was stored to memory at: [ 668.220183][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 668.220183][T13072] __msan_chain_origin+0x50/0x90 [ 668.220183][T13072] __get_compat_msghdr+0x5be/0x890 [ 668.220183][T13072] get_compat_msghdr+0x108/0x270 [ 668.220183][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 668.220183][T13072] __sys_recvmmsg+0x4ca/0x510 [ 668.220183][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 668.220183][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 668.220183][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 668.220183][T13072] do_fast_syscall_32+0x6b/0xd0 [ 668.220183][T13072] do_SYSENTER_32+0x73/0x90 [ 668.220183][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 668.220183][T13072] [ 668.220183][T13072] Uninit was stored to memory at: [ 668.220183][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 668.220183][T13072] __msan_chain_origin+0x50/0x90 [ 668.220183][T13072] __get_compat_msghdr+0x5be/0x890 [ 668.220183][T13072] get_compat_msghdr+0x108/0x270 [ 668.220183][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 668.220183][T13072] __sys_recvmmsg+0x4ca/0x510 [ 668.220183][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 668.220183][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 668.220183][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 668.220183][T13072] do_fast_syscall_32+0x6b/0xd0 [ 668.220183][T13072] do_SYSENTER_32+0x73/0x90 [ 668.220183][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 668.220183][T13072] [ 668.220183][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 668.220183][T13072] do_recvmmsg+0xc5/0x1ee0 [ 668.220183][T13072] do_recvmmsg+0xc5/0x1ee0 [ 668.611266][ T1] systemd[1]: systemd-journald.service: Start operation timed out. Terminating. [ 668.630080][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 668.677847][T13291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 668.689985][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 668.855842][T13291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 668.942633][ T253] device hsr_slave_0 left promiscuous mode [ 668.968541][T13072] not chained 2630000 origins [ 668.970175][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 668.970175][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.970175][T13072] Call Trace: [ 668.970175][T13072] dump_stack+0x1df/0x240 [ 668.970175][T13072] kmsan_internal_chain_origin+0x6f/0x130 [ 668.970175][T13072] ? skb_recv_datagram+0x3ec/0x480 [ 668.970175][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 668.970175][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 668.970175][T13072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 668.970175][T13072] ? bt_sock_recvmsg+0x564/0xa00 [ 668.970175][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 668.970175][T13072] ? kmsan_set_origin_checked+0x95/0xf0 [ 668.970175][T13072] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 668.970175][T13072] ? _copy_from_user+0x15b/0x260 [ 668.970175][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 668.970175][T13072] __msan_chain_origin+0x50/0x90 [ 668.970175][T13072] __get_compat_msghdr+0x5be/0x890 [ 668.970175][T13072] get_compat_msghdr+0x108/0x270 [ 668.970175][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 668.970175][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 668.970175][T13072] ? sched_clock_cpu+0x7c/0x930 [ 668.970175][T13072] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 668.970175][T13072] ? sched_clock_cpu+0x7c/0x930 [ 668.970175][T13072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 668.970175][T13072] ? kmsan_get_metadata+0x4f/0x180 [ 668.970175][T13072] ? kmsan_internal_set_origin+0x75/0xb0 [ 668.970175][T13072] ? __msan_poison_alloca+0xf0/0x120 [ 668.970175][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 668.970175][T13072] ? __sys_recvmmsg+0xb4/0x510 [ 668.970175][T13072] __sys_recvmmsg+0x4ca/0x510 [ 668.970175][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 668.970175][T13072] ? __x32_compat_sys_recvmmsg_time64+0x80/0x80 [ 668.970175][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 668.970175][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 668.970175][T13072] do_fast_syscall_32+0x6b/0xd0 [ 668.970175][T13072] do_SYSENTER_32+0x73/0x90 [ 668.970175][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 668.970175][T13072] RIP: 0023:0xf7fbe549 [ 669.178622][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 668.970175][T13072] Code: Bad RIP value. [ 668.970175][T13072] RSP: 002b:00000000f5db90cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 668.970175][T13072] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 668.970175][T13072] RDX: 0000000004000223 RSI: 0000000000000000 RDI: 0000000000000000 [ 668.970175][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 668.970175][T13072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 668.970175][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 668.970175][T13072] Uninit was stored to memory at: [ 668.970175][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 668.970175][T13072] __msan_chain_origin+0x50/0x90 [ 668.970175][T13072] __get_compat_msghdr+0x5be/0x890 [ 668.970175][T13072] get_compat_msghdr+0x108/0x270 [ 668.970175][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 668.970175][T13072] __sys_recvmmsg+0x4ca/0x510 [ 668.970175][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 668.970175][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 668.970175][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 668.970175][T13072] do_fast_syscall_32+0x6b/0xd0 [ 668.970175][T13072] do_SYSENTER_32+0x73/0x90 [ 668.970175][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 668.970175][T13072] [ 668.970175][T13072] Uninit was stored to memory at: [ 668.970175][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 668.970175][T13072] __msan_chain_origin+0x50/0x90 [ 668.970175][T13072] __get_compat_msghdr+0x5be/0x890 [ 668.970175][T13072] get_compat_msghdr+0x108/0x270 [ 669.190291][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 669.190291][T13072] __sys_recvmmsg+0x4ca/0x510 [ 669.190291][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 669.190291][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 669.190291][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 669.360724][T13072] do_fast_syscall_32+0x6b/0xd0 [ 669.360724][T13072] do_SYSENTER_32+0x73/0x90 [ 669.360724][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 669.360724][T13072] [ 669.360724][T13072] Uninit was stored to memory at: [ 669.360724][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 669.360724][T13072] __msan_chain_origin+0x50/0x90 [ 669.360724][T13072] __get_compat_msghdr+0x5be/0x890 [ 669.360724][T13072] get_compat_msghdr+0x108/0x270 [ 669.360724][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 669.360724][T13072] __sys_recvmmsg+0x4ca/0x510 [ 669.360724][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 669.360724][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 669.360724][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 669.360724][T13072] do_fast_syscall_32+0x6b/0xd0 [ 669.360724][T13072] do_SYSENTER_32+0x73/0x90 [ 669.360724][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 669.360724][T13072] [ 669.360724][T13072] Uninit was stored to memory at: [ 669.360724][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 669.360724][T13072] __msan_chain_origin+0x50/0x90 [ 669.360724][T13072] __get_compat_msghdr+0x5be/0x890 [ 669.360724][T13072] get_compat_msghdr+0x108/0x270 [ 669.360724][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 669.360724][T13072] __sys_recvmmsg+0x4ca/0x510 [ 669.360724][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 669.360724][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 669.360724][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 669.360724][T13072] do_fast_syscall_32+0x6b/0xd0 [ 669.360724][T13072] do_SYSENTER_32+0x73/0x90 [ 669.360724][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 669.360724][T13072] [ 669.360724][T13072] Uninit was stored to memory at: [ 669.360724][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 669.360724][T13072] __msan_chain_origin+0x50/0x90 [ 669.536122][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 669.360724][T13072] __get_compat_msghdr+0x5be/0x890 [ 669.360724][T13072] get_compat_msghdr+0x108/0x270 [ 669.360724][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 669.360724][T13072] __sys_recvmmsg+0x4ca/0x510 [ 669.360724][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 669.360724][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 669.360724][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 669.582467][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 669.360724][T13072] do_fast_syscall_32+0x6b/0xd0 [ 669.360724][T13072] do_SYSENTER_32+0x73/0x90 [ 669.597890][T13087] systemd-journald[13087]: /dev/kmsg buffer overrun, some messages lost. [ 669.360724][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 669.360724][T13072] [ 669.360724][T13072] Uninit was stored to memory at: [ 669.360724][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 669.360724][T13072] __msan_chain_origin+0x50/0x90 [ 669.360724][T13072] __get_compat_msghdr+0x5be/0x890 [ 669.360724][T13072] get_compat_msghdr+0x108/0x270 [ 669.360724][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 669.360724][T13072] __sys_recvmmsg+0x4ca/0x510 [ 669.360724][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 669.360724][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 669.360724][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 669.360724][T13072] do_fast_syscall_32+0x6b/0xd0 [ 669.360724][T13072] do_SYSENTER_32+0x73/0x90 [ 669.360724][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 669.360724][T13072] [ 669.360724][T13072] Uninit was stored to memory at: [ 669.360724][T13072] kmsan_internal_chain_origin+0xad/0x130 [ 669.360724][T13072] __msan_chain_origin+0x50/0x90 [ 669.360724][T13072] __get_compat_msghdr+0x5be/0x890 [ 669.360724][T13072] get_compat_msghdr+0x108/0x270 [ 669.360724][T13072] do_recvmmsg+0xa6a/0x1ee0 [ 669.360724][T13072] __sys_recvmmsg+0x4ca/0x510 [ 669.360724][T13072] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 669.360724][T13072] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 669.360724][T13072] __do_fast_syscall_32+0x2aa/0x400 [ 669.360724][T13072] do_fast_syscall_32+0x6b/0xd0 [ 669.360724][T13072] do_SYSENTER_32+0x73/0x90 [ 669.360724][T13072] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 669.360724][T13072] [ 669.360724][T13072] Local variable ----msg_sys@do_recvmmsg created at: [ 669.360724][T13072] do_recvmmsg+0xc5/0x1ee0 [ 669.360724][T13072] do_recvmmsg+0xc5/0x1ee0 [ 669.784868][ T253] device hsr_slave_1 left promiscuous mode [ 669.883914][ T253] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 669.891750][ T253] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 669.910600][ T253] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 669.918176][ T253] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 669.933601][ T253] device bridge_slave_1 left promiscuous mode [ 669.940484][ T253] bridge0: port 2(bridge_slave_1) entered disabled state [ 670.015792][ T253] device bridge_slave_0 left promiscuous mode [ 670.022758][ T253] bridge0: port 1(bridge_slave_0) entered disabled state [ 670.085037][ T253] device veth1_macvtap left promiscuous mode [ 670.091360][ T253] device veth0_macvtap left promiscuous mode [ 670.097456][ T253] device veth1_vlan left promiscuous mode [ 670.103481][ T253] device veth0_vlan left promiscuous mode [ 673.867133][ T253] bond1 (unregistering): Released all slaves [ 674.111116][ T253] team0 (unregistering): Port device team_slave_1 removed [ 674.136316][ T253] team0 (unregistering): Port device team_slave_0 removed [ 674.167778][ T253] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 674.234966][ T253] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 674.460613][ T253] bond0 (unregistering): Released all slaves [ 675.073455][T13291] team0: Port device team_slave_0 added [ 675.086080][T13291] team0: Port device team_slave_1 added 14:03:32 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)={0x2c, r3, 0xd, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}}, 0x0) [ 675.259825][T13291] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 675.267608][T13291] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 675.293815][T13291] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 675.404735][T13139] 8021q: adding VLAN 0 to HW filter on device bond0 [ 675.433114][T13291] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 675.441243][T13291] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 675.467353][T13291] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 675.511962][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 675.521280][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 675.565180][T13139] 8021q: adding VLAN 0 to HW filter on device team0 [ 675.657259][T13291] device hsr_slave_0 entered promiscuous mode [ 675.703354][T13291] device hsr_slave_1 entered promiscuous mode [ 675.765700][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 675.775523][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 675.784799][T11514] bridge0: port 1(bridge_slave_0) entered blocking state [ 675.792073][T11514] bridge0: port 1(bridge_slave_0) entered forwarding state [ 675.889576][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 675.898798][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 675.908726][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 675.917954][T11458] bridge0: port 2(bridge_slave_1) entered blocking state [ 675.925266][T11458] bridge0: port 2(bridge_slave_1) entered forwarding state [ 675.935901][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 675.946849][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 676.147162][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 676.158861][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 676.169235][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 676.179495][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 676.189717][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 676.199264][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 676.208677][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 676.218192][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 676.234940][T13139] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 676.439120][T13139] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 676.471088][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 676.481292][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 676.489183][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 676.743603][T13291] 8021q: adding VLAN 0 to HW filter on device bond0 [ 676.798731][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 676.808174][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 676.828544][T13291] 8021q: adding VLAN 0 to HW filter on device team0 [ 676.911409][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 676.921933][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 676.993558][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 677.003476][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 677.012767][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 677.019953][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 677.029151][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 677.038952][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 677.048400][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 677.055795][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 677.064948][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 677.075842][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 677.106680][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 677.116241][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 677.126764][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 677.148166][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 677.190741][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 677.202113][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 677.212635][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 677.222342][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 677.232777][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 677.242589][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 677.260570][T13139] device veth0_vlan entered promiscuous mode [ 677.278798][T13291] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 677.292674][T13291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 677.318912][T13139] device veth1_vlan entered promiscuous mode [ 677.451448][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 677.460829][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 677.469770][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 677.482964][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 677.492474][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 677.502125][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 677.633413][T11519] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 677.643801][T11519] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 677.773671][T13139] device veth0_macvtap entered promiscuous mode [ 677.793887][T13291] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 677.807349][T13139] device veth1_macvtap entered promiscuous mode [ 677.818560][ T9426] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 677.827936][ T9426] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 677.837134][ T9426] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 677.845022][ T9426] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 678.046931][T13139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 678.058603][T13139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.068709][T13139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 678.079318][T13139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.089353][T13139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 678.099972][T13139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.110028][T13139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 678.120605][T13139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.130614][T13139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 678.141205][T13139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.155215][T13139] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 678.184329][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 678.194590][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 678.249771][T13139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 678.261583][T13139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.271639][T13139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 678.282222][T13139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.292222][T13139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 678.302800][T13139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.312808][T13139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 678.323385][T13139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.333374][T13139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 678.343926][T13139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.357840][T13139] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 678.372564][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 678.382829][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 678.480083][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 678.490529][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 678.788315][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 678.798023][T11514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 678.820870][T13291] device veth0_vlan entered promiscuous mode [ 678.866907][T13583] IPVS: ftp: loaded support on port[0] = 21 [ 679.155900][T13291] device veth1_vlan entered promiscuous mode [ 679.170899][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 679.179962][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 679.189128][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 680.138435][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 680.148782][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 680.186432][T13291] device veth0_macvtap entered promiscuous mode [ 680.266797][T13291] device veth1_macvtap entered promiscuous mode [ 680.288173][ T253] tipc: TX() has been purged, node left! [ 680.342675][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 680.352244][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 680.530427][ T253] tipc: TX() has been purged, node left! [ 680.593963][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 680.604727][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 680.614861][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 680.625578][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 680.635607][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 680.646308][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 680.656734][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 680.667504][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 680.677665][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 680.688315][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 680.698439][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 680.709202][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 680.723652][T13291] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 681.934910][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 681.945420][T11458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 681.961710][T13583] chnl_net:caif_netlink_parms(): no params data found [ 681.984264][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 681.995438][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.006495][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 682.017216][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.027251][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 682.037850][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.047869][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 682.058469][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.068515][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 682.079118][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.089190][T13291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 682.099850][T13291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.114242][T13291] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 682.124776][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 682.135086][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 14:03:40 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x0, 0x4, 0x0) connect$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) sendmmsg(r0, &(0x7f0000000080), 0x1a1, 0x0) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="2400000064000100000200"/20, @ANYRES32=r4, @ANYBLOB='\x00'/12], 0x24}}, 0x0) accept4$packet(0xffffffffffffffff, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0, 0x180000) 14:03:40 executing program 5: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x8) write$tun(r1, &(0x7f0000000140)=ANY=[], 0x2a) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) 14:03:40 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x3b, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2b, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x0, &(0x7f0000000840)=ANY=[], 0x8) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 14:03:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendfile(r0, 0xffffffffffffffff, 0x0, 0x320f) [ 683.740453][T13797] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 683.769792][T13796] ===================================================== [ 683.773916][T13796] BUG: KMSAN: uninit-value in bpf_skb_get_nlattr_nest+0x14c/0x2f0 [ 683.773916][T13796] CPU: 0 PID: 13796 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 683.773916][T13796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.773916][T13796] Call Trace: [ 683.773916][T13796] dump_stack+0x1df/0x240 [ 683.773916][T13796] kmsan_report+0xf7/0x1e0 [ 683.773916][T13796] __msan_warning+0x58/0xa0 [ 683.773916][T13796] bpf_skb_get_nlattr_nest+0x14c/0x2f0 [ 683.773916][T13796] ___bpf_prog_run+0x214d/0x97a0 [ 683.773916][T13796] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 683.773916][T13796] ? bpf_skb_get_nlattr+0x290/0x290 [ 683.773916][T13796] __bpf_prog_run32+0x101/0x170 [ 683.773916][T13796] ? kmsan_get_metadata+0x4f/0x180 [ 683.773916][T13796] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 683.773916][T13796] ? ___bpf_prog_run+0x97a0/0x97a0 [ 683.773916][T13796] sk_filter_trim_cap+0x42a/0xcc0 [ 683.773916][T13796] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 683.773916][T13796] ? kmsan_get_metadata+0x11d/0x180 [ 683.773916][T13796] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 683.773916][T13796] unix_dgram_sendmsg+0x1987/0x3c30 [ 683.773916][T13796] ? kmsan_get_metadata+0x4f/0x180 [ 683.773916][T13796] unix_seqpacket_sendmsg+0x26c/0x2e0 [ 683.773916][T13796] ? unix_dgram_peer_wake_me+0x7e0/0x7e0 [ 683.773916][T13796] kernel_sendmsg+0x433/0x440 [ 683.773916][T13796] sock_no_sendpage+0x235/0x300 [ 683.773916][T13796] ? sock_no_mmap+0x30/0x30 [ 683.773916][T13796] sock_sendpage+0x1e1/0x2c0 [ 683.773916][T13796] pipe_to_sendpage+0x38c/0x4c0 [ 683.773916][T13796] ? sock_fasync+0x250/0x250 [ 683.773916][T13796] __splice_from_pipe+0x565/0xf00 [ 683.773916][T13796] ? generic_splice_sendpage+0x2d0/0x2d0 [ 683.773916][T13796] generic_splice_sendpage+0x1d5/0x2d0 [ 683.773916][T13796] ? iter_file_splice_write+0x1800/0x1800 [ 683.773916][T13796] do_splice+0x2249/0x30a0 [ 683.773916][T13796] ? __msan_poison_alloca+0xf0/0x120 [ 683.773916][T13796] ? kmsan_get_metadata+0x4f/0x180 [ 683.773916][T13796] ? kmsan_internal_set_origin+0x75/0xb0 [ 683.773916][T13796] ? kmsan_get_metadata+0x4f/0x180 [ 683.773916][T13796] ? kmsan_get_metadata+0x11d/0x180 [ 683.773916][T13796] ? kmsan_set_origin_checked+0x95/0xf0 [ 683.773916][T13796] __se_sys_splice+0x271/0x420 [ 683.773916][T13796] ? __se_sys_splice+0x420/0x420 [ 683.773916][T13796] __ia32_sys_splice+0x6e/0x90 [ 683.773916][T13796] __do_fast_syscall_32+0x2aa/0x400 [ 683.773916][T13796] do_fast_syscall_32+0x6b/0xd0 [ 683.773916][T13796] do_SYSENTER_32+0x73/0x90 [ 683.773916][T13796] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 683.773916][T13796] RIP: 0023:0xf7f9a549 [ 683.773916][T13796] Code: Bad RIP value. [ 683.773916][T13796] RSP: 002b:00000000f5d740cc EFLAGS: 00000296 ORIG_RAX: 0000000000000139 [ 683.773916][T13796] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 683.773916][T13796] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000010005 [ 683.773916][T13796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 683.773916][T13796] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 683.773916][T13796] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 683.773916][T13796] [ 683.773916][T13796] Uninit was stored to memory at: [ 683.773916][T13796] kmsan_internal_chain_origin+0xad/0x130 [ 683.773916][T13796] __msan_chain_origin+0x50/0x90 [ 683.773916][T13796] ___bpf_prog_run+0x6cbe/0x97a0 [ 683.773916][T13796] __bpf_prog_run32+0x101/0x170 [ 683.773916][T13796] sk_filter_trim_cap+0x42a/0xcc0 [ 683.773916][T13796] unix_dgram_sendmsg+0x1987/0x3c30 [ 683.773916][T13796] unix_seqpacket_sendmsg+0x26c/0x2e0 [ 683.773916][T13796] kernel_sendmsg+0x433/0x440 [ 683.773916][T13796] sock_no_sendpage+0x235/0x300 [ 683.773916][T13796] sock_sendpage+0x1e1/0x2c0 [ 683.773916][T13796] pipe_to_sendpage+0x38c/0x4c0 [ 683.773916][T13796] __splice_from_pipe+0x565/0xf00 [ 683.773916][T13796] generic_splice_sendpage+0x1d5/0x2d0 [ 683.773916][T13796] do_splice+0x2249/0x30a0 [ 683.773916][T13796] __se_sys_splice+0x271/0x420 [ 683.773916][T13796] __ia32_sys_splice+0x6e/0x90 [ 683.773916][T13796] __do_fast_syscall_32+0x2aa/0x400 [ 683.773916][T13796] do_fast_syscall_32+0x6b/0xd0 [ 683.773916][T13796] do_SYSENTER_32+0x73/0x90 [ 683.773916][T13796] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 683.773916][T13796] [ 683.773916][T13796] Uninit was stored to memory at: [ 683.773916][T13796] kmsan_internal_chain_origin+0xad/0x130 [ 683.773916][T13796] __msan_chain_origin+0x50/0x90 [ 683.773916][T13796] ___bpf_prog_run+0x6c64/0x97a0 [ 683.773916][T13796] __bpf_prog_run32+0x101/0x170 [ 683.773916][T13796] sk_filter_trim_cap+0x42a/0xcc0 [ 683.773916][T13796] unix_dgram_sendmsg+0x1987/0x3c30 [ 683.773916][T13796] unix_seqpacket_sendmsg+0x26c/0x2e0 [ 683.773916][T13796] kernel_sendmsg+0x433/0x440 [ 683.773916][T13796] sock_no_sendpage+0x235/0x300 [ 683.773916][T13796] sock_sendpage+0x1e1/0x2c0 [ 683.773916][T13796] pipe_to_sendpage+0x38c/0x4c0 [ 683.773916][T13796] __splice_from_pipe+0x565/0xf00 [ 683.773916][T13796] generic_splice_sendpage+0x1d5/0x2d0 [ 683.773916][T13796] do_splice+0x2249/0x30a0 [ 683.773916][T13796] __se_sys_splice+0x271/0x420 [ 683.773916][T13796] __ia32_sys_splice+0x6e/0x90 [ 683.773916][T13796] __do_fast_syscall_32+0x2aa/0x400 [ 683.773916][T13796] do_fast_syscall_32+0x6b/0xd0 [ 683.773916][T13796] do_SYSENTER_32+0x73/0x90 [ 683.773916][T13796] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 683.773916][T13796] [ 683.773916][T13796] Local variable ----regs@__bpf_prog_run32 created at: [ 683.773916][T13796] __bpf_prog_run32+0x87/0x170 [ 683.773916][T13796] __bpf_prog_run32+0x87/0x170 [ 683.773916][T13796] ===================================================== [ 683.773916][T13796] Disabling lock debugging due to kernel taint [ 683.773916][T13796] Kernel panic - not syncing: panic_on_warn set ... [ 683.773916][T13796] CPU: 0 PID: 13796 Comm: syz-executor.5 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 683.773916][T13796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.773916][T13796] Call Trace: [ 683.773916][T13796] dump_stack+0x1df/0x240 [ 683.773916][T13796] panic+0x3d5/0xc3e [ 683.773916][T13796] kmsan_report+0x1df/0x1e0 [ 683.773916][T13796] __msan_warning+0x58/0xa0 [ 683.773916][T13796] bpf_skb_get_nlattr_nest+0x14c/0x2f0 [ 683.773916][T13796] ___bpf_prog_run+0x214d/0x97a0 [ 683.773916][T13796] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 683.773916][T13796] ? bpf_skb_get_nlattr+0x290/0x290 [ 683.773916][T13796] __bpf_prog_run32+0x101/0x170 [ 683.773916][T13796] ? kmsan_get_metadata+0x4f/0x180 [ 683.773916][T13796] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 683.773916][T13796] ? ___bpf_prog_run+0x97a0/0x97a0 [ 683.773916][T13796] sk_filter_trim_cap+0x42a/0xcc0 [ 683.773916][T13796] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 683.773916][T13796] ? kmsan_get_metadata+0x11d/0x180 [ 683.773916][T13796] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 683.773916][T13796] unix_dgram_sendmsg+0x1987/0x3c30 [ 683.773916][T13796] ? kmsan_get_metadata+0x4f/0x180 [ 683.773916][T13796] unix_seqpacket_sendmsg+0x26c/0x2e0 [ 683.773916][T13796] ? unix_dgram_peer_wake_me+0x7e0/0x7e0 [ 683.773916][T13796] kernel_sendmsg+0x433/0x440 [ 683.773916][T13796] sock_no_sendpage+0x235/0x300 [ 683.773916][T13796] ? sock_no_mmap+0x30/0x30 [ 683.773916][T13796] sock_sendpage+0x1e1/0x2c0 [ 683.773916][T13796] pipe_to_sendpage+0x38c/0x4c0 [ 683.773916][T13796] ? sock_fasync+0x250/0x250 [ 683.773916][T13796] __splice_from_pipe+0x565/0xf00 [ 683.773916][T13796] ? generic_splice_sendpage+0x2d0/0x2d0 [ 683.773916][T13796] generic_splice_sendpage+0x1d5/0x2d0 [ 683.773916][T13796] ? iter_file_splice_write+0x1800/0x1800 [ 683.773916][T13796] do_splice+0x2249/0x30a0 [ 683.773916][T13796] ? __msan_poison_alloca+0xf0/0x120 [ 683.773916][T13796] ? kmsan_get_metadata+0x4f/0x180 [ 683.773916][T13796] ? kmsan_internal_set_origin+0x75/0xb0 [ 683.773916][T13796] ? kmsan_get_metadata+0x4f/0x180 [ 683.773916][T13796] ? kmsan_get_metadata+0x11d/0x180 [ 683.773916][T13796] ? kmsan_set_origin_checked+0x95/0xf0 [ 683.773916][T13796] __se_sys_splice+0x271/0x420 [ 683.773916][T13796] ? __se_sys_splice+0x420/0x420 [ 683.773916][T13796] __ia32_sys_splice+0x6e/0x90 [ 683.773916][T13796] __do_fast_syscall_32+0x2aa/0x400 [ 683.773916][T13796] do_fast_syscall_32+0x6b/0xd0 [ 683.773916][T13796] do_SYSENTER_32+0x73/0x90 [ 683.773916][T13796] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 683.773916][T13796] RIP: 0023:0xf7f9a549 [ 683.773916][T13796] Code: Bad RIP value. [ 683.773916][T13796] RSP: 002b:00000000f5d740cc EFLAGS: 00000296 ORIG_RAX: 0000000000000139 [ 683.773916][T13796] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 683.773916][T13796] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000010005 [ 683.773916][T13796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 683.773916][T13796] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 683.773916][T13796] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 683.773916][T13796] Kernel Offset: 0x5200000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 683.773916][T13796] Rebooting in 86400 seconds..