][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1528.013542][T18410] ___sys_recvmsg+0x19d/0x870 [ 1528.018377][T18410] do_recvmmsg+0x63a/0x10a0 [ 1528.023183][T18410] __sys_recvmmsg+0x113/0x450 [ 1528.028025][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1528.034592][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1528.039779][T18410] do_fast_syscall_32+0x33/0x70 [ 1528.044919][T18410] do_SYSENTER_32+0x1b/0x20 [ 1528.049578][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1528.056259][T18410] [ 1528.058663][T18410] Uninit was stored to memory at: [ 1528.064007][T18410] __get_compat_msghdr+0x514/0x750 [ 1528.069319][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1528.074512][T18410] ___sys_recvmsg+0x19d/0x870 [ 1528.079354][T18410] do_recvmmsg+0x63a/0x10a0 [ 1528.084159][T18410] __sys_recvmmsg+0x113/0x450 [ 1528.088998][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1528.095559][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1528.100742][T18410] do_fast_syscall_32+0x33/0x70 [ 1528.105873][T18410] do_SYSENTER_32+0x1b/0x20 [ 1528.110525][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1528.117197][T18410] [ 1528.119604][T18410] Uninit was stored to memory at: [ 1528.124953][T18410] __get_compat_msghdr+0x514/0x750 [ 1528.130269][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1528.135453][T18410] ___sys_recvmsg+0x19d/0x870 [ 1528.140283][T18410] do_recvmmsg+0x63a/0x10a0 [ 1528.145065][T18410] __sys_recvmmsg+0x113/0x450 [ 1528.149903][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1528.156454][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1528.161649][T18410] do_fast_syscall_32+0x33/0x70 [ 1528.166780][T18410] do_SYSENTER_32+0x1b/0x20 [ 1528.171445][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1528.178130][T18410] [ 1528.180539][T18410] Uninit was stored to memory at: [ 1528.185967][T18410] __get_compat_msghdr+0x514/0x750 [ 1528.191283][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1528.196474][T18410] ___sys_recvmsg+0x19d/0x870 [ 1528.201307][T18410] do_recvmmsg+0x63a/0x10a0 [ 1528.206148][T18410] __sys_recvmmsg+0x113/0x450 [ 1528.210978][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1528.217520][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1528.222794][T18410] do_fast_syscall_32+0x33/0x70 [ 1528.227796][T18410] do_SYSENTER_32+0x1b/0x20 [ 1528.232565][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1528.239123][T18410] [ 1528.241522][T18410] Uninit was stored to memory at: [ 1528.246898][T18410] __get_compat_msghdr+0x514/0x750 [ 1528.252392][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1528.257465][T18410] ___sys_recvmsg+0x19d/0x870 [ 1528.262439][T18410] do_recvmmsg+0x63a/0x10a0 [ 1528.267109][T18410] __sys_recvmmsg+0x113/0x450 [ 1528.271946][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1528.278556][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1528.283851][T18410] do_fast_syscall_32+0x33/0x70 [ 1528.288861][T18410] do_SYSENTER_32+0x1b/0x20 [ 1528.293699][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1528.300254][T18410] [ 1528.302839][T18410] Uninit was stored to memory at: [ 1528.308083][T18410] __get_compat_msghdr+0x514/0x750 02:33:16 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) 02:33:16 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) 02:33:16 executing program 4: ppoll(0x0, 0x0, &(0x7f0000000200)={0x0, 0x3938700}, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x3) [ 1528.313587][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1528.318652][T18410] ___sys_recvmsg+0x19d/0x870 [ 1528.323685][T18410] do_recvmmsg+0x63a/0x10a0 [ 1528.328348][T18410] __sys_recvmmsg+0x113/0x450 [ 1528.333372][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1528.339803][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1528.345134][T18410] do_fast_syscall_32+0x33/0x70 [ 1528.350151][T18410] do_SYSENTER_32+0x1b/0x20 [ 1528.354934][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1528.361527][T18410] [ 1528.364073][T18410] Local variable msg_sys created at: [ 1528.369468][T18410] do_recvmmsg+0x5f/0x10a0 [ 1528.374186][T18410] __sys_recvmmsg+0x113/0x450 02:33:16 executing program 4: ppoll(0x0, 0x0, &(0x7f0000000200)={0x0, 0x3938700}, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x3) [ 1528.758429][T18424] not chained 1730000 origins [ 1528.763578][T18424] CPU: 1 PID: 18424 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1528.774267][T18424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1528.784476][T18424] Call Trace: [ 1528.787847][T18424] [ 1528.790860][T18424] dump_stack_lvl+0x1c8/0x256 [ 1528.795744][T18424] dump_stack+0x1a/0x1c [ 1528.800079][T18424] kmsan_internal_chain_origin+0x78/0x120 [ 1528.805966][T18424] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1528.812203][T18424] ? kmsan_get_metadata+0x33/0x220 [ 1528.817487][T18424] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1528.823939][T18424] ? kmsan_get_metadata+0x33/0x220 [ 1528.829240][T18424] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1528.835244][T18424] ? kmsan_get_metadata+0x33/0x220 [ 1528.840533][T18424] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1528.846509][T18424] ? __get_compat_msghdr+0x5b/0x750 [ 1528.851898][T18424] ? kmsan_get_metadata+0x33/0x220 [ 1528.857167][T18424] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1528.863150][T18424] ? should_fail+0x3f/0x810 [ 1528.867821][T18424] ? __stack_depot_save+0x21/0x4b0 [ 1528.873097][T18424] ? kmsan_get_metadata+0x33/0x220 [ 1528.878395][T18424] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1528.884815][T18424] ? kmsan_get_metadata+0x33/0x220 [ 1528.890087][T18424] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1528.896064][T18424] __msan_chain_origin+0xbd/0x140 [ 1528.901255][T18424] __get_compat_msghdr+0x514/0x750 [ 1528.906854][T18424] get_compat_msghdr+0x8c/0x1c0 [ 1528.911892][T18424] ? ___sys_recvmsg+0xa9/0x870 [ 1528.916794][T18424] ? do_recvmmsg+0x63a/0x10a0 [ 1528.921618][T18424] ___sys_recvmsg+0x19d/0x870 [ 1528.926448][T18424] ? __schedule+0x1609/0x21d0 [ 1528.931285][T18424] ? kmsan_get_metadata+0x33/0x220 [ 1528.936560][T18424] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1528.942538][T18424] ? kmsan_get_metadata+0x33/0x220 [ 1528.947808][T18424] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1528.953790][T18424] do_recvmmsg+0x63a/0x10a0 [ 1528.958462][T18424] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1528.964883][T18424] ? __sys_recvmmsg+0x52/0x450 [ 1528.969783][T18424] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1528.976366][T18424] __sys_recvmmsg+0x113/0x450 [ 1528.981188][T18424] ? kmsan_get_metadata+0x33/0x220 [ 1528.986475][T18424] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1528.993019][T18424] __do_fast_syscall_32+0x95/0xf0 [ 1528.998209][T18424] ? exit_to_user_mode_prepare+0x119/0x220 [ 1529.004177][T18424] do_fast_syscall_32+0x33/0x70 [ 1529.009170][T18424] do_SYSENTER_32+0x1b/0x20 [ 1529.013808][T18424] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1529.020342][T18424] RIP: 0023:0xf7fc4549 [ 1529.024526][T18424] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1529.044302][T18424] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1529.052866][T18424] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1529.060964][T18424] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1529.069052][T18424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1529.077137][T18424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1529.085224][T18424] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1529.093339][T18424] [ 1529.107322][T18424] Uninit was stored to memory at: [ 1529.114147][T18424] __get_compat_msghdr+0x514/0x750 [ 1529.119474][T18424] get_compat_msghdr+0x8c/0x1c0 [ 1529.124622][T18424] ___sys_recvmsg+0x19d/0x870 [ 1529.129459][T18424] do_recvmmsg+0x63a/0x10a0 [ 1529.134206][T18424] __sys_recvmmsg+0x113/0x450 [ 1529.139063][T18424] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1529.145609][T18424] __do_fast_syscall_32+0x95/0xf0 [ 1529.150806][T18424] do_fast_syscall_32+0x33/0x70 [ 1529.155918][T18424] do_SYSENTER_32+0x1b/0x20 [ 1529.160580][T18424] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1529.167247][T18424] [ 1529.169658][T18424] Uninit was stored to memory at: [ 1529.175026][T18424] __get_compat_msghdr+0x514/0x750 [ 1529.180344][T18424] get_compat_msghdr+0x8c/0x1c0 [ 1529.185518][T18424] ___sys_recvmsg+0x19d/0x870 [ 1529.190358][T18424] do_recvmmsg+0x63a/0x10a0 [ 1529.195125][T18424] __sys_recvmmsg+0x113/0x450 [ 1529.199990][T18424] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1529.206515][T18424] __do_fast_syscall_32+0x95/0xf0 [ 1529.211716][T18424] do_fast_syscall_32+0x33/0x70 [ 1529.216826][T18424] do_SYSENTER_32+0x1b/0x20 [ 1529.221489][T18424] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1529.228145][T18424] [ 1529.230549][T18424] Uninit was stored to memory at: [ 1529.235888][T18424] __get_compat_msghdr+0x514/0x750 [ 1529.241207][T18424] get_compat_msghdr+0x8c/0x1c0 [ 1529.246369][T18424] ___sys_recvmsg+0x19d/0x870 [ 1529.251219][T18424] do_recvmmsg+0x63a/0x10a0 [ 1529.255979][T18424] __sys_recvmmsg+0x113/0x450 [ 1529.260818][T18424] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1529.267346][T18424] __do_fast_syscall_32+0x95/0xf0 [ 1529.272640][T18424] do_fast_syscall_32+0x33/0x70 [ 1529.277655][T18424] do_SYSENTER_32+0x1b/0x20 [ 1529.282407][T18424] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1529.288972][T18424] [ 1529.291380][T18424] Uninit was stored to memory at: [ 1529.296746][T18424] __get_compat_msghdr+0x514/0x750 [ 1529.302069][T18424] get_compat_msghdr+0x8c/0x1c0 [ 1529.307238][T18424] ___sys_recvmsg+0x19d/0x870 [ 1529.312074][T18424] do_recvmmsg+0x63a/0x10a0 [ 1529.316842][T18424] __sys_recvmmsg+0x113/0x450 [ 1529.321679][T18424] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1529.328208][T18424] __do_fast_syscall_32+0x95/0xf0 [ 1529.333491][T18424] do_fast_syscall_32+0x33/0x70 [ 1529.338497][T18424] do_SYSENTER_32+0x1b/0x20 [ 1529.343240][T18424] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1529.349798][T18424] [ 1529.352303][T18424] Uninit was stored to memory at: [ 1529.357551][T18424] __get_compat_msghdr+0x514/0x750 [ 1529.362962][T18424] get_compat_msghdr+0x8c/0x1c0 [ 1529.368017][T18424] ___sys_recvmsg+0x19d/0x870 [ 1529.372957][T18424] do_recvmmsg+0x63a/0x10a0 [ 1529.377622][T18424] __sys_recvmmsg+0x113/0x450 [ 1529.382564][T18424] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1529.388995][T18424] __do_fast_syscall_32+0x95/0xf0 [ 1529.394555][T18424] do_fast_syscall_32+0x33/0x70 [ 1529.399578][T18424] do_SYSENTER_32+0x1b/0x20 [ 1529.404342][T18424] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1529.410907][T18424] [ 1529.413406][T18424] Uninit was stored to memory at: [ 1529.418664][T18424] __get_compat_msghdr+0x514/0x750 [ 1529.424082][T18424] get_compat_msghdr+0x8c/0x1c0 [ 1529.429138][T18424] ___sys_recvmsg+0x19d/0x870 [ 1529.434070][T18424] do_recvmmsg+0x63a/0x10a0 [ 1529.438727][T18424] __sys_recvmmsg+0x113/0x450 [ 1529.443648][T18424] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1529.450074][T18424] __do_fast_syscall_32+0x95/0xf0 [ 1529.455366][T18424] do_fast_syscall_32+0x33/0x70 [ 1529.460373][T18424] do_SYSENTER_32+0x1b/0x20 [ 1529.465135][T18424] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1529.471692][T18424] [ 1529.474198][T18424] Uninit was stored to memory at: [ 1529.479460][T18424] __get_compat_msghdr+0x514/0x750 [ 1529.484872][T18424] get_compat_msghdr+0x8c/0x1c0 [ 1529.489934][T18424] ___sys_recvmsg+0x19d/0x870 [ 1529.494878][T18424] do_recvmmsg+0x63a/0x10a0 [ 1529.499544][T18424] __sys_recvmmsg+0x113/0x450 [ 1529.504481][T18424] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1529.510903][T18424] __do_fast_syscall_32+0x95/0xf0 [ 1529.516206][T18424] do_fast_syscall_32+0x33/0x70 [ 1529.521217][T18424] do_SYSENTER_32+0x1b/0x20 [ 1529.525978][T18424] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1529.532630][T18424] [ 1529.535047][T18424] Local variable msg_sys created at: [ 1529.540435][T18424] do_recvmmsg+0x5f/0x10a0 [ 1529.545110][T18424] __sys_recvmmsg+0x113/0x450 [ 1529.905604][T18444] not chained 1740000 origins [ 1529.910445][T18444] CPU: 1 PID: 18444 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1529.921132][T18444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1529.931344][T18444] Call Trace: [ 1529.934743][T18444] [ 1529.937775][T18444] dump_stack_lvl+0x1c8/0x256 [ 1529.942692][T18444] dump_stack+0x1a/0x1c [ 1529.947052][T18444] kmsan_internal_chain_origin+0x78/0x120 [ 1529.952973][T18444] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1529.959252][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1529.964573][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1529.971028][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1529.976331][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1529.982344][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1529.987646][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1529.993645][T18444] ? __get_compat_msghdr+0x5b/0x750 [ 1529.999089][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1530.004402][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1530.010427][T18444] ? should_fail+0x3f/0x810 [ 1530.015126][T18444] ? __stack_depot_save+0x21/0x4b0 [ 1530.020427][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1530.025737][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1530.032182][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1530.037481][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1530.043492][T18444] __msan_chain_origin+0xbd/0x140 [ 1530.048705][T18444] __get_compat_msghdr+0x514/0x750 [ 1530.054073][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1530.059146][T18444] ? ___sys_recvmsg+0xa9/0x870 [ 1530.064076][T18444] ? do_recvmmsg+0x63a/0x10a0 [ 1530.068926][T18444] ___sys_recvmsg+0x19d/0x870 [ 1530.073789][T18444] ? __schedule+0x1609/0x21d0 [ 1530.078645][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1530.083946][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1530.089950][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1530.095253][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1530.101288][T18444] do_recvmmsg+0x63a/0x10a0 [ 1530.106015][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1530.112468][T18444] ? __sys_recvmmsg+0x52/0x450 [ 1530.117414][T18444] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1530.124035][T18444] __sys_recvmmsg+0x113/0x450 [ 1530.128890][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1530.134207][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1530.140670][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1530.145868][T18444] ? exit_to_user_mode_prepare+0x119/0x220 [ 1530.151867][T18444] do_fast_syscall_32+0x33/0x70 [ 1530.156895][T18444] do_SYSENTER_32+0x1b/0x20 [ 1530.161579][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1530.168158][T18444] RIP: 0023:0xf7f92549 [ 1530.172362][T18444] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1530.192189][T18444] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1530.200781][T18444] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1530.208906][T18444] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1530.217026][T18444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1530.225143][T18444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1530.233257][T18444] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1530.241410][T18444] [ 1530.250338][T18444] Uninit was stored to memory at: [ 1530.256182][T18444] __get_compat_msghdr+0x514/0x750 [ 1530.261512][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1530.266674][T18444] ___sys_recvmsg+0x19d/0x870 [ 1530.271517][T18444] do_recvmmsg+0x63a/0x10a0 [ 1530.276278][T18444] __sys_recvmmsg+0x113/0x450 [ 1530.281120][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1530.287652][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1530.292935][T18444] do_fast_syscall_32+0x33/0x70 [ 1530.297950][T18444] do_SYSENTER_32+0x1b/0x20 [ 1530.302712][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1530.309266][T18444] [ 1530.311669][T18444] Uninit was stored to memory at: [ 1530.317016][T18444] __get_compat_msghdr+0x514/0x750 [ 1530.322430][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1530.327488][T18444] ___sys_recvmsg+0x19d/0x870 [ 1530.332425][T18444] do_recvmmsg+0x63a/0x10a0 [ 1530.337084][T18444] __sys_recvmmsg+0x113/0x450 [ 1530.341917][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1530.348446][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1530.353735][T18444] do_fast_syscall_32+0x33/0x70 [ 1530.358747][T18444] do_SYSENTER_32+0x1b/0x20 [ 1530.363516][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1530.370068][T18444] [ 1530.372572][T18444] Uninit was stored to memory at: [ 1530.377828][T18444] __get_compat_msghdr+0x514/0x750 [ 1530.383306][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1530.388367][T18444] ___sys_recvmsg+0x19d/0x870 [ 1530.393380][T18444] do_recvmmsg+0x63a/0x10a0 [ 1530.398036][T18444] __sys_recvmmsg+0x113/0x450 [ 1530.403044][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1530.409483][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1530.414849][T18444] do_fast_syscall_32+0x33/0x70 [ 1530.419861][T18444] do_SYSENTER_32+0x1b/0x20 [ 1530.424698][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1530.431332][T18444] [ 1530.433859][T18444] Uninit was stored to memory at: [ 1530.439130][T18444] __get_compat_msghdr+0x514/0x750 [ 1530.444558][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1530.449604][T18444] ___sys_recvmsg+0x19d/0x870 [ 1530.454595][T18444] do_recvmmsg+0x63a/0x10a0 [ 1530.459254][T18444] __sys_recvmmsg+0x113/0x450 [ 1530.464203][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1530.470631][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1530.475916][T18444] do_fast_syscall_32+0x33/0x70 [ 1530.480917][T18444] do_SYSENTER_32+0x1b/0x20 [ 1530.485684][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1530.492350][T18444] [ 1530.494764][T18444] Uninit was stored to memory at: [ 1530.500014][T18444] __get_compat_msghdr+0x514/0x750 [ 1530.505445][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1530.510508][T18444] ___sys_recvmsg+0x19d/0x870 [ 1530.515549][T18444] do_recvmmsg+0x63a/0x10a0 [ 1530.520225][T18444] __sys_recvmmsg+0x113/0x450 [ 1530.525267][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1530.531728][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1530.537127][T18444] do_fast_syscall_32+0x33/0x70 [ 1530.542344][T18444] do_SYSENTER_32+0x1b/0x20 [ 1530.547011][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1530.553739][T18444] [ 1530.556149][T18444] Uninit was stored to memory at: [ 1530.561427][T18444] __get_compat_msghdr+0x514/0x750 [ 1530.566922][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1530.571987][T18444] ___sys_recvmsg+0x19d/0x870 [ 1530.577008][T18444] do_recvmmsg+0x63a/0x10a0 [ 1530.581680][T18444] __sys_recvmmsg+0x113/0x450 [ 1530.586734][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1530.593272][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1530.598464][T18444] do_fast_syscall_32+0x33/0x70 [ 1530.603638][T18444] do_SYSENTER_32+0x1b/0x20 [ 1530.608300][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1530.614963][T18444] [ 1530.617373][T18444] Uninit was stored to memory at: [ 1530.622730][T18444] __get_compat_msghdr+0x514/0x750 [ 1530.628046][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1530.633211][T18444] ___sys_recvmsg+0x19d/0x870 [ 1530.638055][T18444] do_recvmmsg+0x63a/0x10a0 [ 1530.642809][T18444] __sys_recvmmsg+0x113/0x450 [ 1530.647662][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1530.654180][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1530.659361][T18444] do_fast_syscall_32+0x33/0x70 [ 1530.664477][T18444] do_SYSENTER_32+0x1b/0x20 [ 1530.669132][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1530.675792][T18444] [ 1530.678216][T18444] Local variable msg_sys created at: [ 1530.683701][T18444] do_recvmmsg+0x5f/0x10a0 [ 1530.688289][T18444] __sys_recvmmsg+0x113/0x450 [ 1531.030587][T18410] not chained 1750000 origins [ 1531.035684][T18410] CPU: 1 PID: 18410 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1531.046377][T18410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1531.056577][T18410] Call Trace: [ 1531.059965][T18410] [ 1531.062990][T18410] dump_stack_lvl+0x1c8/0x256 [ 1531.067890][T18410] dump_stack+0x1a/0x1c [ 1531.072242][T18410] kmsan_internal_chain_origin+0x78/0x120 [ 1531.078194][T18410] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1531.084465][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1531.089767][T18410] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1531.096220][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1531.101524][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1531.107530][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1531.112823][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1531.118819][T18410] ? __get_compat_msghdr+0x5b/0x750 [ 1531.124257][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1531.129566][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1531.135587][T18410] ? should_fail+0x3f/0x810 [ 1531.140279][T18410] ? __stack_depot_save+0x21/0x4b0 [ 1531.145582][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1531.150888][T18410] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1531.157328][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1531.162630][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1531.168627][T18410] __msan_chain_origin+0xbd/0x140 [ 1531.173830][T18410] __get_compat_msghdr+0x514/0x750 [ 1531.179187][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1531.184258][T18410] ? ___sys_recvmsg+0xa9/0x870 [ 1531.189184][T18410] ? do_recvmmsg+0x63a/0x10a0 [ 1531.194024][T18410] ___sys_recvmsg+0x19d/0x870 [ 1531.198865][T18410] ? __schedule+0x1609/0x21d0 [ 1531.203710][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1531.209010][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1531.215017][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1531.220320][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1531.226342][T18410] do_recvmmsg+0x63a/0x10a0 [ 1531.231045][T18410] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1531.237501][T18410] ? __sys_recvmmsg+0x52/0x450 [ 1531.242439][T18410] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1531.249055][T18410] __sys_recvmmsg+0x113/0x450 [ 1531.253904][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1531.259217][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1531.265674][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1531.270876][T18410] ? exit_to_user_mode_prepare+0x119/0x220 [ 1531.276871][T18410] do_fast_syscall_32+0x33/0x70 [ 1531.281893][T18410] do_SYSENTER_32+0x1b/0x20 [ 1531.286558][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1531.293120][T18410] RIP: 0023:0xf7fce549 [ 1531.297319][T18410] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1531.317139][T18410] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1531.325737][T18410] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1531.333863][T18410] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1531.341981][T18410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1531.350089][T18410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1531.358209][T18410] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1531.366360][T18410] [ 1531.379532][T18410] Uninit was stored to memory at: [ 1531.386423][T18410] __get_compat_msghdr+0x514/0x750 [ 1531.391756][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1531.396935][T18410] ___sys_recvmsg+0x19d/0x870 [ 1531.401780][T18410] do_recvmmsg+0x63a/0x10a0 [ 1531.406547][T18410] __sys_recvmmsg+0x113/0x450 [ 1531.411384][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1531.417921][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1531.423213][T18410] do_fast_syscall_32+0x33/0x70 [ 1531.428230][T18410] do_SYSENTER_32+0x1b/0x20 [ 1531.432991][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1531.439556][T18410] [ 1531.441965][T18410] Uninit was stored to memory at: [ 1531.447391][T18410] __get_compat_msghdr+0x514/0x750 [ 1531.452800][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1531.457892][T18410] ___sys_recvmsg+0x19d/0x870 [ 1531.462825][T18410] do_recvmmsg+0x63a/0x10a0 [ 1531.467486][T18410] __sys_recvmmsg+0x113/0x450 [ 1531.472409][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1531.478829][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1531.484115][T18410] do_fast_syscall_32+0x33/0x70 [ 1531.489127][T18410] do_SYSENTER_32+0x1b/0x20 [ 1531.493886][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1531.500474][T18410] [ 1531.502986][T18410] Uninit was stored to memory at: [ 1531.508235][T18410] __get_compat_msghdr+0x514/0x750 [ 1531.513635][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1531.518689][T18410] ___sys_recvmsg+0x19d/0x870 [ 1531.523705][T18410] do_recvmmsg+0x63a/0x10a0 [ 1531.528458][T18410] __sys_recvmmsg+0x113/0x450 [ 1531.533383][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1531.539802][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1531.545096][T18410] do_fast_syscall_32+0x33/0x70 [ 1531.550109][T18410] do_SYSENTER_32+0x1b/0x20 [ 1531.554999][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1531.561578][T18410] [ 1531.564087][T18410] Uninit was stored to memory at: [ 1531.569341][T18410] __get_compat_msghdr+0x514/0x750 [ 1531.574785][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1531.579920][T18410] ___sys_recvmsg+0x19d/0x870 [ 1531.584867][T18410] do_recvmmsg+0x63a/0x10a0 [ 1531.589546][T18410] __sys_recvmmsg+0x113/0x450 [ 1531.594497][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1531.600926][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1531.606235][T18410] do_fast_syscall_32+0x33/0x70 [ 1531.611266][T18410] do_SYSENTER_32+0x1b/0x20 [ 1531.616046][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1531.622696][T18410] [ 1531.625104][T18410] Uninit was stored to memory at: [ 1531.630385][T18410] __get_compat_msghdr+0x514/0x750 [ 1531.635843][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1531.641003][T18410] ___sys_recvmsg+0x19d/0x870 [ 1531.645946][T18410] do_recvmmsg+0x63a/0x10a0 [ 1531.650608][T18410] __sys_recvmmsg+0x113/0x450 [ 1531.655552][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1531.661980][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1531.667265][T18410] do_fast_syscall_32+0x33/0x70 [ 1531.672373][T18410] do_SYSENTER_32+0x1b/0x20 [ 1531.677019][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1531.683670][T18410] [ 1531.686071][T18410] Uninit was stored to memory at: [ 1531.691358][T18410] __get_compat_msghdr+0x514/0x750 [ 1531.696765][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1531.701815][T18410] ___sys_recvmsg+0x19d/0x870 [ 1531.706737][T18410] do_recvmmsg+0x63a/0x10a0 [ 1531.711390][T18410] __sys_recvmmsg+0x113/0x450 [ 1531.716344][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1531.722888][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1531.728080][T18410] do_fast_syscall_32+0x33/0x70 [ 1531.733202][T18410] do_SYSENTER_32+0x1b/0x20 [ 1531.737867][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1531.744525][T18410] [ 1531.746934][T18410] Uninit was stored to memory at: [ 1531.752187][T18410] __get_compat_msghdr+0x514/0x750 [ 1531.757676][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1531.762955][T18410] ___sys_recvmsg+0x19d/0x870 [ 1531.767803][T18410] do_recvmmsg+0x63a/0x10a0 [ 1531.772561][T18410] __sys_recvmmsg+0x113/0x450 [ 1531.777401][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1531.783927][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1531.789125][T18410] do_fast_syscall_32+0x33/0x70 [ 1531.794240][T18410] do_SYSENTER_32+0x1b/0x20 [ 1531.798902][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1531.805572][T18410] [ 1531.807981][T18410] Local variable msg_sys created at: [ 1531.813463][T18410] do_recvmmsg+0x5f/0x10a0 [ 1531.818031][T18410] __sys_recvmmsg+0x113/0x450 [ 1531.959420][T18419] not chained 1760000 origins [ 1531.964464][T18419] CPU: 1 PID: 18419 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1531.975177][T18419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1531.985388][T18419] Call Trace: [ 1531.988771][T18419] [ 1531.991801][T18419] dump_stack_lvl+0x1c8/0x256 [ 1531.996695][T18419] dump_stack+0x1a/0x1c [ 1532.001024][T18419] kmsan_internal_chain_origin+0x78/0x120 [ 1532.006916][T18419] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1532.013154][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1532.018429][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1532.024852][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1532.030123][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1532.036104][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1532.041380][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1532.047360][T18419] ? __get_compat_msghdr+0x5b/0x750 [ 1532.052754][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1532.058020][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1532.064007][T18419] ? should_fail+0x3f/0x810 [ 1532.068676][T18419] ? __stack_depot_save+0x21/0x4b0 [ 1532.073949][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1532.079233][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1532.085660][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1532.090932][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1532.096913][T18419] __msan_chain_origin+0xbd/0x140 [ 1532.102095][T18419] __get_compat_msghdr+0x514/0x750 [ 1532.107430][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1532.112469][T18419] ? ___sys_recvmsg+0xa9/0x870 [ 1532.117376][T18419] ? do_recvmmsg+0x63a/0x10a0 [ 1532.122199][T18419] ___sys_recvmsg+0x19d/0x870 [ 1532.127034][T18419] ? __schedule+0x1609/0x21d0 [ 1532.131866][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1532.137137][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1532.143120][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1532.148396][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1532.154386][T18419] do_recvmmsg+0x63a/0x10a0 [ 1532.159065][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1532.165497][T18419] ? __sys_recvmmsg+0x52/0x450 [ 1532.170404][T18419] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1532.176986][T18419] __sys_recvmmsg+0x113/0x450 [ 1532.181805][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1532.187089][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1532.193533][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1532.198738][T18419] ? exit_to_user_mode_prepare+0x119/0x220 [ 1532.204722][T18419] do_fast_syscall_32+0x33/0x70 [ 1532.209718][T18419] do_SYSENTER_32+0x1b/0x20 [ 1532.214365][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1532.220898][T18419] RIP: 0023:0xf7f3a549 [ 1532.225076][T18419] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1532.244856][T18419] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1532.253418][T18419] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1532.261515][T18419] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1532.269606][T18419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1532.277692][T18419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1532.285786][T18419] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1532.293898][T18419] [ 1532.302874][T18419] Uninit was stored to memory at: [ 1532.308162][T18419] __get_compat_msghdr+0x514/0x750 [ 1532.313969][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1532.319059][T18419] ___sys_recvmsg+0x19d/0x870 [ 1532.324003][T18419] do_recvmmsg+0x63a/0x10a0 [ 1532.328673][T18419] __sys_recvmmsg+0x113/0x450 [ 1532.333614][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1532.340045][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1532.345356][T18419] do_fast_syscall_32+0x33/0x70 [ 1532.350370][T18419] do_SYSENTER_32+0x1b/0x20 [ 1532.355127][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1532.361707][T18419] [ 1532.364245][T18419] Uninit was stored to memory at: [ 1532.369506][T18419] __get_compat_msghdr+0x514/0x750 [ 1532.374940][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1532.380033][T18419] ___sys_recvmsg+0x19d/0x870 [ 1532.384986][T18419] do_recvmmsg+0x63a/0x10a0 [ 1532.389663][T18419] __sys_recvmmsg+0x113/0x450 [ 1532.394615][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1532.401053][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1532.406347][T18419] do_fast_syscall_32+0x33/0x70 02:33:20 executing program 4: ppoll(0x0, 0x0, &(0x7f0000000200)={0x0, 0x3938700}, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x3) [ 1532.411362][T18419] do_SYSENTER_32+0x1b/0x20 [ 1532.416137][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1532.422793][T18419] [ 1532.425197][T18419] Uninit was stored to memory at: [ 1532.430447][T18419] __get_compat_msghdr+0x514/0x750 [ 1532.435862][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1532.440956][T18419] ___sys_recvmsg+0x19d/0x870 [ 1532.445975][T18419] do_recvmmsg+0x63a/0x10a0 [ 1532.450659][T18419] __sys_recvmmsg+0x113/0x450 [ 1532.455596][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1532.462016][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1532.467293][T18419] do_fast_syscall_32+0x33/0x70 [ 1532.472371][T18419] do_SYSENTER_32+0x1b/0x20 [ 1532.477018][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1532.483657][T18419] [ 1532.486064][T18419] Uninit was stored to memory at: [ 1532.491317][T18419] __get_compat_msghdr+0x514/0x750 [ 1532.496741][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1532.501818][T18419] ___sys_recvmsg+0x19d/0x870 [ 1532.506747][T18419] do_recvmmsg+0x63a/0x10a0 02:33:20 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) [ 1532.511407][T18419] __sys_recvmmsg+0x113/0x450 [ 1532.516353][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1532.522876][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1532.528096][T18419] do_fast_syscall_32+0x33/0x70 [ 1532.533207][T18419] do_SYSENTER_32+0x1b/0x20 [ 1532.537875][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1532.544543][T18419] [ 1532.546952][T18419] Uninit was stored to memory at: [ 1532.552362][T18419] __get_compat_msghdr+0x514/0x750 [ 1532.557680][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1532.562853][T18419] ___sys_recvmsg+0x19d/0x870 [ 1532.567727][T18419] do_recvmmsg+0x63a/0x10a0 [ 1532.572471][T18419] __sys_recvmmsg+0x113/0x450 [ 1532.577324][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1532.583853][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1532.589042][T18419] do_fast_syscall_32+0x33/0x70 [ 1532.594144][T18419] do_SYSENTER_32+0x1b/0x20 [ 1532.598813][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1532.605454][T18419] [ 1532.607857][T18419] Uninit was stored to memory at: [ 1532.613189][T18419] __get_compat_msghdr+0x514/0x750 [ 1532.618508][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1532.623653][T18419] ___sys_recvmsg+0x19d/0x870 [ 1532.628505][T18419] do_recvmmsg+0x63a/0x10a0 [ 1532.633245][T18419] __sys_recvmmsg+0x113/0x450 [ 1532.638053][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1532.644558][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1532.649724][T18419] do_fast_syscall_32+0x33/0x70 [ 1532.654799][T18419] do_SYSENTER_32+0x1b/0x20 [ 1532.659442][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1532.666086][T18419] [ 1532.668486][T18419] Uninit was stored to memory at: [ 1532.673824][T18419] __get_compat_msghdr+0x514/0x750 [ 1532.679128][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1532.684264][T18419] ___sys_recvmsg+0x19d/0x870 [ 1532.689089][T18419] do_recvmmsg+0x63a/0x10a0 [ 1532.693817][T18419] __sys_recvmmsg+0x113/0x450 [ 1532.698648][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1532.705151][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1532.710330][T18419] do_fast_syscall_32+0x33/0x70 [ 1532.715455][T18419] do_SYSENTER_32+0x1b/0x20 [ 1532.720126][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1532.726782][T18419] [ 1532.729189][T18419] Local variable msg_sys created at: [ 1532.734655][T18419] do_recvmmsg+0x5f/0x10a0 [ 1532.739230][T18419] __sys_recvmmsg+0x113/0x450 [ 1533.010086][T18410] not chained 1770000 origins [ 1533.015027][T18410] CPU: 1 PID: 18410 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1533.025719][T18410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1533.035919][T18410] Call Trace: [ 1533.039306][T18410] [ 1533.042334][T18410] dump_stack_lvl+0x1c8/0x256 [ 1533.047238][T18410] dump_stack+0x1a/0x1c [ 1533.051584][T18410] kmsan_internal_chain_origin+0x78/0x120 [ 1533.057504][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1533.062791][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1533.068786][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1533.074063][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1533.080042][T18410] ? __get_compat_msghdr+0x5b/0x750 [ 1533.085434][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1533.090704][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1533.096702][T18410] ? should_fail+0x3f/0x810 [ 1533.101381][T18410] ? __stack_depot_save+0x21/0x4b0 [ 1533.106654][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1533.111934][T18410] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1533.118348][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1533.123620][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1533.129596][T18410] __msan_chain_origin+0xbd/0x140 [ 1533.134782][T18410] __get_compat_msghdr+0x514/0x750 [ 1533.140119][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1533.145159][T18410] ? ___sys_recvmsg+0xa9/0x870 [ 1533.150066][T18410] ? do_recvmmsg+0x63a/0x10a0 [ 1533.154888][T18410] ___sys_recvmsg+0x19d/0x870 [ 1533.159722][T18410] ? __schedule+0x1609/0x21d0 [ 1533.164553][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1533.169821][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1533.175807][T18410] ? __cond_resched+0x1f/0x40 [ 1533.180645][T18410] do_recvmmsg+0x63a/0x10a0 [ 1533.185317][T18410] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1533.191759][T18410] ? __sys_recvmmsg+0x52/0x450 [ 1533.196662][T18410] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1533.203251][T18410] __sys_recvmmsg+0x113/0x450 [ 1533.208069][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1533.213355][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1533.219778][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1533.224954][T18410] ? exit_to_user_mode_prepare+0x119/0x220 [ 1533.230926][T18410] do_fast_syscall_32+0x33/0x70 [ 1533.235917][T18410] do_SYSENTER_32+0x1b/0x20 [ 1533.240563][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1533.247095][T18410] RIP: 0023:0xf7fce549 [ 1533.251270][T18410] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1533.271055][T18410] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1533.279624][T18410] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1533.287720][T18410] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1533.295807][T18410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1533.303894][T18410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1533.311985][T18410] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1533.320108][T18410] [ 1533.328875][T18410] Uninit was stored to memory at: [ 1533.334634][T18410] __get_compat_msghdr+0x514/0x750 [ 1533.339969][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1533.345122][T18410] ___sys_recvmsg+0x19d/0x870 [ 1533.349974][T18410] do_recvmmsg+0x63a/0x10a0 [ 1533.354730][T18410] __sys_recvmmsg+0x113/0x450 [ 1533.359564][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1533.366089][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1533.371283][T18410] do_fast_syscall_32+0x33/0x70 [ 1533.376399][T18410] do_SYSENTER_32+0x1b/0x20 [ 1533.381061][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1533.387719][T18410] [ 1533.390132][T18410] Uninit was stored to memory at: [ 1533.395486][T18410] __get_compat_msghdr+0x514/0x750 [ 1533.400806][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1533.405970][T18410] ___sys_recvmsg+0x19d/0x870 [ 1533.410807][T18410] do_recvmmsg+0x63a/0x10a0 [ 1533.415575][T18410] __sys_recvmmsg+0x113/0x450 [ 1533.420418][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1533.426947][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1533.432144][T18410] do_fast_syscall_32+0x33/0x70 [ 1533.437295][T18410] do_SYSENTER_32+0x1b/0x20 [ 1533.441956][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1533.448682][T18410] [ 1533.451088][T18410] Uninit was stored to memory at: [ 1533.456495][T18410] __get_compat_msghdr+0x514/0x750 [ 1533.461815][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1533.467055][T18410] ___sys_recvmsg+0x19d/0x870 [ 1533.471890][T18410] do_recvmmsg+0x63a/0x10a0 [ 1533.476747][T18410] __sys_recvmmsg+0x113/0x450 [ 1533.481581][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1533.488112][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1533.493442][T18410] do_fast_syscall_32+0x33/0x70 [ 1533.498453][T18410] do_SYSENTER_32+0x1b/0x20 [ 1533.503233][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1533.509785][T18410] [ 1533.512187][T18410] Uninit was stored to memory at: [ 1533.517541][T18410] __get_compat_msghdr+0x514/0x750 [ 1533.522944][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1533.527998][T18410] ___sys_recvmsg+0x19d/0x870 [ 1533.533008][T18410] do_recvmmsg+0x63a/0x10a0 [ 1533.537666][T18410] __sys_recvmmsg+0x113/0x450 [ 1533.542608][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1533.549045][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1533.554338][T18410] do_fast_syscall_32+0x33/0x70 [ 1533.559351][T18410] do_SYSENTER_32+0x1b/0x20 [ 1533.564174][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1533.570722][T18410] [ 1533.573221][T18410] Uninit was stored to memory at: [ 1533.578464][T18410] __get_compat_msghdr+0x514/0x750 [ 1533.583877][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1533.588938][T18410] ___sys_recvmsg+0x19d/0x870 [ 1533.593856][T18410] do_recvmmsg+0x63a/0x10a0 [ 1533.598523][T18410] __sys_recvmmsg+0x113/0x450 [ 1533.603450][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1533.609876][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1533.615172][T18410] do_fast_syscall_32+0x33/0x70 [ 1533.620184][T18410] do_SYSENTER_32+0x1b/0x20 [ 1533.624946][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1533.631513][T18410] [ 1533.634016][T18410] Uninit was stored to memory at: [ 1533.639264][T18410] __get_compat_msghdr+0x514/0x750 [ 1533.644676][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1533.649738][T18410] ___sys_recvmsg+0x19d/0x870 [ 1533.654683][T18410] do_recvmmsg+0x63a/0x10a0 [ 1533.659343][T18410] __sys_recvmmsg+0x113/0x450 [ 1533.664274][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1533.670706][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1533.676002][T18410] do_fast_syscall_32+0x33/0x70 [ 1533.681022][T18410] do_SYSENTER_32+0x1b/0x20 [ 1533.685779][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1533.692436][T18410] [ 1533.694862][T18410] Uninit was stored to memory at: [ 1533.700129][T18410] __get_compat_msghdr+0x514/0x750 [ 1533.705553][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1533.710615][T18410] ___sys_recvmsg+0x19d/0x870 [ 1533.715545][T18410] do_recvmmsg+0x63a/0x10a0 [ 1533.720205][T18410] __sys_recvmmsg+0x113/0x450 [ 1533.725133][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1533.731561][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1533.736846][T18410] do_fast_syscall_32+0x33/0x70 [ 1533.741854][T18410] do_SYSENTER_32+0x1b/0x20 [ 1533.746616][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1533.753278][T18410] [ 1533.755696][T18410] Local variable msg_sys created at: [ 1533.761073][T18410] do_recvmmsg+0x5f/0x10a0 [ 1533.765749][T18410] __sys_recvmmsg+0x113/0x450 02:33:22 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x38, r1, 0x329, 0x0, 0x0, {0x2e}, [{@pci={{0x8}, {0x11}}, {0x8}}]}, 0x38}}, 0x0) [ 1534.212871][T18419] not chained 1780000 origins [ 1534.217725][T18419] CPU: 1 PID: 18419 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1534.228399][T18419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1534.238578][T18419] Call Trace: [ 1534.241955][T18419] [ 1534.244979][T18419] dump_stack_lvl+0x1c8/0x256 [ 1534.249873][T18419] dump_stack+0x1a/0x1c [ 1534.254203][T18419] kmsan_internal_chain_origin+0x78/0x120 [ 1534.260089][T18419] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1534.266322][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1534.271594][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1534.278012][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1534.283283][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1534.289261][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1534.294525][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1534.300501][T18419] ? __get_compat_msghdr+0x5b/0x750 [ 1534.305963][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1534.311233][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1534.317219][T18419] ? should_fail+0x3f/0x810 [ 1534.321885][T18419] ? __stack_depot_save+0x21/0x4b0 [ 1534.327160][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1534.332430][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1534.338840][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1534.344112][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1534.350086][T18419] __msan_chain_origin+0xbd/0x140 [ 1534.355271][T18419] __get_compat_msghdr+0x514/0x750 [ 1534.360599][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1534.365637][T18419] ? ___sys_recvmsg+0xa9/0x870 [ 1534.370539][T18419] ? do_recvmmsg+0x63a/0x10a0 [ 1534.375392][T18419] ___sys_recvmsg+0x19d/0x870 [ 1534.380252][T18419] ? __schedule+0x1609/0x21d0 [ 1534.385095][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1534.390373][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1534.396348][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1534.401617][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1534.407601][T18419] do_recvmmsg+0x63a/0x10a0 [ 1534.412275][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1534.418697][T18419] ? __sys_recvmmsg+0x52/0x450 [ 1534.423600][T18419] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1534.430187][T18419] __sys_recvmmsg+0x113/0x450 [ 1534.435006][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1534.440289][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1534.446708][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1534.451879][T18419] ? exit_to_user_mode_prepare+0x119/0x220 [ 1534.457846][T18419] do_fast_syscall_32+0x33/0x70 [ 1534.462844][T18419] do_SYSENTER_32+0x1b/0x20 [ 1534.467490][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1534.474022][T18419] RIP: 0023:0xf7f3a549 [ 1534.478199][T18419] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1534.497978][T18419] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1534.506537][T18419] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1534.514632][T18419] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1534.522725][T18419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1534.530809][T18419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1534.538902][T18419] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1534.547015][T18419] [ 1534.555702][T18419] Uninit was stored to memory at: [ 1534.560987][T18419] __get_compat_msghdr+0x514/0x750 [ 1534.566834][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1534.571915][T18419] ___sys_recvmsg+0x19d/0x870 [ 1534.576865][T18419] do_recvmmsg+0x63a/0x10a0 [ 1534.581526][T18419] __sys_recvmmsg+0x113/0x450 [ 1534.586462][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1534.592984][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1534.598176][T18419] do_fast_syscall_32+0x33/0x70 [ 1534.603320][T18419] do_SYSENTER_32+0x1b/0x20 [ 1534.607972][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1534.614640][T18419] [ 1534.617047][T18419] Uninit was stored to memory at: [ 1534.622377][T18419] __get_compat_msghdr+0x514/0x750 [ 1534.627697][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1534.632922][T18419] ___sys_recvmsg+0x19d/0x870 [ 1534.637773][T18419] do_recvmmsg+0x63a/0x10a0 [ 1534.642601][T18419] __sys_recvmmsg+0x113/0x450 [ 1534.647435][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1534.654043][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1534.659230][T18419] do_fast_syscall_32+0x33/0x70 [ 1534.664401][T18419] do_SYSENTER_32+0x1b/0x20 [ 1534.669059][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1534.675780][T18419] [ 1534.678189][T18419] Uninit was stored to memory at: [ 1534.683599][T18419] __get_compat_msghdr+0x514/0x750 [ 1534.688918][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1534.694127][T18419] ___sys_recvmsg+0x19d/0x870 [ 1534.698961][T18419] do_recvmmsg+0x63a/0x10a0 [ 1534.703794][T18419] __sys_recvmmsg+0x113/0x450 [ 1534.708627][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1534.715205][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1534.720392][T18419] do_fast_syscall_32+0x33/0x70 [ 1534.725556][T18419] do_SYSENTER_32+0x1b/0x20 [ 1534.730212][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1534.736936][T18419] [ 1534.739343][T18419] Uninit was stored to memory at: [ 1534.744756][T18419] __get_compat_msghdr+0x514/0x750 [ 1534.750077][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1534.755302][T18419] ___sys_recvmsg+0x19d/0x870 [ 1534.760229][T18419] do_recvmmsg+0x63a/0x10a0 [ 1534.764984][T18419] __sys_recvmmsg+0x113/0x450 [ 1534.769810][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1534.776325][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1534.781509][T18419] do_fast_syscall_32+0x33/0x70 [ 1534.786596][T18419] do_SYSENTER_32+0x1b/0x20 [ 1534.791249][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1534.797896][T18419] [ 1534.800301][T18419] Uninit was stored to memory at: [ 1534.805634][T18419] __get_compat_msghdr+0x514/0x750 [ 1534.810946][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1534.816075][T18419] ___sys_recvmsg+0x19d/0x870 [ 1534.820916][T18419] do_recvmmsg+0x63a/0x10a0 [ 1534.825670][T18419] __sys_recvmmsg+0x113/0x450 [ 1534.830502][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1534.837020][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1534.842294][T18419] do_fast_syscall_32+0x33/0x70 [ 1534.847298][T18419] do_SYSENTER_32+0x1b/0x20 [ 1534.851958][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1534.858695][T18419] [ 1534.861100][T18419] Uninit was stored to memory at: [ 1534.866440][T18419] __get_compat_msghdr+0x514/0x750 [ 1534.871752][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1534.876903][T18419] ___sys_recvmsg+0x19d/0x870 [ 1534.881740][T18419] do_recvmmsg+0x63a/0x10a0 [ 1534.886509][T18419] __sys_recvmmsg+0x113/0x450 [ 1534.891346][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1534.897860][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1534.903136][T18419] do_fast_syscall_32+0x33/0x70 [ 1534.908138][T18419] do_SYSENTER_32+0x1b/0x20 [ 1534.912874][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1534.919421][T18419] [ 1534.921819][T18419] Uninit was stored to memory at: [ 1534.927184][T18419] __get_compat_msghdr+0x514/0x750 [ 1534.932576][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1534.937654][T18419] ___sys_recvmsg+0x19d/0x870 [ 1534.942574][T18419] do_recvmmsg+0x63a/0x10a0 [ 1534.947238][T18419] __sys_recvmmsg+0x113/0x450 [ 1534.952072][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1534.958584][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1534.963857][T18419] do_fast_syscall_32+0x33/0x70 [ 1534.968866][T18419] do_SYSENTER_32+0x1b/0x20 [ 1534.973605][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1534.980154][T18419] [ 1534.982641][T18419] Local variable msg_sys created at: [ 1534.988019][T18419] do_recvmmsg+0x5f/0x10a0 [ 1534.992682][T18419] __sys_recvmmsg+0x113/0x450 [ 1535.215188][T18452] not chained 1790000 origins [ 1535.220018][T18452] CPU: 0 PID: 18452 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1535.230706][T18452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1535.240906][T18452] Call Trace: [ 1535.244288][T18452] [ 1535.247324][T18452] dump_stack_lvl+0x1c8/0x256 [ 1535.252221][T18452] dump_stack+0x1a/0x1c [ 1535.256586][T18452] kmsan_internal_chain_origin+0x78/0x120 [ 1535.262499][T18452] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1535.268762][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1535.274062][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1535.280512][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1535.285814][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1535.291819][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1535.297116][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1535.303125][T18452] ? __get_compat_msghdr+0x5b/0x750 [ 1535.308536][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1535.313825][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1535.319830][T18452] ? should_fail+0x3f/0x810 [ 1535.324514][T18452] ? __stack_depot_save+0x21/0x4b0 [ 1535.329890][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1535.335181][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1535.341596][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1535.346868][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1535.352852][T18452] __msan_chain_origin+0xbd/0x140 [ 1535.358036][T18452] __get_compat_msghdr+0x514/0x750 [ 1535.363365][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1535.368420][T18452] ? ___sys_recvmsg+0xa9/0x870 [ 1535.373327][T18452] ? do_recvmmsg+0x63a/0x10a0 [ 1535.378158][T18452] ___sys_recvmsg+0x19d/0x870 [ 1535.382986][T18452] ? __schedule+0x1609/0x21d0 [ 1535.387814][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1535.393092][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1535.399085][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1535.404356][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1535.410349][T18452] do_recvmmsg+0x63a/0x10a0 [ 1535.415023][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1535.421447][T18452] ? __sys_recvmmsg+0x52/0x450 [ 1535.426347][T18452] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1535.432938][T18452] __sys_recvmmsg+0x113/0x450 [ 1535.437754][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1535.443047][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1535.449465][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1535.454631][T18452] ? exit_to_user_mode_prepare+0x119/0x220 [ 1535.460598][T18452] do_fast_syscall_32+0x33/0x70 [ 1535.465590][T18452] do_SYSENTER_32+0x1b/0x20 [ 1535.470229][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1535.476767][T18452] RIP: 0023:0xf7fc6549 [ 1535.480942][T18452] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1535.500723][T18452] RSP: 002b:00000000f7fc15cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1535.509305][T18452] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1535.517409][T18452] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1535.525499][T18452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1535.533586][T18452] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1535.541674][T18452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1535.549785][T18452] [ 1535.558576][T18452] Uninit was stored to memory at: [ 1535.564394][T18452] __get_compat_msghdr+0x514/0x750 [ 1535.569713][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1535.574886][T18452] ___sys_recvmsg+0x19d/0x870 [ 1535.579714][T18452] do_recvmmsg+0x63a/0x10a0 [ 1535.584493][T18452] __sys_recvmmsg+0x113/0x450 [ 1535.589344][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1535.595933][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1535.601130][T18452] do_fast_syscall_32+0x33/0x70 [ 1535.606260][T18452] do_SYSENTER_32+0x1b/0x20 [ 1535.610909][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1535.617614][T18452] [ 1535.620021][T18452] Uninit was stored to memory at: [ 1535.625397][T18452] __get_compat_msghdr+0x514/0x750 [ 1535.630718][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1535.635915][T18452] ___sys_recvmsg+0x19d/0x870 [ 1535.640755][T18452] do_recvmmsg+0x63a/0x10a0 [ 1535.645556][T18452] __sys_recvmmsg+0x113/0x450 [ 1535.650395][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1535.656982][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1535.662182][T18452] do_fast_syscall_32+0x33/0x70 [ 1535.667313][T18452] do_SYSENTER_32+0x1b/0x20 [ 1535.671970][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1535.678656][T18452] [ 1535.681059][T18452] Uninit was stored to memory at: [ 1535.686452][T18452] __get_compat_msghdr+0x514/0x750 [ 1535.691769][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1535.697169][T18452] ___sys_recvmsg+0x19d/0x870 [ 1535.702018][T18452] do_recvmmsg+0x63a/0x10a0 [ 1535.706814][T18452] __sys_recvmmsg+0x113/0x450 [ 1535.711647][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1535.718207][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1535.723507][T18452] do_fast_syscall_32+0x33/0x70 [ 1535.728516][T18452] do_SYSENTER_32+0x1b/0x20 [ 1535.733286][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1535.739862][T18452] [ 1535.742481][T18452] Uninit was stored to memory at: [ 1535.747741][T18452] __get_compat_msghdr+0x514/0x750 [ 1535.753191][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1535.758265][T18452] ___sys_recvmsg+0x19d/0x870 [ 1535.763254][T18452] do_recvmmsg+0x63a/0x10a0 [ 1535.767922][T18452] __sys_recvmmsg+0x113/0x450 [ 1535.772885][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1535.779357][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1535.784675][T18452] do_fast_syscall_32+0x33/0x70 [ 1535.789671][T18452] do_SYSENTER_32+0x1b/0x20 [ 1535.794449][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1535.800998][T18452] [ 1535.803526][T18452] Uninit was stored to memory at: [ 1535.808777][T18452] __get_compat_msghdr+0x514/0x750 [ 1535.814215][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1535.819272][T18452] ___sys_recvmsg+0x19d/0x870 [ 1535.824263][T18452] do_recvmmsg+0x63a/0x10a0 [ 1535.828922][T18452] __sys_recvmmsg+0x113/0x450 [ 1535.833877][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1535.840304][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1535.845617][T18452] do_fast_syscall_32+0x33/0x70 [ 1535.850622][T18452] do_SYSENTER_32+0x1b/0x20 [ 1535.855406][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1535.861966][T18452] [ 1535.864466][T18452] Uninit was stored to memory at: [ 1535.869720][T18452] __get_compat_msghdr+0x514/0x750 [ 1535.875166][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1535.880363][T18452] ___sys_recvmsg+0x19d/0x870 [ 1535.885320][T18452] do_recvmmsg+0x63a/0x10a0 [ 1535.889972][T18452] __sys_recvmmsg+0x113/0x450 [ 1535.894918][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1535.901424][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1535.906736][T18452] do_fast_syscall_32+0x33/0x70 [ 1535.911738][T18452] do_SYSENTER_32+0x1b/0x20 [ 1535.916513][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1535.923159][T18452] [ 1535.925562][T18452] Uninit was stored to memory at: [ 1535.930807][T18452] __get_compat_msghdr+0x514/0x750 [ 1535.936246][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1535.941304][T18452] ___sys_recvmsg+0x19d/0x870 [ 1535.946257][T18452] do_recvmmsg+0x63a/0x10a0 [ 1535.950911][T18452] __sys_recvmmsg+0x113/0x450 [ 1535.955861][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1535.962384][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1535.967563][T18452] do_fast_syscall_32+0x33/0x70 [ 1535.972682][T18452] do_SYSENTER_32+0x1b/0x20 [ 1535.977336][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1535.984003][T18452] [ 1535.986410][T18452] Local variable msg_sys created at: [ 1535.991781][T18452] do_recvmmsg+0x5f/0x10a0 [ 1535.996468][T18452] __sys_recvmmsg+0x113/0x450 [ 1536.416452][T18478] not chained 1800000 origins [ 1536.421493][T18478] CPU: 0 PID: 18478 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1536.432198][T18478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1536.442401][T18478] Call Trace: [ 1536.445815][T18478] [ 1536.448861][T18478] dump_stack_lvl+0x1c8/0x256 [ 1536.453767][T18478] dump_stack+0x1a/0x1c [ 1536.458128][T18478] kmsan_internal_chain_origin+0x78/0x120 [ 1536.464044][T18478] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1536.470305][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1536.475599][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1536.482045][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1536.487351][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1536.493359][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1536.498645][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1536.504628][T18478] ? __get_compat_msghdr+0x5b/0x750 [ 1536.510029][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1536.515305][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1536.521293][T18478] ? should_fail+0x3f/0x810 [ 1536.525962][T18478] ? __stack_depot_save+0x21/0x4b0 [ 1536.531260][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1536.536564][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1536.542978][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1536.548271][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1536.554286][T18478] __msan_chain_origin+0xbd/0x140 [ 1536.559493][T18478] __get_compat_msghdr+0x514/0x750 [ 1536.564831][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1536.569887][T18478] ? ___sys_recvmsg+0xa9/0x870 [ 1536.574792][T18478] ? do_recvmmsg+0x63a/0x10a0 [ 1536.579629][T18478] ___sys_recvmsg+0x19d/0x870 [ 1536.584476][T18478] ? __schedule+0x1609/0x21d0 [ 1536.589312][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1536.594588][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1536.600565][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1536.605839][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1536.611833][T18478] do_recvmmsg+0x63a/0x10a0 [ 1536.616510][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1536.622951][T18478] ? __sys_recvmmsg+0x52/0x450 [ 1536.627902][T18478] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1536.634626][T18478] __sys_recvmmsg+0x113/0x450 [ 1536.639472][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1536.644769][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1536.651206][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1536.656385][T18478] ? exit_to_user_mode_prepare+0x119/0x220 [ 1536.662357][T18478] do_fast_syscall_32+0x33/0x70 [ 1536.667352][T18478] do_SYSENTER_32+0x1b/0x20 [ 1536.672020][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1536.678592][T18478] RIP: 0023:0xf7fc4549 [ 1536.682793][T18478] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1536.702577][T18478] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1536.711140][T18478] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1536.719241][T18478] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1536.727342][T18478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1536.735428][T18478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1536.743516][T18478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1536.751628][T18478] [ 1536.760174][T18478] Uninit was stored to memory at: 02:33:24 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x38, r1, 0x329, 0x0, 0x0, {0x2e}, [{@pci={{0x8}, {0x11}}, {0x8}}]}, 0x38}}, 0x0) [ 1536.766216][T18478] __get_compat_msghdr+0x514/0x750 [ 1536.771549][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1536.776742][T18478] ___sys_recvmsg+0x19d/0x870 [ 1536.781609][T18478] do_recvmmsg+0x63a/0x10a0 [ 1536.786400][T18478] __sys_recvmmsg+0x113/0x450 [ 1536.791234][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1536.797781][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1536.803074][T18478] do_fast_syscall_32+0x33/0x70 [ 1536.808092][T18478] do_SYSENTER_32+0x1b/0x20 [ 1536.812888][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1536.819459][T18478] [ 1536.821871][T18478] Uninit was stored to memory at: [ 1536.827278][T18478] __get_compat_msghdr+0x514/0x750 [ 1536.832737][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1536.837829][T18478] ___sys_recvmsg+0x19d/0x870 [ 1536.842819][T18478] do_recvmmsg+0x63a/0x10a0 [ 1536.847484][T18478] __sys_recvmmsg+0x113/0x450 [ 1536.852443][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1536.858866][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1536.864192][T18478] do_fast_syscall_32+0x33/0x70 [ 1536.869197][T18478] do_SYSENTER_32+0x1b/0x20 [ 1536.873960][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1536.880508][T18478] [ 1536.883032][T18478] Uninit was stored to memory at: [ 1536.888276][T18478] __get_compat_msghdr+0x514/0x750 [ 1536.893708][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1536.898771][T18478] ___sys_recvmsg+0x19d/0x870 [ 1536.903717][T18478] do_recvmmsg+0x63a/0x10a0 [ 1536.908397][T18478] __sys_recvmmsg+0x113/0x450 [ 1536.913353][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1536.919764][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1536.925064][T18478] do_fast_syscall_32+0x33/0x70 [ 1536.930071][T18478] do_SYSENTER_32+0x1b/0x20 [ 1536.934831][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1536.941404][T18478] [ 1536.943939][T18478] Uninit was stored to memory at: [ 1536.949188][T18478] __get_compat_msghdr+0x514/0x750 [ 1536.954621][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1536.959671][T18478] ___sys_recvmsg+0x19d/0x870 [ 1536.964641][T18478] do_recvmmsg+0x63a/0x10a0 [ 1536.969304][T18478] __sys_recvmmsg+0x113/0x450 [ 1536.974256][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1536.980697][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1536.986013][T18478] do_fast_syscall_32+0x33/0x70 [ 1536.991021][T18478] do_SYSENTER_32+0x1b/0x20 [ 1536.995797][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1537.002444][T18478] [ 1537.004851][T18478] Uninit was stored to memory at: [ 1537.010109][T18478] __get_compat_msghdr+0x514/0x750 [ 1537.015554][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1537.020610][T18478] ___sys_recvmsg+0x19d/0x870 [ 1537.025557][T18478] do_recvmmsg+0x63a/0x10a0 [ 1537.030211][T18478] __sys_recvmmsg+0x113/0x450 [ 1537.035171][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1537.041590][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1537.046896][T18478] do_fast_syscall_32+0x33/0x70 [ 1537.051893][T18478] do_SYSENTER_32+0x1b/0x20 [ 1537.056667][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1537.063341][T18478] [ 1537.065744][T18478] Uninit was stored to memory at: [ 1537.070996][T18478] __get_compat_msghdr+0x514/0x750 [ 1537.076422][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1537.081472][T18478] ___sys_recvmsg+0x19d/0x870 [ 1537.086430][T18478] do_recvmmsg+0x63a/0x10a0 [ 1537.091094][T18478] __sys_recvmmsg+0x113/0x450 [ 1537.096054][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1537.102635][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1537.107825][T18478] do_fast_syscall_32+0x33/0x70 [ 1537.113018][T18478] do_SYSENTER_32+0x1b/0x20 [ 1537.117668][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1537.124365][T18478] [ 1537.126783][T18478] Uninit was stored to memory at: [ 1537.132044][T18478] __get_compat_msghdr+0x514/0x750 [ 1537.137525][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1537.142807][T18478] ___sys_recvmsg+0x19d/0x870 [ 1537.147633][T18478] do_recvmmsg+0x63a/0x10a0 [ 1537.152473][T18478] __sys_recvmmsg+0x113/0x450 [ 1537.157312][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1537.163850][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1537.169035][T18478] do_fast_syscall_32+0x33/0x70 [ 1537.174234][T18478] do_SYSENTER_32+0x1b/0x20 [ 1537.178889][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1537.185646][T18478] [ 1537.188058][T18478] Local variable msg_sys created at: [ 1537.193615][T18478] do_recvmmsg+0x5f/0x10a0 [ 1537.198188][T18478] __sys_recvmmsg+0x113/0x450 [ 1537.491411][T18410] not chained 1810000 origins [ 1537.496482][T18410] CPU: 0 PID: 18410 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1537.507169][T18410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1537.517374][T18410] Call Trace: [ 1537.520756][T18410] [ 1537.523793][T18410] dump_stack_lvl+0x1c8/0x256 [ 1537.528686][T18410] dump_stack+0x1a/0x1c [ 1537.533037][T18410] kmsan_internal_chain_origin+0x78/0x120 [ 1537.538944][T18410] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1537.545215][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1537.550507][T18410] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1537.556945][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1537.562239][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1537.568231][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1537.573538][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1537.579553][T18410] ? __get_compat_msghdr+0x5b/0x750 [ 1537.584973][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1537.590268][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1537.596281][T18410] ? should_fail+0x3f/0x810 [ 1537.600969][T18410] ? __stack_depot_save+0x21/0x4b0 [ 1537.606262][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1537.611559][T18410] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1537.617992][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1537.623289][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1537.629285][T18410] __msan_chain_origin+0xbd/0x140 [ 1537.634496][T18410] __get_compat_msghdr+0x514/0x750 [ 1537.639852][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1537.644932][T18410] ? ___sys_recvmsg+0xa9/0x870 [ 1537.649852][T18410] ? do_recvmmsg+0x63a/0x10a0 [ 1537.654704][T18410] ___sys_recvmsg+0x19d/0x870 [ 1537.659558][T18410] ? __schedule+0x1609/0x21d0 [ 1537.664408][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1537.669706][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1537.675712][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1537.681009][T18410] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1537.687014][T18410] do_recvmmsg+0x63a/0x10a0 [ 1537.691709][T18410] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1537.698157][T18410] ? __sys_recvmmsg+0x52/0x450 [ 1537.703085][T18410] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1537.709698][T18410] __sys_recvmmsg+0x113/0x450 [ 1537.714534][T18410] ? kmsan_get_metadata+0x33/0x220 [ 1537.719839][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1537.726294][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1537.731483][T18410] ? exit_to_user_mode_prepare+0x119/0x220 [ 1537.737471][T18410] do_fast_syscall_32+0x33/0x70 [ 1537.742481][T18410] do_SYSENTER_32+0x1b/0x20 [ 1537.747137][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1537.753711][T18410] RIP: 0023:0xf7fce549 [ 1537.757912][T18410] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1537.777722][T18410] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1537.786314][T18410] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1537.794431][T18410] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1537.802546][T18410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1537.810657][T18410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1537.818773][T18410] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1537.826925][T18410] [ 1537.836560][T18410] Uninit was stored to memory at: [ 1537.841849][T18410] __get_compat_msghdr+0x514/0x750 [ 1537.847841][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1537.853024][T18410] ___sys_recvmsg+0x19d/0x870 [ 1537.857867][T18410] do_recvmmsg+0x63a/0x10a0 [ 1537.862650][T18410] __sys_recvmmsg+0x113/0x450 [ 1537.867482][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1537.874038][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1537.879224][T18410] do_fast_syscall_32+0x33/0x70 [ 1537.884364][T18410] do_SYSENTER_32+0x1b/0x20 [ 1537.889028][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1537.895723][T18410] [ 1537.898134][T18410] Uninit was stored to memory at: [ 1537.903537][T18410] __get_compat_msghdr+0x514/0x750 [ 1537.908880][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1537.914148][T18410] ___sys_recvmsg+0x19d/0x870 [ 1537.918989][T18410] do_recvmmsg+0x63a/0x10a0 [ 1537.923857][T18410] __sys_recvmmsg+0x113/0x450 [ 1537.928700][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1537.935314][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1537.940506][T18410] do_fast_syscall_32+0x33/0x70 [ 1537.945693][T18410] do_SYSENTER_32+0x1b/0x20 [ 1537.950358][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1537.957113][T18410] [ 1537.959518][T18410] Uninit was stored to memory at: [ 1537.964872][T18410] __get_compat_msghdr+0x514/0x750 [ 1537.970192][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1537.975436][T18410] ___sys_recvmsg+0x19d/0x870 [ 1537.980283][T18410] do_recvmmsg+0x63a/0x10a0 [ 1537.985123][T18410] __sys_recvmmsg+0x113/0x450 [ 1537.989958][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1537.996573][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1538.001761][T18410] do_fast_syscall_32+0x33/0x70 [ 1538.006986][T18410] do_SYSENTER_32+0x1b/0x20 [ 1538.011643][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1538.018410][T18410] [ 1538.020823][T18410] Uninit was stored to memory at: [ 1538.026274][T18410] __get_compat_msghdr+0x514/0x750 [ 1538.031592][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1538.036890][T18410] ___sys_recvmsg+0x19d/0x870 [ 1538.041733][T18410] do_recvmmsg+0x63a/0x10a0 [ 1538.046588][T18410] __sys_recvmmsg+0x113/0x450 [ 1538.051419][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1538.058034][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1538.063340][T18410] do_fast_syscall_32+0x33/0x70 [ 1538.068349][T18410] do_SYSENTER_32+0x1b/0x20 [ 1538.073179][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1538.079740][T18410] [ 1538.082148][T18410] Uninit was stored to memory at: [ 1538.087587][T18410] __get_compat_msghdr+0x514/0x750 [ 1538.093094][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1538.098147][T18410] ___sys_recvmsg+0x19d/0x870 [ 1538.103175][T18410] do_recvmmsg+0x63a/0x10a0 [ 1538.107831][T18410] __sys_recvmmsg+0x113/0x450 [ 1538.112859][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1538.119289][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1538.124661][T18410] do_fast_syscall_32+0x33/0x70 [ 1538.129670][T18410] do_SYSENTER_32+0x1b/0x20 [ 1538.134501][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1538.141063][T18410] [ 1538.143655][T18410] Uninit was stored to memory at: [ 1538.148916][T18410] __get_compat_msghdr+0x514/0x750 [ 1538.154409][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1538.159465][T18410] ___sys_recvmsg+0x19d/0x870 [ 1538.164483][T18410] do_recvmmsg+0x63a/0x10a0 [ 1538.169137][T18410] __sys_recvmmsg+0x113/0x450 [ 1538.174155][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1538.180578][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1538.185968][T18410] do_fast_syscall_32+0x33/0x70 [ 1538.190981][T18410] do_SYSENTER_32+0x1b/0x20 [ 1538.195830][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1538.202489][T18410] [ 1538.204900][T18410] Uninit was stored to memory at: [ 1538.210149][T18410] __get_compat_msghdr+0x514/0x750 [ 1538.215642][T18410] get_compat_msghdr+0x8c/0x1c0 [ 1538.220693][T18410] ___sys_recvmsg+0x19d/0x870 [ 1538.225716][T18410] do_recvmmsg+0x63a/0x10a0 [ 1538.230376][T18410] __sys_recvmmsg+0x113/0x450 [ 1538.235403][T18410] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1538.241827][T18410] __do_fast_syscall_32+0x95/0xf0 [ 1538.247231][T18410] do_fast_syscall_32+0x33/0x70 [ 1538.252333][T18410] do_SYSENTER_32+0x1b/0x20 [ 1538.256991][T18410] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1538.263720][T18410] [ 1538.266137][T18410] Local variable msg_sys created at: [ 1538.271517][T18410] do_recvmmsg+0x5f/0x10a0 [ 1538.276354][T18410] __sys_recvmmsg+0x113/0x450 [ 1538.445709][T18444] not chained 1820000 origins [ 1538.450546][T18444] CPU: 1 PID: 18444 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1538.461233][T18444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1538.471440][T18444] Call Trace: [ 1538.474823][T18444] [ 1538.477848][T18444] dump_stack_lvl+0x1c8/0x256 [ 1538.482749][T18444] dump_stack+0x1a/0x1c [ 1538.487099][T18444] kmsan_internal_chain_origin+0x78/0x120 [ 1538.493001][T18444] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1538.499251][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1538.504552][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1538.510994][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1538.516295][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1538.522299][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1538.527595][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1538.533598][T18444] ? __get_compat_msghdr+0x5b/0x750 [ 1538.539023][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1538.544358][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1538.550389][T18444] ? should_fail+0x3f/0x810 [ 1538.555097][T18444] ? __stack_depot_save+0x21/0x4b0 [ 1538.560407][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1538.565710][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1538.572145][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1538.577432][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1538.583442][T18444] __msan_chain_origin+0xbd/0x140 [ 1538.588650][T18444] __get_compat_msghdr+0x514/0x750 [ 1538.594006][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1538.599090][T18444] ? ___sys_recvmsg+0xa9/0x870 [ 1538.604043][T18444] ? do_recvmmsg+0x63a/0x10a0 [ 1538.608905][T18444] ___sys_recvmsg+0x19d/0x870 [ 1538.613763][T18444] ? __schedule+0x1609/0x21d0 [ 1538.618619][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1538.623923][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1538.629925][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1538.635218][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1538.641236][T18444] do_recvmmsg+0x63a/0x10a0 [ 1538.645934][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1538.652374][T18444] ? __sys_recvmmsg+0x52/0x450 [ 1538.657291][T18444] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1538.663907][T18444] __sys_recvmmsg+0x113/0x450 [ 1538.668746][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1538.674058][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1538.680505][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1538.685695][T18444] ? exit_to_user_mode_prepare+0x119/0x220 [ 1538.691683][T18444] do_fast_syscall_32+0x33/0x70 [ 1538.696697][T18444] do_SYSENTER_32+0x1b/0x20 [ 1538.701352][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1538.707915][T18444] RIP: 0023:0xf7f92549 [ 1538.712112][T18444] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1538.731922][T18444] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1538.740515][T18444] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1538.748640][T18444] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1538.756754][T18444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1538.764862][T18444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1538.772974][T18444] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1538.781103][T18444] [ 1538.789755][T18444] Uninit was stored to memory at: [ 1538.795571][T18444] __get_compat_msghdr+0x514/0x750 [ 1538.800899][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1538.806066][T18444] ___sys_recvmsg+0x19d/0x870 [ 1538.810900][T18444] do_recvmmsg+0x63a/0x10a0 [ 1538.815651][T18444] __sys_recvmmsg+0x113/0x450 [ 1538.820480][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1538.827003][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1538.832298][T18444] do_fast_syscall_32+0x33/0x70 [ 1538.837308][T18444] do_SYSENTER_32+0x1b/0x20 [ 1538.841968][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1538.848623][T18444] [ 1538.851025][T18444] Uninit was stored to memory at: [ 1538.856387][T18444] __get_compat_msghdr+0x514/0x750 [ 1538.861709][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1538.866890][T18444] ___sys_recvmsg+0x19d/0x870 [ 1538.871730][T18444] do_recvmmsg+0x63a/0x10a0 [ 1538.876493][T18444] __sys_recvmmsg+0x113/0x450 [ 1538.881449][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1538.887963][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1538.893256][T18444] do_fast_syscall_32+0x33/0x70 [ 1538.898270][T18444] do_SYSENTER_32+0x1b/0x20 [ 1538.903027][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1538.909579][T18444] [ 1538.911986][T18444] Uninit was stored to memory at: [ 1538.917344][T18444] __get_compat_msghdr+0x514/0x750 [ 1538.922763][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1538.927824][T18444] ___sys_recvmsg+0x19d/0x870 [ 1538.932772][T18444] do_recvmmsg+0x63a/0x10a0 [ 1538.937434][T18444] __sys_recvmmsg+0x113/0x450 [ 1538.942381][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1538.948803][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1538.954105][T18444] do_fast_syscall_32+0x33/0x70 [ 1538.959115][T18444] do_SYSENTER_32+0x1b/0x20 [ 1538.963903][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1538.970456][T18444] [ 1538.972957][T18444] Uninit was stored to memory at: [ 1538.978211][T18444] __get_compat_msghdr+0x514/0x750 [ 1538.983631][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1538.988680][T18444] ___sys_recvmsg+0x19d/0x870 [ 1538.993617][T18444] do_recvmmsg+0x63a/0x10a0 [ 1538.998273][T18444] __sys_recvmmsg+0x113/0x450 [ 1539.003199][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1539.009623][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1539.014915][T18444] do_fast_syscall_32+0x33/0x70 [ 1539.019930][T18444] do_SYSENTER_32+0x1b/0x20 [ 1539.024755][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1539.031322][T18444] [ 1539.033884][T18444] Uninit was stored to memory at: [ 1539.039161][T18444] __get_compat_msghdr+0x514/0x750 [ 1539.044573][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1539.049632][T18444] ___sys_recvmsg+0x19d/0x870 [ 1539.054644][T18444] do_recvmmsg+0x63a/0x10a0 [ 1539.059302][T18444] __sys_recvmmsg+0x113/0x450 [ 1539.064301][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1539.070726][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1539.076084][T18444] do_fast_syscall_32+0x33/0x70 [ 1539.081087][T18444] do_SYSENTER_32+0x1b/0x20 [ 1539.085918][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1539.092574][T18444] [ 1539.094977][T18444] Uninit was stored to memory at: [ 1539.100230][T18444] __get_compat_msghdr+0x514/0x750 [ 1539.105710][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1539.110774][T18444] ___sys_recvmsg+0x19d/0x870 [ 1539.115807][T18444] do_recvmmsg+0x63a/0x10a0 [ 1539.120474][T18444] __sys_recvmmsg+0x113/0x450 [ 1539.125484][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1539.131927][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1539.137297][T18444] do_fast_syscall_32+0x33/0x70 [ 1539.142406][T18444] do_SYSENTER_32+0x1b/0x20 [ 1539.147068][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1539.153820][T18444] [ 1539.156229][T18444] Uninit was stored to memory at: [ 1539.161471][T18444] __get_compat_msghdr+0x514/0x750 [ 1539.166882][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1539.171945][T18444] ___sys_recvmsg+0x19d/0x870 [ 1539.176882][T18444] do_recvmmsg+0x63a/0x10a0 [ 1539.181555][T18444] __sys_recvmmsg+0x113/0x450 [ 1539.186482][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1539.192998][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1539.198184][T18444] do_fast_syscall_32+0x33/0x70 [ 1539.203280][T18444] do_SYSENTER_32+0x1b/0x20 [ 1539.207940][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1539.214595][T18444] [ 1539.217004][T18444] Local variable msg_sys created at: [ 1539.222477][T18444] do_recvmmsg+0x5f/0x10a0 [ 1539.227048][T18444] __sys_recvmmsg+0x113/0x450 02:33:27 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x38, r1, 0x329, 0x0, 0x0, {0x2e}, [{@pci={{0x8}, {0x11}}, {0x8}}]}, 0x38}}, 0x0) 02:33:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) [ 1539.674099][T18452] not chained 1830000 origins [ 1539.678947][T18452] CPU: 1 PID: 18452 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1539.689676][T18452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1539.699868][T18452] Call Trace: [ 1539.703248][T18452] [ 1539.706270][T18452] dump_stack_lvl+0x1c8/0x256 [ 1539.711158][T18452] dump_stack+0x1a/0x1c [ 1539.715501][T18452] kmsan_internal_chain_origin+0x78/0x120 [ 1539.721404][T18452] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1539.727661][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1539.732969][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1539.739407][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1539.744705][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1539.750709][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1539.755997][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1539.761992][T18452] ? __get_compat_msghdr+0x5b/0x750 [ 1539.767397][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1539.772684][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1539.778699][T18452] ? should_fail+0x3f/0x810 [ 1539.783384][T18452] ? __stack_depot_save+0x21/0x4b0 [ 1539.788679][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1539.793971][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1539.800410][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1539.805713][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1539.811723][T18452] __msan_chain_origin+0xbd/0x140 [ 1539.816927][T18452] __get_compat_msghdr+0x514/0x750 [ 1539.822275][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1539.827331][T18452] ? ___sys_recvmsg+0xa9/0x870 [ 1539.832245][T18452] ? do_recvmmsg+0x63a/0x10a0 [ 1539.837082][T18452] ___sys_recvmsg+0x19d/0x870 [ 1539.841933][T18452] ? __schedule+0x1609/0x21d0 [ 1539.846781][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1539.852085][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1539.858096][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1539.863399][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1539.869424][T18452] do_recvmmsg+0x63a/0x10a0 [ 1539.874119][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1539.880594][T18452] ? __sys_recvmmsg+0x52/0x450 [ 1539.885530][T18452] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1539.892154][T18452] __sys_recvmmsg+0x113/0x450 [ 1539.896991][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1539.902301][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1539.908743][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1539.913948][T18452] ? exit_to_user_mode_prepare+0x119/0x220 [ 1539.920015][T18452] do_fast_syscall_32+0x33/0x70 [ 1539.925033][T18452] do_SYSENTER_32+0x1b/0x20 [ 1539.929691][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1539.936253][T18452] RIP: 0023:0xf7fc6549 [ 1539.940444][T18452] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1539.960243][T18452] RSP: 002b:00000000f7fc15cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1539.968834][T18452] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1539.976969][T18452] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1539.985085][T18452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1539.993189][T18452] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1540.001293][T18452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1540.009434][T18452] [ 1540.022696][T18452] Uninit was stored to memory at: [ 1540.027991][T18452] __get_compat_msghdr+0x514/0x750 [ 1540.047610][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1540.052816][T18452] ___sys_recvmsg+0x19d/0x870 [ 1540.057670][T18452] do_recvmmsg+0x63a/0x10a0 [ 1540.062426][T18452] __sys_recvmmsg+0x113/0x450 [ 1540.067264][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1540.073794][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1540.078991][T18452] do_fast_syscall_32+0x33/0x70 [ 1540.084130][T18452] do_SYSENTER_32+0x1b/0x20 [ 1540.088795][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1540.095455][T18452] [ 1540.097862][T18452] Uninit was stored to memory at: [ 1540.103217][T18452] __get_compat_msghdr+0x514/0x750 [ 1540.108537][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1540.113698][T18452] ___sys_recvmsg+0x19d/0x870 [ 1540.118537][T18452] do_recvmmsg+0x63a/0x10a0 [ 1540.123299][T18452] __sys_recvmmsg+0x113/0x450 [ 1540.128133][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1540.134644][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1540.139835][T18452] do_fast_syscall_32+0x33/0x70 [ 1540.145005][T18452] do_SYSENTER_32+0x1b/0x20 [ 1540.149659][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1540.156380][T18452] [ 1540.158785][T18452] Uninit was stored to memory at: [ 1540.164181][T18452] __get_compat_msghdr+0x514/0x750 [ 1540.169498][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1540.174657][T18452] ___sys_recvmsg+0x19d/0x870 [ 1540.179495][T18452] do_recvmmsg+0x63a/0x10a0 [ 1540.184311][T18452] __sys_recvmmsg+0x113/0x450 [ 1540.189150][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1540.195727][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1540.200917][T18452] do_fast_syscall_32+0x33/0x70 [ 1540.206097][T18452] do_SYSENTER_32+0x1b/0x20 [ 1540.210749][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1540.217485][T18452] [ 1540.219900][T18452] Uninit was stored to memory at: [ 1540.225362][T18452] __get_compat_msghdr+0x514/0x750 [ 1540.230683][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1540.235900][T18452] ___sys_recvmsg+0x19d/0x870 [ 1540.240732][T18452] do_recvmmsg+0x63a/0x10a0 [ 1540.245487][T18452] __sys_recvmmsg+0x113/0x450 [ 1540.250322][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1540.256897][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1540.262093][T18452] do_fast_syscall_32+0x33/0x70 [ 1540.267270][T18452] do_SYSENTER_32+0x1b/0x20 [ 1540.271925][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1540.278645][T18452] [ 1540.281050][T18452] Uninit was stored to memory at: [ 1540.286485][T18452] __get_compat_msghdr+0x514/0x750 [ 1540.291805][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1540.296974][T18452] ___sys_recvmsg+0x19d/0x870 [ 1540.301811][T18452] do_recvmmsg+0x63a/0x10a0 [ 1540.306572][T18452] __sys_recvmmsg+0x113/0x450 [ 1540.311402][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1540.317916][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1540.323193][T18452] do_fast_syscall_32+0x33/0x70 [ 1540.328200][T18452] do_SYSENTER_32+0x1b/0x20 [ 1540.332953][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1540.339512][T18452] [ 1540.341925][T18452] Uninit was stored to memory at: [ 1540.347282][T18452] __get_compat_msghdr+0x514/0x750 [ 1540.352686][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1540.357740][T18452] ___sys_recvmsg+0x19d/0x870 [ 1540.362660][T18452] do_recvmmsg+0x63a/0x10a0 [ 1540.367313][T18452] __sys_recvmmsg+0x113/0x450 [ 1540.372143][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1540.378660][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1540.383968][T18452] do_fast_syscall_32+0x33/0x70 [ 1540.388986][T18452] do_SYSENTER_32+0x1b/0x20 [ 1540.393768][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1540.400355][T18452] [ 1540.402869][T18452] Uninit was stored to memory at: [ 1540.408154][T18452] __get_compat_msghdr+0x514/0x750 [ 1540.413575][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1540.418639][T18452] ___sys_recvmsg+0x19d/0x870 [ 1540.423571][T18452] do_recvmmsg+0x63a/0x10a0 [ 1540.428240][T18452] __sys_recvmmsg+0x113/0x450 [ 1540.433238][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1540.439658][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1540.444935][T18452] do_fast_syscall_32+0x33/0x70 [ 1540.449937][T18452] do_SYSENTER_32+0x1b/0x20 [ 1540.454744][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1540.461330][T18452] [ 1540.463850][T18452] Local variable msg_sys created at: [ 1540.469331][T18452] do_recvmmsg+0x5f/0x10a0 [ 1540.474058][T18452] __sys_recvmmsg+0x113/0x450 [ 1540.809461][T18444] not chained 1840000 origins [ 1540.814479][T18444] CPU: 0 PID: 18444 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1540.825161][T18444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1540.835358][T18444] Call Trace: [ 1540.838740][T18444] [ 1540.841765][T18444] dump_stack_lvl+0x1c8/0x256 [ 1540.846680][T18444] dump_stack+0x1a/0x1c [ 1540.851033][T18444] kmsan_internal_chain_origin+0x78/0x120 [ 1540.856955][T18444] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1540.863221][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1540.868522][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1540.874979][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1540.880277][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1540.886284][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1540.891574][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1540.897581][T18444] ? __get_compat_msghdr+0x5b/0x750 [ 1540.903004][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1540.908308][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1540.914323][T18444] ? should_fail+0x3f/0x810 [ 1540.919008][T18444] ? __stack_depot_save+0x21/0x4b0 [ 1540.924314][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1540.929696][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1540.936137][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1540.941440][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1540.947442][T18444] __msan_chain_origin+0xbd/0x140 [ 1540.952656][T18444] __get_compat_msghdr+0x514/0x750 [ 1540.958009][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1540.963067][T18444] ? ___sys_recvmsg+0xa9/0x870 [ 1540.967989][T18444] ? do_recvmmsg+0x63a/0x10a0 [ 1540.972826][T18444] ___sys_recvmsg+0x19d/0x870 [ 1540.977673][T18444] ? __schedule+0x1609/0x21d0 [ 1540.982527][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1540.987820][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1540.993839][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1540.999138][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1541.005149][T18444] do_recvmmsg+0x63a/0x10a0 [ 1541.009844][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1541.016295][T18444] ? __sys_recvmmsg+0x52/0x450 [ 1541.021235][T18444] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1541.027845][T18444] __sys_recvmmsg+0x113/0x450 [ 1541.032689][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1541.038004][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1541.044454][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1541.049648][T18444] ? exit_to_user_mode_prepare+0x119/0x220 [ 1541.055639][T18444] do_fast_syscall_32+0x33/0x70 [ 1541.060653][T18444] do_SYSENTER_32+0x1b/0x20 [ 1541.065310][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1541.071871][T18444] RIP: 0023:0xf7f92549 [ 1541.076071][T18444] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1541.095884][T18444] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1541.104488][T18444] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1541.112609][T18444] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1541.120712][T18444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1541.128821][T18444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1541.136944][T18444] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1541.145088][T18444] [ 1541.153835][T18444] Uninit was stored to memory at: [ 1541.159148][T18444] __get_compat_msghdr+0x514/0x750 [ 1541.165019][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1541.170078][T18444] ___sys_recvmsg+0x19d/0x870 [ 1541.175023][T18444] do_recvmmsg+0x63a/0x10a0 [ 1541.179677][T18444] __sys_recvmmsg+0x113/0x450 [ 1541.184608][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1541.191027][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1541.196335][T18444] do_fast_syscall_32+0x33/0x70 [ 1541.201340][T18444] do_SYSENTER_32+0x1b/0x20 [ 1541.206120][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1541.212766][T18444] [ 1541.215171][T18444] Uninit was stored to memory at: [ 1541.220421][T18444] __get_compat_msghdr+0x514/0x750 [ 1541.225864][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1541.230932][T18444] ___sys_recvmsg+0x19d/0x870 [ 1541.235894][T18444] do_recvmmsg+0x63a/0x10a0 [ 1541.240553][T18444] __sys_recvmmsg+0x113/0x450 [ 1541.245493][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1541.251909][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1541.257219][T18444] do_fast_syscall_32+0x33/0x70 [ 1541.262387][T18444] do_SYSENTER_32+0x1b/0x20 [ 1541.267036][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1541.273723][T18444] [ 1541.276125][T18444] Uninit was stored to memory at: [ 1541.281370][T18444] __get_compat_msghdr+0x514/0x750 [ 1541.286801][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1541.291877][T18444] ___sys_recvmsg+0x19d/0x870 [ 1541.296840][T18444] do_recvmmsg+0x63a/0x10a0 [ 1541.301499][T18444] __sys_recvmmsg+0x113/0x450 [ 1541.306461][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1541.312992][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1541.318182][T18444] do_fast_syscall_32+0x33/0x70 [ 1541.323316][T18444] do_SYSENTER_32+0x1b/0x20 [ 1541.327982][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1541.334674][T18444] [ 1541.337076][T18444] Uninit was stored to memory at: [ 1541.342486][T18444] __get_compat_msghdr+0x514/0x750 [ 1541.347810][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1541.352985][T18444] ___sys_recvmsg+0x19d/0x870 [ 1541.357814][T18444] do_recvmmsg+0x63a/0x10a0 [ 1541.362571][T18444] __sys_recvmmsg+0x113/0x450 [ 1541.367400][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1541.373944][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1541.379124][T18444] do_fast_syscall_32+0x33/0x70 [ 1541.384243][T18444] do_SYSENTER_32+0x1b/0x20 [ 1541.388879][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1541.395534][T18444] [ 1541.397932][T18444] Uninit was stored to memory at: [ 1541.403265][T18444] __get_compat_msghdr+0x514/0x750 [ 1541.408573][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1541.413751][T18444] ___sys_recvmsg+0x19d/0x870 [ 1541.418565][T18444] do_recvmmsg+0x63a/0x10a0 [ 1541.423336][T18444] __sys_recvmmsg+0x113/0x450 [ 1541.428195][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1541.434719][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1541.439891][T18444] do_fast_syscall_32+0x33/0x70 [ 1541.445021][T18444] do_SYSENTER_32+0x1b/0x20 [ 1541.449673][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1541.456477][T18444] [ 1541.458875][T18444] Uninit was stored to memory at: [ 1541.464197][T18444] __get_compat_msghdr+0x514/0x750 [ 1541.469501][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1541.474650][T18444] ___sys_recvmsg+0x19d/0x870 [ 1541.479466][T18444] do_recvmmsg+0x63a/0x10a0 [ 1541.484221][T18444] __sys_recvmmsg+0x113/0x450 [ 1541.489038][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1541.495551][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1541.500723][T18444] do_fast_syscall_32+0x33/0x70 [ 1541.505835][T18444] do_SYSENTER_32+0x1b/0x20 [ 1541.510472][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1541.517134][T18444] [ 1541.519541][T18444] Uninit was stored to memory at: [ 1541.524875][T18444] __get_compat_msghdr+0x514/0x750 [ 1541.530163][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1541.535315][T18444] ___sys_recvmsg+0x19d/0x870 [ 1541.540174][T18444] do_recvmmsg+0x63a/0x10a0 [ 1541.544983][T18444] __sys_recvmmsg+0x113/0x450 [ 1541.549837][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1541.556395][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1541.561579][T18444] do_fast_syscall_32+0x33/0x70 [ 1541.566707][T18444] do_SYSENTER_32+0x1b/0x20 [ 1541.571365][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1541.578035][T18444] [ 1541.580439][T18444] Local variable msg_sys created at: [ 1541.585930][T18444] do_recvmmsg+0x5f/0x10a0 [ 1541.590495][T18444] __sys_recvmmsg+0x113/0x450 [ 1541.880855][T18419] not chained 1850000 origins [ 1541.886044][T18419] CPU: 1 PID: 18419 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1541.896733][T18419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1541.906925][T18419] Call Trace: [ 1541.910296][T18419] [ 1541.913314][T18419] dump_stack_lvl+0x1c8/0x256 [ 1541.918197][T18419] dump_stack+0x1a/0x1c [ 1541.922528][T18419] kmsan_internal_chain_origin+0x78/0x120 [ 1541.928420][T18419] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1541.934653][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1541.939928][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1541.946343][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1541.951614][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1541.957591][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1541.962863][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1541.968849][T18419] ? __get_compat_msghdr+0x5b/0x750 [ 1541.974237][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1541.979505][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1541.985492][T18419] ? should_fail+0x3f/0x810 [ 1541.990157][T18419] ? __stack_depot_save+0x21/0x4b0 [ 1541.995426][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1542.000693][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1542.007112][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1542.012410][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1542.018391][T18419] __msan_chain_origin+0xbd/0x140 [ 1542.023575][T18419] __get_compat_msghdr+0x514/0x750 [ 1542.028912][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1542.033955][T18419] ? ___sys_recvmsg+0xa9/0x870 [ 1542.038867][T18419] ? do_recvmmsg+0x63a/0x10a0 [ 1542.043700][T18419] ___sys_recvmsg+0x19d/0x870 [ 1542.048527][T18419] ? __schedule+0x1609/0x21d0 [ 1542.053355][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1542.058626][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1542.064607][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1542.069885][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1542.075875][T18419] do_recvmmsg+0x63a/0x10a0 [ 1542.080544][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1542.086964][T18419] ? __sys_recvmmsg+0x52/0x450 [ 1542.091870][T18419] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1542.098480][T18419] __sys_recvmmsg+0x113/0x450 [ 1542.103300][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1542.108587][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1542.115010][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1542.120179][T18419] ? exit_to_user_mode_prepare+0x119/0x220 [ 1542.126146][T18419] do_fast_syscall_32+0x33/0x70 [ 1542.131147][T18419] do_SYSENTER_32+0x1b/0x20 [ 1542.135786][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1542.142324][T18419] RIP: 0023:0xf7f3a549 [ 1542.146504][T18419] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1542.166282][T18419] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1542.174850][T18419] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1542.182951][T18419] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1542.191037][T18419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1542.199125][T18419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1542.207211][T18419] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1542.215325][T18419] [ 1542.228840][T18419] Uninit was stored to memory at: [ 1542.235654][T18419] __get_compat_msghdr+0x514/0x750 [ 1542.240992][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1542.246151][T18419] ___sys_recvmsg+0x19d/0x870 [ 1542.251076][T18419] do_recvmmsg+0x63a/0x10a0 [ 1542.255835][T18419] __sys_recvmmsg+0x113/0x450 [ 1542.260670][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1542.267204][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1542.272487][T18419] do_fast_syscall_32+0x33/0x70 [ 1542.277496][T18419] do_SYSENTER_32+0x1b/0x20 [ 1542.282159][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1542.288811][T18419] [ 1542.291220][T18419] Uninit was stored to memory at: [ 1542.296578][T18419] __get_compat_msghdr+0x514/0x750 [ 1542.301901][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1542.307064][T18419] ___sys_recvmsg+0x19d/0x870 [ 1542.311943][T18419] do_recvmmsg+0x63a/0x10a0 [ 1542.316706][T18419] __sys_recvmmsg+0x113/0x450 [ 1542.321542][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1542.328063][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1542.333344][T18419] do_fast_syscall_32+0x33/0x70 [ 1542.338351][T18419] do_SYSENTER_32+0x1b/0x20 [ 1542.343096][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1542.349656][T18419] [ 1542.352058][T18419] Uninit was stored to memory at: [ 1542.357409][T18419] __get_compat_msghdr+0x514/0x750 [ 1542.362814][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1542.367881][T18419] ___sys_recvmsg+0x19d/0x870 [ 1542.372921][T18419] do_recvmmsg+0x63a/0x10a0 [ 1542.377593][T18419] __sys_recvmmsg+0x113/0x450 [ 1542.382525][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1542.388943][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1542.394239][T18419] do_fast_syscall_32+0x33/0x70 [ 1542.399256][T18419] do_SYSENTER_32+0x1b/0x20 [ 1542.404014][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1542.410571][T18419] [ 1542.413068][T18419] Uninit was stored to memory at: [ 1542.418315][T18419] __get_compat_msghdr+0x514/0x750 [ 1542.423730][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1542.428789][T18419] ___sys_recvmsg+0x19d/0x870 [ 1542.433724][T18419] do_recvmmsg+0x63a/0x10a0 [ 1542.438385][T18419] __sys_recvmmsg+0x113/0x450 [ 1542.443308][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1542.449731][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1542.454999][T18419] do_fast_syscall_32+0x33/0x70 [ 1542.460004][T18419] do_SYSENTER_32+0x1b/0x20 [ 1542.464766][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1542.471331][T18419] [ 1542.473830][T18419] Uninit was stored to memory at: [ 1542.479103][T18419] __get_compat_msghdr+0x514/0x750 [ 1542.484515][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1542.489566][T18419] ___sys_recvmsg+0x19d/0x870 [ 1542.494493][T18419] do_recvmmsg+0x63a/0x10a0 [ 1542.499147][T18419] __sys_recvmmsg+0x113/0x450 [ 1542.504079][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1542.510594][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1542.515876][T18419] do_fast_syscall_32+0x33/0x70 [ 1542.520888][T18419] do_SYSENTER_32+0x1b/0x20 [ 1542.525657][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1542.532307][T18419] [ 1542.534723][T18419] Uninit was stored to memory at: [ 1542.539966][T18419] __get_compat_msghdr+0x514/0x750 [ 1542.545385][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1542.550440][T18419] ___sys_recvmsg+0x19d/0x870 [ 1542.555362][T18419] do_recvmmsg+0x63a/0x10a0 [ 1542.560020][T18419] __sys_recvmmsg+0x113/0x450 [ 1542.564971][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1542.571399][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1542.576700][T18419] do_fast_syscall_32+0x33/0x70 [ 1542.581710][T18419] do_SYSENTER_32+0x1b/0x20 [ 1542.586465][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1542.593128][T18419] [ 1542.595532][T18419] Uninit was stored to memory at: [ 1542.600775][T18419] __get_compat_msghdr+0x514/0x750 [ 1542.606186][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1542.611243][T18419] ___sys_recvmsg+0x19d/0x870 [ 1542.616189][T18419] do_recvmmsg+0x63a/0x10a0 [ 1542.620854][T18419] __sys_recvmmsg+0x113/0x450 [ 1542.625794][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1542.632355][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1542.637553][T18419] do_fast_syscall_32+0x33/0x70 [ 1542.642659][T18419] do_SYSENTER_32+0x1b/0x20 [ 1542.647314][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1542.653968][T18419] [ 1542.656376][T18419] Local variable msg_sys created at: [ 1542.661761][T18419] do_recvmmsg+0x5f/0x10a0 [ 1542.666441][T18419] __sys_recvmmsg+0x113/0x450 [ 1543.250816][T18419] not chained 1860000 origins [ 1543.255816][T18419] CPU: 0 PID: 18419 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1543.266501][T18419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1543.276703][T18419] Call Trace: [ 1543.280086][T18419] [ 1543.283112][T18419] dump_stack_lvl+0x1c8/0x256 [ 1543.288039][T18419] dump_stack+0x1a/0x1c [ 1543.292398][T18419] kmsan_internal_chain_origin+0x78/0x120 [ 1543.298313][T18419] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1543.304576][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1543.309898][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1543.316351][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1543.321650][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1543.327820][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1543.333110][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1543.339111][T18419] ? __get_compat_msghdr+0x5b/0x750 [ 1543.344526][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1543.349818][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1543.355828][T18419] ? should_fail+0x3f/0x810 [ 1543.360516][T18419] ? __stack_depot_save+0x21/0x4b0 [ 1543.365804][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1543.371100][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1543.377550][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1543.382844][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1543.388840][T18419] __msan_chain_origin+0xbd/0x140 [ 1543.394044][T18419] __get_compat_msghdr+0x514/0x750 [ 1543.399412][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1543.404486][T18419] ? ___sys_recvmsg+0xa9/0x870 [ 1543.409413][T18419] ? do_recvmmsg+0x63a/0x10a0 [ 1543.414262][T18419] ___sys_recvmsg+0x19d/0x870 [ 1543.419128][T18419] ? __schedule+0x1609/0x21d0 [ 1543.423983][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1543.429276][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1543.435277][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1543.440568][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1543.446576][T18419] do_recvmmsg+0x63a/0x10a0 [ 1543.451263][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1543.457702][T18419] ? __sys_recvmmsg+0x52/0x450 [ 1543.462626][T18419] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1543.469230][T18419] __sys_recvmmsg+0x113/0x450 [ 1543.474073][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1543.479402][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1543.485858][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1543.491059][T18419] ? exit_to_user_mode_prepare+0x119/0x220 [ 1543.497047][T18419] do_fast_syscall_32+0x33/0x70 [ 1543.502054][T18419] do_SYSENTER_32+0x1b/0x20 [ 1543.506708][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1543.513274][T18419] RIP: 0023:0xf7f3a549 [ 1543.517465][T18419] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1543.537379][T18419] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1543.545970][T18419] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1543.554097][T18419] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1543.562203][T18419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1543.570307][T18419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1543.578414][T18419] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1543.586553][T18419] [ 1543.596541][T18419] Uninit was stored to memory at: [ 1543.601844][T18419] __get_compat_msghdr+0x514/0x750 [ 1543.607866][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1543.613027][T18419] ___sys_recvmsg+0x19d/0x870 [ 1543.617863][T18419] do_recvmmsg+0x63a/0x10a0 [ 1543.622636][T18419] __sys_recvmmsg+0x113/0x450 [ 1543.627471][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1543.634031][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1543.639217][T18419] do_fast_syscall_32+0x33/0x70 [ 1543.644344][T18419] do_SYSENTER_32+0x1b/0x20 [ 1543.649000][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1543.655688][T18419] [ 1543.658094][T18419] Uninit was stored to memory at: [ 1543.663430][T18419] __get_compat_msghdr+0x514/0x750 [ 1543.668741][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1543.673923][T18419] ___sys_recvmsg+0x19d/0x870 [ 1543.678756][T18419] do_recvmmsg+0x63a/0x10a0 [ 1543.683542][T18419] __sys_recvmmsg+0x113/0x450 [ 1543.688377][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1543.694938][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1543.700125][T18419] do_fast_syscall_32+0x33/0x70 [ 1543.705322][T18419] do_SYSENTER_32+0x1b/0x20 [ 1543.709985][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1543.716730][T18419] [ 1543.719132][T18419] Uninit was stored to memory at: [ 1543.724529][T18419] __get_compat_msghdr+0x514/0x750 [ 1543.729845][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1543.735091][T18419] ___sys_recvmsg+0x19d/0x870 [ 1543.739933][T18419] do_recvmmsg+0x63a/0x10a0 [ 1543.744744][T18419] __sys_recvmmsg+0x113/0x450 [ 1543.749585][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1543.756136][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1543.761323][T18419] do_fast_syscall_32+0x33/0x70 [ 1543.766519][T18419] do_SYSENTER_32+0x1b/0x20 [ 1543.771178][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1543.777928][T18419] [ 1543.780336][T18419] Uninit was stored to memory at: [ 1543.785769][T18419] __get_compat_msghdr+0x514/0x750 [ 1543.791092][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1543.796341][T18419] ___sys_recvmsg+0x19d/0x870 [ 1543.801176][T18419] do_recvmmsg+0x63a/0x10a0 [ 1543.806028][T18419] __sys_recvmmsg+0x113/0x450 [ 1543.810863][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1543.817483][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1543.822765][T18419] do_fast_syscall_32+0x33/0x70 [ 1543.827816][T18419] do_SYSENTER_32+0x1b/0x20 [ 1543.832604][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1543.839166][T18419] [ 1543.841573][T18419] Uninit was stored to memory at: [ 1543.846961][T18419] __get_compat_msghdr+0x514/0x750 [ 1543.852371][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1543.857435][T18419] ___sys_recvmsg+0x19d/0x870 [ 1543.862467][T18419] do_recvmmsg+0x63a/0x10a0 [ 1543.867129][T18419] __sys_recvmmsg+0x113/0x450 [ 1543.871958][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1543.878620][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1543.883911][T18419] do_fast_syscall_32+0x33/0x70 [ 1543.888923][T18419] do_SYSENTER_32+0x1b/0x20 [ 1543.893696][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1543.900257][T18419] [ 1543.902785][T18419] Uninit was stored to memory at: [ 1543.908042][T18419] __get_compat_msghdr+0x514/0x750 [ 1543.913489][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1543.918541][T18419] ___sys_recvmsg+0x19d/0x870 [ 1543.923494][T18419] do_recvmmsg+0x63a/0x10a0 [ 1543.928153][T18419] __sys_recvmmsg+0x113/0x450 [ 1543.933118][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1543.939545][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1543.944930][T18419] do_fast_syscall_32+0x33/0x70 [ 1543.949939][T18419] do_SYSENTER_32+0x1b/0x20 [ 1543.954780][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1543.961343][T18419] [ 1543.963873][T18419] Uninit was stored to memory at: [ 1543.969130][T18419] __get_compat_msghdr+0x514/0x750 [ 1543.974631][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1543.979694][T18419] ___sys_recvmsg+0x19d/0x870 [ 1543.984730][T18419] do_recvmmsg+0x63a/0x10a0 [ 1543.989395][T18419] __sys_recvmmsg+0x113/0x450 [ 1543.994462][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1544.000887][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1544.006270][T18419] do_fast_syscall_32+0x33/0x70 [ 1544.011277][T18419] do_SYSENTER_32+0x1b/0x20 [ 1544.016119][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1544.022925][T18419] [ 1544.025334][T18419] Local variable msg_sys created at: [ 1544.030708][T18419] do_recvmmsg+0x5f/0x10a0 [ 1544.035477][T18419] __sys_recvmmsg+0x113/0x450 [ 1544.248945][T18478] not chained 1870000 origins [ 1544.258937][T18478] CPU: 1 PID: 18478 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1544.269657][T18478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1544.279855][T18478] Call Trace: [ 1544.283237][T18478] [ 1544.286269][T18478] dump_stack_lvl+0x1c8/0x256 [ 1544.291168][T18478] dump_stack+0x1a/0x1c [ 1544.295518][T18478] kmsan_internal_chain_origin+0x78/0x120 [ 1544.301420][T18478] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1544.307686][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1544.312994][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1544.319437][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1544.324733][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1544.330742][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1544.336049][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1544.342054][T18478] ? __get_compat_msghdr+0x5b/0x750 [ 1544.347468][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1544.352771][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1544.358793][T18478] ? should_fail+0x3f/0x810 [ 1544.363479][T18478] ? __stack_depot_save+0x21/0x4b0 [ 1544.368769][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1544.374066][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1544.380501][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1544.385792][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1544.391790][T18478] __msan_chain_origin+0xbd/0x140 [ 1544.396998][T18478] __get_compat_msghdr+0x514/0x750 [ 1544.402353][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1544.407415][T18478] ? ___sys_recvmsg+0xa9/0x870 [ 1544.412346][T18478] ? do_recvmmsg+0x63a/0x10a0 [ 1544.417190][T18478] ___sys_recvmsg+0x19d/0x870 [ 1544.422050][T18478] ? __schedule+0x1609/0x21d0 [ 1544.426916][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1544.432221][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1544.438207][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1544.443502][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1544.449512][T18478] do_recvmmsg+0x63a/0x10a0 [ 1544.454210][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1544.460653][T18478] ? __sys_recvmmsg+0x52/0x450 [ 1544.465576][T18478] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1544.472180][T18478] __sys_recvmmsg+0x113/0x450 [ 1544.477014][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1544.482326][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1544.488773][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1544.493965][T18478] ? exit_to_user_mode_prepare+0x119/0x220 [ 1544.499947][T18478] do_fast_syscall_32+0x33/0x70 [ 1544.504969][T18478] do_SYSENTER_32+0x1b/0x20 [ 1544.509627][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1544.516189][T18478] RIP: 0023:0xf7fc4549 [ 1544.520380][T18478] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1544.540196][T18478] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1544.548798][T18478] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1544.556937][T18478] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1544.565070][T18478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1544.573186][T18478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1544.581306][T18478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1544.589454][T18478] [ 1544.592732][T18478] Uninit was stored to memory at: [ 1544.597985][T18478] __get_compat_msghdr+0x514/0x750 [ 1544.603422][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1544.608487][T18478] ___sys_recvmsg+0x19d/0x870 [ 1544.613454][T18478] do_recvmmsg+0x63a/0x10a0 [ 1544.618134][T18478] __sys_recvmmsg+0x113/0x450 [ 1544.623103][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1544.629541][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1544.634858][T18478] do_fast_syscall_32+0x33/0x70 [ 1544.639873][T18478] do_SYSENTER_32+0x1b/0x20 [ 1544.644621][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1544.651178][T18478] [ 1544.653673][T18478] Uninit was stored to memory at: [ 1544.658926][T18478] __get_compat_msghdr+0x514/0x750 [ 1544.664369][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1544.669421][T18478] ___sys_recvmsg+0x19d/0x870 [ 1544.674353][T18478] do_recvmmsg+0x63a/0x10a0 [ 1544.679018][T18478] __sys_recvmmsg+0x113/0x450 [ 1544.683996][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1544.690473][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1544.695857][T18478] do_fast_syscall_32+0x33/0x70 [ 1544.700873][T18478] do_SYSENTER_32+0x1b/0x20 [ 1544.705664][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1544.712335][T18478] [ 1544.714739][T18478] Uninit was stored to memory at: [ 1544.719998][T18478] __get_compat_msghdr+0x514/0x750 [ 1544.725421][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1544.730474][T18478] ___sys_recvmsg+0x19d/0x870 [ 1544.735415][T18478] do_recvmmsg+0x63a/0x10a0 [ 1544.740078][T18478] __sys_recvmmsg+0x113/0x450 [ 1544.745025][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1544.751452][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1544.756742][T18478] do_fast_syscall_32+0x33/0x70 [ 1544.761758][T18478] do_SYSENTER_32+0x1b/0x20 [ 1544.766524][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1544.773175][T18478] [ 1544.775572][T18478] Uninit was stored to memory at: [ 1544.780817][T18478] __get_compat_msghdr+0x514/0x750 [ 1544.786243][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1544.791303][T18478] ___sys_recvmsg+0x19d/0x870 [ 1544.796244][T18478] do_recvmmsg+0x63a/0x10a0 [ 1544.800902][T18478] __sys_recvmmsg+0x113/0x450 [ 1544.805833][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1544.812338][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1544.817513][T18478] do_fast_syscall_32+0x33/0x70 [ 1544.822639][T18478] do_SYSENTER_32+0x1b/0x20 [ 1544.827290][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1544.834021][T18478] [ 1544.836421][T18478] Uninit was stored to memory at: [ 1544.841665][T18478] __get_compat_msghdr+0x514/0x750 [ 1544.847091][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1544.852151][T18478] ___sys_recvmsg+0x19d/0x870 [ 1544.857075][T18478] do_recvmmsg+0x63a/0x10a0 [ 1544.861729][T18478] __sys_recvmmsg+0x113/0x450 [ 1544.866658][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1544.873161][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1544.878471][T18478] do_fast_syscall_32+0x33/0x70 [ 1544.883579][T18478] do_SYSENTER_32+0x1b/0x20 [ 1544.888238][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1544.894886][T18478] [ 1544.897291][T18478] Uninit was stored to memory at: [ 1544.902634][T18478] __get_compat_msghdr+0x514/0x750 [ 1544.907946][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1544.913097][T18478] ___sys_recvmsg+0x19d/0x870 [ 1544.917931][T18478] do_recvmmsg+0x63a/0x10a0 [ 1544.922669][T18478] __sys_recvmmsg+0x113/0x450 [ 1544.927498][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1544.934009][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1544.939192][T18478] do_fast_syscall_32+0x33/0x70 [ 1544.944283][T18478] do_SYSENTER_32+0x1b/0x20 [ 1544.948930][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1544.955576][T18478] [ 1544.957978][T18478] Uninit was stored to memory at: [ 1544.963323][T18478] __get_compat_msghdr+0x514/0x750 [ 1544.968644][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1544.973785][T18478] ___sys_recvmsg+0x19d/0x870 [ 1544.978624][T18478] do_recvmmsg+0x63a/0x10a0 [ 1544.983373][T18478] __sys_recvmmsg+0x113/0x450 [ 1544.988210][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1544.994907][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1545.000085][T18478] do_fast_syscall_32+0x33/0x70 [ 1545.005218][T18478] do_SYSENTER_32+0x1b/0x20 [ 1545.009874][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1545.016517][T18478] [ 1545.017543][T18513] not chained 1880000 origins [ 1545.018877][T18478] Local variable msg_sys created at: [ 1545.018909][T18478] do_recvmmsg+0x5f/0x10a0 [ 1545.023876][T18513] CPU: 0 PID: 18513 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1545.029048][T18478] __sys_recvmmsg+0x113/0x450 [ 1545.033472][T18513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1545.033528][T18513] Call Trace: [ 1545.033561][T18513] [ 1545.033593][T18513] dump_stack_lvl+0x1c8/0x256 [ 1545.070294][T18513] dump_stack+0x1a/0x1c [ 1545.074667][T18513] kmsan_internal_chain_origin+0x78/0x120 [ 1545.080577][T18513] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1545.086834][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1545.092134][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1545.098562][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1545.103858][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1545.109861][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1545.115167][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1545.121166][T18513] ? __get_compat_msghdr+0x5b/0x750 [ 1545.126585][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1545.131856][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1545.137858][T18513] ? should_fail+0x3f/0x810 [ 1545.142540][T18513] ? __stack_depot_save+0x21/0x4b0 [ 1545.147822][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1545.153136][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1545.159570][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1545.164863][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1545.170872][T18513] __msan_chain_origin+0xbd/0x140 [ 1545.176084][T18513] __get_compat_msghdr+0x514/0x750 [ 1545.181441][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1545.186500][T18513] ? ___sys_recvmsg+0xa9/0x870 [ 1545.191425][T18513] ? do_recvmmsg+0x63a/0x10a0 [ 1545.196274][T18513] ___sys_recvmsg+0x19d/0x870 [ 1545.201121][T18513] ? __schedule+0x1609/0x21d0 [ 1545.205963][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1545.211249][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1545.217249][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1545.222553][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1545.228566][T18513] do_recvmmsg+0x63a/0x10a0 [ 1545.233260][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1545.239708][T18513] ? __sys_recvmmsg+0x52/0x450 [ 1545.244639][T18513] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1545.251256][T18513] __sys_recvmmsg+0x113/0x450 [ 1545.256111][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1545.261426][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1545.267877][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1545.273071][T18513] ? exit_to_user_mode_prepare+0x119/0x220 [ 1545.279081][T18513] do_fast_syscall_32+0x33/0x70 [ 1545.284099][T18513] do_SYSENTER_32+0x1b/0x20 [ 1545.288758][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1545.295312][T18513] RIP: 0023:0xf7fce549 [ 1545.299506][T18513] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1545.319312][T18513] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1545.327906][T18513] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1545.336028][T18513] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1545.344124][T18513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1545.352212][T18513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1545.360301][T18513] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1545.368430][T18513] [ 1545.377487][T18513] Uninit was stored to memory at: [ 1545.389124][T18513] __get_compat_msghdr+0x514/0x750 [ 1545.395044][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1545.400140][T18513] ___sys_recvmsg+0x19d/0x870 [ 1545.405126][T18513] do_recvmmsg+0x63a/0x10a0 [ 1545.409789][T18513] __sys_recvmmsg+0x113/0x450 [ 1545.414782][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1545.421205][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1545.426599][T18513] do_fast_syscall_32+0x33/0x70 [ 1545.431603][T18513] do_SYSENTER_32+0x1b/0x20 [ 1545.436484][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1545.443208][T18513] [ 1545.445617][T18513] Uninit was stored to memory at: [ 1545.450860][T18513] __get_compat_msghdr+0x514/0x750 [ 1545.456368][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1545.461433][T18513] ___sys_recvmsg+0x19d/0x870 [ 1545.466476][T18513] do_recvmmsg+0x63a/0x10a0 [ 1545.471135][T18513] __sys_recvmmsg+0x113/0x450 [ 1545.476176][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1545.482709][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1545.487910][T18513] do_fast_syscall_32+0x33/0x70 [ 1545.493110][T18513] do_SYSENTER_32+0x1b/0x20 [ 1545.497764][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1545.504531][T18513] [ 1545.506937][T18513] Uninit was stored to memory at: [ 1545.512185][T18513] __get_compat_msghdr+0x514/0x750 [ 1545.517697][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1545.522935][T18513] ___sys_recvmsg+0x19d/0x870 [ 1545.527769][T18513] do_recvmmsg+0x63a/0x10a0 [ 1545.532557][T18513] __sys_recvmmsg+0x113/0x450 [ 1545.537389][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1545.544021][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1545.549205][T18513] do_fast_syscall_32+0x33/0x70 [ 1545.554414][T18513] do_SYSENTER_32+0x1b/0x20 [ 1545.559088][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1545.565844][T18513] [ 1545.568253][T18513] Uninit was stored to memory at: [ 1545.573687][T18513] __get_compat_msghdr+0x514/0x750 [ 1545.579040][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1545.584304][T18513] ___sys_recvmsg+0x19d/0x870 [ 1545.589149][T18513] do_recvmmsg+0x63a/0x10a0 [ 1545.594005][T18513] __sys_recvmmsg+0x113/0x450 [ 1545.598851][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1545.605505][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1545.610688][T18513] do_fast_syscall_32+0x33/0x70 [ 1545.615893][T18513] do_SYSENTER_32+0x1b/0x20 [ 1545.620558][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1545.627310][T18513] [ 1545.629753][T18513] Uninit was stored to memory at: [ 1545.635197][T18513] __get_compat_msghdr+0x514/0x750 [ 1545.640536][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1545.645801][T18513] ___sys_recvmsg+0x19d/0x870 [ 1545.650645][T18513] do_recvmmsg+0x63a/0x10a0 [ 1545.655509][T18513] __sys_recvmmsg+0x113/0x450 [ 1545.660354][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1545.667008][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1545.672305][T18513] do_fast_syscall_32+0x33/0x70 [ 1545.677322][T18513] do_SYSENTER_32+0x1b/0x20 [ 1545.681979][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1545.688735][T18513] [ 1545.691147][T18513] Uninit was stored to memory at: [ 1545.696544][T18513] __get_compat_msghdr+0x514/0x750 [ 1545.701858][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1545.707115][T18513] ___sys_recvmsg+0x19d/0x870 [ 1545.711948][T18513] do_recvmmsg+0x63a/0x10a0 [ 1545.716807][T18513] __sys_recvmmsg+0x113/0x450 [ 1545.721652][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1545.728275][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1545.733569][T18513] do_fast_syscall_32+0x33/0x70 [ 1545.738571][T18513] do_SYSENTER_32+0x1b/0x20 [ 1545.743411][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1545.749990][T18513] [ 1545.752581][T18513] Uninit was stored to memory at: [ 1545.757828][T18513] __get_compat_msghdr+0x514/0x750 [ 1545.763337][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1545.768407][T18513] ___sys_recvmsg+0x19d/0x870 [ 1545.773434][T18513] do_recvmmsg+0x63a/0x10a0 [ 1545.778095][T18513] __sys_recvmmsg+0x113/0x450 [ 1545.783132][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1545.789555][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1545.794935][T18513] do_fast_syscall_32+0x33/0x70 [ 1545.799944][T18513] do_SYSENTER_32+0x1b/0x20 [ 1545.804892][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1545.811455][T18513] [ 1545.814065][T18513] Local variable msg_sys created at: [ 1545.819448][T18513] do_recvmmsg+0x5f/0x10a0 [ 1545.824228][T18513] __sys_recvmmsg+0x113/0x450 [ 1546.553178][T18419] not chained 1890000 origins [ 1546.558006][T18419] CPU: 1 PID: 18419 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1546.568695][T18419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1546.578904][T18419] Call Trace: [ 1546.582286][T18419] [ 1546.585319][T18419] dump_stack_lvl+0x1c8/0x256 [ 1546.590229][T18419] dump_stack+0x1a/0x1c [ 1546.594597][T18419] kmsan_internal_chain_origin+0x78/0x120 [ 1546.600505][T18419] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1546.606759][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1546.612074][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1546.618510][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1546.623822][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1546.629828][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1546.635132][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1546.641152][T18419] ? __get_compat_msghdr+0x5b/0x750 [ 1546.646573][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1546.651868][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1546.657871][T18419] ? should_fail+0x3f/0x810 [ 1546.662569][T18419] ? __stack_depot_save+0x21/0x4b0 [ 1546.667882][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1546.673197][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1546.679642][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1546.684938][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1546.690948][T18419] __msan_chain_origin+0xbd/0x140 [ 1546.696166][T18419] __get_compat_msghdr+0x514/0x750 [ 1546.701520][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1546.706582][T18419] ? ___sys_recvmsg+0xa9/0x870 [ 1546.711522][T18419] ? do_recvmmsg+0x63a/0x10a0 [ 1546.716375][T18419] ___sys_recvmsg+0x19d/0x870 [ 1546.721232][T18419] ? __schedule+0x1609/0x21d0 [ 1546.726087][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1546.731381][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1546.737383][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1546.742680][T18419] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1546.748680][T18419] do_recvmmsg+0x63a/0x10a0 [ 1546.753367][T18419] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1546.759813][T18419] ? __sys_recvmmsg+0x52/0x450 [ 1546.764731][T18419] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1546.771338][T18419] __sys_recvmmsg+0x113/0x450 [ 1546.776176][T18419] ? kmsan_get_metadata+0x33/0x220 [ 1546.781482][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1546.787932][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1546.793120][T18419] ? exit_to_user_mode_prepare+0x119/0x220 [ 1546.799118][T18419] do_fast_syscall_32+0x33/0x70 [ 1546.804144][T18419] do_SYSENTER_32+0x1b/0x20 [ 1546.808805][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1546.815356][T18419] RIP: 0023:0xf7f3a549 [ 1546.819552][T18419] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1546.839369][T18419] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1546.847966][T18419] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1546.856100][T18419] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1546.864211][T18419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1546.872313][T18419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1546.880435][T18419] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1546.888667][T18419] [ 1546.898339][T18419] Uninit was stored to memory at: [ 1546.904323][T18419] __get_compat_msghdr+0x514/0x750 [ 1546.909665][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1546.914839][T18419] ___sys_recvmsg+0x19d/0x870 [ 1546.919697][T18419] do_recvmmsg+0x63a/0x10a0 [ 1546.924453][T18419] __sys_recvmmsg+0x113/0x450 [ 1546.929286][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1546.935809][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1546.940997][T18419] do_fast_syscall_32+0x33/0x70 [ 1546.946118][T18419] do_SYSENTER_32+0x1b/0x20 [ 1546.950777][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1546.957450][T18419] [ 1546.959856][T18419] Uninit was stored to memory at: [ 1546.965202][T18419] __get_compat_msghdr+0x514/0x750 [ 1546.970525][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1546.975674][T18419] ___sys_recvmsg+0x19d/0x870 [ 1546.980562][T18419] do_recvmmsg+0x63a/0x10a0 [ 1546.985363][T18419] __sys_recvmmsg+0x113/0x450 [ 1546.990209][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1546.996762][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1547.001970][T18419] do_fast_syscall_32+0x33/0x70 [ 1547.007105][T18419] do_SYSENTER_32+0x1b/0x20 [ 1547.011763][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1547.018413][T18419] [ 1547.020816][T18419] Uninit was stored to memory at: [ 1547.026152][T18419] __get_compat_msghdr+0x514/0x750 [ 1547.031469][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1547.036627][T18419] ___sys_recvmsg+0x19d/0x870 [ 1547.041470][T18419] do_recvmmsg+0x63a/0x10a0 [ 1547.046231][T18419] __sys_recvmmsg+0x113/0x450 [ 1547.051068][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1547.057601][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1547.062893][T18419] do_fast_syscall_32+0x33/0x70 [ 1547.067911][T18419] do_SYSENTER_32+0x1b/0x20 [ 1547.072676][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1547.079239][T18419] [ 1547.081650][T18419] Uninit was stored to memory at: [ 1547.087047][T18419] __get_compat_msghdr+0x514/0x750 [ 1547.092459][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1547.097516][T18419] ___sys_recvmsg+0x19d/0x870 [ 1547.102435][T18419] do_recvmmsg+0x63a/0x10a0 [ 1547.107091][T18419] __sys_recvmmsg+0x113/0x450 [ 1547.111923][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1547.118453][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1547.123806][T18419] do_fast_syscall_32+0x33/0x70 [ 1547.128824][T18419] do_SYSENTER_32+0x1b/0x20 [ 1547.133596][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1547.140156][T18419] [ 1547.142727][T18419] Uninit was stored to memory at: [ 1547.147985][T18419] __get_compat_msghdr+0x514/0x750 [ 1547.153460][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1547.158515][T18419] ___sys_recvmsg+0x19d/0x870 [ 1547.163488][T18419] do_recvmmsg+0x63a/0x10a0 [ 1547.168148][T18419] __sys_recvmmsg+0x113/0x450 [ 1547.173140][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1547.179569][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1547.184918][T18419] do_fast_syscall_32+0x33/0x70 [ 1547.189928][T18419] do_SYSENTER_32+0x1b/0x20 [ 1547.194746][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1547.201310][T18419] [ 1547.203888][T18419] Uninit was stored to memory at: [ 1547.209141][T18419] __get_compat_msghdr+0x514/0x750 [ 1547.214616][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1547.219668][T18419] ___sys_recvmsg+0x19d/0x870 [ 1547.224658][T18419] do_recvmmsg+0x63a/0x10a0 [ 1547.229312][T18419] __sys_recvmmsg+0x113/0x450 [ 1547.234237][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1547.240654][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1547.246003][T18419] do_fast_syscall_32+0x33/0x70 [ 1547.251008][T18419] do_SYSENTER_32+0x1b/0x20 [ 1547.255836][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1547.262492][T18419] [ 1547.264903][T18419] Uninit was stored to memory at: [ 1547.270152][T18419] __get_compat_msghdr+0x514/0x750 [ 1547.275630][T18419] get_compat_msghdr+0x8c/0x1c0 [ 1547.280687][T18419] ___sys_recvmsg+0x19d/0x870 [ 1547.285681][T18419] do_recvmmsg+0x63a/0x10a0 [ 1547.290338][T18419] __sys_recvmmsg+0x113/0x450 [ 1547.295322][T18419] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1547.301747][T18419] __do_fast_syscall_32+0x95/0xf0 [ 1547.307099][T18419] do_fast_syscall_32+0x33/0x70 [ 1547.312107][T18419] do_SYSENTER_32+0x1b/0x20 [ 1547.316924][T18419] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1547.323671][T18419] [ 1547.326083][T18419] Local variable msg_sys created at: [ 1547.331460][T18419] do_recvmmsg+0x5f/0x10a0 [ 1547.336189][T18419] __sys_recvmmsg+0x113/0x450 02:33:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) 02:33:35 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x38, r1, 0x329, 0x0, 0x0, {0x2e}, [{@pci={{0x8}, {0x11}}, {0x8}}]}, 0x38}}, 0x0) [ 1548.168775][T18452] not chained 1900000 origins [ 1548.173803][T18452] CPU: 1 PID: 18452 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1548.184494][T18452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1548.194692][T18452] Call Trace: [ 1548.198078][T18452] [ 1548.201142][T18452] dump_stack_lvl+0x1c8/0x256 [ 1548.206041][T18452] dump_stack+0x1a/0x1c [ 1548.210389][T18452] kmsan_internal_chain_origin+0x78/0x120 [ 1548.216289][T18452] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1548.222550][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1548.227844][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1548.234286][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1548.239580][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1548.245568][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1548.250869][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1548.256878][T18452] ? __get_compat_msghdr+0x5b/0x750 [ 1548.262291][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1548.267580][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1548.273586][T18452] ? should_fail+0x3f/0x810 [ 1548.278267][T18452] ? __stack_depot_save+0x21/0x4b0 [ 1548.283557][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1548.288844][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1548.295282][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1548.300569][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1548.306568][T18452] __msan_chain_origin+0xbd/0x140 [ 1548.311770][T18452] __get_compat_msghdr+0x514/0x750 [ 1548.317126][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1548.322186][T18452] ? ___sys_recvmsg+0xa9/0x870 [ 1548.327105][T18452] ? do_recvmmsg+0x63a/0x10a0 [ 1548.331954][T18452] ___sys_recvmsg+0x19d/0x870 [ 1548.336805][T18452] ? __schedule+0x1609/0x21d0 [ 1548.341659][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1548.346957][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1548.352962][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1548.358255][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1548.364268][T18452] do_recvmmsg+0x63a/0x10a0 [ 1548.368962][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1548.375409][T18452] ? __sys_recvmmsg+0x52/0x450 [ 1548.380330][T18452] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1548.386945][T18452] __sys_recvmmsg+0x113/0x450 [ 1548.391799][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1548.397123][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1548.403581][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1548.408775][T18452] ? exit_to_user_mode_prepare+0x119/0x220 [ 1548.414769][T18452] do_fast_syscall_32+0x33/0x70 [ 1548.419795][T18452] do_SYSENTER_32+0x1b/0x20 [ 1548.424465][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1548.431022][T18452] RIP: 0023:0xf7fc6549 [ 1548.435223][T18452] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1548.455037][T18452] RSP: 002b:00000000f7fc15cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1548.463626][T18452] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1548.471732][T18452] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1548.479831][T18452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1548.487922][T18452] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1548.496010][T18452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1548.504122][T18452] [ 1548.518409][T18452] Uninit was stored to memory at: [ 1548.525467][T18452] __get_compat_msghdr+0x514/0x750 [ 1548.530791][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1548.535951][T18452] ___sys_recvmsg+0x19d/0x870 [ 1548.540782][T18452] do_recvmmsg+0x63a/0x10a0 [ 1548.545532][T18452] __sys_recvmmsg+0x113/0x450 [ 1548.550358][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1548.556870][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1548.562058][T18452] do_fast_syscall_32+0x33/0x70 [ 1548.567150][T18452] do_SYSENTER_32+0x1b/0x20 [ 1548.571805][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1548.578481][T18452] [ 1548.580889][T18452] Uninit was stored to memory at: [ 1548.586253][T18452] __get_compat_msghdr+0x514/0x750 [ 1548.591580][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1548.596745][T18452] ___sys_recvmsg+0x19d/0x870 [ 1548.601588][T18452] do_recvmmsg+0x63a/0x10a0 [ 1548.606348][T18452] __sys_recvmmsg+0x113/0x450 [ 1548.611206][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1548.617823][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1548.623112][T18452] do_fast_syscall_32+0x33/0x70 [ 1548.628149][T18452] do_SYSENTER_32+0x1b/0x20 [ 1548.632901][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1548.639461][T18452] [ 1548.641863][T18452] Uninit was stored to memory at: [ 1548.647225][T18452] __get_compat_msghdr+0x514/0x750 [ 1548.652623][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1548.657679][T18452] ___sys_recvmsg+0x19d/0x870 [ 1548.662620][T18452] do_recvmmsg+0x63a/0x10a0 [ 1548.667279][T18452] __sys_recvmmsg+0x113/0x450 [ 1548.672117][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1548.678706][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1548.683990][T18452] do_fast_syscall_32+0x33/0x70 [ 1548.688998][T18452] do_SYSENTER_32+0x1b/0x20 [ 1548.693747][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1548.700306][T18452] [ 1548.702854][T18452] Uninit was stored to memory at: [ 1548.708118][T18452] __get_compat_msghdr+0x514/0x750 [ 1548.713602][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1548.718659][T18452] ___sys_recvmsg+0x19d/0x870 [ 1548.723657][T18452] do_recvmmsg+0x63a/0x10a0 [ 1548.728329][T18452] __sys_recvmmsg+0x113/0x450 [ 1548.733327][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1548.739752][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1548.745094][T18452] do_fast_syscall_32+0x33/0x70 [ 1548.750098][T18452] do_SYSENTER_32+0x1b/0x20 [ 1548.754851][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1548.761421][T18452] [ 1548.763981][T18452] Uninit was stored to memory at: [ 1548.769238][T18452] __get_compat_msghdr+0x514/0x750 [ 1548.774722][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1548.779784][T18452] ___sys_recvmsg+0x19d/0x870 [ 1548.784782][T18452] do_recvmmsg+0x63a/0x10a0 [ 1548.789443][T18452] __sys_recvmmsg+0x113/0x450 [ 1548.794457][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1548.800962][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1548.806437][T18452] do_fast_syscall_32+0x33/0x70 [ 1548.811478][T18452] do_SYSENTER_32+0x1b/0x20 [ 1548.816301][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1548.822962][T18452] [ 1548.825370][T18452] Uninit was stored to memory at: [ 1548.830621][T18452] __get_compat_msghdr+0x514/0x750 [ 1548.836132][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1548.841223][T18452] ___sys_recvmsg+0x19d/0x870 [ 1548.846215][T18452] do_recvmmsg+0x63a/0x10a0 [ 1548.850909][T18452] __sys_recvmmsg+0x113/0x450 [ 1548.855931][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1548.862454][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1548.867643][T18452] do_fast_syscall_32+0x33/0x70 [ 1548.872821][T18452] do_SYSENTER_32+0x1b/0x20 [ 1548.877484][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1548.884205][T18452] [ 1548.886608][T18452] Uninit was stored to memory at: [ 1548.891863][T18452] __get_compat_msghdr+0x514/0x750 [ 1548.897368][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1548.902533][T18452] ___sys_recvmsg+0x19d/0x870 [ 1548.907374][T18452] do_recvmmsg+0x63a/0x10a0 [ 1548.912026][T18452] __sys_recvmmsg+0x113/0x450 [ 1548.917034][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1548.923552][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1548.928748][T18452] do_fast_syscall_32+0x33/0x70 [ 1548.933935][T18452] do_SYSENTER_32+0x1b/0x20 [ 1548.938609][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1548.945354][T18452] [ 1548.947774][T18452] Local variable msg_sys created at: [ 1548.953324][T18452] do_recvmmsg+0x5f/0x10a0 [ 1548.957904][T18452] __sys_recvmmsg+0x113/0x450 [ 1549.536840][T18452] not chained 1910000 origins [ 1549.541695][T18452] CPU: 0 PID: 18452 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1549.552374][T18452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1549.562577][T18452] Call Trace: [ 1549.565962][T18452] [ 1549.569000][T18452] dump_stack_lvl+0x1c8/0x256 [ 1549.573909][T18452] dump_stack+0x1a/0x1c [ 1549.578266][T18452] kmsan_internal_chain_origin+0x78/0x120 [ 1549.584172][T18452] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1549.590432][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1549.595734][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1549.602179][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1549.607470][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1549.613482][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1549.618776][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1549.624776][T18452] ? __get_compat_msghdr+0x5b/0x750 [ 1549.630202][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1549.635500][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1549.641505][T18452] ? should_fail+0x3f/0x810 [ 1549.646188][T18452] ? __stack_depot_save+0x21/0x4b0 [ 1549.651480][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1549.656769][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1549.663214][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1549.668521][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1549.674544][T18452] __msan_chain_origin+0xbd/0x140 [ 1549.679759][T18452] __get_compat_msghdr+0x514/0x750 [ 1549.685123][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1549.690190][T18452] ? ___sys_recvmsg+0xa9/0x870 [ 1549.695118][T18452] ? do_recvmmsg+0x63a/0x10a0 [ 1549.699976][T18452] ___sys_recvmsg+0x19d/0x870 [ 1549.704842][T18452] ? __schedule+0x1609/0x21d0 [ 1549.709699][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1549.715004][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1549.721021][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1549.726323][T18452] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1549.732327][T18452] do_recvmmsg+0x63a/0x10a0 [ 1549.737019][T18452] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1549.743474][T18452] ? __sys_recvmmsg+0x52/0x450 [ 1549.748397][T18452] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1549.755004][T18452] __sys_recvmmsg+0x113/0x450 [ 1549.759844][T18452] ? kmsan_get_metadata+0x33/0x220 [ 1549.765150][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1549.771594][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1549.776777][T18452] ? exit_to_user_mode_prepare+0x119/0x220 [ 1549.782772][T18452] do_fast_syscall_32+0x33/0x70 [ 1549.787800][T18452] do_SYSENTER_32+0x1b/0x20 [ 1549.792454][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1549.799037][T18452] RIP: 0023:0xf7fc6549 [ 1549.803231][T18452] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1549.823035][T18452] RSP: 002b:00000000f7fc15cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1549.831619][T18452] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1549.839738][T18452] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1549.847861][T18452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1549.855968][T18452] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1549.864077][T18452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1549.872217][T18452] [ 1549.881989][T18452] Uninit was stored to memory at: [ 1549.887939][T18452] __get_compat_msghdr+0x514/0x750 [ 1549.893354][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1549.898403][T18452] ___sys_recvmsg+0x19d/0x870 [ 1549.903363][T18452] do_recvmmsg+0x63a/0x10a0 [ 1549.908029][T18452] __sys_recvmmsg+0x113/0x450 [ 1549.912983][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1549.919408][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1549.924711][T18452] do_fast_syscall_32+0x33/0x70 [ 1549.929727][T18452] do_SYSENTER_32+0x1b/0x20 [ 1549.934518][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1549.941074][T18452] [ 1549.943589][T18452] Uninit was stored to memory at: [ 1549.948836][T18452] __get_compat_msghdr+0x514/0x750 [ 1549.954277][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1549.959327][T18452] ___sys_recvmsg+0x19d/0x870 [ 1549.964284][T18452] do_recvmmsg+0x63a/0x10a0 [ 1549.968942][T18452] __sys_recvmmsg+0x113/0x450 [ 1549.973912][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1549.980331][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1549.985628][T18452] do_fast_syscall_32+0x33/0x70 [ 1549.990626][T18452] do_SYSENTER_32+0x1b/0x20 [ 1549.995374][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1550.001928][T18452] [ 1550.004422][T18452] Uninit was stored to memory at: [ 1550.009682][T18452] __get_compat_msghdr+0x514/0x750 [ 1550.015133][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1550.020195][T18452] ___sys_recvmsg+0x19d/0x870 [ 1550.025166][T18452] do_recvmmsg+0x63a/0x10a0 [ 1550.029826][T18452] __sys_recvmmsg+0x113/0x450 [ 1550.034750][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1550.041176][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1550.046489][T18452] do_fast_syscall_32+0x33/0x70 [ 1550.051499][T18452] do_SYSENTER_32+0x1b/0x20 [ 1550.056300][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1550.062963][T18452] [ 1550.065368][T18452] Uninit was stored to memory at: [ 1550.070619][T18452] __get_compat_msghdr+0x514/0x750 [ 1550.076070][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1550.081128][T18452] ___sys_recvmsg+0x19d/0x870 [ 1550.086105][T18452] do_recvmmsg+0x63a/0x10a0 [ 1550.090769][T18452] __sys_recvmmsg+0x113/0x450 [ 1550.095725][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1550.102154][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1550.107493][T18452] do_fast_syscall_32+0x33/0x70 [ 1550.112624][T18452] do_SYSENTER_32+0x1b/0x20 [ 1550.117279][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1550.123970][T18452] [ 1550.126378][T18452] Uninit was stored to memory at: [ 1550.131630][T18452] __get_compat_msghdr+0x514/0x750 [ 1550.137097][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1550.142158][T18452] ___sys_recvmsg+0x19d/0x870 [ 1550.147088][T18452] do_recvmmsg+0x63a/0x10a0 [ 1550.151743][T18452] __sys_recvmmsg+0x113/0x450 [ 1550.156724][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1550.163260][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1550.168444][T18452] do_fast_syscall_32+0x33/0x70 [ 1550.173577][T18452] do_SYSENTER_32+0x1b/0x20 [ 1550.178227][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1550.184918][T18452] [ 1550.187321][T18452] Uninit was stored to memory at: [ 1550.192648][T18452] __get_compat_msghdr+0x514/0x750 [ 1550.197960][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1550.203323][T18452] ___sys_recvmsg+0x19d/0x870 [ 1550.208252][T18452] do_recvmmsg+0x63a/0x10a0 [ 1550.213046][T18452] __sys_recvmmsg+0x113/0x450 [ 1550.217885][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1550.224432][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1550.229618][T18452] do_fast_syscall_32+0x33/0x70 [ 1550.234754][T18452] do_SYSENTER_32+0x1b/0x20 [ 1550.239420][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1550.246098][T18452] [ 1550.248512][T18452] Uninit was stored to memory at: [ 1550.253879][T18452] __get_compat_msghdr+0x514/0x750 [ 1550.259203][T18452] get_compat_msghdr+0x8c/0x1c0 [ 1550.264388][T18452] ___sys_recvmsg+0x19d/0x870 [ 1550.269225][T18452] do_recvmmsg+0x63a/0x10a0 [ 1550.274001][T18452] __sys_recvmmsg+0x113/0x450 [ 1550.278840][T18452] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1550.285400][T18452] __do_fast_syscall_32+0x95/0xf0 [ 1550.290586][T18452] do_fast_syscall_32+0x33/0x70 [ 1550.295719][T18452] do_SYSENTER_32+0x1b/0x20 [ 1550.300392][T18452] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1550.307075][T18452] [ 1550.309479][T18452] Local variable msg_sys created at: [ 1550.314985][T18452] do_recvmmsg+0x5f/0x10a0 [ 1550.319550][T18452] __sys_recvmmsg+0x113/0x450 [ 1550.493347][T18444] not chained 1920000 origins [ 1550.498180][T18444] CPU: 0 PID: 18444 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1550.508867][T18444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1550.519081][T18444] Call Trace: [ 1550.522464][T18444] [ 1550.525498][T18444] dump_stack_lvl+0x1c8/0x256 [ 1550.530393][T18444] dump_stack+0x1a/0x1c [ 1550.534738][T18444] kmsan_internal_chain_origin+0x78/0x120 [ 1550.540659][T18444] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1550.546946][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1550.552249][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1550.558681][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1550.563985][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1550.569984][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1550.575280][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1550.581288][T18444] ? __get_compat_msghdr+0x5b/0x750 [ 1550.586699][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1550.591987][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1550.597996][T18444] ? should_fail+0x3f/0x810 [ 1550.602677][T18444] ? __stack_depot_save+0x21/0x4b0 [ 1550.607969][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1550.613262][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1550.619697][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1550.624984][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1550.630986][T18444] __msan_chain_origin+0xbd/0x140 [ 1550.636187][T18444] __get_compat_msghdr+0x514/0x750 [ 1550.641546][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1550.646613][T18444] ? ___sys_recvmsg+0xa9/0x870 [ 1550.651536][T18444] ? do_recvmmsg+0x63a/0x10a0 [ 1550.656377][T18444] ___sys_recvmsg+0x19d/0x870 [ 1550.661223][T18444] ? __schedule+0x1609/0x21d0 [ 1550.666079][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1550.671374][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1550.677371][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1550.682657][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1550.688663][T18444] do_recvmmsg+0x63a/0x10a0 [ 1550.693363][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1550.699828][T18444] ? __sys_recvmmsg+0x52/0x450 [ 1550.704760][T18444] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1550.711373][T18444] __sys_recvmmsg+0x113/0x450 [ 1550.716215][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1550.721522][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1550.727965][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1550.733155][T18444] ? exit_to_user_mode_prepare+0x119/0x220 [ 1550.739153][T18444] do_fast_syscall_32+0x33/0x70 [ 1550.744166][T18444] do_SYSENTER_32+0x1b/0x20 [ 1550.748827][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1550.755385][T18444] RIP: 0023:0xf7f92549 [ 1550.759575][T18444] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1550.779385][T18444] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1550.787974][T18444] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1550.796098][T18444] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1550.804209][T18444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1550.812315][T18444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1550.820425][T18444] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1550.828563][T18444] [ 1550.838669][T18444] Uninit was stored to memory at: [ 1550.845002][T18444] __get_compat_msghdr+0x514/0x750 [ 1550.850330][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1550.855521][T18444] ___sys_recvmsg+0x19d/0x870 [ 1550.860359][T18444] do_recvmmsg+0x63a/0x10a0 [ 1550.865151][T18444] __sys_recvmmsg+0x113/0x450 [ 1550.869988][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1550.876534][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1550.881723][T18444] do_fast_syscall_32+0x33/0x70 [ 1550.886891][T18444] do_SYSENTER_32+0x1b/0x20 [ 1550.891554][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1550.898258][T18444] [ 1550.900674][T18444] Uninit was stored to memory at: [ 1550.906065][T18444] __get_compat_msghdr+0x514/0x750 [ 1550.911386][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1550.916565][T18444] ___sys_recvmsg+0x19d/0x870 [ 1550.921401][T18444] do_recvmmsg+0x63a/0x10a0 [ 1550.926195][T18444] __sys_recvmmsg+0x113/0x450 [ 1550.931035][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1550.937579][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1550.942850][T18444] do_fast_syscall_32+0x33/0x70 [ 1550.947861][T18444] do_SYSENTER_32+0x1b/0x20 [ 1550.952694][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1550.959257][T18444] [ 1550.961661][T18444] Uninit was stored to memory at: [ 1550.967106][T18444] __get_compat_msghdr+0x514/0x750 [ 1550.972522][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1550.977589][T18444] ___sys_recvmsg+0x19d/0x870 [ 1550.982589][T18444] do_recvmmsg+0x63a/0x10a0 [ 1550.987242][T18444] __sys_recvmmsg+0x113/0x450 [ 1550.992072][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1550.998687][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1551.004072][T18444] do_fast_syscall_32+0x33/0x70 [ 1551.009081][T18444] do_SYSENTER_32+0x1b/0x20 [ 1551.013931][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.020483][T18444] [ 1551.023011][T18444] Uninit was stored to memory at: [ 1551.028294][T18444] __get_compat_msghdr+0x514/0x750 [ 1551.033837][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1551.038896][T18444] ___sys_recvmsg+0x19d/0x870 [ 1551.043980][T18444] do_recvmmsg+0x63a/0x10a0 [ 1551.048640][T18444] __sys_recvmmsg+0x113/0x450 [ 1551.053663][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.060093][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1551.065480][T18444] do_fast_syscall_32+0x33/0x70 [ 1551.070487][T18444] do_SYSENTER_32+0x1b/0x20 [ 1551.075358][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.081921][T18444] [ 1551.084487][T18444] Uninit was stored to memory at: [ 1551.089744][T18444] __get_compat_msghdr+0x514/0x750 [ 1551.095259][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1551.100315][T18444] ___sys_recvmsg+0x19d/0x870 [ 1551.105356][T18444] do_recvmmsg+0x63a/0x10a0 [ 1551.110017][T18444] __sys_recvmmsg+0x113/0x450 [ 1551.115050][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.121477][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1551.126859][T18444] do_fast_syscall_32+0x33/0x70 [ 1551.131872][T18444] do_SYSENTER_32+0x1b/0x20 [ 1551.136721][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.143388][T18444] [ 1551.145794][T18444] Uninit was stored to memory at: [ 1551.151057][T18444] __get_compat_msghdr+0x514/0x750 [ 1551.156571][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1551.161636][T18444] ___sys_recvmsg+0x19d/0x870 [ 1551.166664][T18444] do_recvmmsg+0x63a/0x10a0 [ 1551.171322][T18444] __sys_recvmmsg+0x113/0x450 [ 1551.176377][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.182906][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1551.188095][T18444] do_fast_syscall_32+0x33/0x70 [ 1551.189554][T18478] not chained 1930000 origins [ 1551.193252][T18444] do_SYSENTER_32+0x1b/0x20 [ 1551.197976][T18478] CPU: 1 PID: 18478 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1551.202595][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.212987][T18478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1551.213044][T18478] Call Trace: [ 1551.213077][T18478] [ 1551.213108][T18478] dump_stack_lvl+0x1c8/0x256 [ 1551.219423][T18444] [ 1551.219440][T18444] Uninit was stored to memory at: [ 1551.219600][T18444] __get_compat_msghdr+0x514/0x750 [ 1551.229507][T18478] dump_stack+0x1a/0x1c [ 1551.229636][T18478] kmsan_internal_chain_origin+0x78/0x120 [ 1551.232978][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1551.235851][T18478] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1551.240532][T18444] ___sys_recvmsg+0x19d/0x870 [ 1551.242875][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1551.242992][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1551.248011][T18444] do_recvmmsg+0x63a/0x10a0 [ 1551.253138][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1551.253255][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1551.257395][T18444] __sys_recvmmsg+0x113/0x450 [ 1551.263125][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1551.263245][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1551.268088][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.274169][T18478] ? __get_compat_msghdr+0x5b/0x750 [ 1551.278953][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1551.284079][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1551.284199][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1551.290430][T18444] do_fast_syscall_32+0x33/0x70 [ 1551.294950][T18478] ? should_fail+0x3f/0x810 [ 1551.295069][T18478] ? __stack_depot_save+0x21/0x4b0 [ 1551.300164][T18444] do_SYSENTER_32+0x1b/0x20 [ 1551.305981][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1551.306100][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1551.310766][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.315895][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1551.316013][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1551.321809][T18444] [ 1551.321835][T18444] Local variable msg_sys created at: [ 1551.328065][T18478] __msan_chain_origin+0xbd/0x140 [ 1551.328184][T18478] __get_compat_msghdr+0x514/0x750 [ 1551.333455][T18444] do_recvmmsg+0x5f/0x10a0 [ 1551.338437][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1551.343798][T18444] __sys_recvmmsg+0x113/0x450 [ 1551.349515][T18478] ? ___sys_recvmsg+0xa9/0x870 [ 1551.435648][T18478] ? do_recvmmsg+0x63a/0x10a0 [ 1551.440594][T18478] ___sys_recvmsg+0x19d/0x870 [ 1551.445448][T18478] ? __schedule+0x1609/0x21d0 [ 1551.450298][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1551.455593][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1551.461599][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1551.466889][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1551.472898][T18478] do_recvmmsg+0x63a/0x10a0 [ 1551.477595][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1551.484035][T18478] ? __sys_recvmmsg+0x52/0x450 [ 1551.488958][T18478] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.495557][T18478] __sys_recvmmsg+0x113/0x450 [ 1551.500397][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1551.505700][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.512131][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1551.517328][T18478] ? exit_to_user_mode_prepare+0x119/0x220 [ 1551.523319][T18478] do_fast_syscall_32+0x33/0x70 [ 1551.528336][T18478] do_SYSENTER_32+0x1b/0x20 [ 1551.532995][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.539551][T18478] RIP: 0023:0xf7fc4549 [ 1551.543742][T18478] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1551.563555][T18478] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1551.572141][T18478] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1551.580257][T18478] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1551.588359][T18478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1551.596465][T18478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1551.604574][T18478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1551.612707][T18478] [ 1551.621305][T18478] Uninit was stored to memory at: [ 1551.627113][T18478] __get_compat_msghdr+0x514/0x750 [ 1551.632524][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1551.637582][T18478] ___sys_recvmsg+0x19d/0x870 [ 1551.642515][T18478] do_recvmmsg+0x63a/0x10a0 [ 1551.647179][T18478] __sys_recvmmsg+0x113/0x450 [ 1551.652029][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.658577][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1551.663849][T18478] do_fast_syscall_32+0x33/0x70 [ 1551.668867][T18478] do_SYSENTER_32+0x1b/0x20 [ 1551.673619][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.680181][T18478] [ 1551.682682][T18478] Uninit was stored to memory at: [ 1551.687928][T18478] __get_compat_msghdr+0x514/0x750 [ 1551.693336][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1551.698398][T18478] ___sys_recvmsg+0x19d/0x870 [ 1551.703318][T18478] do_recvmmsg+0x63a/0x10a0 [ 1551.707988][T18478] __sys_recvmmsg+0x113/0x450 [ 1551.712905][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.719328][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1551.724621][T18478] do_fast_syscall_32+0x33/0x70 [ 1551.729633][T18478] do_SYSENTER_32+0x1b/0x20 [ 1551.734387][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.740937][T18478] [ 1551.743444][T18478] Uninit was stored to memory at: [ 1551.748691][T18478] __get_compat_msghdr+0x514/0x750 [ 1551.754104][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1551.759164][T18478] ___sys_recvmsg+0x19d/0x870 [ 1551.764086][T18478] do_recvmmsg+0x63a/0x10a0 [ 1551.768741][T18478] __sys_recvmmsg+0x113/0x450 [ 1551.773651][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.780064][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1551.785343][T18478] do_fast_syscall_32+0x33/0x70 [ 1551.790356][T18478] do_SYSENTER_32+0x1b/0x20 [ 1551.795170][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.801855][T18478] [ 1551.804418][T18478] Uninit was stored to memory at: [ 1551.809671][T18478] __get_compat_msghdr+0x514/0x750 [ 1551.815140][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1551.820195][T18478] ___sys_recvmsg+0x19d/0x870 [ 1551.825188][T18478] do_recvmmsg+0x63a/0x10a0 [ 1551.829846][T18478] __sys_recvmmsg+0x113/0x450 [ 1551.834838][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.841263][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1551.846617][T18478] do_fast_syscall_32+0x33/0x70 [ 1551.851627][T18478] do_SYSENTER_32+0x1b/0x20 [ 1551.856442][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.863080][T18478] [ 1551.865485][T18478] Uninit was stored to memory at: [ 1551.870731][T18478] __get_compat_msghdr+0x514/0x750 [ 1551.876277][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1551.881373][T18478] ___sys_recvmsg+0x19d/0x870 [ 1551.886378][T18478] do_recvmmsg+0x63a/0x10a0 [ 1551.891042][T18478] __sys_recvmmsg+0x113/0x450 [ 1551.896042][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.902563][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1551.907741][T18478] do_fast_syscall_32+0x33/0x70 [ 1551.912886][T18478] do_SYSENTER_32+0x1b/0x20 [ 1551.917539][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.924265][T18478] [ 1551.926674][T18478] Uninit was stored to memory at: [ 1551.931922][T18478] __get_compat_msghdr+0x514/0x750 [ 1551.937412][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1551.942555][T18478] ___sys_recvmsg+0x19d/0x870 [ 1551.947391][T18478] do_recvmmsg+0x63a/0x10a0 [ 1551.952042][T18478] __sys_recvmmsg+0x113/0x450 [ 1551.957037][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1551.963645][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1551.968849][T18478] do_fast_syscall_32+0x33/0x70 [ 1551.974014][T18478] do_SYSENTER_32+0x1b/0x20 [ 1551.978675][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1551.985432][T18478] [ 1551.987842][T18478] Uninit was stored to memory at: [ 1551.993247][T18478] __get_compat_msghdr+0x514/0x750 [ 1551.998570][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1552.003782][T18478] ___sys_recvmsg+0x19d/0x870 [ 1552.008615][T18478] do_recvmmsg+0x63a/0x10a0 [ 1552.013421][T18478] __sys_recvmmsg+0x113/0x450 [ 1552.018253][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1552.024839][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1552.030030][T18478] do_fast_syscall_32+0x33/0x70 [ 1552.035204][T18478] do_SYSENTER_32+0x1b/0x20 [ 1552.039865][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1552.046582][T18478] [ 1552.048993][T18478] Local variable msg_sys created at: [ 1552.054535][T18478] do_recvmmsg+0x5f/0x10a0 [ 1552.059110][T18478] __sys_recvmmsg+0x113/0x450 [ 1552.207610][T18478] not chained 1940000 origins [ 1552.212611][T18478] CPU: 0 PID: 18478 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1552.223286][T18478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1552.233474][T18478] Call Trace: [ 1552.236851][T18478] [ 1552.239894][T18478] dump_stack_lvl+0x1c8/0x256 [ 1552.244788][T18478] dump_stack+0x1a/0x1c [ 1552.249141][T18478] kmsan_internal_chain_origin+0x78/0x120 [ 1552.255041][T18478] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1552.261296][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1552.266582][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1552.273013][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1552.278298][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1552.284299][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1552.289587][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1552.295581][T18478] ? __get_compat_msghdr+0x5b/0x750 [ 1552.300991][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1552.306276][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1552.312274][T18478] ? should_fail+0x3f/0x810 [ 1552.316969][T18478] ? __stack_depot_save+0x21/0x4b0 [ 1552.322244][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1552.327526][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1552.333960][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1552.339252][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1552.345251][T18478] __msan_chain_origin+0xbd/0x140 [ 1552.350452][T18478] __get_compat_msghdr+0x514/0x750 [ 1552.355796][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1552.360870][T18478] ? ___sys_recvmsg+0xa9/0x870 [ 1552.365796][T18478] ? do_recvmmsg+0x63a/0x10a0 [ 1552.370648][T18478] ___sys_recvmsg+0x19d/0x870 [ 1552.375493][T18478] ? __schedule+0x1609/0x21d0 [ 1552.380343][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1552.385638][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1552.391638][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1552.396925][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1552.402917][T18478] do_recvmmsg+0x63a/0x10a0 [ 1552.407596][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1552.414019][T18478] ? __sys_recvmmsg+0x52/0x450 [ 1552.418928][T18478] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1552.425525][T18478] __sys_recvmmsg+0x113/0x450 [ 1552.430342][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1552.435629][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1552.442049][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1552.447219][T18478] ? exit_to_user_mode_prepare+0x119/0x220 [ 1552.453189][T18478] do_fast_syscall_32+0x33/0x70 [ 1552.458189][T18478] do_SYSENTER_32+0x1b/0x20 [ 1552.462834][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1552.469372][T18478] RIP: 0023:0xf7fc4549 [ 1552.473553][T18478] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1552.493336][T18478] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1552.501909][T18478] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1552.510003][T18478] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1552.518094][T18478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1552.526190][T18478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1552.534276][T18478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1552.542389][T18478] [ 1552.555710][T18478] Uninit was stored to memory at: [ 1552.561015][T18478] __get_compat_msghdr+0x514/0x750 [ 1552.566781][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1552.571850][T18478] ___sys_recvmsg+0x19d/0x870 [ 1552.576849][T18478] do_recvmmsg+0x63a/0x10a0 [ 1552.581511][T18478] __sys_recvmmsg+0x113/0x450 [ 1552.586477][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1552.592997][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1552.598178][T18478] do_fast_syscall_32+0x33/0x70 [ 1552.603303][T18478] do_SYSENTER_32+0x1b/0x20 [ 1552.607950][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1552.614635][T18478] [ 1552.617042][T18478] Uninit was stored to memory at: [ 1552.622408][T18478] __get_compat_msghdr+0x514/0x750 [ 1552.627720][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1552.632906][T18478] ___sys_recvmsg+0x19d/0x870 [ 1552.637739][T18478] do_recvmmsg+0x63a/0x10a0 [ 1552.642534][T18478] __sys_recvmmsg+0x113/0x450 [ 1552.647366][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1552.654017][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1552.659199][T18478] do_fast_syscall_32+0x33/0x70 [ 1552.664332][T18478] do_SYSENTER_32+0x1b/0x20 [ 1552.668993][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1552.675708][T18478] [ 1552.678113][T18478] Uninit was stored to memory at: [ 1552.683455][T18478] __get_compat_msghdr+0x514/0x750 [ 1552.688773][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1552.693955][T18478] ___sys_recvmsg+0x19d/0x870 [ 1552.698787][T18478] do_recvmmsg+0x63a/0x10a0 [ 1552.703559][T18478] __sys_recvmmsg+0x113/0x450 [ 1552.708390][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1552.714933][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1552.720112][T18478] do_fast_syscall_32+0x33/0x70 [ 1552.725231][T18478] do_SYSENTER_32+0x1b/0x20 [ 1552.729897][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1552.736572][T18478] [ 1552.738971][T18478] Uninit was stored to memory at: [ 1552.744595][T18478] __get_compat_msghdr+0x514/0x750 [ 1552.749906][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1552.755079][T18478] ___sys_recvmsg+0x19d/0x870 [ 1552.759941][T18478] do_recvmmsg+0x63a/0x10a0 [ 1552.764688][T18478] __sys_recvmmsg+0x113/0x450 [ 1552.769523][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1552.776064][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1552.781259][T18478] do_fast_syscall_32+0x33/0x70 [ 1552.786399][T18478] do_SYSENTER_32+0x1b/0x20 [ 1552.791050][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1552.797735][T18478] [ 1552.798032][T18444] not chained 1950000 origins [ 1552.800085][T18478] Uninit was stored to memory at: [ 1552.800243][T18478] __get_compat_msghdr+0x514/0x750 [ 1552.805201][T18444] CPU: 1 PID: 18444 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1552.809926][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1552.815046][T18444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1552.815102][T18444] Call Trace: [ 1552.815135][T18444] [ 1552.815165][T18444] dump_stack_lvl+0x1c8/0x256 [ 1552.825773][T18478] ___sys_recvmsg+0x19d/0x870 [ 1552.830537][T18444] dump_stack+0x1a/0x1c [ 1552.840701][T18478] do_recvmmsg+0x63a/0x10a0 [ 1552.844061][T18444] kmsan_internal_chain_origin+0x78/0x120 [ 1552.847090][T18478] __sys_recvmmsg+0x113/0x450 [ 1552.851772][T18444] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1552.856558][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1552.860616][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1552.865225][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1552.870857][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1552.875645][T18478] do_fast_syscall_32+0x33/0x70 [ 1552.881616][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1552.881731][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1552.888093][T18478] do_SYSENTER_32+0x1b/0x20 [ 1552.893110][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1552.893230][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1552.898225][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1552.904487][T18444] ? __get_compat_msghdr+0x5b/0x750 [ 1552.909450][T18478] [ 1552.909469][T18478] Uninit was stored to memory at: [ 1552.914565][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1552.914682][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1552.920610][T18478] __get_compat_msghdr+0x514/0x750 [ 1552.925010][T18444] ? should_fail+0x3f/0x810 [ 1552.925132][T18444] ? __stack_depot_save+0x21/0x4b0 [ 1552.930222][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1552.936044][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1552.936162][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1552.942574][T18478] ___sys_recvmsg+0x19d/0x870 [ 1552.947701][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1552.950026][T18478] do_recvmmsg+0x63a/0x10a0 [ 1552.955064][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1552.955193][T18444] __msan_chain_origin+0xbd/0x140 [ 1552.960295][T18478] __sys_recvmmsg+0x113/0x450 [ 1552.966127][T18444] __get_compat_msghdr+0x514/0x750 [ 1552.971341][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1552.975883][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1552.981076][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1552.985935][T18444] ? ___sys_recvmsg+0xa9/0x870 [ 1552.986030][T18444] ? do_recvmmsg+0x63a/0x10a0 [ 1552.991152][T18478] do_fast_syscall_32+0x33/0x70 [ 1552.997408][T18444] ___sys_recvmsg+0x19d/0x870 [ 1552.997517][T18444] ? __schedule+0x1609/0x21d0 [ 1553.002280][T18478] do_SYSENTER_32+0x1b/0x20 [ 1553.007327][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1553.011822][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1553.017639][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1553.017768][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1553.022862][T18478] [ 1553.027478][T18444] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1553.032697][T18478] Uninit was stored to memory at: [ 1553.038847][T18444] do_recvmmsg+0x63a/0x10a0 [ 1553.043933][T18478] __get_compat_msghdr+0x514/0x750 [ 1553.048753][T18444] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1553.053619][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1553.058210][T18444] ? __sys_recvmmsg+0x52/0x450 [ 1553.063154][T18478] ___sys_recvmsg+0x19d/0x870 [ 1553.067729][T18444] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1553.072519][T18478] do_recvmmsg+0x63a/0x10a0 [ 1553.076930][T18444] __sys_recvmmsg+0x113/0x450 [ 1553.082040][T18478] __sys_recvmmsg+0x113/0x450 [ 1553.088639][T18444] ? kmsan_get_metadata+0x33/0x220 [ 1553.088773][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1553.094651][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1553.099707][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1553.102021][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1553.107833][T18444] ? exit_to_user_mode_prepare+0x119/0x220 [ 1553.107951][T18444] do_fast_syscall_32+0x33/0x70 [ 1553.113064][T18478] do_fast_syscall_32+0x33/0x70 [ 1553.117491][T18444] do_SYSENTER_32+0x1b/0x20 [ 1553.122714][T18478] do_SYSENTER_32+0x1b/0x20 [ 1553.128858][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1553.133817][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1553.138478][T18444] RIP: 0023:0xf7f92549 [ 1553.143266][T18478] [ 1553.149576][T18444] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1553.154201][T18478] Local variable msg_sys created at: [ 1553.158774][T18444] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 [ 1553.163563][T18478] do_recvmmsg+0x5f/0x10a0 [ 1553.168577][T18444] ORIG_RAX: 0000000000000151 [ 1553.168613][T18444] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1553.174951][T18478] __sys_recvmmsg+0x113/0x450 [ 1553.181089][T18444] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1553.299482][T18444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1553.307600][T18444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1553.315710][T18444] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1553.323880][T18444] [ 1553.332660][T18444] Uninit was stored to memory at: [ 1553.337943][T18444] __get_compat_msghdr+0x514/0x750 [ 1553.344389][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1553.349457][T18444] ___sys_recvmsg+0x19d/0x870 [ 1553.354433][T18444] do_recvmmsg+0x63a/0x10a0 [ 1553.359097][T18444] __sys_recvmmsg+0x113/0x450 [ 1553.364033][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1553.370483][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1553.375758][T18444] do_fast_syscall_32+0x33/0x70 [ 1553.380762][T18444] do_SYSENTER_32+0x1b/0x20 [ 1553.385512][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1553.392063][T18444] [ 1553.394574][T18444] Uninit was stored to memory at: [ 1553.399829][T18444] __get_compat_msghdr+0x514/0x750 [ 1553.405234][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1553.410296][T18444] ___sys_recvmsg+0x19d/0x870 [ 1553.415233][T18444] do_recvmmsg+0x63a/0x10a0 [ 1553.419896][T18444] __sys_recvmmsg+0x113/0x450 [ 1553.424830][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1553.431252][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1553.436540][T18444] do_fast_syscall_32+0x33/0x70 [ 1553.441548][T18444] do_SYSENTER_32+0x1b/0x20 [ 1553.446303][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1553.452963][T18444] [ 1553.455368][T18444] Uninit was stored to memory at: [ 1553.460605][T18444] __get_compat_msghdr+0x514/0x750 [ 1553.466007][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1553.471060][T18444] ___sys_recvmsg+0x19d/0x870 [ 1553.475982][T18444] do_recvmmsg+0x63a/0x10a0 [ 1553.480674][T18444] __sys_recvmmsg+0x113/0x450 [ 1553.485612][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1553.492022][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1553.497299][T18444] do_fast_syscall_32+0x33/0x70 [ 1553.502389][T18444] do_SYSENTER_32+0x1b/0x20 [ 1553.507033][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1553.513688][T18444] [ 1553.516092][T18444] Uninit was stored to memory at: [ 1553.521347][T18444] __get_compat_msghdr+0x514/0x750 [ 1553.526850][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1553.531907][T18444] ___sys_recvmsg+0x19d/0x870 [ 1553.536846][T18444] do_recvmmsg+0x63a/0x10a0 [ 1553.541512][T18444] __sys_recvmmsg+0x113/0x450 [ 1553.546450][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1553.552958][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1553.558145][T18444] do_fast_syscall_32+0x33/0x70 [ 1553.563688][T18444] do_SYSENTER_32+0x1b/0x20 [ 1553.568350][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1553.575969][T18444] [ 1553.578377][T18444] Uninit was stored to memory at: [ 1553.583730][T18444] __get_compat_msghdr+0x514/0x750 [ 1553.589063][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1553.594222][T18444] ___sys_recvmsg+0x19d/0x870 [ 1553.599078][T18444] do_recvmmsg+0x63a/0x10a0 [ 1553.603835][T18444] __sys_recvmmsg+0x113/0x450 [ 1553.608676][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1553.615202][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1553.620388][T18444] do_fast_syscall_32+0x33/0x70 [ 1553.625500][T18444] do_SYSENTER_32+0x1b/0x20 [ 1553.630153][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1553.636811][T18444] [ 1553.639216][T18444] Uninit was stored to memory at: [ 1553.644568][T18444] __get_compat_msghdr+0x514/0x750 [ 1553.649884][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1553.655036][T18444] ___sys_recvmsg+0x19d/0x870 [ 1553.659877][T18444] do_recvmmsg+0x63a/0x10a0 [ 1553.664629][T18444] __sys_recvmmsg+0x113/0x450 [ 1553.669470][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1553.675971][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1553.681150][T18444] do_fast_syscall_32+0x33/0x70 [ 1553.686264][T18444] do_SYSENTER_32+0x1b/0x20 [ 1553.690924][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1553.697586][T18444] [ 1553.700189][T18444] Uninit was stored to memory at: [ 1553.705550][T18444] __get_compat_msghdr+0x514/0x750 [ 1553.710874][T18444] get_compat_msghdr+0x8c/0x1c0 [ 1553.716028][T18444] ___sys_recvmsg+0x19d/0x870 [ 1553.720873][T18444] do_recvmmsg+0x63a/0x10a0 [ 1553.725635][T18444] __sys_recvmmsg+0x113/0x450 [ 1553.730478][T18444] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1553.737008][T18444] __do_fast_syscall_32+0x95/0xf0 [ 1553.742286][T18444] do_fast_syscall_32+0x33/0x70 [ 1553.747288][T18444] do_SYSENTER_32+0x1b/0x20 [ 1553.751947][T18444] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1553.758602][T18444] [ 1553.761008][T18444] Local variable msg_sys created at: [ 1553.766481][T18444] do_recvmmsg+0x5f/0x10a0 [ 1553.771034][T18444] __sys_recvmmsg+0x113/0x450 [ 1554.027436][T18513] not chained 1960000 origins [ 1554.032440][T18513] CPU: 1 PID: 18513 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1554.043114][T18513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1554.053305][T18513] Call Trace: [ 1554.056677][T18513] [ 1554.060137][T18513] dump_stack_lvl+0x1c8/0x256 [ 1554.065032][T18513] dump_stack+0x1a/0x1c [ 1554.069375][T18513] kmsan_internal_chain_origin+0x78/0x120 [ 1554.075287][T18513] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1554.081548][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1554.086846][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1554.093284][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1554.098591][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1554.104604][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1554.109911][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1554.115902][T18513] ? __get_compat_msghdr+0x5b/0x750 [ 1554.121309][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1554.126597][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1554.132594][T18513] ? should_fail+0x3f/0x810 [ 1554.137280][T18513] ? __stack_depot_save+0x21/0x4b0 [ 1554.142564][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1554.147865][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1554.154308][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1554.159606][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1554.165606][T18513] __msan_chain_origin+0xbd/0x140 [ 1554.170841][T18513] __get_compat_msghdr+0x514/0x750 [ 1554.176220][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1554.181281][T18513] ? ___sys_recvmsg+0xa9/0x870 [ 1554.186211][T18513] ? do_recvmmsg+0x63a/0x10a0 [ 1554.191057][T18513] ___sys_recvmsg+0x19d/0x870 [ 1554.195904][T18513] ? __schedule+0x1609/0x21d0 [ 1554.200746][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1554.206044][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1554.212052][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1554.217399][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1554.223445][T18513] do_recvmmsg+0x63a/0x10a0 [ 1554.228128][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1554.234570][T18513] ? __sys_recvmmsg+0x52/0x450 [ 1554.239494][T18513] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1554.246115][T18513] __sys_recvmmsg+0x113/0x450 [ 1554.250981][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1554.256303][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1554.262745][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1554.267939][T18513] ? exit_to_user_mode_prepare+0x119/0x220 [ 1554.273938][T18513] do_fast_syscall_32+0x33/0x70 [ 1554.278960][T18513] do_SYSENTER_32+0x1b/0x20 [ 1554.283638][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1554.290192][T18513] RIP: 0023:0xf7fce549 [ 1554.294381][T18513] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1554.314188][T18513] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1554.322783][T18513] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1554.330907][T18513] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1554.339032][T18513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1554.347135][T18513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1554.355253][T18513] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1554.363391][T18513] [ 1554.375123][T18513] Uninit was stored to memory at: [ 1554.380404][T18513] __get_compat_msghdr+0x514/0x750 [ 1554.386949][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1554.392028][T18513] ___sys_recvmsg+0x19d/0x870 [ 1554.396967][T18513] do_recvmmsg+0x63a/0x10a0 [ 1554.401620][T18513] __sys_recvmmsg+0x113/0x450 [ 1554.406548][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1554.413059][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1554.418247][T18513] do_fast_syscall_32+0x33/0x70 [ 1554.423349][T18513] do_SYSENTER_32+0x1b/0x20 [ 1554.428009][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1554.434663][T18513] [ 1554.437069][T18513] Uninit was stored to memory at: [ 1554.442424][T18513] __get_compat_msghdr+0x514/0x750 [ 1554.447731][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1554.452885][T18513] ___sys_recvmsg+0x19d/0x870 [ 1554.457715][T18513] do_recvmmsg+0x63a/0x10a0 [ 1554.462462][T18513] __sys_recvmmsg+0x113/0x450 [ 1554.467310][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1554.473836][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1554.479044][T18513] do_fast_syscall_32+0x33/0x70 [ 1554.484202][T18513] do_SYSENTER_32+0x1b/0x20 [ 1554.488854][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1554.495585][T18513] [ 1554.497994][T18513] Uninit was stored to memory at: [ 1554.503336][T18513] __get_compat_msghdr+0x514/0x750 [ 1554.508651][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1554.513799][T18513] ___sys_recvmsg+0x19d/0x870 [ 1554.518643][T18513] do_recvmmsg+0x63a/0x10a0 [ 1554.523477][T18513] __sys_recvmmsg+0x113/0x450 [ 1554.528315][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1554.534829][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1554.540022][T18513] do_fast_syscall_32+0x33/0x70 [ 1554.545112][T18513] do_SYSENTER_32+0x1b/0x20 [ 1554.549764][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1554.556424][T18513] [ 1554.558839][T18513] Uninit was stored to memory at: [ 1554.564467][T18513] __get_compat_msghdr+0x514/0x750 [ 1554.569794][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1554.574954][T18513] ___sys_recvmsg+0x19d/0x870 [ 1554.579791][T18513] do_recvmmsg+0x63a/0x10a0 [ 1554.584558][T18513] __sys_recvmmsg+0x113/0x450 [ 1554.589383][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1554.595906][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1554.601097][T18513] do_fast_syscall_32+0x33/0x70 [ 1554.606195][T18513] do_SYSENTER_32+0x1b/0x20 [ 1554.610854][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1554.617515][T18513] [ 1554.619923][T18513] Uninit was stored to memory at: [ 1554.625264][T18513] __get_compat_msghdr+0x514/0x750 [ 1554.630570][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1554.635724][T18513] ___sys_recvmsg+0x19d/0x870 [ 1554.640563][T18513] do_recvmmsg+0x63a/0x10a0 [ 1554.645315][T18513] __sys_recvmmsg+0x113/0x450 [ 1554.650159][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1554.656682][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1554.661876][T18513] do_fast_syscall_32+0x33/0x70 [ 1554.667011][T18513] do_SYSENTER_32+0x1b/0x20 [ 1554.671682][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1554.678353][T18513] [ 1554.680758][T18513] Uninit was stored to memory at: [ 1554.686117][T18513] __get_compat_msghdr+0x514/0x750 [ 1554.691437][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1554.696586][T18513] ___sys_recvmsg+0x19d/0x870 [ 1554.701429][T18513] do_recvmmsg+0x63a/0x10a0 [ 1554.706198][T18513] __sys_recvmmsg+0x113/0x450 [ 1554.711043][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1554.717587][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1554.722874][T18513] do_fast_syscall_32+0x33/0x70 [ 1554.727877][T18513] do_SYSENTER_32+0x1b/0x20 [ 1554.732628][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1554.739189][T18513] [ 1554.741678][T18513] Uninit was stored to memory at: [ 1554.747033][T18513] __get_compat_msghdr+0x514/0x750 [ 1554.752434][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1554.757498][T18513] ___sys_recvmsg+0x19d/0x870 [ 1554.762421][T18513] do_recvmmsg+0x63a/0x10a0 [ 1554.767073][T18513] __sys_recvmmsg+0x113/0x450 [ 1554.771895][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1554.778411][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1554.783686][T18513] do_fast_syscall_32+0x33/0x70 [ 1554.788698][T18513] do_SYSENTER_32+0x1b/0x20 [ 1554.793446][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1554.799998][T18513] [ 1554.802530][T18513] Local variable msg_sys created at: [ 1554.808008][T18513] do_recvmmsg+0x5f/0x10a0 [ 1554.812682][T18513] __sys_recvmmsg+0x113/0x450 [ 1554.997140][T18534] not chained 1970000 origins [ 1555.001959][T18534] CPU: 1 PID: 18534 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1555.012637][T18534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1555.022822][T18534] Call Trace: [ 1555.026204][T18534] [ 1555.029242][T18534] dump_stack_lvl+0x1c8/0x256 [ 1555.034151][T18534] dump_stack+0x1a/0x1c [ 1555.038530][T18534] kmsan_internal_chain_origin+0x78/0x120 [ 1555.044437][T18534] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1555.050694][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1555.055988][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1555.062418][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1555.067705][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1555.073707][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1555.079003][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1555.085034][T18534] ? __get_compat_msghdr+0x5b/0x750 [ 1555.090441][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1555.095737][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1555.101743][T18534] ? should_fail+0x3f/0x810 [ 1555.106425][T18534] ? __stack_depot_save+0x21/0x4b0 [ 1555.111717][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1555.117281][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1555.123737][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1555.129037][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1555.135048][T18534] __msan_chain_origin+0xbd/0x140 [ 1555.140256][T18534] __get_compat_msghdr+0x514/0x750 [ 1555.145616][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1555.150686][T18534] ? ___sys_recvmsg+0xa9/0x870 [ 1555.155606][T18534] ? do_recvmmsg+0x63a/0x10a0 [ 1555.160455][T18534] ___sys_recvmsg+0x19d/0x870 [ 1555.165308][T18534] ? __schedule+0x1609/0x21d0 [ 1555.170152][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1555.175446][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1555.181467][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1555.186757][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1555.192762][T18534] do_recvmmsg+0x63a/0x10a0 [ 1555.197450][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1555.203889][T18534] ? __sys_recvmmsg+0x52/0x450 [ 1555.208809][T18534] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1555.215414][T18534] __sys_recvmmsg+0x113/0x450 [ 1555.220249][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1555.225564][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1555.232007][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1555.237199][T18534] ? exit_to_user_mode_prepare+0x119/0x220 [ 1555.243197][T18534] do_fast_syscall_32+0x33/0x70 [ 1555.248221][T18534] do_SYSENTER_32+0x1b/0x20 [ 1555.252879][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1555.259435][T18534] RIP: 0023:0xf7f3a549 [ 1555.263621][T18534] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1555.283431][T18534] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1555.292015][T18534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1555.300127][T18534] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1555.308235][T18534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1555.316347][T18534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1555.324457][T18534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1555.332587][T18534] [ 1555.341189][T18534] Uninit was stored to memory at: [ 1555.347029][T18534] __get_compat_msghdr+0x514/0x750 [ 1555.352454][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1555.357514][T18534] ___sys_recvmsg+0x19d/0x870 [ 1555.362430][T18534] do_recvmmsg+0x63a/0x10a0 [ 1555.367074][T18534] __sys_recvmmsg+0x113/0x450 [ 1555.371896][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1555.378418][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1555.383689][T18534] do_fast_syscall_32+0x33/0x70 [ 1555.388701][T18534] do_SYSENTER_32+0x1b/0x20 [ 1555.393464][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1555.400017][T18534] [ 1555.402507][T18534] Uninit was stored to memory at: [ 1555.407757][T18534] __get_compat_msghdr+0x514/0x750 [ 1555.413165][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1555.418248][T18534] ___sys_recvmsg+0x19d/0x870 [ 1555.423193][T18534] do_recvmmsg+0x63a/0x10a0 [ 1555.427875][T18534] __sys_recvmmsg+0x113/0x450 [ 1555.432834][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1555.439268][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1555.444563][T18534] do_fast_syscall_32+0x33/0x70 [ 1555.449573][T18534] do_SYSENTER_32+0x1b/0x20 [ 1555.454345][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1555.460900][T18534] [ 1555.463401][T18534] Uninit was stored to memory at: [ 1555.468652][T18534] __get_compat_msghdr+0x514/0x750 [ 1555.474120][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1555.479175][T18534] ___sys_recvmsg+0x19d/0x870 [ 1555.484097][T18534] do_recvmmsg+0x63a/0x10a0 [ 1555.488756][T18534] __sys_recvmmsg+0x113/0x450 [ 1555.493750][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1555.500175][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1555.505522][T18534] do_fast_syscall_32+0x33/0x70 [ 1555.510532][T18534] do_SYSENTER_32+0x1b/0x20 [ 1555.515338][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1555.521890][T18534] [ 1555.524437][T18534] Uninit was stored to memory at: [ 1555.529686][T18534] __get_compat_msghdr+0x514/0x750 [ 1555.535159][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1555.540220][T18534] ___sys_recvmsg+0x19d/0x870 [ 1555.545210][T18534] do_recvmmsg+0x63a/0x10a0 [ 1555.549863][T18534] __sys_recvmmsg+0x113/0x450 [ 1555.554858][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1555.561402][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1555.566763][T18534] do_fast_syscall_32+0x33/0x70 [ 1555.571774][T18534] do_SYSENTER_32+0x1b/0x20 [ 1555.576605][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1555.583256][T18534] [ 1555.585663][T18534] Uninit was stored to memory at: [ 1555.590918][T18534] __get_compat_msghdr+0x514/0x750 [ 1555.596402][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1555.601469][T18534] ___sys_recvmsg+0x19d/0x870 [ 1555.606468][T18534] do_recvmmsg+0x63a/0x10a0 [ 1555.611119][T18534] __sys_recvmmsg+0x113/0x450 [ 1555.616120][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1555.622646][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1555.627841][T18534] do_fast_syscall_32+0x33/0x70 [ 1555.633006][T18534] do_SYSENTER_32+0x1b/0x20 [ 1555.637661][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1555.644380][T18534] [ 1555.646792][T18534] Uninit was stored to memory at: [ 1555.652044][T18534] __get_compat_msghdr+0x514/0x750 [ 1555.657516][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1555.662735][T18534] ___sys_recvmsg+0x19d/0x870 [ 1555.667581][T18534] do_recvmmsg+0x63a/0x10a0 [ 1555.672335][T18534] __sys_recvmmsg+0x113/0x450 [ 1555.677173][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1555.683692][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1555.688878][T18534] do_fast_syscall_32+0x33/0x70 [ 1555.693975][T18534] do_SYSENTER_32+0x1b/0x20 [ 1555.698628][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1555.705268][T18534] [ 1555.707670][T18534] Uninit was stored to memory at: [ 1555.712995][T18534] __get_compat_msghdr+0x514/0x750 [ 1555.718309][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1555.723445][T18534] ___sys_recvmsg+0x19d/0x870 [ 1555.728277][T18534] do_recvmmsg+0x63a/0x10a0 [ 1555.733017][T18534] __sys_recvmmsg+0x113/0x450 [ 1555.737878][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1555.744381][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1555.749559][T18534] do_fast_syscall_32+0x33/0x70 [ 1555.754667][T18534] do_SYSENTER_32+0x1b/0x20 [ 1555.759325][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1555.765961][T18534] [ 1555.768392][T18534] Local variable msg_sys created at: [ 1555.773858][T18534] do_recvmmsg+0x5f/0x10a0 [ 1555.778420][T18534] __sys_recvmmsg+0x113/0x450 [ 1555.846751][T18513] not chained 1980000 origins [ 1555.851577][T18513] CPU: 0 PID: 18513 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1555.862252][T18513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1555.872442][T18513] Call Trace: [ 1555.875818][T18513] [ 1555.878842][T18513] dump_stack_lvl+0x1c8/0x256 [ 1555.883751][T18513] dump_stack+0x1a/0x1c [ 1555.888097][T18513] kmsan_internal_chain_origin+0x78/0x120 [ 1555.893998][T18513] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1555.900252][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1555.905548][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1555.911983][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1555.917271][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1555.923277][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1555.928569][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1555.934562][T18513] ? __get_compat_msghdr+0x5b/0x750 [ 1555.939976][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1555.945275][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1555.951289][T18513] ? should_fail+0x3f/0x810 [ 1555.955980][T18513] ? __stack_depot_save+0x21/0x4b0 [ 1555.961271][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1555.966570][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1555.973005][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1555.978290][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1555.984301][T18513] __msan_chain_origin+0xbd/0x140 [ 1555.989513][T18513] __get_compat_msghdr+0x514/0x750 [ 1555.994859][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1555.999918][T18513] ? ___sys_recvmsg+0xa9/0x870 [ 1556.004922][T18513] ? do_recvmmsg+0x63a/0x10a0 [ 1556.009760][T18513] ___sys_recvmsg+0x19d/0x870 [ 1556.014600][T18513] ? __schedule+0x1609/0x21d0 [ 1556.019444][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1556.024733][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1556.030734][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1556.036026][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1556.042030][T18513] do_recvmmsg+0x63a/0x10a0 [ 1556.046724][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1556.053166][T18513] ? __sys_recvmmsg+0x52/0x450 [ 1556.058092][T18513] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.064695][T18513] __sys_recvmmsg+0x113/0x450 [ 1556.069527][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1556.074830][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.081268][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1556.086460][T18513] ? exit_to_user_mode_prepare+0x119/0x220 [ 1556.092440][T18513] do_fast_syscall_32+0x33/0x70 [ 1556.097451][T18513] do_SYSENTER_32+0x1b/0x20 [ 1556.102106][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.108661][T18513] RIP: 0023:0xf7fce549 [ 1556.112852][T18513] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1556.132661][T18513] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1556.133559][T18478] not chained 1990000 origins [ 1556.141191][T18513] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1556.141259][T18513] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1556.141327][T18513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1556.141386][T18513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1556.141445][T18513] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1556.141527][T18513] [ 1556.148039][T18513] Uninit was stored to memory at: [ 1556.150995][T18478] CPU: 1 PID: 18478 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1556.159922][T18513] __get_compat_msghdr+0x514/0x750 [ 1556.166982][T18478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1556.167038][T18478] Call Trace: [ 1556.167069][T18478] [ 1556.167099][T18478] dump_stack_lvl+0x1c8/0x256 [ 1556.175184][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1556.183080][T18478] dump_stack+0x1a/0x1c [ 1556.191132][T18513] ___sys_recvmsg+0x19d/0x870 [ 1556.194171][T18478] kmsan_internal_chain_origin+0x78/0x120 [ 1556.194292][T18478] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1556.199312][T18513] do_recvmmsg+0x63a/0x10a0 [ 1556.209821][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1556.209941][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1556.215138][T18513] __sys_recvmmsg+0x113/0x450 [ 1556.225117][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1556.225235][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1556.228501][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.231451][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1556.236232][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1556.240992][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1556.245265][T18513] do_fast_syscall_32+0x33/0x70 [ 1556.249850][T18478] ? __get_compat_msghdr+0x5b/0x750 [ 1556.255671][T18513] do_SYSENTER_32+0x1b/0x20 [ 1556.261649][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1556.266268][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.271278][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1556.277627][T18513] [ 1556.282224][T18478] ? should_fail+0x3f/0x810 [ 1556.287430][T18513] Uninit was stored to memory at: [ 1556.287581][T18513] __get_compat_msghdr+0x514/0x750 [ 1556.293246][T18478] ? __stack_depot_save+0x21/0x4b0 [ 1556.293361][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1556.299600][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1556.304722][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1556.304857][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1556.309861][T18513] ___sys_recvmsg+0x19d/0x870 [ 1556.315678][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1556.315812][T18478] __msan_chain_origin+0xbd/0x140 [ 1556.320639][T18513] do_recvmmsg+0x63a/0x10a0 [ 1556.325935][T18478] __get_compat_msghdr+0x514/0x750 [ 1556.330540][T18513] __sys_recvmmsg+0x113/0x450 [ 1556.335687][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1556.342092][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.347913][T18478] ? ___sys_recvmsg+0xa9/0x870 [ 1556.350241][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1556.354747][T18478] ? do_recvmmsg+0x63a/0x10a0 [ 1556.354856][T18478] ___sys_recvmsg+0x19d/0x870 [ 1556.359883][T18513] do_fast_syscall_32+0x33/0x70 [ 1556.365013][T18478] ? __schedule+0x1609/0x21d0 [ 1556.365124][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1556.370219][T18513] do_SYSENTER_32+0x1b/0x20 [ 1556.375344][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1556.375473][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1556.380305][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.386564][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1556.386703][T18478] do_recvmmsg+0x63a/0x10a0 [ 1556.391782][T18513] [ 1556.391802][T18513] Uninit was stored to memory at: [ 1556.396498][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1556.402597][T18513] __get_compat_msghdr+0x514/0x750 [ 1556.407435][T18478] ? __sys_recvmmsg+0x52/0x450 [ 1556.411934][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1556.417054][T18478] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.417181][T18478] __sys_recvmmsg+0x113/0x450 [ 1556.421842][T18513] ___sys_recvmsg+0x19d/0x870 [ 1556.426706][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1556.426844][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.433138][T18513] do_recvmmsg+0x63a/0x10a0 [ 1556.437846][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1556.442954][T18513] __sys_recvmmsg+0x113/0x450 [ 1556.447536][T18478] ? exit_to_user_mode_prepare+0x119/0x220 [ 1556.452326][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.457086][T18478] do_fast_syscall_32+0x33/0x70 [ 1556.461760][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1556.466887][T18478] do_SYSENTER_32+0x1b/0x20 [ 1556.466981][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.471494][T18513] do_fast_syscall_32+0x33/0x70 [ 1556.477311][T18478] RIP: 0023:0xf7fc4549 [ 1556.477376][T18478] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1556.482612][T18513] do_SYSENTER_32+0x1b/0x20 [ 1556.488865][T18478] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 [ 1556.494777][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.499190][T18478] ORIG_RAX: 0000000000000151 [ 1556.501527][T18513] [ 1556.501547][T18513] Uninit was stored to memory at: [ 1556.506556][T18478] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1556.506628][T18478] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1556.506690][T18478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1556.513126][T18513] __get_compat_msghdr+0x514/0x750 [ 1556.518026][T18478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1556.522897][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1556.527661][T18478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1556.534272][T18513] ___sys_recvmsg+0x19d/0x870 [ 1556.538882][T18478] [ 1556.543634][T18513] do_recvmmsg+0x63a/0x10a0 [ 1556.557842][T18478] Uninit was stored to memory at: [ 1556.559569][T18513] __sys_recvmmsg+0x113/0x450 [ 1556.565887][T18478] __get_compat_msghdr+0x514/0x750 [ 1556.569368][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.575268][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1556.581540][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1556.586478][T18478] ___sys_recvmsg+0x19d/0x870 [ 1556.591531][T18513] do_fast_syscall_32+0x33/0x70 [ 1556.596121][T18478] do_recvmmsg+0x63a/0x10a0 [ 1556.602556][T18513] do_SYSENTER_32+0x1b/0x20 [ 1556.607412][T18478] __sys_recvmmsg+0x113/0x450 [ 1556.611488][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.631243][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.635891][T18513] [ 1556.635910][T18513] Uninit was stored to memory at: [ 1556.641953][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1556.648539][T18513] __get_compat_msghdr+0x514/0x750 [ 1556.653138][T18478] do_fast_syscall_32+0x33/0x70 [ 1556.655480][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1556.660511][T18478] do_SYSENTER_32+0x1b/0x20 [ 1556.668630][T18513] ___sys_recvmsg+0x19d/0x870 [ 1556.676710][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.684800][T18513] do_recvmmsg+0x63a/0x10a0 [ 1556.689922][T18478] [ 1556.689940][T18478] Uninit was stored to memory at: [ 1556.698034][T18513] __sys_recvmmsg+0x113/0x450 [ 1556.703136][T18478] __get_compat_msghdr+0x514/0x750 [ 1556.710998][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.715814][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1556.718866][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1556.723456][T18478] ___sys_recvmsg+0x19d/0x870 [ 1556.728488][T18513] do_fast_syscall_32+0x33/0x70 [ 1556.733251][T18478] do_recvmmsg+0x63a/0x10a0 [ 1556.738392][T18513] do_SYSENTER_32+0x1b/0x20 [ 1556.744720][T18478] __sys_recvmmsg+0x113/0x450 [ 1556.749609][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.754717][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.759426][T18513] [ 1556.759444][T18513] Uninit was stored to memory at: [ 1556.764368][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1556.769030][T18513] __get_compat_msghdr+0x514/0x750 [ 1556.773489][T18478] do_fast_syscall_32+0x33/0x70 [ 1556.778196][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1556.784613][T18478] do_SYSENTER_32+0x1b/0x20 [ 1556.790881][T18513] ___sys_recvmsg+0x19d/0x870 [ 1556.793303][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.798350][T18513] do_recvmmsg+0x63a/0x10a0 [ 1556.803461][T18478] [ 1556.803480][T18478] Uninit was stored to memory at: [ 1556.803633][T18478] __get_compat_msghdr+0x514/0x750 [ 1556.808602][T18513] __sys_recvmmsg+0x113/0x450 [ 1556.813540][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1556.818420][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.823010][T18478] ___sys_recvmsg+0x19d/0x870 [ 1556.827716][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1556.834129][T18478] do_recvmmsg+0x63a/0x10a0 [ 1556.838663][T18513] do_fast_syscall_32+0x33/0x70 [ 1556.840998][T18478] __sys_recvmmsg+0x113/0x450 [ 1556.846218][T18513] do_SYSENTER_32+0x1b/0x20 [ 1556.850885][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.856104][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.862411][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1556.867273][T18513] [ 1556.867290][T18513] Uninit was stored to memory at: [ 1556.867444][T18513] __get_compat_msghdr+0x514/0x750 [ 1556.872389][T18478] do_fast_syscall_32+0x33/0x70 [ 1556.877097][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1556.881956][T18478] do_SYSENTER_32+0x1b/0x20 [ 1556.886574][T18513] ___sys_recvmsg+0x19d/0x870 [ 1556.891060][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.895854][T18513] do_recvmmsg+0x63a/0x10a0 [ 1556.902158][T18478] [ 1556.902176][T18478] Uninit was stored to memory at: [ 1556.902417][T18478] __get_compat_msghdr+0x514/0x750 [ 1556.908491][T18513] __sys_recvmmsg+0x113/0x450 [ 1556.910830][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1556.915965][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.920979][T18478] ___sys_recvmsg+0x19d/0x870 [ 1556.926205][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1556.931040][T18478] do_recvmmsg+0x63a/0x10a0 [ 1556.935998][T18513] do_fast_syscall_32+0x33/0x70 [ 1556.940486][T18478] __sys_recvmmsg+0x113/0x450 [ 1556.945272][T18513] do_SYSENTER_32+0x1b/0x20 [ 1556.951584][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1556.956200][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1556.958516][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1556.963629][T18513] [ 1556.963650][T18513] Local variable msg_sys created at: [ 1556.968743][T18478] do_fast_syscall_32+0x33/0x70 [ 1556.973534][T18513] do_recvmmsg+0x5f/0x10a0 [ 1556.978365][T18478] do_SYSENTER_32+0x1b/0x20 [ 1556.984712][T18513] __sys_recvmmsg+0x113/0x450 [ 1556.989377][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1557.189534][T18478] [ 1557.191946][T18478] Uninit was stored to memory at: [ 1557.197300][T18478] __get_compat_msghdr+0x514/0x750 [ 1557.202700][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1557.207764][T18478] ___sys_recvmsg+0x19d/0x870 [ 1557.212702][T18478] do_recvmmsg+0x63a/0x10a0 [ 1557.217362][T18478] __sys_recvmmsg+0x113/0x450 [ 1557.222188][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1557.228694][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1557.233974][T18478] do_fast_syscall_32+0x33/0x70 [ 1557.238983][T18478] do_SYSENTER_32+0x1b/0x20 [ 1557.243753][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1557.250311][T18478] [ 1557.252808][T18478] Uninit was stored to memory at: [ 1557.258058][T18478] __get_compat_msghdr+0x514/0x750 [ 1557.263467][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1557.268527][T18478] ___sys_recvmsg+0x19d/0x870 [ 1557.273457][T18478] do_recvmmsg+0x63a/0x10a0 [ 1557.278122][T18478] __sys_recvmmsg+0x113/0x450 [ 1557.283047][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1557.289467][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1557.294734][T18478] do_fast_syscall_32+0x33/0x70 [ 1557.299746][T18478] do_SYSENTER_32+0x1b/0x20 [ 1557.304503][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1557.311057][T18478] [ 1557.313553][T18478] Uninit was stored to memory at: [ 1557.318802][T18478] __get_compat_msghdr+0x514/0x750 [ 1557.324211][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1557.329275][T18478] ___sys_recvmsg+0x19d/0x870 [ 1557.334207][T18478] do_recvmmsg+0x63a/0x10a0 [ 1557.338868][T18478] __sys_recvmmsg+0x113/0x450 [ 1557.343808][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1557.350230][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1557.355519][T18478] do_fast_syscall_32+0x33/0x70 [ 1557.360523][T18478] do_SYSENTER_32+0x1b/0x20 [ 1557.365272][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1557.371830][T18478] [ 1557.374341][T18478] Local variable msg_sys created at: [ 1557.379721][T18478] do_recvmmsg+0x5f/0x10a0 [ 1557.384393][T18478] __sys_recvmmsg+0x113/0x450 02:33:45 executing program 4: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1557.870235][T18534] not chained 2000000 origins [ 1557.880468][T18534] CPU: 0 PID: 18534 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1557.891176][T18534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1557.901380][T18534] Call Trace: [ 1557.904761][T18534] [ 1557.907802][T18534] dump_stack_lvl+0x1c8/0x256 [ 1557.912702][T18534] dump_stack+0x1a/0x1c [ 1557.917059][T18534] kmsan_internal_chain_origin+0x78/0x120 [ 1557.922971][T18534] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1557.929232][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1557.934531][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1557.940982][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1557.946287][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1557.952299][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1557.957608][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1557.963622][T18534] ? __get_compat_msghdr+0x5b/0x750 [ 1557.969042][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1557.974338][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1557.980344][T18534] ? should_fail+0x3f/0x810 [ 1557.985024][T18534] ? __stack_depot_save+0x21/0x4b0 [ 1557.990310][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1557.995601][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1558.002037][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1558.007333][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1558.013336][T18534] __msan_chain_origin+0xbd/0x140 [ 1558.018541][T18534] __get_compat_msghdr+0x514/0x750 [ 1558.023893][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1558.028946][T18534] ? ___sys_recvmsg+0xa9/0x870 [ 1558.033871][T18534] ? do_recvmmsg+0x63a/0x10a0 [ 1558.038713][T18534] ___sys_recvmsg+0x19d/0x870 [ 1558.043564][T18534] ? __schedule+0x1609/0x21d0 [ 1558.048408][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1558.053704][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1558.059710][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1558.064991][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1558.070978][T18534] do_recvmmsg+0x63a/0x10a0 [ 1558.075650][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1558.082079][T18534] ? __sys_recvmmsg+0x52/0x450 [ 1558.086993][T18534] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1558.093587][T18534] __sys_recvmmsg+0x113/0x450 [ 1558.098409][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1558.103699][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1558.110137][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1558.115313][T18534] ? exit_to_user_mode_prepare+0x119/0x220 [ 1558.121280][T18534] do_fast_syscall_32+0x33/0x70 [ 1558.126280][T18534] do_SYSENTER_32+0x1b/0x20 [ 1558.130924][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1558.137461][T18534] RIP: 0023:0xf7f3a549 [ 1558.141637][T18534] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1558.161423][T18534] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1558.169985][T18534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1558.178083][T18534] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1558.186176][T18534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1558.194260][T18534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1558.202348][T18534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1558.210461][T18534] [ 1558.214193][T18534] Uninit was stored to memory at: [ 1558.219454][T18534] __get_compat_msghdr+0x514/0x750 [ 1558.224900][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1558.229948][T18534] ___sys_recvmsg+0x19d/0x870 [ 1558.234916][T18534] do_recvmmsg+0x63a/0x10a0 [ 1558.239574][T18534] __sys_recvmmsg+0x113/0x450 [ 1558.244528][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1558.250963][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1558.256269][T18534] do_fast_syscall_32+0x33/0x70 [ 1558.261284][T18534] do_SYSENTER_32+0x1b/0x20 [ 1558.266056][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1558.272723][T18534] [ 1558.275145][T18534] Uninit was stored to memory at: [ 1558.280403][T18534] __get_compat_msghdr+0x514/0x750 [ 1558.285850][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1558.290907][T18534] ___sys_recvmsg+0x19d/0x870 [ 1558.295860][T18534] do_recvmmsg+0x63a/0x10a0 [ 1558.300537][T18534] __sys_recvmmsg+0x113/0x450 [ 1558.305496][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1558.311933][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1558.317251][T18534] do_fast_syscall_32+0x33/0x70 [ 1558.322347][T18534] do_SYSENTER_32+0x1b/0x20 [ 1558.327011][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1558.333698][T18534] [ 1558.336116][T18534] Uninit was stored to memory at: [ 1558.341374][T18534] __get_compat_msghdr+0x514/0x750 [ 1558.346848][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1558.351917][T18534] ___sys_recvmsg+0x19d/0x870 [ 1558.356876][T18534] do_recvmmsg+0x63a/0x10a0 [ 1558.361526][T18534] __sys_recvmmsg+0x113/0x450 [ 1558.366482][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1558.373004][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1558.378192][T18534] do_fast_syscall_32+0x33/0x70 [ 1558.383338][T18534] do_SYSENTER_32+0x1b/0x20 [ 1558.387998][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1558.394690][T18534] [ 1558.397148][T18534] Uninit was stored to memory at: [ 1558.402538][T18534] __get_compat_msghdr+0x514/0x750 [ 1558.407851][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1558.413043][T18534] ___sys_recvmsg+0x19d/0x870 [ 1558.417910][T18534] do_recvmmsg+0x63a/0x10a0 [ 1558.422703][T18534] __sys_recvmmsg+0x113/0x450 [ 1558.427541][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1558.434106][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1558.439318][T18534] do_fast_syscall_32+0x33/0x70 [ 1558.444460][T18534] do_SYSENTER_32+0x1b/0x20 [ 1558.449128][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1558.455824][T18534] [ 1558.458229][T18534] Uninit was stored to memory at: [ 1558.463587][T18534] __get_compat_msghdr+0x514/0x750 [ 1558.468913][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1558.474138][T18534] ___sys_recvmsg+0x19d/0x870 [ 1558.478972][T18534] do_recvmmsg+0x63a/0x10a0 [ 1558.483851][T18534] __sys_recvmmsg+0x113/0x450 [ 1558.488703][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1558.495313][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1558.500516][T18534] do_fast_syscall_32+0x33/0x70 [ 1558.505714][T18534] do_SYSENTER_32+0x1b/0x20 [ 1558.510413][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1558.517154][T18534] [ 1558.519567][T18534] Uninit was stored to memory at: [ 1558.525012][T18534] __get_compat_msghdr+0x514/0x750 [ 1558.530325][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1558.535559][T18534] ___sys_recvmsg+0x19d/0x870 [ 1558.540394][T18534] do_recvmmsg+0x63a/0x10a0 [ 1558.545238][T18534] __sys_recvmmsg+0x113/0x450 [ 1558.550066][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1558.556672][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1558.561867][T18534] do_fast_syscall_32+0x33/0x70 [ 1558.567098][T18534] do_SYSENTER_32+0x1b/0x20 [ 1558.571771][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1558.578537][T18534] [ 1558.580947][T18534] Uninit was stored to memory at: [ 1558.586377][T18534] __get_compat_msghdr+0x514/0x750 [ 1558.591694][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1558.596940][T18534] ___sys_recvmsg+0x19d/0x870 [ 1558.601778][T18534] do_recvmmsg+0x63a/0x10a0 [ 1558.606635][T18534] __sys_recvmmsg+0x113/0x450 [ 1558.611467][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1558.618093][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1558.623387][T18534] do_fast_syscall_32+0x33/0x70 [ 1558.628399][T18534] do_SYSENTER_32+0x1b/0x20 [ 1558.633229][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1558.639784][T18534] [ 1558.642414][T18534] Local variable msg_sys created at: [ 1558.647802][T18534] do_recvmmsg+0x5f/0x10a0 [ 1558.652569][T18534] __sys_recvmmsg+0x113/0x450 02:33:47 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) 02:33:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) 02:33:47 executing program 4: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1559.245323][T18513] not chained 2010000 origins [ 1559.250300][T18513] CPU: 1 PID: 18513 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1559.260987][T18513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1559.271168][T18513] Call Trace: [ 1559.274533][T18513] [ 1559.277550][T18513] dump_stack_lvl+0x1c8/0x256 [ 1559.282429][T18513] dump_stack+0x1a/0x1c [ 1559.286759][T18513] kmsan_internal_chain_origin+0x78/0x120 [ 1559.292650][T18513] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1559.298895][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1559.304187][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1559.310614][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1559.315902][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1559.321881][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1559.327157][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1559.333144][T18513] ? __get_compat_msghdr+0x5b/0x750 [ 1559.338540][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1559.343811][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1559.349805][T18513] ? should_fail+0x3f/0x810 [ 1559.354472][T18513] ? __stack_depot_save+0x21/0x4b0 [ 1559.359764][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1559.365033][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1559.371448][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1559.376719][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1559.382698][T18513] __msan_chain_origin+0xbd/0x140 [ 1559.387888][T18513] __get_compat_msghdr+0x514/0x750 [ 1559.393214][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1559.398278][T18513] ? ___sys_recvmsg+0xa9/0x870 [ 1559.403209][T18513] ? do_recvmmsg+0x63a/0x10a0 [ 1559.408047][T18513] ___sys_recvmsg+0x19d/0x870 [ 1559.412891][T18513] ? __schedule+0x1609/0x21d0 [ 1559.417734][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1559.423012][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1559.429021][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1559.434293][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1559.440283][T18513] do_recvmmsg+0x63a/0x10a0 [ 1559.444958][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1559.451382][T18513] ? __sys_recvmmsg+0x52/0x450 [ 1559.456282][T18513] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1559.462873][T18513] __sys_recvmmsg+0x113/0x450 [ 1559.467693][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1559.472976][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1559.479408][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1559.484580][T18513] ? exit_to_user_mode_prepare+0x119/0x220 [ 1559.490553][T18513] do_fast_syscall_32+0x33/0x70 [ 1559.495547][T18513] do_SYSENTER_32+0x1b/0x20 [ 1559.500191][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1559.506731][T18513] RIP: 0023:0xf7fce549 [ 1559.510905][T18513] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1559.530692][T18513] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1559.539254][T18513] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1559.547364][T18513] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1559.555456][T18513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1559.563544][T18513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1559.571636][T18513] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1559.579752][T18513] [ 1559.593847][T18513] Uninit was stored to memory at: [ 1559.599165][T18513] __get_compat_msghdr+0x514/0x750 [ 1559.606031][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1559.611104][T18513] ___sys_recvmsg+0x19d/0x870 [ 1559.616046][T18513] do_recvmmsg+0x63a/0x10a0 [ 1559.620704][T18513] __sys_recvmmsg+0x113/0x450 [ 1559.625631][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1559.632061][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1559.637347][T18513] do_fast_syscall_32+0x33/0x70 [ 1559.642466][T18513] do_SYSENTER_32+0x1b/0x20 [ 1559.647156][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1559.653837][T18513] [ 1559.656249][T18513] Uninit was stored to memory at: [ 1559.661511][T18513] __get_compat_msghdr+0x514/0x750 [ 1559.666942][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1559.672009][T18513] ___sys_recvmsg+0x19d/0x870 [ 1559.677007][T18513] do_recvmmsg+0x63a/0x10a0 [ 1559.681674][T18513] __sys_recvmmsg+0x113/0x450 [ 1559.686671][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 02:33:47 executing program 4: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1559.693188][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1559.698383][T18513] do_fast_syscall_32+0x33/0x70 [ 1559.703547][T18513] do_SYSENTER_32+0x1b/0x20 [ 1559.708203][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1559.714960][T18513] [ 1559.717377][T18513] Uninit was stored to memory at: [ 1559.722718][T18513] __get_compat_msghdr+0x514/0x750 [ 1559.728033][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1559.733250][T18513] ___sys_recvmsg+0x19d/0x870 [ 1559.738091][T18513] do_recvmmsg+0x63a/0x10a0 [ 1559.742893][T18513] __sys_recvmmsg+0x113/0x450 [ 1559.747728][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1559.754330][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1559.759530][T18513] do_fast_syscall_32+0x33/0x70 [ 1559.764706][T18513] do_SYSENTER_32+0x1b/0x20 [ 1559.769373][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1559.776188][T18513] [ 1559.778598][T18513] Uninit was stored to memory at: [ 1559.784013][T18513] __get_compat_msghdr+0x514/0x750 [ 1559.789334][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1559.794596][T18513] ___sys_recvmsg+0x19d/0x870 [ 1559.799439][T18513] do_recvmmsg+0x63a/0x10a0 [ 1559.804257][T18513] __sys_recvmmsg+0x113/0x450 [ 1559.809101][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1559.815699][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1559.820890][T18513] do_fast_syscall_32+0x33/0x70 [ 1559.826046][T18513] do_SYSENTER_32+0x1b/0x20 [ 1559.830700][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1559.837420][T18513] [ 1559.839836][T18513] Uninit was stored to memory at: [ 1559.845257][T18513] __get_compat_msghdr+0x514/0x750 [ 1559.850577][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1559.855810][T18513] ___sys_recvmsg+0x19d/0x870 [ 1559.860654][T18513] do_recvmmsg+0x63a/0x10a0 [ 1559.865482][T18513] __sys_recvmmsg+0x113/0x450 [ 1559.870321][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1559.876948][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1559.882142][T18513] do_fast_syscall_32+0x33/0x70 [ 1559.887317][T18513] do_SYSENTER_32+0x1b/0x20 [ 1559.891985][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1559.898711][T18513] [ 1559.901130][T18513] Uninit was stored to memory at: [ 1559.906555][T18513] __get_compat_msghdr+0x514/0x750 [ 1559.911879][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1559.917097][T18513] ___sys_recvmsg+0x19d/0x870 [ 1559.921942][T18513] do_recvmmsg+0x63a/0x10a0 [ 1559.926751][T18513] __sys_recvmmsg+0x113/0x450 [ 1559.931592][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1559.938184][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1559.943475][T18513] do_fast_syscall_32+0x33/0x70 [ 1559.948484][T18513] do_SYSENTER_32+0x1b/0x20 [ 1559.953281][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1559.959841][T18513] [ 1559.962414][T18513] Uninit was stored to memory at: [ 1559.967661][T18513] __get_compat_msghdr+0x514/0x750 [ 1559.973137][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1559.978193][T18513] ___sys_recvmsg+0x19d/0x870 [ 1559.983185][T18513] do_recvmmsg+0x63a/0x10a0 [ 1559.987841][T18513] __sys_recvmmsg+0x113/0x450 [ 1559.992841][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1559.999258][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1560.004605][T18513] do_fast_syscall_32+0x33/0x70 [ 1560.009611][T18513] do_SYSENTER_32+0x1b/0x20 [ 1560.014428][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1560.020981][T18513] [ 1560.023543][T18513] Local variable msg_sys created at: [ 1560.028945][T18513] do_recvmmsg+0x5f/0x10a0 [ 1560.033605][T18513] __sys_recvmmsg+0x113/0x450 [ 1561.268319][T18478] not chained 2020000 origins [ 1561.273455][T18478] CPU: 0 PID: 18478 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1561.284146][T18478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1561.294345][T18478] Call Trace: [ 1561.297729][T18478] [ 1561.300757][T18478] dump_stack_lvl+0x1c8/0x256 [ 1561.305649][T18478] dump_stack+0x1a/0x1c [ 1561.309990][T18478] kmsan_internal_chain_origin+0x78/0x120 [ 1561.315891][T18478] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1561.322145][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1561.327443][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1561.333883][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1561.339177][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1561.345169][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1561.350452][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1561.356453][T18478] ? __get_compat_msghdr+0x5b/0x750 [ 1561.361857][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1561.367153][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1561.373166][T18478] ? should_fail+0x3f/0x810 [ 1561.377863][T18478] ? __stack_depot_save+0x21/0x4b0 [ 1561.383170][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1561.388476][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1561.394918][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1561.400247][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1561.406251][T18478] __msan_chain_origin+0xbd/0x140 [ 1561.411456][T18478] __get_compat_msghdr+0x514/0x750 [ 1561.416813][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1561.421877][T18478] ? ___sys_recvmsg+0xa9/0x870 [ 1561.426802][T18478] ? do_recvmmsg+0x63a/0x10a0 [ 1561.431646][T18478] ___sys_recvmsg+0x19d/0x870 [ 1561.436500][T18478] ? __schedule+0x1609/0x21d0 [ 1561.441347][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1561.446655][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1561.452673][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1561.457972][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1561.463976][T18478] do_recvmmsg+0x63a/0x10a0 [ 1561.468666][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1561.475111][T18478] ? __sys_recvmmsg+0x52/0x450 [ 1561.480037][T18478] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1561.486650][T18478] __sys_recvmmsg+0x113/0x450 [ 1561.491489][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1561.496792][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1561.503236][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1561.508426][T18478] ? exit_to_user_mode_prepare+0x119/0x220 [ 1561.514423][T18478] do_fast_syscall_32+0x33/0x70 [ 1561.519450][T18478] do_SYSENTER_32+0x1b/0x20 [ 1561.524121][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1561.530680][T18478] RIP: 0023:0xf7fc4549 [ 1561.534873][T18478] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1561.554677][T18478] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1561.563264][T18478] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1561.571393][T18478] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1561.579503][T18478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1561.587615][T18478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1561.595728][T18478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1561.603857][T18478] [ 1561.612331][T18478] Uninit was stored to memory at: [ 1561.617613][T18478] __get_compat_msghdr+0x514/0x750 [ 1561.625494][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1561.630567][T18478] ___sys_recvmsg+0x19d/0x870 [ 1561.635560][T18478] do_recvmmsg+0x63a/0x10a0 [ 1561.640221][T18478] __sys_recvmmsg+0x113/0x450 [ 1561.645193][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1561.651623][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1561.656944][T18478] do_fast_syscall_32+0x33/0x70 [ 1561.661952][T18478] do_SYSENTER_32+0x1b/0x20 [ 1561.666737][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1561.673407][T18478] [ 1561.675814][T18478] Uninit was stored to memory at: [ 1561.681066][T18478] __get_compat_msghdr+0x514/0x750 [ 1561.686519][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1561.691583][T18478] ___sys_recvmsg+0x19d/0x870 [ 1561.696548][T18478] do_recvmmsg+0x63a/0x10a0 [ 1561.701208][T18478] __sys_recvmmsg+0x113/0x450 [ 1561.706171][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1561.712698][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1561.717877][T18478] do_fast_syscall_32+0x33/0x70 [ 1561.723012][T18478] do_SYSENTER_32+0x1b/0x20 [ 1561.727677][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1561.734374][T18478] [ 1561.736784][T18478] Uninit was stored to memory at: [ 1561.742030][T18478] __get_compat_msghdr+0x514/0x750 [ 1561.747463][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1561.752659][T18478] ___sys_recvmsg+0x19d/0x870 [ 1561.757497][T18478] do_recvmmsg+0x63a/0x10a0 [ 1561.762156][T18478] __sys_recvmmsg+0x113/0x450 [ 1561.767141][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1561.773687][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1561.778879][T18478] do_fast_syscall_32+0x33/0x70 [ 1561.784038][T18478] do_SYSENTER_32+0x1b/0x20 [ 1561.788696][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1561.795383][T18478] [ 1561.797790][T18478] Uninit was stored to memory at: [ 1561.803131][T18478] __get_compat_msghdr+0x514/0x750 [ 1561.808448][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1561.813641][T18478] ___sys_recvmsg+0x19d/0x870 [ 1561.818476][T18478] do_recvmmsg+0x63a/0x10a0 [ 1561.823301][T18478] __sys_recvmmsg+0x113/0x450 [ 1561.828141][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1561.834699][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1561.839883][T18478] do_fast_syscall_32+0x33/0x70 [ 1561.845076][T18478] do_SYSENTER_32+0x1b/0x20 [ 1561.849730][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1561.856415][T18478] [ 1561.858823][T18478] Uninit was stored to memory at: [ 1561.864177][T18478] __get_compat_msghdr+0x514/0x750 [ 1561.869500][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1561.874733][T18478] ___sys_recvmsg+0x19d/0x870 [ 1561.879699][T18478] do_recvmmsg+0x63a/0x10a0 [ 1561.884575][T18478] __sys_recvmmsg+0x113/0x450 [ 1561.889429][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1561.896054][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1561.901239][T18478] do_fast_syscall_32+0x33/0x70 [ 1561.906468][T18478] do_SYSENTER_32+0x1b/0x20 [ 1561.911131][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1561.917976][T18478] [ 1561.920390][T18478] Uninit was stored to memory at: [ 1561.925849][T18478] __get_compat_msghdr+0x514/0x750 [ 1561.931253][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1561.936523][T18478] ___sys_recvmsg+0x19d/0x870 [ 1561.941369][T18478] do_recvmmsg+0x63a/0x10a0 [ 1561.946224][T18478] __sys_recvmmsg+0x113/0x450 [ 1561.951067][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1561.957701][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1561.962988][T18478] do_fast_syscall_32+0x33/0x70 [ 1561.968000][T18478] do_SYSENTER_32+0x1b/0x20 [ 1561.972846][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1561.979408][T18478] [ 1561.981811][T18478] Uninit was stored to memory at: [ 1561.987306][T18478] __get_compat_msghdr+0x514/0x750 [ 1561.992733][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1561.997795][T18478] ___sys_recvmsg+0x19d/0x870 [ 1562.002826][T18478] do_recvmmsg+0x63a/0x10a0 [ 1562.007488][T18478] __sys_recvmmsg+0x113/0x450 [ 1562.012503][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1562.018925][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1562.024334][T18478] do_fast_syscall_32+0x33/0x70 [ 1562.029351][T18478] do_SYSENTER_32+0x1b/0x20 [ 1562.034202][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1562.040760][T18478] [ 1562.043374][T18478] Local variable msg_sys created at: [ 1562.048759][T18478] do_recvmmsg+0x5f/0x10a0 [ 1562.053520][T18478] __sys_recvmmsg+0x113/0x450 [ 1562.129349][T18513] not chained 2030000 origins [ 1562.134304][T18513] CPU: 0 PID: 18513 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1562.144995][T18513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1562.155193][T18513] Call Trace: [ 1562.158587][T18513] [ 1562.161620][T18513] dump_stack_lvl+0x1c8/0x256 [ 1562.166532][T18513] dump_stack+0x1a/0x1c [ 1562.170897][T18513] kmsan_internal_chain_origin+0x78/0x120 [ 1562.176811][T18513] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1562.183076][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1562.188372][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1562.194807][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1562.200113][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1562.206132][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1562.211428][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1562.217424][T18513] ? __get_compat_msghdr+0x5b/0x750 [ 1562.222833][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1562.228124][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1562.234134][T18513] ? should_fail+0x3f/0x810 [ 1562.238817][T18513] ? __stack_depot_save+0x21/0x4b0 [ 1562.244101][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1562.249399][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1562.255827][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1562.261115][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1562.267113][T18513] __msan_chain_origin+0xbd/0x140 [ 1562.272311][T18513] __get_compat_msghdr+0x514/0x750 [ 1562.277673][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1562.282737][T18513] ? ___sys_recvmsg+0xa9/0x870 [ 1562.287656][T18513] ? do_recvmmsg+0x63a/0x10a0 [ 1562.292500][T18513] ___sys_recvmsg+0x19d/0x870 [ 1562.297351][T18513] ? __schedule+0x1609/0x21d0 [ 1562.302207][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1562.307505][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1562.313506][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1562.318789][T18513] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1562.324797][T18513] do_recvmmsg+0x63a/0x10a0 [ 1562.329496][T18513] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1562.335949][T18513] ? __sys_recvmmsg+0x52/0x450 [ 1562.340879][T18513] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1562.347488][T18513] __sys_recvmmsg+0x113/0x450 [ 1562.352332][T18513] ? kmsan_get_metadata+0x33/0x220 [ 1562.357651][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1562.364097][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1562.369287][T18513] ? exit_to_user_mode_prepare+0x119/0x220 [ 1562.375289][T18513] do_fast_syscall_32+0x33/0x70 [ 1562.380315][T18513] do_SYSENTER_32+0x1b/0x20 [ 1562.384977][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1562.391537][T18513] RIP: 0023:0xf7fce549 [ 1562.395732][T18513] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1562.415553][T18513] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1562.424154][T18513] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1562.432282][T18513] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1562.440410][T18513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1562.448526][T18513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1562.456639][T18513] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1562.464778][T18513] [ 1562.473516][T18513] Uninit was stored to memory at: [ 1562.478800][T18513] __get_compat_msghdr+0x514/0x750 [ 1562.489659][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1562.495481][T18513] ___sys_recvmsg+0x19d/0x870 [ 1562.500328][T18513] do_recvmmsg+0x63a/0x10a0 [ 1562.505108][T18513] __sys_recvmmsg+0x113/0x450 [ 1562.509945][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1562.516490][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1562.521677][T18513] do_fast_syscall_32+0x33/0x70 [ 1562.526807][T18513] do_SYSENTER_32+0x1b/0x20 [ 1562.531473][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1562.538179][T18513] [ 1562.540589][T18513] Uninit was stored to memory at: [ 1562.545966][T18513] __get_compat_msghdr+0x514/0x750 [ 1562.551286][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1562.556472][T18513] ___sys_recvmsg+0x19d/0x870 [ 1562.561310][T18513] do_recvmmsg+0x63a/0x10a0 [ 1562.566102][T18513] __sys_recvmmsg+0x113/0x450 [ 1562.570937][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1562.577486][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1562.582798][T18513] do_fast_syscall_32+0x33/0x70 [ 1562.587843][T18513] do_SYSENTER_32+0x1b/0x20 [ 1562.592636][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1562.599193][T18513] [ 1562.601599][T18513] Uninit was stored to memory at: [ 1562.606994][T18513] __get_compat_msghdr+0x514/0x750 [ 1562.612394][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1562.617450][T18513] ___sys_recvmsg+0x19d/0x870 [ 1562.622412][T18513] do_recvmmsg+0x63a/0x10a0 [ 1562.627075][T18513] __sys_recvmmsg+0x113/0x450 [ 1562.631913][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1562.638464][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1562.643758][T18513] do_fast_syscall_32+0x33/0x70 [ 1562.648776][T18513] do_SYSENTER_32+0x1b/0x20 [ 1562.653633][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1562.660188][T18513] [ 1562.662772][T18513] Uninit was stored to memory at: [ 1562.668030][T18513] __get_compat_msghdr+0x514/0x750 [ 1562.673583][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1562.678644][T18513] ___sys_recvmsg+0x19d/0x870 [ 1562.683657][T18513] do_recvmmsg+0x63a/0x10a0 [ 1562.688326][T18513] __sys_recvmmsg+0x113/0x450 [ 1562.693366][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1562.699795][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1562.705122][T18513] do_fast_syscall_32+0x33/0x70 [ 1562.710129][T18513] do_SYSENTER_32+0x1b/0x20 [ 1562.714899][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1562.721455][T18513] [ 1562.723971][T18513] Uninit was stored to memory at: [ 1562.729224][T18513] __get_compat_msghdr+0x514/0x750 [ 1562.734659][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1562.739716][T18513] ___sys_recvmsg+0x19d/0x870 [ 1562.744674][T18513] do_recvmmsg+0x63a/0x10a0 [ 1562.749327][T18513] __sys_recvmmsg+0x113/0x450 [ 1562.754275][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1562.760695][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1562.766009][T18513] do_fast_syscall_32+0x33/0x70 [ 1562.771028][T18513] do_SYSENTER_32+0x1b/0x20 [ 1562.775898][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1562.782554][T18513] [ 1562.784957][T18513] Uninit was stored to memory at: [ 1562.790204][T18513] __get_compat_msghdr+0x514/0x750 [ 1562.795682][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1562.800741][T18513] ___sys_recvmsg+0x19d/0x870 [ 1562.805777][T18513] do_recvmmsg+0x63a/0x10a0 [ 1562.810440][T18513] __sys_recvmmsg+0x113/0x450 [ 1562.815475][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1562.821909][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1562.827299][T18513] do_fast_syscall_32+0x33/0x70 [ 1562.832411][T18513] do_SYSENTER_32+0x1b/0x20 [ 1562.837068][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1562.843809][T18513] [ 1562.846229][T18513] Uninit was stored to memory at: [ 1562.851477][T18513] __get_compat_msghdr+0x514/0x750 [ 1562.856995][T18513] get_compat_msghdr+0x8c/0x1c0 [ 1562.862047][T18513] ___sys_recvmsg+0x19d/0x870 [ 1562.867082][T18513] do_recvmmsg+0x63a/0x10a0 [ 1562.871734][T18513] __sys_recvmmsg+0x113/0x450 [ 1562.876780][T18513] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1562.883316][T18513] __do_fast_syscall_32+0x95/0xf0 [ 1562.888539][T18513] do_fast_syscall_32+0x33/0x70 [ 1562.893741][T18513] do_SYSENTER_32+0x1b/0x20 [ 1562.898408][T18513] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1562.905248][T18513] [ 1562.907668][T18513] Local variable msg_sys created at: [ 1562.913211][T18513] do_recvmmsg+0x5f/0x10a0 [ 1562.917776][T18513] __sys_recvmmsg+0x113/0x450 [ 1563.041057][T18581] not chained 2040000 origins [ 1563.046062][T18581] CPU: 1 PID: 18581 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1563.056745][T18581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1563.066950][T18581] Call Trace: [ 1563.070332][T18581] [ 1563.073369][T18581] dump_stack_lvl+0x1c8/0x256 [ 1563.078282][T18581] dump_stack+0x1a/0x1c [ 1563.082645][T18581] kmsan_internal_chain_origin+0x78/0x120 [ 1563.088559][T18581] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1563.094832][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1563.100132][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1563.106579][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1563.111884][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1563.117898][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1563.123205][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1563.129226][T18581] ? __get_compat_msghdr+0x5b/0x750 [ 1563.134657][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1563.139957][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1563.145972][T18581] ? should_fail+0x3f/0x810 [ 1563.150666][T18581] ? __stack_depot_save+0x21/0x4b0 [ 1563.155960][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1563.161257][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1563.167695][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1563.172999][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1563.179030][T18581] __msan_chain_origin+0xbd/0x140 [ 1563.184247][T18581] __get_compat_msghdr+0x514/0x750 [ 1563.189616][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1563.194814][T18581] ? ___sys_recvmsg+0xa9/0x870 [ 1563.199747][T18581] ? do_recvmmsg+0x63a/0x10a0 [ 1563.204590][T18581] ___sys_recvmsg+0x19d/0x870 [ 1563.209448][T18581] ? __schedule+0x1609/0x21d0 [ 1563.214303][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1563.219614][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1563.225625][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1563.230928][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1563.236944][T18581] do_recvmmsg+0x63a/0x10a0 [ 1563.241643][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1563.248096][T18581] ? __sys_recvmmsg+0x52/0x450 [ 1563.253034][T18581] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1563.259650][T18581] __sys_recvmmsg+0x113/0x450 [ 1563.264500][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1563.269812][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1563.276252][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1563.281446][T18581] ? exit_to_user_mode_prepare+0x119/0x220 [ 1563.287442][T18581] do_fast_syscall_32+0x33/0x70 [ 1563.292461][T18581] do_SYSENTER_32+0x1b/0x20 [ 1563.297119][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1563.303683][T18581] RIP: 0023:0xf7fc6549 [ 1563.307871][T18581] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1563.327683][T18581] RSP: 002b:00000000f7fa05cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1563.336278][T18581] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1563.344417][T18581] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1563.352548][T18581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1563.360663][T18581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1563.368786][T18581] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1563.376939][T18581] [ 1563.385879][T18581] Uninit was stored to memory at: [ 1563.391174][T18581] __get_compat_msghdr+0x514/0x750 [ 1563.396988][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1563.402050][T18581] ___sys_recvmsg+0x19d/0x870 [ 1563.406980][T18581] do_recvmmsg+0x63a/0x10a0 [ 1563.411640][T18581] __sys_recvmmsg+0x113/0x450 [ 1563.416582][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1563.423112][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1563.428318][T18581] do_fast_syscall_32+0x33/0x70 [ 1563.433460][T18581] do_SYSENTER_32+0x1b/0x20 [ 1563.438136][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1563.444808][T18581] [ 1563.447214][T18581] Uninit was stored to memory at: [ 1563.452557][T18581] __get_compat_msghdr+0x514/0x750 [ 1563.457986][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1563.463138][T18581] ___sys_recvmsg+0x19d/0x870 [ 1563.467972][T18581] do_recvmmsg+0x63a/0x10a0 [ 1563.472943][T18581] __sys_recvmmsg+0x113/0x450 [ 1563.477784][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1563.484310][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1563.489499][T18581] do_fast_syscall_32+0x33/0x70 [ 1563.494600][T18581] do_SYSENTER_32+0x1b/0x20 [ 1563.499261][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1563.505919][T18581] [ 1563.508322][T18581] Uninit was stored to memory at: [ 1563.513681][T18581] __get_compat_msghdr+0x514/0x750 [ 1563.519025][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1563.524173][T18581] ___sys_recvmsg+0x19d/0x870 [ 1563.529038][T18581] do_recvmmsg+0x63a/0x10a0 [ 1563.533789][T18581] __sys_recvmmsg+0x113/0x450 [ 1563.538623][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1563.545135][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1563.550324][T18581] do_fast_syscall_32+0x33/0x70 [ 1563.555453][T18581] do_SYSENTER_32+0x1b/0x20 [ 1563.560121][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1563.566785][T18581] [ 1563.569194][T18581] Uninit was stored to memory at: [ 1563.574561][T18581] __get_compat_msghdr+0x514/0x750 [ 1563.579877][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1563.585026][T18581] ___sys_recvmsg+0x19d/0x870 [ 1563.589867][T18581] do_recvmmsg+0x63a/0x10a0 [ 1563.594660][T18581] __sys_recvmmsg+0x113/0x450 [ 1563.599493][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1563.606005][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1563.611188][T18581] do_fast_syscall_32+0x33/0x70 [ 1563.616300][T18581] do_SYSENTER_32+0x1b/0x20 [ 1563.620955][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1563.627609][T18581] [ 1563.630018][T18581] Uninit was stored to memory at: [ 1563.635371][T18581] __get_compat_msghdr+0x514/0x750 [ 1563.640688][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1563.645852][T18581] ___sys_recvmsg+0x19d/0x870 [ 1563.650692][T18581] do_recvmmsg+0x63a/0x10a0 [ 1563.655440][T18581] __sys_recvmmsg+0x113/0x450 [ 1563.660279][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1563.666817][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1563.672011][T18581] do_fast_syscall_32+0x33/0x70 [ 1563.677113][T18581] do_SYSENTER_32+0x1b/0x20 [ 1563.681777][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1563.688472][T18581] [ 1563.690891][T18581] Uninit was stored to memory at: [ 1563.696312][T18581] __get_compat_msghdr+0x514/0x750 [ 1563.701628][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1563.706767][T18581] ___sys_recvmsg+0x19d/0x870 [ 1563.711604][T18581] do_recvmmsg+0x63a/0x10a0 [ 1563.716360][T18581] __sys_recvmmsg+0x113/0x450 [ 1563.721192][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1563.727776][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1563.733073][T18581] do_fast_syscall_32+0x33/0x70 [ 1563.738088][T18581] do_SYSENTER_32+0x1b/0x20 [ 1563.742885][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1563.749436][T18581] [ 1563.751839][T18581] Uninit was stored to memory at: [ 1563.757253][T18581] __get_compat_msghdr+0x514/0x750 [ 1563.762667][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1563.767735][T18581] ___sys_recvmsg+0x19d/0x870 [ 1563.772725][T18581] do_recvmmsg+0x63a/0x10a0 [ 1563.777395][T18581] __sys_recvmmsg+0x113/0x450 [ 1563.782421][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1563.788856][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1563.794217][T18581] do_fast_syscall_32+0x33/0x70 [ 1563.799227][T18581] do_SYSENTER_32+0x1b/0x20 [ 1563.804135][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1563.810689][T18581] [ 1563.813260][T18581] Local variable msg_sys created at: [ 1563.818639][T18581] do_recvmmsg+0x5f/0x10a0 [ 1563.823303][T18581] __sys_recvmmsg+0x113/0x450 [ 1564.025572][T18534] not chained 2050000 origins [ 1564.030399][T18534] CPU: 1 PID: 18534 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1564.041079][T18534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1564.051277][T18534] Call Trace: [ 1564.054664][T18534] [ 1564.057700][T18534] dump_stack_lvl+0x1c8/0x256 [ 1564.062613][T18534] dump_stack+0x1a/0x1c [ 1564.066961][T18534] kmsan_internal_chain_origin+0x78/0x120 [ 1564.072864][T18534] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1564.079133][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1564.084435][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1564.090886][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1564.096191][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1564.102200][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1564.107493][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1564.113495][T18534] ? __get_compat_msghdr+0x5b/0x750 [ 1564.118912][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1564.124222][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1564.130228][T18534] ? should_fail+0x3f/0x810 [ 1564.134921][T18534] ? __stack_depot_save+0x21/0x4b0 [ 1564.140208][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1564.145515][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1564.151980][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1564.157277][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1564.163280][T18534] __msan_chain_origin+0xbd/0x140 [ 1564.168484][T18534] __get_compat_msghdr+0x514/0x750 [ 1564.173838][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1564.178911][T18534] ? ___sys_recvmsg+0xa9/0x870 [ 1564.183848][T18534] ? do_recvmmsg+0x63a/0x10a0 [ 1564.188698][T18534] ___sys_recvmsg+0x19d/0x870 [ 1564.193540][T18534] ? __schedule+0x1609/0x21d0 [ 1564.198391][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1564.203692][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1564.209688][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1564.214978][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1564.220979][T18534] do_recvmmsg+0x63a/0x10a0 [ 1564.225672][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1564.232115][T18534] ? __sys_recvmmsg+0x52/0x450 [ 1564.237040][T18534] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1564.243646][T18534] __sys_recvmmsg+0x113/0x450 [ 1564.248477][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1564.253784][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1564.260234][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1564.265425][T18534] ? exit_to_user_mode_prepare+0x119/0x220 [ 1564.271424][T18534] do_fast_syscall_32+0x33/0x70 [ 1564.276432][T18534] do_SYSENTER_32+0x1b/0x20 [ 1564.281087][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1564.287643][T18534] RIP: 0023:0xf7f3a549 [ 1564.291834][T18534] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1564.311641][T18534] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1564.320231][T18534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1564.328348][T18534] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1564.336457][T18534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1564.344563][T18534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1564.352667][T18534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1564.360796][T18534] [ 1564.369355][T18534] Uninit was stored to memory at: [ 1564.375202][T18534] __get_compat_msghdr+0x514/0x750 [ 1564.380532][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1564.385696][T18534] ___sys_recvmsg+0x19d/0x870 [ 1564.390538][T18534] do_recvmmsg+0x63a/0x10a0 [ 1564.395298][T18534] __sys_recvmmsg+0x113/0x450 [ 1564.400132][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1564.406654][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1564.411842][T18534] do_fast_syscall_32+0x33/0x70 [ 1564.416954][T18534] do_SYSENTER_32+0x1b/0x20 [ 1564.421617][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1564.428294][T18534] [ 1564.430719][T18534] Uninit was stored to memory at: [ 1564.436076][T18534] __get_compat_msghdr+0x514/0x750 [ 1564.441399][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1564.446547][T18534] ___sys_recvmsg+0x19d/0x870 [ 1564.451395][T18534] do_recvmmsg+0x63a/0x10a0 [ 1564.456221][T18534] __sys_recvmmsg+0x113/0x450 [ 1564.461049][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1564.467636][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1564.472914][T18534] do_fast_syscall_32+0x33/0x70 [ 1564.477927][T18534] do_SYSENTER_32+0x1b/0x20 [ 1564.482752][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1564.489305][T18534] [ 1564.491705][T18534] Uninit was stored to memory at: [ 1564.497104][T18534] __get_compat_msghdr+0x514/0x750 [ 1564.502511][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1564.507562][T18534] ___sys_recvmsg+0x19d/0x870 [ 1564.512524][T18534] do_recvmmsg+0x63a/0x10a0 [ 1564.517190][T18534] __sys_recvmmsg+0x113/0x450 [ 1564.522033][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1564.528630][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1564.533944][T18534] do_fast_syscall_32+0x33/0x70 [ 1564.538998][T18534] do_SYSENTER_32+0x1b/0x20 [ 1564.543850][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1564.550440][T18534] [ 1564.552993][T18534] Uninit was stored to memory at: [ 1564.558255][T18534] __get_compat_msghdr+0x514/0x750 [ 1564.563724][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1564.568791][T18534] ___sys_recvmsg+0x19d/0x870 [ 1564.573775][T18534] do_recvmmsg+0x63a/0x10a0 [ 1564.578434][T18534] __sys_recvmmsg+0x113/0x450 [ 1564.583434][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1564.589876][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1564.595231][T18534] do_fast_syscall_32+0x33/0x70 [ 1564.600238][T18534] do_SYSENTER_32+0x1b/0x20 [ 1564.605058][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1564.611612][T18534] [ 1564.614172][T18534] Uninit was stored to memory at: [ 1564.619421][T18534] __get_compat_msghdr+0x514/0x750 [ 1564.624839][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1564.629896][T18534] ___sys_recvmsg+0x19d/0x870 [ 1564.634887][T18534] do_recvmmsg+0x63a/0x10a0 [ 1564.639552][T18534] __sys_recvmmsg+0x113/0x450 [ 1564.644572][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1564.650997][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1564.656272][T18534] do_fast_syscall_32+0x33/0x70 [ 1564.661271][T18534] do_SYSENTER_32+0x1b/0x20 [ 1564.666014][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1564.672648][T18534] [ 1564.675052][T18534] Uninit was stored to memory at: [ 1564.680300][T18534] __get_compat_msghdr+0x514/0x750 [ 1564.685710][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1564.690781][T18534] ___sys_recvmsg+0x19d/0x870 [ 1564.695696][T18534] do_recvmmsg+0x63a/0x10a0 [ 1564.700352][T18534] __sys_recvmmsg+0x113/0x450 [ 1564.705268][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1564.711691][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1564.717075][T18534] do_fast_syscall_32+0x33/0x70 [ 1564.722089][T18534] do_SYSENTER_32+0x1b/0x20 [ 1564.726911][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1564.733622][T18534] [ 1564.736029][T18534] Uninit was stored to memory at: [ 1564.741280][T18534] __get_compat_msghdr+0x514/0x750 [ 1564.746765][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1564.751818][T18534] ___sys_recvmsg+0x19d/0x870 [ 1564.756822][T18534] do_recvmmsg+0x63a/0x10a0 [ 1564.761490][T18534] __sys_recvmmsg+0x113/0x450 [ 1564.766484][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1564.773006][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1564.778221][T18534] do_fast_syscall_32+0x33/0x70 [ 1564.783378][T18534] do_SYSENTER_32+0x1b/0x20 [ 1564.788035][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1564.794755][T18534] [ 1564.797169][T18534] Local variable msg_sys created at: [ 1564.802691][T18534] do_recvmmsg+0x5f/0x10a0 [ 1564.807254][T18534] __sys_recvmmsg+0x113/0x450 [ 1564.976939][T18577] not chained 2060000 origins [ 1564.981770][T18577] CPU: 0 PID: 18577 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1564.992460][T18577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1565.002655][T18577] Call Trace: [ 1565.006032][T18577] [ 1565.009055][T18577] dump_stack_lvl+0x1c8/0x256 [ 1565.013941][T18577] dump_stack+0x1a/0x1c [ 1565.018286][T18577] kmsan_internal_chain_origin+0x78/0x120 [ 1565.024189][T18577] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1565.030456][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1565.035753][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1565.042208][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1565.047498][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.053495][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1565.058782][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.064782][T18577] ? __get_compat_msghdr+0x5b/0x750 [ 1565.070193][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1565.075492][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.081505][T18577] ? should_fail+0x3f/0x810 [ 1565.086192][T18577] ? __stack_depot_save+0x21/0x4b0 [ 1565.091479][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1565.096770][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1565.103208][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1565.108497][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.114491][T18577] __msan_chain_origin+0xbd/0x140 [ 1565.119694][T18577] __get_compat_msghdr+0x514/0x750 [ 1565.125046][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1565.130103][T18577] ? ___sys_recvmsg+0xa9/0x870 [ 1565.135020][T18577] ? do_recvmmsg+0x63a/0x10a0 [ 1565.139868][T18577] ___sys_recvmsg+0x19d/0x870 [ 1565.144717][T18577] ? __schedule+0x1609/0x21d0 [ 1565.149563][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1565.154852][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.160856][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1565.166142][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.172140][T18577] do_recvmmsg+0x63a/0x10a0 [ 1565.176827][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1565.183275][T18577] ? __sys_recvmmsg+0x52/0x450 [ 1565.188198][T18577] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.194804][T18577] __sys_recvmmsg+0x113/0x450 [ 1565.199658][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1565.204967][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.211409][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1565.216593][T18577] ? exit_to_user_mode_prepare+0x119/0x220 [ 1565.222573][T18577] do_fast_syscall_32+0x33/0x70 [ 1565.227581][T18577] do_SYSENTER_32+0x1b/0x20 [ 1565.232234][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1565.238783][T18577] RIP: 0023:0xf7f92549 [ 1565.242980][T18577] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1565.262786][T18577] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1565.271385][T18577] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1565.279498][T18577] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1565.287611][T18577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1565.295711][T18577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1565.303825][T18577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1565.311955][T18577] [ 1565.321783][T18577] Uninit was stored to memory at: [ 1565.327626][T18577] __get_compat_msghdr+0x514/0x750 [ 1565.333058][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1565.338110][T18577] ___sys_recvmsg+0x19d/0x870 [ 1565.343405][T18577] do_recvmmsg+0x63a/0x10a0 [ 1565.348063][T18577] __sys_recvmmsg+0x113/0x450 [ 1565.352999][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.359421][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1565.364728][T18577] do_fast_syscall_32+0x33/0x70 [ 1565.369740][T18577] do_SYSENTER_32+0x1b/0x20 [ 1565.374528][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1565.381090][T18577] [ 1565.383649][T18577] Uninit was stored to memory at: [ 1565.388905][T18577] __get_compat_msghdr+0x514/0x750 [ 1565.394339][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1565.399392][T18577] ___sys_recvmsg+0x19d/0x870 [ 1565.404336][T18577] do_recvmmsg+0x63a/0x10a0 [ 1565.408990][T18577] __sys_recvmmsg+0x113/0x450 [ 1565.413928][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.420346][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1565.425641][T18577] do_fast_syscall_32+0x33/0x70 [ 1565.427369][T18478] not chained 2070000 origins [ 1565.430594][T18577] do_SYSENTER_32+0x1b/0x20 [ 1565.435606][T18478] CPU: 1 PID: 18478 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1565.439901][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1565.450430][T18478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1565.450486][T18478] Call Trace: [ 1565.450518][T18478] [ 1565.450549][T18478] dump_stack_lvl+0x1c8/0x256 [ 1565.456983][T18577] [ 1565.466967][T18478] dump_stack+0x1a/0x1c [ 1565.470351][T18577] Uninit was stored to memory at: [ 1565.470511][T18577] __get_compat_msghdr+0x514/0x750 [ 1565.473307][T18478] kmsan_internal_chain_origin+0x78/0x120 [ 1565.478069][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1565.480407][T18478] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1565.484674][T18577] ___sys_recvmsg+0x19d/0x870 [ 1565.489600][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1565.494817][T18577] do_recvmmsg+0x63a/0x10a0 [ 1565.500440][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1565.505394][T18577] __sys_recvmmsg+0x113/0x450 [ 1565.511378][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1565.516157][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.521180][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.525792][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1565.531942][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1565.536725][T18577] do_fast_syscall_32+0x33/0x70 [ 1565.542098][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.548444][T18577] do_SYSENTER_32+0x1b/0x20 [ 1565.554156][T18478] ? __get_compat_msghdr+0x5b/0x750 [ 1565.559267][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1565.564397][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1565.564516][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.569355][T18577] [ 1565.569372][T18577] Uninit was stored to memory at: [ 1565.575176][T18478] ? should_fail+0x3f/0x810 [ 1565.575304][T18478] ? __stack_depot_save+0x21/0x4b0 [ 1565.579908][T18577] __get_compat_msghdr+0x514/0x750 [ 1565.584984][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1565.585101][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1565.591421][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1565.596546][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1565.596665][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.602536][T18577] ___sys_recvmsg+0x19d/0x870 [ 1565.604802][T18478] __msan_chain_origin+0xbd/0x140 [ 1565.609845][T18577] do_recvmmsg+0x63a/0x10a0 [ 1565.614366][T18478] __get_compat_msghdr+0x514/0x750 [ 1565.614543][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1565.619634][T18577] __sys_recvmmsg+0x113/0x450 [ 1565.624759][T18478] ? ___sys_recvmsg+0xa9/0x870 [ 1565.624853][T18478] ? do_recvmmsg+0x63a/0x10a0 [ 1565.629993][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.636250][T18478] ___sys_recvmsg+0x19d/0x870 [ 1565.636363][T18478] ? __schedule+0x1609/0x21d0 [ 1565.641207][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1565.646345][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1565.646469][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.652329][T18577] do_fast_syscall_32+0x33/0x70 [ 1565.656937][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1565.661961][T18577] do_SYSENTER_32+0x1b/0x20 [ 1565.666479][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1565.666615][T18478] do_recvmmsg+0x63a/0x10a0 [ 1565.671709][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1565.676601][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1565.681362][T18577] [ 1565.681380][T18577] Uninit was stored to memory at: [ 1565.686145][T18478] ? __sys_recvmmsg+0x52/0x450 [ 1565.686242][T18478] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.691046][T18577] __get_compat_msghdr+0x514/0x750 [ 1565.697179][T18478] __sys_recvmmsg+0x113/0x450 [ 1565.697277][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1565.701958][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1565.706658][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.706793][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1565.711781][T18577] ___sys_recvmsg+0x19d/0x870 [ 1565.716906][T18478] ? exit_to_user_mode_prepare+0x119/0x220 [ 1565.717024][T18478] do_fast_syscall_32+0x33/0x70 [ 1565.722909][T18577] do_recvmmsg+0x63a/0x10a0 [ 1565.727683][T18478] do_SYSENTER_32+0x1b/0x20 [ 1565.732901][T18577] __sys_recvmmsg+0x113/0x450 [ 1565.737307][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1565.743218][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.747626][T18478] RIP: 0023:0xf7fc4549 [ 1565.754057][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1565.760205][T18478] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1565.762642][T18577] do_fast_syscall_32+0x33/0x70 [ 1565.767569][T18478] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 [ 1565.772438][T18577] do_SYSENTER_32+0x1b/0x20 [ 1565.778764][T18478] ORIG_RAX: 0000000000000151 [ 1565.778800][T18478] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1565.783986][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1565.788567][T18478] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1565.793809][T18577] [ 1565.798567][T18478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1565.804930][T18577] Uninit was stored to memory at: [ 1565.809843][T18478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1565.814752][T18577] __get_compat_msghdr+0x514/0x750 [ 1565.820346][T18478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1565.825316][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1565.829746][T18478] [ 1565.834312][T18577] ___sys_recvmsg+0x19d/0x870 [ 1565.844271][T18478] Uninit was stored to memory at: [ 1565.845363][T18577] do_recvmmsg+0x63a/0x10a0 [ 1565.851634][T18478] __get_compat_msghdr+0x514/0x750 [ 1565.855672][T18577] __sys_recvmmsg+0x113/0x450 [ 1565.855765][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.855882][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1565.855978][T18577] do_fast_syscall_32+0x33/0x70 [ 1565.856066][T18577] do_SYSENTER_32+0x1b/0x20 [ 1565.856154][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1565.856314][T18577] [ 1565.856331][T18577] Uninit was stored to memory at: [ 1565.856480][T18577] __get_compat_msghdr+0x514/0x750 [ 1565.856619][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1565.856751][T18577] ___sys_recvmsg+0x19d/0x870 [ 1565.856842][T18577] do_recvmmsg+0x63a/0x10a0 [ 1565.856937][T18577] __sys_recvmmsg+0x113/0x450 [ 1565.857030][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1565.857141][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1565.857234][T18577] do_fast_syscall_32+0x33/0x70 [ 1565.857323][T18577] do_SYSENTER_32+0x1b/0x20 [ 1565.857408][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1565.857566][T18577] [ 1565.857585][T18577] Local variable msg_sys created at: [ 1565.857616][T18577] do_recvmmsg+0x5f/0x10a0 [ 1565.857699][T18577] __sys_recvmmsg+0x113/0x450 [ 1566.106128][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1566.111206][T18478] ___sys_recvmsg+0x19d/0x870 [ 1566.116142][T18478] do_recvmmsg+0x63a/0x10a0 [ 1566.120804][T18478] __sys_recvmmsg+0x113/0x450 [ 1566.125743][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1566.132165][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1566.137429][T18478] do_fast_syscall_32+0x33/0x70 [ 1566.142530][T18478] do_SYSENTER_32+0x1b/0x20 [ 1566.147172][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1566.153822][T18478] [ 1566.156231][T18478] Uninit was stored to memory at: [ 1566.161487][T18478] __get_compat_msghdr+0x514/0x750 [ 1566.166965][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1566.172014][T18478] ___sys_recvmsg+0x19d/0x870 [ 1566.177002][T18478] do_recvmmsg+0x63a/0x10a0 [ 1566.181661][T18478] __sys_recvmmsg+0x113/0x450 [ 1566.186651][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1566.193155][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1566.198337][T18478] do_fast_syscall_32+0x33/0x70 [ 1566.203506][T18478] do_SYSENTER_32+0x1b/0x20 [ 1566.208161][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1566.214876][T18478] [ 1566.217287][T18478] Uninit was stored to memory at: [ 1566.222713][T18478] __get_compat_msghdr+0x514/0x750 [ 1566.228035][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1566.233251][T18478] ___sys_recvmsg+0x19d/0x870 [ 1566.238090][T18478] do_recvmmsg+0x63a/0x10a0 [ 1566.242899][T18478] __sys_recvmmsg+0x113/0x450 [ 1566.247729][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1566.254302][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1566.259489][T18478] do_fast_syscall_32+0x33/0x70 [ 1566.264577][T18478] do_SYSENTER_32+0x1b/0x20 [ 1566.269223][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1566.275859][T18478] [ 1566.278263][T18478] Uninit was stored to memory at: [ 1566.283609][T18478] __get_compat_msghdr+0x514/0x750 [ 1566.288924][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1566.294055][T18478] ___sys_recvmsg+0x19d/0x870 [ 1566.298883][T18478] do_recvmmsg+0x63a/0x10a0 [ 1566.303634][T18478] __sys_recvmmsg+0x113/0x450 [ 1566.308472][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1566.314977][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1566.320158][T18478] do_fast_syscall_32+0x33/0x70 [ 1566.325246][T18478] do_SYSENTER_32+0x1b/0x20 [ 1566.329897][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1566.336531][T18478] [ 1566.338927][T18478] Uninit was stored to memory at: [ 1566.344284][T18478] __get_compat_msghdr+0x514/0x750 [ 1566.349604][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1566.354740][T18478] ___sys_recvmsg+0x19d/0x870 [ 1566.359569][T18478] do_recvmmsg+0x63a/0x10a0 [ 1566.364308][T18478] __sys_recvmmsg+0x113/0x450 [ 1566.369140][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1566.375663][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1566.380853][T18478] do_fast_syscall_32+0x33/0x70 [ 1566.385961][T18478] do_SYSENTER_32+0x1b/0x20 [ 1566.390618][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1566.397267][T18478] [ 1566.399671][T18478] Uninit was stored to memory at: [ 1566.405012][T18478] __get_compat_msghdr+0x514/0x750 [ 1566.410329][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1566.415487][T18478] ___sys_recvmsg+0x19d/0x870 [ 1566.420319][T18478] do_recvmmsg+0x63a/0x10a0 [ 1566.425061][T18478] __sys_recvmmsg+0x113/0x450 [ 1566.429887][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1566.436412][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1566.441853][T18478] do_fast_syscall_32+0x33/0x70 [ 1566.446953][T18478] do_SYSENTER_32+0x1b/0x20 [ 1566.451610][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1566.458250][T18478] [ 1566.460659][T18478] Uninit was stored to memory at: [ 1566.465995][T18478] __get_compat_msghdr+0x514/0x750 [ 1566.471307][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1566.476475][T18478] ___sys_recvmsg+0x19d/0x870 [ 1566.481311][T18478] do_recvmmsg+0x63a/0x10a0 [ 1566.486077][T18478] __sys_recvmmsg+0x113/0x450 [ 1566.490909][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1566.497428][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1566.502701][T18478] do_fast_syscall_32+0x33/0x70 [ 1566.507733][T18478] do_SYSENTER_32+0x1b/0x20 [ 1566.512487][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1566.519050][T18478] [ 1566.521452][T18478] Local variable msg_sys created at: [ 1566.526932][T18478] do_recvmmsg+0x5f/0x10a0 [ 1566.531503][T18478] __sys_recvmmsg+0x113/0x450 [ 1566.568768][T18534] not chained 2080000 origins [ 1566.574980][T18534] CPU: 0 PID: 18534 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1566.585662][T18534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1566.595869][T18534] Call Trace: [ 1566.599261][T18534] [ 1566.602288][T18534] dump_stack_lvl+0x1c8/0x256 [ 1566.607180][T18534] dump_stack+0x1a/0x1c [ 1566.611524][T18534] kmsan_internal_chain_origin+0x78/0x120 [ 1566.617425][T18534] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1566.623685][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1566.628983][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1566.635442][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1566.640738][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1566.646746][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1566.652044][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1566.658046][T18534] ? __get_compat_msghdr+0x5b/0x750 [ 1566.663460][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1566.668761][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1566.674776][T18534] ? should_fail+0x3f/0x810 [ 1566.679477][T18534] ? __stack_depot_save+0x21/0x4b0 [ 1566.684777][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1566.690082][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1566.696519][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1566.701811][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1566.707825][T18534] __msan_chain_origin+0xbd/0x140 [ 1566.713027][T18534] __get_compat_msghdr+0x514/0x750 [ 1566.718372][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1566.723446][T18534] ? ___sys_recvmsg+0xa9/0x870 [ 1566.728366][T18534] ? do_recvmmsg+0x63a/0x10a0 [ 1566.733203][T18534] ___sys_recvmsg+0x19d/0x870 [ 1566.738041][T18534] ? __schedule+0x1609/0x21d0 [ 1566.742890][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1566.748188][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1566.754187][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1566.759475][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1566.765476][T18534] do_recvmmsg+0x63a/0x10a0 [ 1566.770166][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1566.776616][T18534] ? __sys_recvmmsg+0x52/0x450 [ 1566.781544][T18534] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1566.788151][T18534] __sys_recvmmsg+0x113/0x450 [ 1566.792995][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1566.798312][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1566.804751][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1566.809945][T18534] ? exit_to_user_mode_prepare+0x119/0x220 [ 1566.815933][T18534] do_fast_syscall_32+0x33/0x70 [ 1566.821033][T18534] do_SYSENTER_32+0x1b/0x20 [ 1566.825689][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1566.832243][T18534] RIP: 0023:0xf7f3a549 [ 1566.836430][T18534] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1566.856585][T18534] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1566.865171][T18534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1566.873284][T18534] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1566.881397][T18534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1566.889506][T18534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1566.897630][T18534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1566.905763][T18534] [ 1566.909183][T18534] Uninit was stored to memory at: [ 1566.914552][T18534] __get_compat_msghdr+0x514/0x750 [ 1566.919874][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1566.925059][T18534] ___sys_recvmsg+0x19d/0x870 [ 1566.929897][T18534] do_recvmmsg+0x63a/0x10a0 [ 1566.934639][T18534] __sys_recvmmsg+0x113/0x450 [ 1566.939822][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1566.946373][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1566.951565][T18534] do_fast_syscall_32+0x33/0x70 [ 1566.956707][T18534] do_SYSENTER_32+0x1b/0x20 [ 1566.961368][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1566.968038][T18534] [ 1566.970445][T18534] Uninit was stored to memory at: [ 1566.975812][T18534] __get_compat_msghdr+0x514/0x750 [ 1566.981134][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1566.986306][T18534] ___sys_recvmsg+0x19d/0x870 [ 1566.991141][T18534] do_recvmmsg+0x63a/0x10a0 [ 1566.995934][T18534] __sys_recvmmsg+0x113/0x450 [ 1567.000770][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1567.007321][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1567.012609][T18534] do_fast_syscall_32+0x33/0x70 [ 1567.017615][T18534] do_SYSENTER_32+0x1b/0x20 [ 1567.022396][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1567.028959][T18534] [ 1567.031373][T18534] Uninit was stored to memory at: [ 1567.036774][T18534] __get_compat_msghdr+0x514/0x750 [ 1567.042104][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1567.047241][T18534] ___sys_recvmsg+0x19d/0x870 [ 1567.052078][T18534] do_recvmmsg+0x63a/0x10a0 [ 1567.056871][T18534] __sys_recvmmsg+0x113/0x450 [ 1567.061706][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1567.068281][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1567.073571][T18534] do_fast_syscall_32+0x33/0x70 [ 1567.078572][T18534] do_SYSENTER_32+0x1b/0x20 [ 1567.083340][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1567.089901][T18534] [ 1567.092441][T18534] Uninit was stored to memory at: [ 1567.097687][T18534] __get_compat_msghdr+0x514/0x750 [ 1567.103142][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1567.108201][T18534] ___sys_recvmsg+0x19d/0x870 [ 1567.113159][T18534] do_recvmmsg+0x63a/0x10a0 [ 1567.117821][T18534] __sys_recvmmsg+0x113/0x450 [ 1567.122768][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1567.129190][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1567.134505][T18534] do_fast_syscall_32+0x33/0x70 [ 1567.139515][T18534] do_SYSENTER_32+0x1b/0x20 [ 1567.144304][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1567.150870][T18534] [ 1567.153412][T18534] Uninit was stored to memory at: [ 1567.158669][T18534] __get_compat_msghdr+0x514/0x750 [ 1567.164134][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1567.169198][T18534] ___sys_recvmsg+0x19d/0x870 [ 1567.174158][T18534] do_recvmmsg+0x63a/0x10a0 [ 1567.178822][T18534] __sys_recvmmsg+0x113/0x450 [ 1567.183787][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1567.190216][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1567.195526][T18534] do_fast_syscall_32+0x33/0x70 [ 1567.200533][T18534] do_SYSENTER_32+0x1b/0x20 [ 1567.205312][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1567.211867][T18534] [ 1567.214373][T18534] Uninit was stored to memory at: [ 1567.219622][T18534] __get_compat_msghdr+0x514/0x750 [ 1567.225071][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1567.230133][T18534] ___sys_recvmsg+0x19d/0x870 [ 1567.235108][T18534] do_recvmmsg+0x63a/0x10a0 [ 1567.239761][T18534] __sys_recvmmsg+0x113/0x450 [ 1567.244701][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1567.251130][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1567.256455][T18534] do_fast_syscall_32+0x33/0x70 [ 1567.261467][T18534] do_SYSENTER_32+0x1b/0x20 [ 1567.266343][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1567.273002][T18534] [ 1567.275411][T18534] Uninit was stored to memory at: [ 1567.280665][T18534] __get_compat_msghdr+0x514/0x750 [ 1567.286117][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1567.291184][T18534] ___sys_recvmsg+0x19d/0x870 [ 1567.296204][T18534] do_recvmmsg+0x63a/0x10a0 [ 1567.300863][T18534] __sys_recvmmsg+0x113/0x450 [ 1567.305828][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1567.312330][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1567.317510][T18534] do_fast_syscall_32+0x33/0x70 [ 1567.322639][T18534] do_SYSENTER_32+0x1b/0x20 [ 1567.327289][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1567.333966][T18534] [ 1567.336373][T18534] Local variable msg_sys created at: [ 1567.341751][T18534] do_recvmmsg+0x5f/0x10a0 [ 1567.346454][T18534] __sys_recvmmsg+0x113/0x450 [ 1567.548676][T18581] not chained 2090000 origins [ 1567.553651][T18581] CPU: 0 PID: 18581 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1567.564327][T18581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1567.574517][T18581] Call Trace: [ 1567.577894][T18581] [ 1567.580925][T18581] dump_stack_lvl+0x1c8/0x256 [ 1567.585819][T18581] dump_stack+0x1a/0x1c [ 1567.590160][T18581] kmsan_internal_chain_origin+0x78/0x120 [ 1567.596059][T18581] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1567.602313][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1567.607601][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1567.614039][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1567.619335][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1567.625327][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1567.630612][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1567.636604][T18581] ? __get_compat_msghdr+0x5b/0x750 [ 1567.642010][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1567.647298][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1567.653299][T18581] ? should_fail+0x3f/0x810 [ 1567.657976][T18581] ? __stack_depot_save+0x21/0x4b0 [ 1567.663284][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1567.668573][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1567.675006][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1567.680298][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1567.686290][T18581] __msan_chain_origin+0xbd/0x140 [ 1567.691493][T18581] __get_compat_msghdr+0x514/0x750 [ 1567.696842][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1567.701901][T18581] ? ___sys_recvmsg+0xa9/0x870 [ 1567.706826][T18581] ? do_recvmmsg+0x63a/0x10a0 [ 1567.711676][T18581] ___sys_recvmsg+0x19d/0x870 [ 1567.716526][T18581] ? __schedule+0x1609/0x21d0 [ 1567.721375][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1567.726671][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1567.732669][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1567.737959][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1567.743974][T18581] do_recvmmsg+0x63a/0x10a0 [ 1567.748662][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1567.755101][T18581] ? __sys_recvmmsg+0x52/0x450 [ 1567.760017][T18581] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1567.766629][T18581] __sys_recvmmsg+0x113/0x450 [ 1567.771473][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1567.776778][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1567.783233][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1567.788422][T18581] ? exit_to_user_mode_prepare+0x119/0x220 [ 1567.794411][T18581] do_fast_syscall_32+0x33/0x70 [ 1567.799418][T18581] do_SYSENTER_32+0x1b/0x20 [ 1567.804076][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1567.810628][T18581] RIP: 0023:0xf7fc6549 [ 1567.814819][T18581] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1567.834635][T18581] RSP: 002b:00000000f7fa05cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1567.843221][T18581] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1567.851335][T18581] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1567.859441][T18581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1567.867546][T18581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1567.875651][T18581] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1567.883788][T18581] [ 1567.892101][T18581] Uninit was stored to memory at: [ 1567.897901][T18581] __get_compat_msghdr+0x514/0x750 [ 1567.903325][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1567.908386][T18581] ___sys_recvmsg+0x19d/0x870 [ 1567.913347][T18581] do_recvmmsg+0x63a/0x10a0 [ 1567.918006][T18581] __sys_recvmmsg+0x113/0x450 [ 1567.922961][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1567.929381][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1567.934691][T18581] do_fast_syscall_32+0x33/0x70 [ 1567.939695][T18581] do_SYSENTER_32+0x1b/0x20 [ 1567.944455][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1567.951006][T18581] [ 1567.953530][T18581] Uninit was stored to memory at: [ 1567.958811][T18581] __get_compat_msghdr+0x514/0x750 [ 1567.964275][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1567.969335][T18581] ___sys_recvmsg+0x19d/0x870 [ 1567.974296][T18581] do_recvmmsg+0x63a/0x10a0 [ 1567.978956][T18581] __sys_recvmmsg+0x113/0x450 [ 1567.983935][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1567.990350][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1567.995653][T18581] do_fast_syscall_32+0x33/0x70 [ 1568.000657][T18581] do_SYSENTER_32+0x1b/0x20 [ 1568.005437][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1568.011994][T18581] [ 1568.014496][T18581] Uninit was stored to memory at: [ 1568.019739][T18581] __get_compat_msghdr+0x514/0x750 [ 1568.025195][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1568.030249][T18581] ___sys_recvmsg+0x19d/0x870 [ 1568.035236][T18581] do_recvmmsg+0x63a/0x10a0 [ 1568.039889][T18581] __sys_recvmmsg+0x113/0x450 [ 1568.044819][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1568.051247][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1568.056629][T18581] do_fast_syscall_32+0x33/0x70 [ 1568.061632][T18581] do_SYSENTER_32+0x1b/0x20 [ 1568.066404][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1568.073050][T18581] [ 1568.075450][T18581] Uninit was stored to memory at: [ 1568.080696][T18581] __get_compat_msghdr+0x514/0x750 [ 1568.086126][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1568.091175][T18581] ___sys_recvmsg+0x19d/0x870 [ 1568.096122][T18581] do_recvmmsg+0x63a/0x10a0 [ 1568.100775][T18581] __sys_recvmmsg+0x113/0x450 [ 1568.105725][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1568.112146][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1568.117417][T18581] do_fast_syscall_32+0x33/0x70 [ 1568.122553][T18581] do_SYSENTER_32+0x1b/0x20 [ 1568.127211][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1568.133888][T18581] [ 1568.136300][T18581] Uninit was stored to memory at: [ 1568.141543][T18581] __get_compat_msghdr+0x514/0x750 [ 1568.146990][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1568.152042][T18581] ___sys_recvmsg+0x19d/0x870 [ 1568.156999][T18581] do_recvmmsg+0x63a/0x10a0 [ 1568.161666][T18581] __sys_recvmmsg+0x113/0x450 [ 1568.166643][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1568.173164][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1568.178347][T18581] do_fast_syscall_32+0x33/0x70 [ 1568.183467][T18581] do_SYSENTER_32+0x1b/0x20 [ 1568.188115][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1568.194780][T18581] [ 1568.197186][T18581] Uninit was stored to memory at: [ 1568.202538][T18581] __get_compat_msghdr+0x514/0x750 [ 1568.207855][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1568.213033][T18581] ___sys_recvmsg+0x19d/0x870 [ 1568.217871][T18581] do_recvmmsg+0x63a/0x10a0 [ 1568.222645][T18581] __sys_recvmmsg+0x113/0x450 [ 1568.227479][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1568.234030][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1568.239209][T18581] do_fast_syscall_32+0x33/0x70 [ 1568.244331][T18581] do_SYSENTER_32+0x1b/0x20 [ 1568.248983][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1568.255654][T18581] [ 1568.258054][T18581] Uninit was stored to memory at: [ 1568.263395][T18581] __get_compat_msghdr+0x514/0x750 [ 1568.268701][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1568.273863][T18581] ___sys_recvmsg+0x19d/0x870 [ 1568.278697][T18581] do_recvmmsg+0x63a/0x10a0 [ 1568.283460][T18581] __sys_recvmmsg+0x113/0x450 [ 1568.288285][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1568.294815][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1568.300004][T18581] do_fast_syscall_32+0x33/0x70 [ 1568.305114][T18581] do_SYSENTER_32+0x1b/0x20 [ 1568.309763][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1568.316431][T18581] [ 1568.318836][T18581] Local variable msg_sys created at: [ 1568.324304][T18581] do_recvmmsg+0x5f/0x10a0 [ 1568.328875][T18581] __sys_recvmmsg+0x113/0x450 [ 1568.510763][T18577] not chained 2100000 origins [ 1568.515847][T18577] CPU: 1 PID: 18577 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1568.526543][T18577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1568.536752][T18577] Call Trace: [ 1568.540564][T18577] [ 1568.543587][T18577] dump_stack_lvl+0x1c8/0x256 [ 1568.548487][T18577] dump_stack+0x1a/0x1c [ 1568.552827][T18577] kmsan_internal_chain_origin+0x78/0x120 [ 1568.558729][T18577] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1568.564986][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1568.570293][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1568.576724][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1568.582018][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1568.588020][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1568.593315][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1568.599318][T18577] ? __get_compat_msghdr+0x5b/0x750 [ 1568.604736][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1568.610035][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1568.616049][T18577] ? should_fail+0x3f/0x810 [ 1568.620754][T18577] ? __stack_depot_save+0x21/0x4b0 [ 1568.626058][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1568.631356][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1568.637805][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1568.643632][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1568.649642][T18577] __msan_chain_origin+0xbd/0x140 [ 1568.654930][T18577] __get_compat_msghdr+0x514/0x750 [ 1568.660281][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1568.665343][T18577] ? ___sys_recvmsg+0xa9/0x870 [ 1568.670271][T18577] ? do_recvmmsg+0x63a/0x10a0 [ 1568.675134][T18577] ___sys_recvmsg+0x19d/0x870 [ 1568.680074][T18577] ? __schedule+0x1609/0x21d0 [ 1568.684922][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1568.690213][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1568.696216][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1568.701520][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1568.707532][T18577] do_recvmmsg+0x63a/0x10a0 [ 1568.712214][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1568.718660][T18577] ? __sys_recvmmsg+0x52/0x450 [ 1568.723590][T18577] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1568.730202][T18577] __sys_recvmmsg+0x113/0x450 [ 1568.735026][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1568.740331][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1568.746792][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1568.751981][T18577] ? exit_to_user_mode_prepare+0x119/0x220 [ 1568.757970][T18577] do_fast_syscall_32+0x33/0x70 [ 1568.762987][T18577] do_SYSENTER_32+0x1b/0x20 [ 1568.767649][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1568.774207][T18577] RIP: 0023:0xf7f92549 [ 1568.778401][T18577] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1568.798203][T18577] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1568.806788][T18577] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1568.814908][T18577] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1568.823023][T18577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1568.831134][T18577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1568.839248][T18577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1568.847397][T18577] [ 1568.856499][T18577] Uninit was stored to memory at: [ 1568.861781][T18577] __get_compat_msghdr+0x514/0x750 [ 1568.867636][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1568.872794][T18577] ___sys_recvmsg+0x19d/0x870 [ 1568.877632][T18577] do_recvmmsg+0x63a/0x10a0 [ 1568.882382][T18577] __sys_recvmmsg+0x113/0x450 [ 1568.887217][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1568.893742][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1568.898923][T18577] do_fast_syscall_32+0x33/0x70 [ 1568.904048][T18577] do_SYSENTER_32+0x1b/0x20 [ 1568.908708][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1568.915367][T18577] [ 1568.917779][T18577] Uninit was stored to memory at: [ 1568.923128][T18577] __get_compat_msghdr+0x514/0x750 [ 1568.928458][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1568.933694][T18577] ___sys_recvmsg+0x19d/0x870 [ 1568.938550][T18577] do_recvmmsg+0x63a/0x10a0 [ 1568.943298][T18577] __sys_recvmmsg+0x113/0x450 [ 1568.948142][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1568.954659][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1568.959841][T18577] do_fast_syscall_32+0x33/0x70 [ 1568.964949][T18577] do_SYSENTER_32+0x1b/0x20 [ 1568.969602][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1568.976254][T18577] [ 1568.978656][T18577] Uninit was stored to memory at: [ 1568.984000][T18577] __get_compat_msghdr+0x514/0x750 [ 1568.989317][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1568.994490][T18577] ___sys_recvmsg+0x19d/0x870 [ 1568.999324][T18577] do_recvmmsg+0x63a/0x10a0 [ 1569.004077][T18577] __sys_recvmmsg+0x113/0x450 [ 1569.008909][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1569.015429][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1569.020615][T18577] do_fast_syscall_32+0x33/0x70 [ 1569.025758][T18577] do_SYSENTER_32+0x1b/0x20 [ 1569.030413][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1569.037062][T18577] [ 1569.039465][T18577] Uninit was stored to memory at: [ 1569.044805][T18577] __get_compat_msghdr+0x514/0x750 [ 1569.050120][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1569.055266][T18577] ___sys_recvmsg+0x19d/0x870 [ 1569.060109][T18577] do_recvmmsg+0x63a/0x10a0 [ 1569.064859][T18577] __sys_recvmmsg+0x113/0x450 [ 1569.069670][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1569.076182][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1569.081362][T18577] do_fast_syscall_32+0x33/0x70 [ 1569.086551][T18577] do_SYSENTER_32+0x1b/0x20 [ 1569.091203][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1569.097847][T18577] [ 1569.100247][T18577] Uninit was stored to memory at: [ 1569.105590][T18577] __get_compat_msghdr+0x514/0x750 [ 1569.110900][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1569.116064][T18577] ___sys_recvmsg+0x19d/0x870 [ 1569.120899][T18577] do_recvmmsg+0x63a/0x10a0 [ 1569.125643][T18577] __sys_recvmmsg+0x113/0x450 [ 1569.130478][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1569.137007][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1569.142286][T18577] do_fast_syscall_32+0x33/0x70 [ 1569.147293][T18577] do_SYSENTER_32+0x1b/0x20 [ 1569.151954][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1569.158615][T18577] [ 1569.161021][T18577] Uninit was stored to memory at: [ 1569.166365][T18577] __get_compat_msghdr+0x514/0x750 [ 1569.171685][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1569.176845][T18577] ___sys_recvmsg+0x19d/0x870 [ 1569.181684][T18577] do_recvmmsg+0x63a/0x10a0 [ 1569.186524][T18577] __sys_recvmmsg+0x113/0x450 [ 1569.191357][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1569.197885][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1569.203173][T18577] do_fast_syscall_32+0x33/0x70 [ 1569.208187][T18577] do_SYSENTER_32+0x1b/0x20 [ 1569.212920][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1569.219474][T18577] [ 1569.221888][T18577] Uninit was stored to memory at: [ 1569.227238][T18577] __get_compat_msghdr+0x514/0x750 [ 1569.232647][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1569.237692][T18577] ___sys_recvmsg+0x19d/0x870 [ 1569.242603][T18577] do_recvmmsg+0x63a/0x10a0 [ 1569.247257][T18577] __sys_recvmmsg+0x113/0x450 [ 1569.252097][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1569.258702][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1569.263994][T18577] do_fast_syscall_32+0x33/0x70 [ 1569.269007][T18577] do_SYSENTER_32+0x1b/0x20 [ 1569.273738][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1569.280294][T18577] [ 1569.282806][T18577] Local variable msg_sys created at: [ 1569.288176][T18577] do_recvmmsg+0x5f/0x10a0 [ 1569.292835][T18577] __sys_recvmmsg+0x113/0x450 [ 1569.729623][ T1196] ieee802154 phy0 wpan0: encryption failed: -22 [ 1569.736477][ T1196] ieee802154 phy1 wpan1: encryption failed: -22 [ 1569.891417][T18534] not chained 2110000 origins [ 1569.896503][T18534] CPU: 0 PID: 18534 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1569.907179][T18534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1569.917371][T18534] Call Trace: [ 1569.920748][T18534] [ 1569.923769][T18534] dump_stack_lvl+0x1c8/0x256 [ 1569.928663][T18534] dump_stack+0x1a/0x1c [ 1569.932999][T18534] kmsan_internal_chain_origin+0x78/0x120 [ 1569.938909][T18534] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1569.945190][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1569.950504][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1569.956948][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1569.962236][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1569.968237][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1569.973529][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1569.979524][T18534] ? __get_compat_msghdr+0x5b/0x750 [ 1569.984935][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1569.990221][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1569.996220][T18534] ? should_fail+0x3f/0x810 [ 1570.000909][T18534] ? __stack_depot_save+0x21/0x4b0 [ 1570.006193][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1570.011485][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1570.017923][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1570.023213][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1570.029203][T18534] __msan_chain_origin+0xbd/0x140 [ 1570.034404][T18534] __get_compat_msghdr+0x514/0x750 [ 1570.039753][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1570.044815][T18534] ? ___sys_recvmsg+0xa9/0x870 [ 1570.049735][T18534] ? do_recvmmsg+0x63a/0x10a0 [ 1570.054577][T18534] ___sys_recvmsg+0x19d/0x870 [ 1570.059421][T18534] ? __schedule+0x1609/0x21d0 [ 1570.064271][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1570.069575][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1570.075579][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1570.080868][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1570.086874][T18534] do_recvmmsg+0x63a/0x10a0 [ 1570.091568][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1570.098005][T18534] ? __sys_recvmmsg+0x52/0x450 [ 1570.103010][T18534] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1570.109618][T18534] __sys_recvmmsg+0x113/0x450 [ 1570.114453][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1570.119761][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1570.126205][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1570.131392][T18534] ? exit_to_user_mode_prepare+0x119/0x220 [ 1570.137381][T18534] do_fast_syscall_32+0x33/0x70 [ 1570.142382][T18534] do_SYSENTER_32+0x1b/0x20 [ 1570.147038][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1570.153596][T18534] RIP: 0023:0xf7f3a549 [ 1570.157785][T18534] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1570.177600][T18534] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1570.186188][T18534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1570.194302][T18534] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1570.202492][T18534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1570.210597][T18534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1570.218698][T18534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1570.226825][T18534] [ 1570.236487][T18534] Uninit was stored to memory at: [ 1570.241763][T18534] __get_compat_msghdr+0x514/0x750 [ 1570.247698][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1570.252896][T18534] ___sys_recvmsg+0x19d/0x870 [ 1570.257728][T18534] do_recvmmsg+0x63a/0x10a0 [ 1570.262491][T18534] __sys_recvmmsg+0x113/0x450 [ 1570.267335][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1570.273880][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1570.279090][T18534] do_fast_syscall_32+0x33/0x70 [ 1570.284213][T18534] do_SYSENTER_32+0x1b/0x20 [ 1570.288865][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1570.295546][T18534] [ 1570.297952][T18534] Uninit was stored to memory at: [ 1570.303290][T18534] __get_compat_msghdr+0x514/0x750 [ 1570.308607][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1570.313798][T18534] ___sys_recvmsg+0x19d/0x870 [ 1570.318635][T18534] do_recvmmsg+0x63a/0x10a0 [ 1570.323407][T18534] __sys_recvmmsg+0x113/0x450 [ 1570.328234][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1570.334765][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1570.339958][T18534] do_fast_syscall_32+0x33/0x70 [ 1570.345077][T18534] do_SYSENTER_32+0x1b/0x20 [ 1570.349732][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1570.356406][T18534] [ 1570.358813][T18534] Uninit was stored to memory at: [ 1570.364155][T18534] __get_compat_msghdr+0x514/0x750 [ 1570.369465][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1570.374642][T18534] ___sys_recvmsg+0x19d/0x870 [ 1570.379478][T18534] do_recvmmsg+0x63a/0x10a0 [ 1570.384276][T18534] __sys_recvmmsg+0x113/0x450 [ 1570.389117][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1570.395665][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1570.400854][T18534] do_fast_syscall_32+0x33/0x70 [ 1570.406029][T18534] do_SYSENTER_32+0x1b/0x20 [ 1570.410696][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1570.417482][T18534] [ 1570.419888][T18534] Uninit was stored to memory at: [ 1570.425273][T18534] __get_compat_msghdr+0x514/0x750 [ 1570.430601][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1570.435791][T18534] ___sys_recvmsg+0x19d/0x870 [ 1570.440629][T18534] do_recvmmsg+0x63a/0x10a0 [ 1570.445408][T18534] __sys_recvmmsg+0x113/0x450 [ 1570.450239][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1570.456777][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1570.461981][T18534] do_fast_syscall_32+0x33/0x70 [ 1570.467112][T18534] do_SYSENTER_32+0x1b/0x20 [ 1570.471778][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1570.478466][T18534] [ 1570.480871][T18534] Uninit was stored to memory at: [ 1570.486251][T18534] __get_compat_msghdr+0x514/0x750 [ 1570.491572][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1570.496755][T18534] ___sys_recvmsg+0x19d/0x870 [ 1570.501592][T18534] do_recvmmsg+0x63a/0x10a0 [ 1570.506457][T18534] __sys_recvmmsg+0x113/0x450 [ 1570.511288][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1570.517838][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1570.523113][T18534] do_fast_syscall_32+0x33/0x70 [ 1570.528117][T18534] do_SYSENTER_32+0x1b/0x20 [ 1570.532889][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1570.539438][T18534] [ 1570.541841][T18534] Uninit was stored to memory at: [ 1570.547206][T18534] __get_compat_msghdr+0x514/0x750 [ 1570.552608][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1570.557655][T18534] ___sys_recvmsg+0x19d/0x870 [ 1570.562595][T18534] do_recvmmsg+0x63a/0x10a0 [ 1570.567248][T18534] __sys_recvmmsg+0x113/0x450 [ 1570.572078][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1570.578638][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1570.583952][T18534] do_fast_syscall_32+0x33/0x70 [ 1570.588967][T18534] do_SYSENTER_32+0x1b/0x20 [ 1570.593747][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1570.600403][T18534] [ 1570.602947][T18534] Uninit was stored to memory at: [ 1570.608209][T18534] __get_compat_msghdr+0x514/0x750 [ 1570.613670][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1570.618729][T18534] ___sys_recvmsg+0x19d/0x870 [ 1570.623680][T18534] do_recvmmsg+0x63a/0x10a0 [ 1570.628333][T18534] __sys_recvmmsg+0x113/0x450 [ 1570.633300][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1570.639728][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1570.645055][T18534] do_fast_syscall_32+0x33/0x70 [ 1570.650062][T18534] do_SYSENTER_32+0x1b/0x20 [ 1570.654808][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1570.661375][T18534] [ 1570.663906][T18534] Local variable msg_sys created at: [ 1570.669280][T18534] do_recvmmsg+0x5f/0x10a0 [ 1570.673977][T18534] __sys_recvmmsg+0x113/0x450 [ 1570.849754][T18478] not chained 2120000 origins [ 1570.854832][T18478] CPU: 0 PID: 18478 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1570.865516][T18478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1570.875722][T18478] Call Trace: [ 1570.879117][T18478] [ 1570.882146][T18478] dump_stack_lvl+0x1c8/0x256 [ 1570.887038][T18478] dump_stack+0x1a/0x1c [ 1570.891387][T18478] kmsan_internal_chain_origin+0x78/0x120 [ 1570.897290][T18478] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1570.903555][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1570.908847][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1570.915291][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1570.920593][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1570.926591][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1570.931878][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1570.937870][T18478] ? __get_compat_msghdr+0x5b/0x750 [ 1570.943272][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1570.948561][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1570.954578][T18478] ? should_fail+0x3f/0x810 [ 1570.959268][T18478] ? __stack_depot_save+0x21/0x4b0 [ 1570.964569][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1570.969869][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1570.976301][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1570.981591][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1570.987582][T18478] __msan_chain_origin+0xbd/0x140 [ 1570.992785][T18478] __get_compat_msghdr+0x514/0x750 [ 1570.998174][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1571.003222][T18478] ? ___sys_recvmsg+0xa9/0x870 [ 1571.008147][T18478] ? do_recvmmsg+0x63a/0x10a0 [ 1571.012994][T18478] ___sys_recvmsg+0x19d/0x870 [ 1571.017841][T18478] ? __schedule+0x1609/0x21d0 [ 1571.022697][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1571.027989][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1571.033992][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1571.039278][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1571.045282][T18478] do_recvmmsg+0x63a/0x10a0 [ 1571.049971][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1571.056412][T18478] ? __sys_recvmmsg+0x52/0x450 [ 1571.061348][T18478] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1571.067961][T18478] __sys_recvmmsg+0x113/0x450 [ 1571.072800][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1571.078111][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1571.084556][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1571.089744][T18478] ? exit_to_user_mode_prepare+0x119/0x220 [ 1571.095739][T18478] do_fast_syscall_32+0x33/0x70 [ 1571.100768][T18478] do_SYSENTER_32+0x1b/0x20 [ 1571.105452][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1571.112007][T18478] RIP: 0023:0xf7fc4549 [ 1571.116190][T18478] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1571.135973][T18478] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1571.144539][T18478] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1571.152638][T18478] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1571.160729][T18478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1571.168826][T18478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1571.176917][T18478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1571.185036][T18478] [ 1571.193511][T18478] Uninit was stored to memory at: [ 1571.198789][T18478] __get_compat_msghdr+0x514/0x750 [ 1571.204656][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1571.209719][T18478] ___sys_recvmsg+0x19d/0x870 [ 1571.214689][T18478] do_recvmmsg+0x63a/0x10a0 [ 1571.219346][T18478] __sys_recvmmsg+0x113/0x450 [ 1571.224321][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1571.230745][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1571.236059][T18478] do_fast_syscall_32+0x33/0x70 [ 1571.241085][T18478] do_SYSENTER_32+0x1b/0x20 [ 1571.245878][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1571.252539][T18478] [ 1571.254939][T18478] Uninit was stored to memory at: [ 1571.260182][T18478] __get_compat_msghdr+0x514/0x750 [ 1571.265632][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1571.270682][T18478] ___sys_recvmsg+0x19d/0x870 [ 1571.275648][T18478] do_recvmmsg+0x63a/0x10a0 [ 1571.280307][T18478] __sys_recvmmsg+0x113/0x450 [ 1571.285350][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1571.291799][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1571.297173][T18478] do_fast_syscall_32+0x33/0x70 [ 1571.302183][T18478] do_SYSENTER_32+0x1b/0x20 [ 1571.307100][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1571.313854][T18478] [ 1571.316260][T18478] Uninit was stored to memory at: [ 1571.321510][T18478] __get_compat_msghdr+0x514/0x750 [ 1571.327015][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1571.332067][T18478] ___sys_recvmsg+0x19d/0x870 [ 1571.337063][T18478] do_recvmmsg+0x63a/0x10a0 [ 1571.341736][T18478] __sys_recvmmsg+0x113/0x450 [ 1571.346782][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1571.353305][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1571.358506][T18478] do_fast_syscall_32+0x33/0x70 [ 1571.363743][T18478] do_SYSENTER_32+0x1b/0x20 [ 1571.368412][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1571.375162][T18478] [ 1571.377570][T18478] Uninit was stored to memory at: [ 1571.382987][T18478] __get_compat_msghdr+0x514/0x750 [ 1571.388308][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1571.393585][T18478] ___sys_recvmsg+0x19d/0x870 [ 1571.398432][T18478] do_recvmmsg+0x63a/0x10a0 [ 1571.403297][T18478] __sys_recvmmsg+0x113/0x450 [ 1571.408139][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1571.414755][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1571.419938][T18478] do_fast_syscall_32+0x33/0x70 [ 1571.425144][T18478] do_SYSENTER_32+0x1b/0x20 [ 1571.429796][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1571.436480][T18478] [ 1571.438883][T18478] Uninit was stored to memory at: [ 1571.444317][T18478] __get_compat_msghdr+0x514/0x750 [ 1571.449641][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1571.454896][T18478] ___sys_recvmsg+0x19d/0x870 [ 1571.459740][T18478] do_recvmmsg+0x63a/0x10a0 [ 1571.464542][T18478] __sys_recvmmsg+0x113/0x450 [ 1571.469466][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1571.476023][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1571.481207][T18478] do_fast_syscall_32+0x33/0x70 [ 1571.486331][T18478] do_SYSENTER_32+0x1b/0x20 [ 1571.490986][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1571.497654][T18478] [ 1571.500057][T18478] Uninit was stored to memory at: [ 1571.505416][T18478] __get_compat_msghdr+0x514/0x750 [ 1571.510699][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1571.515876][T18478] ___sys_recvmsg+0x19d/0x870 [ 1571.520708][T18478] do_recvmmsg+0x63a/0x10a0 [ 1571.525486][T18478] __sys_recvmmsg+0x113/0x450 [ 1571.530316][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1571.536864][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1571.542040][T18478] do_fast_syscall_32+0x33/0x70 [ 1571.547155][T18478] do_SYSENTER_32+0x1b/0x20 [ 1571.551806][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1571.558482][T18478] [ 1571.560890][T18478] Uninit was stored to memory at: [ 1571.566327][T18478] __get_compat_msghdr+0x514/0x750 [ 1571.571645][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1571.576907][T18478] ___sys_recvmsg+0x19d/0x870 [ 1571.581744][T18478] do_recvmmsg+0x63a/0x10a0 [ 1571.586603][T18478] __sys_recvmmsg+0x113/0x450 [ 1571.591444][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1571.598075][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1571.603368][T18478] do_fast_syscall_32+0x33/0x70 [ 1571.608391][T18478] do_SYSENTER_32+0x1b/0x20 [ 1571.613224][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1571.619838][T18478] [ 1571.622430][T18478] Local variable msg_sys created at: [ 1571.627807][T18478] do_recvmmsg+0x5f/0x10a0 [ 1571.632582][T18478] __sys_recvmmsg+0x113/0x450 [ 1571.839452][T18534] not chained 2130000 origins [ 1571.844458][T18534] CPU: 1 PID: 18534 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1571.855136][T18534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1571.865332][T18534] Call Trace: [ 1571.868710][T18534] [ 1571.871732][T18534] dump_stack_lvl+0x1c8/0x256 [ 1571.876626][T18534] dump_stack+0x1a/0x1c [ 1571.880966][T18534] kmsan_internal_chain_origin+0x78/0x120 [ 1571.886868][T18534] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1571.893134][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1571.898425][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1571.904855][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1571.910159][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1571.916163][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1571.921447][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1571.927443][T18534] ? __get_compat_msghdr+0x5b/0x750 [ 1571.932877][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1571.938174][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1571.944188][T18534] ? should_fail+0x3f/0x810 [ 1571.948869][T18534] ? __stack_depot_save+0x21/0x4b0 [ 1571.954158][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1571.959449][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1571.965885][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1571.971173][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1571.977169][T18534] __msan_chain_origin+0xbd/0x140 [ 1571.982366][T18534] __get_compat_msghdr+0x514/0x750 [ 1571.987713][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1571.992771][T18534] ? ___sys_recvmsg+0xa9/0x870 [ 1571.997688][T18534] ? do_recvmmsg+0x63a/0x10a0 [ 1572.002518][T18534] ___sys_recvmsg+0x19d/0x870 [ 1572.007362][T18534] ? __schedule+0x1609/0x21d0 [ 1572.012206][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1572.017496][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1572.023496][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1572.028785][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1572.034793][T18534] do_recvmmsg+0x63a/0x10a0 [ 1572.039481][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1572.045923][T18534] ? __sys_recvmmsg+0x52/0x450 [ 1572.050847][T18534] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.057462][T18534] __sys_recvmmsg+0x113/0x450 [ 1572.062293][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1572.067590][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.074035][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1572.079221][T18534] ? exit_to_user_mode_prepare+0x119/0x220 [ 1572.085207][T18534] do_fast_syscall_32+0x33/0x70 [ 1572.090215][T18534] do_SYSENTER_32+0x1b/0x20 [ 1572.094869][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1572.101433][T18534] RIP: 0023:0xf7f3a549 [ 1572.105629][T18534] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1572.125443][T18534] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1572.134032][T18534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1572.142146][T18534] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1572.150251][T18534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1572.158360][T18534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1572.166465][T18534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1572.174601][T18534] [ 1572.188582][T18534] Uninit was stored to memory at: [ 1572.195417][T18534] __get_compat_msghdr+0x514/0x750 [ 1572.200740][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1572.205893][T18534] ___sys_recvmsg+0x19d/0x870 [ 1572.210728][T18534] do_recvmmsg+0x63a/0x10a0 [ 1572.215462][T18534] __sys_recvmmsg+0x113/0x450 [ 1572.220307][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.226853][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1572.232048][T18534] do_fast_syscall_32+0x33/0x70 [ 1572.237164][T18534] do_SYSENTER_32+0x1b/0x20 [ 1572.241846][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1572.248523][T18534] [ 1572.250946][T18534] Uninit was stored to memory at: [ 1572.256319][T18534] __get_compat_msghdr+0x514/0x750 [ 1572.261644][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1572.266820][T18534] ___sys_recvmsg+0x19d/0x870 [ 1572.271663][T18534] do_recvmmsg+0x63a/0x10a0 [ 1572.276420][T18534] __sys_recvmmsg+0x113/0x450 [ 1572.281253][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.287769][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1572.293053][T18534] do_fast_syscall_32+0x33/0x70 [ 1572.298064][T18534] do_SYSENTER_32+0x1b/0x20 [ 1572.302801][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1572.309362][T18534] [ 1572.311765][T18534] Uninit was stored to memory at: [ 1572.317125][T18534] __get_compat_msghdr+0x514/0x750 [ 1572.322617][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1572.327688][T18534] ___sys_recvmsg+0x19d/0x870 [ 1572.332621][T18534] do_recvmmsg+0x63a/0x10a0 [ 1572.337276][T18534] __sys_recvmmsg+0x113/0x450 [ 1572.342110][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.348626][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1572.353907][T18534] do_fast_syscall_32+0x33/0x70 [ 1572.358910][T18534] do_SYSENTER_32+0x1b/0x20 [ 1572.363666][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1572.370239][T18534] [ 1572.372748][T18534] Uninit was stored to memory at: [ 1572.378010][T18534] __get_compat_msghdr+0x514/0x750 [ 1572.383433][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1572.388479][T18534] ___sys_recvmsg+0x19d/0x870 [ 1572.393402][T18534] do_recvmmsg+0x63a/0x10a0 [ 1572.398054][T18534] __sys_recvmmsg+0x113/0x450 [ 1572.402974][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.409390][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1572.414666][T18534] do_fast_syscall_32+0x33/0x70 [ 1572.419667][T18534] do_SYSENTER_32+0x1b/0x20 [ 1572.424411][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1572.430986][T18534] [ 1572.433486][T18534] Uninit was stored to memory at: [ 1572.438741][T18534] __get_compat_msghdr+0x514/0x750 [ 1572.444138][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1572.449193][T18534] ___sys_recvmsg+0x19d/0x870 [ 1572.454203][T18534] do_recvmmsg+0x63a/0x10a0 [ 1572.455717][T18577] not chained 2140000 origins [ 1572.458824][T18534] __sys_recvmmsg+0x113/0x450 [ 1572.463689][T18577] CPU: 0 PID: 18577 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1572.468292][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.478798][T18577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1572.478855][T18577] Call Trace: [ 1572.478887][T18577] [ 1572.478918][T18577] dump_stack_lvl+0x1c8/0x256 [ 1572.485204][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1572.495212][T18577] dump_stack+0x1a/0x1c [ 1572.498571][T18534] do_fast_syscall_32+0x33/0x70 [ 1572.501522][T18577] kmsan_internal_chain_origin+0x78/0x120 [ 1572.506284][T18534] do_SYSENTER_32+0x1b/0x20 [ 1572.511233][T18577] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1572.515473][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1572.520344][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1572.526188][T18534] [ 1572.530585][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1572.536733][T18534] Uninit was stored to memory at: [ 1572.542998][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1572.548321][T18534] __get_compat_msghdr+0x514/0x750 [ 1572.550526][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1572.556844][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1572.561809][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1572.567001][T18534] ___sys_recvmsg+0x19d/0x870 [ 1572.572047][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1572.577962][T18534] do_recvmmsg+0x63a/0x10a0 [ 1572.582732][T18577] ? __get_compat_msghdr+0x5b/0x750 [ 1572.588017][T18534] __sys_recvmmsg+0x113/0x450 [ 1572.592783][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1572.592918][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1572.598755][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.603284][T18577] ? should_fail+0x3f/0x810 [ 1572.603403][T18577] ? __stack_depot_save+0x21/0x4b0 [ 1572.608571][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1572.613259][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1572.613378][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1572.618460][T18534] do_fast_syscall_32+0x33/0x70 [ 1572.624279][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1572.624396][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1572.630639][T18534] do_SYSENTER_32+0x1b/0x20 [ 1572.635156][T18577] __msan_chain_origin+0xbd/0x140 [ 1572.635275][T18577] __get_compat_msghdr+0x514/0x750 [ 1572.640349][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1572.645413][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1572.650686][T18534] [ 1572.650705][T18534] Uninit was stored to memory at: [ 1572.656936][T18577] ? ___sys_recvmsg+0xa9/0x870 [ 1572.657035][T18577] ? do_recvmmsg+0x63a/0x10a0 [ 1572.661995][T18534] __get_compat_msghdr+0x514/0x750 [ 1572.667016][T18577] ___sys_recvmsg+0x19d/0x870 [ 1572.667126][T18577] ? __schedule+0x1609/0x21d0 [ 1572.673011][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1572.677428][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1572.682524][T18534] ___sys_recvmsg+0x19d/0x870 [ 1572.687566][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1572.693969][T18534] do_recvmmsg+0x63a/0x10a0 [ 1572.698753][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1572.701085][T18534] __sys_recvmmsg+0x113/0x450 [ 1572.706118][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1572.710963][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.715659][T18577] do_recvmmsg+0x63a/0x10a0 [ 1572.715787][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1572.720845][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1572.725544][T18577] ? __sys_recvmmsg+0x52/0x450 [ 1572.725638][T18577] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.730331][T18534] do_fast_syscall_32+0x33/0x70 [ 1572.735200][T18577] __sys_recvmmsg+0x113/0x450 [ 1572.735299][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1572.740396][T18534] do_SYSENTER_32+0x1b/0x20 [ 1572.745121][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1572.750995][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1572.755521][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1572.755620][T18577] ? exit_to_user_mode_prepare+0x119/0x220 [ 1572.760786][T18534] [ 1572.760807][T18534] Local variable msg_sys created at: [ 1572.765482][T18577] do_fast_syscall_32+0x33/0x70 [ 1572.765585][T18577] do_SYSENTER_32+0x1b/0x20 [ 1572.771367][T18534] do_recvmmsg+0x5f/0x10a0 [ 1572.777621][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1572.782326][T18534] __sys_recvmmsg+0x113/0x450 [ 1572.788499][T18577] RIP: 0023:0xf7f92549 [ 1572.889433][T18577] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1572.909251][T18577] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1572.917852][T18577] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1572.925970][T18577] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1572.934081][T18577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1572.942192][T18577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1572.950296][T18577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1572.958432][T18577] [ 1572.968939][T18577] Uninit was stored to memory at: [ 1572.975264][T18577] __get_compat_msghdr+0x514/0x750 [ 1572.980590][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1572.985789][T18577] ___sys_recvmsg+0x19d/0x870 [ 1572.990628][T18577] do_recvmmsg+0x63a/0x10a0 [ 1572.995436][T18577] __sys_recvmmsg+0x113/0x450 [ 1573.000276][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1573.006835][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1573.012015][T18577] do_fast_syscall_32+0x33/0x70 [ 1573.017230][T18577] do_SYSENTER_32+0x1b/0x20 [ 1573.021894][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1573.028674][T18577] [ 1573.031142][T18577] Uninit was stored to memory at: [ 1573.036571][T18577] __get_compat_msghdr+0x514/0x750 [ 1573.041895][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1573.047073][T18577] ___sys_recvmsg+0x19d/0x870 [ 1573.051908][T18577] do_recvmmsg+0x63a/0x10a0 [ 1573.056669][T18577] __sys_recvmmsg+0x113/0x450 [ 1573.061500][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1573.068027][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1573.073299][T18577] do_fast_syscall_32+0x33/0x70 [ 1573.078309][T18577] do_SYSENTER_32+0x1b/0x20 [ 1573.083103][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1573.089661][T18577] [ 1573.092070][T18577] Uninit was stored to memory at: [ 1573.097452][T18577] __get_compat_msghdr+0x514/0x750 [ 1573.102883][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1573.107951][T18577] ___sys_recvmsg+0x19d/0x870 [ 1573.112928][T18577] do_recvmmsg+0x63a/0x10a0 [ 1573.117587][T18577] __sys_recvmmsg+0x113/0x450 [ 1573.122550][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1573.128981][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1573.134306][T18577] do_fast_syscall_32+0x33/0x70 [ 1573.139325][T18577] do_SYSENTER_32+0x1b/0x20 [ 1573.144111][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1573.150670][T18577] [ 1573.153196][T18577] Uninit was stored to memory at: [ 1573.158444][T18577] __get_compat_msghdr+0x514/0x750 [ 1573.163900][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1573.168956][T18577] ___sys_recvmsg+0x19d/0x870 [ 1573.173927][T18577] do_recvmmsg+0x63a/0x10a0 [ 1573.178587][T18577] __sys_recvmmsg+0x113/0x450 [ 1573.183548][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1573.189969][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1573.195279][T18577] do_fast_syscall_32+0x33/0x70 [ 1573.200285][T18577] do_SYSENTER_32+0x1b/0x20 [ 1573.205062][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1573.211623][T18577] [ 1573.214141][T18577] Uninit was stored to memory at: [ 1573.219401][T18577] __get_compat_msghdr+0x514/0x750 [ 1573.224912][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1573.229994][T18577] ___sys_recvmsg+0x19d/0x870 [ 1573.234959][T18577] do_recvmmsg+0x63a/0x10a0 [ 1573.239600][T18577] __sys_recvmmsg+0x113/0x450 [ 1573.244532][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1573.250950][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1573.256348][T18577] do_fast_syscall_32+0x33/0x70 [ 1573.261362][T18577] do_SYSENTER_32+0x1b/0x20 [ 1573.266216][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1573.272872][T18577] [ 1573.275278][T18577] Uninit was stored to memory at: [ 1573.280528][T18577] __get_compat_msghdr+0x514/0x750 [ 1573.286055][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1573.291122][T18577] ___sys_recvmsg+0x19d/0x870 [ 1573.296149][T18577] do_recvmmsg+0x63a/0x10a0 [ 1573.300812][T18577] __sys_recvmmsg+0x113/0x450 [ 1573.305832][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1573.312350][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1573.317535][T18577] do_fast_syscall_32+0x33/0x70 [ 1573.322729][T18577] do_SYSENTER_32+0x1b/0x20 [ 1573.327390][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1573.334136][T18577] [ 1573.336546][T18577] Uninit was stored to memory at: [ 1573.341800][T18577] __get_compat_msghdr+0x514/0x750 [ 1573.347316][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1573.352473][T18577] ___sys_recvmsg+0x19d/0x870 [ 1573.357309][T18577] do_recvmmsg+0x63a/0x10a0 [ 1573.361968][T18577] __sys_recvmmsg+0x113/0x450 [ 1573.367017][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1573.373547][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1573.378734][T18577] do_fast_syscall_32+0x33/0x70 [ 1573.383943][T18577] do_SYSENTER_32+0x1b/0x20 [ 1573.388603][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1573.395373][T18577] [ 1573.397788][T18577] Local variable msg_sys created at: [ 1573.403326][T18577] do_recvmmsg+0x5f/0x10a0 [ 1573.407897][T18577] __sys_recvmmsg+0x113/0x450 [ 1573.949976][T18478] not chained 2150000 origins [ 1573.961254][T18478] CPU: 1 PID: 18478 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1573.971955][T18478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1573.982149][T18478] Call Trace: [ 1573.985527][T18478] [ 1573.988552][T18478] dump_stack_lvl+0x1c8/0x256 [ 1573.993445][T18478] dump_stack+0x1a/0x1c [ 1573.997791][T18478] kmsan_internal_chain_origin+0x78/0x120 [ 1574.003698][T18478] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1574.009953][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1574.015237][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1574.021670][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1574.026964][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1574.032982][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1574.038272][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1574.044270][T18478] ? __get_compat_msghdr+0x5b/0x750 [ 1574.049675][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1574.054969][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1574.060977][T18478] ? should_fail+0x3f/0x810 [ 1574.065668][T18478] ? __stack_depot_save+0x21/0x4b0 [ 1574.070961][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1574.076252][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1574.082687][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1574.087984][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1574.093986][T18478] __msan_chain_origin+0xbd/0x140 [ 1574.099186][T18478] __get_compat_msghdr+0x514/0x750 [ 1574.104532][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1574.109590][T18478] ? ___sys_recvmsg+0xa9/0x870 [ 1574.114511][T18478] ? do_recvmmsg+0x63a/0x10a0 [ 1574.119355][T18478] ___sys_recvmsg+0x19d/0x870 [ 1574.124200][T18478] ? __schedule+0x1609/0x21d0 [ 1574.129043][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1574.134339][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1574.140335][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1574.145608][T18478] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1574.151591][T18478] do_recvmmsg+0x63a/0x10a0 [ 1574.156262][T18478] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1574.162688][T18478] ? __sys_recvmmsg+0x52/0x450 [ 1574.167596][T18478] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1574.174185][T18478] __sys_recvmmsg+0x113/0x450 [ 1574.179018][T18478] ? kmsan_get_metadata+0x33/0x220 [ 1574.184325][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1574.190748][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1574.195922][T18478] ? exit_to_user_mode_prepare+0x119/0x220 [ 1574.201893][T18478] do_fast_syscall_32+0x33/0x70 [ 1574.206893][T18478] do_SYSENTER_32+0x1b/0x20 [ 1574.211545][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1574.218080][T18478] RIP: 0023:0xf7fc4549 [ 1574.222264][T18478] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1574.242049][T18478] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1574.250616][T18478] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1574.258714][T18478] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1574.266802][T18478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1574.274891][T18478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1574.282981][T18478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1574.291094][T18478] [ 1574.295118][T18478] Uninit was stored to memory at: [ 1574.300377][T18478] __get_compat_msghdr+0x514/0x750 [ 1574.305795][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1574.310853][T18478] ___sys_recvmsg+0x19d/0x870 [ 1574.315893][T18478] do_recvmmsg+0x63a/0x10a0 [ 1574.320559][T18478] __sys_recvmmsg+0x113/0x450 [ 1574.325485][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1574.331901][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1574.337180][T18478] do_fast_syscall_32+0x33/0x70 [ 1574.342186][T18478] do_SYSENTER_32+0x1b/0x20 [ 1574.346925][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1574.353564][T18478] [ 1574.355971][T18478] Uninit was stored to memory at: [ 1574.361218][T18478] __get_compat_msghdr+0x514/0x750 [ 1574.366648][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1574.371705][T18478] ___sys_recvmsg+0x19d/0x870 [ 1574.376649][T18478] do_recvmmsg+0x63a/0x10a0 [ 1574.381320][T18478] __sys_recvmmsg+0x113/0x450 [ 1574.386256][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1574.392764][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1574.397957][T18478] do_fast_syscall_32+0x33/0x70 [ 1574.403071][T18478] do_SYSENTER_32+0x1b/0x20 [ 1574.407737][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1574.414392][T18478] [ 1574.416800][T18478] Uninit was stored to memory at: [ 1574.422050][T18478] __get_compat_msghdr+0x514/0x750 [ 1574.427474][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1574.432618][T18478] ___sys_recvmsg+0x19d/0x870 [ 1574.437463][T18478] do_recvmmsg+0x63a/0x10a0 [ 1574.442131][T18478] __sys_recvmmsg+0x113/0x450 [ 1574.447082][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1574.453610][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1574.458805][T18478] do_fast_syscall_32+0x33/0x70 [ 1574.463907][T18478] do_SYSENTER_32+0x1b/0x20 [ 1574.468563][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1574.475212][T18478] [ 1574.477617][T18478] Uninit was stored to memory at: [ 1574.483043][T18478] __get_compat_msghdr+0x514/0x750 [ 1574.488364][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1574.493571][T18478] ___sys_recvmsg+0x19d/0x870 [ 1574.498404][T18478] do_recvmmsg+0x63a/0x10a0 [ 1574.503220][T18478] __sys_recvmmsg+0x113/0x450 [ 1574.508060][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1574.514652][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1574.519850][T18478] do_fast_syscall_32+0x33/0x70 [ 1574.525027][T18478] do_SYSENTER_32+0x1b/0x20 [ 1574.529678][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1574.536399][T18478] [ 1574.538811][T18478] Uninit was stored to memory at: [ 1574.544217][T18478] __get_compat_msghdr+0x514/0x750 [ 1574.549535][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1574.554754][T18478] ___sys_recvmsg+0x19d/0x870 [ 1574.559596][T18478] do_recvmmsg+0x63a/0x10a0 [ 1574.564419][T18478] __sys_recvmmsg+0x113/0x450 [ 1574.569258][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1574.575851][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1574.581039][T18478] do_fast_syscall_32+0x33/0x70 [ 1574.586208][T18478] do_SYSENTER_32+0x1b/0x20 [ 1574.590875][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1574.597606][T18478] [ 1574.600018][T18478] Uninit was stored to memory at: [ 1574.605460][T18478] __get_compat_msghdr+0x514/0x750 [ 1574.610787][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1574.616043][T18478] ___sys_recvmsg+0x19d/0x870 [ 1574.620886][T18478] do_recvmmsg+0x63a/0x10a0 [ 1574.625737][T18478] __sys_recvmmsg+0x113/0x450 [ 1574.630581][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1574.637180][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1574.642462][T18478] do_fast_syscall_32+0x33/0x70 [ 1574.647466][T18478] do_SYSENTER_32+0x1b/0x20 [ 1574.652110][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1574.658809][T18478] [ 1574.661213][T18478] Uninit was stored to memory at: [ 1574.666646][T18478] __get_compat_msghdr+0x514/0x750 [ 1574.671975][T18478] get_compat_msghdr+0x8c/0x1c0 [ 1574.677191][T18478] ___sys_recvmsg+0x19d/0x870 [ 1574.682031][T18478] do_recvmmsg+0x63a/0x10a0 [ 1574.686876][T18478] __sys_recvmmsg+0x113/0x450 [ 1574.691729][T18478] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1574.698353][T18478] __do_fast_syscall_32+0x95/0xf0 [ 1574.703642][T18478] do_fast_syscall_32+0x33/0x70 [ 1574.708654][T18478] do_SYSENTER_32+0x1b/0x20 [ 1574.713463][T18478] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1574.720027][T18478] [ 1574.722591][T18478] Local variable msg_sys created at: [ 1574.727974][T18478] do_recvmmsg+0x5f/0x10a0 [ 1574.732714][T18478] __sys_recvmmsg+0x113/0x450 [ 1574.893132][T18577] not chained 2160000 origins [ 1574.897974][T18577] CPU: 1 PID: 18577 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1574.908652][T18577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1574.918864][T18577] Call Trace: [ 1574.922236][T18577] [ 1574.925258][T18577] dump_stack_lvl+0x1c8/0x256 [ 1574.930149][T18577] dump_stack+0x1a/0x1c [ 1574.934492][T18577] kmsan_internal_chain_origin+0x78/0x120 [ 1574.940404][T18577] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1574.946661][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1574.951954][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1574.958386][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1574.963681][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1574.969684][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1574.974977][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1574.980975][T18577] ? __get_compat_msghdr+0x5b/0x750 [ 1574.986375][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1574.991672][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1574.997684][T18577] ? should_fail+0x3f/0x810 [ 1575.002371][T18577] ? __stack_depot_save+0x21/0x4b0 [ 1575.007645][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1575.012940][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1575.019363][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1575.024647][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1575.030653][T18577] __msan_chain_origin+0xbd/0x140 [ 1575.035858][T18577] __get_compat_msghdr+0x514/0x750 [ 1575.041208][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1575.046258][T18577] ? ___sys_recvmsg+0xa9/0x870 [ 1575.051177][T18577] ? do_recvmmsg+0x63a/0x10a0 [ 1575.056015][T18577] ___sys_recvmsg+0x19d/0x870 [ 1575.060859][T18577] ? __schedule+0x1609/0x21d0 [ 1575.065702][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1575.071000][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1575.076996][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1575.082283][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1575.088284][T18577] do_recvmmsg+0x63a/0x10a0 [ 1575.092980][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1575.099423][T18577] ? __sys_recvmmsg+0x52/0x450 [ 1575.104344][T18577] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.110950][T18577] __sys_recvmmsg+0x113/0x450 [ 1575.115787][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1575.121095][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.127535][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1575.132719][T18577] ? exit_to_user_mode_prepare+0x119/0x220 [ 1575.138699][T18577] do_fast_syscall_32+0x33/0x70 [ 1575.143716][T18577] do_SYSENTER_32+0x1b/0x20 [ 1575.148375][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1575.154930][T18577] RIP: 0023:0xf7f92549 [ 1575.159121][T18577] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1575.178932][T18577] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1575.187540][T18577] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1575.195659][T18577] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1575.203774][T18577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1575.211881][T18577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1575.219986][T18577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1575.228120][T18577] [ 1575.236975][T18577] Uninit was stored to memory at: [ 1575.242885][T18577] __get_compat_msghdr+0x514/0x750 [ 1575.248217][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1575.253383][T18577] ___sys_recvmsg+0x19d/0x870 [ 1575.258223][T18577] do_recvmmsg+0x63a/0x10a0 [ 1575.262977][T18577] __sys_recvmmsg+0x113/0x450 [ 1575.267809][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.274327][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1575.279513][T18577] do_fast_syscall_32+0x33/0x70 [ 1575.284609][T18577] do_SYSENTER_32+0x1b/0x20 [ 1575.289259][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1575.295918][T18577] [ 1575.298322][T18577] Uninit was stored to memory at: [ 1575.303663][T18577] __get_compat_msghdr+0x514/0x750 [ 1575.308975][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1575.314111][T18577] ___sys_recvmsg+0x19d/0x870 [ 1575.318941][T18577] do_recvmmsg+0x63a/0x10a0 [ 1575.323693][T18577] __sys_recvmmsg+0x113/0x450 [ 1575.328528][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.335043][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1575.340233][T18577] do_fast_syscall_32+0x33/0x70 [ 1575.345338][T18577] do_SYSENTER_32+0x1b/0x20 [ 1575.349993][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1575.356643][T18577] [ 1575.359078][T18577] Uninit was stored to memory at: [ 1575.364424][T18577] __get_compat_msghdr+0x514/0x750 [ 1575.369736][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1575.374930][T18577] ___sys_recvmsg+0x19d/0x870 [ 1575.379773][T18577] do_recvmmsg+0x63a/0x10a0 [ 1575.384594][T18577] __sys_recvmmsg+0x113/0x450 [ 1575.389421][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.396001][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1575.401196][T18577] do_fast_syscall_32+0x33/0x70 [ 1575.406380][T18577] do_SYSENTER_32+0x1b/0x20 [ 1575.411053][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1575.417781][T18577] [ 1575.420205][T18577] Uninit was stored to memory at: [ 1575.425623][T18577] __get_compat_msghdr+0x514/0x750 [ 1575.430945][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1575.436159][T18577] ___sys_recvmsg+0x19d/0x870 [ 1575.440995][T18577] do_recvmmsg+0x63a/0x10a0 [ 1575.445903][T18577] __sys_recvmmsg+0x113/0x450 [ 1575.450735][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.457319][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1575.462597][T18577] do_fast_syscall_32+0x33/0x70 [ 1575.467601][T18577] do_SYSENTER_32+0x1b/0x20 [ 1575.472408][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1575.478960][T18577] [ 1575.481384][T18577] Uninit was stored to memory at: [ 1575.486788][T18577] __get_compat_msghdr+0x514/0x750 [ 1575.492126][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1575.497325][T18577] ___sys_recvmsg+0x19d/0x870 [ 1575.502169][T18577] do_recvmmsg+0x63a/0x10a0 [ 1575.506975][T18577] __sys_recvmmsg+0x113/0x450 [ 1575.511812][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.518395][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1575.523677][T18577] do_fast_syscall_32+0x33/0x70 [ 1575.528688][T18577] do_SYSENTER_32+0x1b/0x20 [ 1575.533487][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1575.540039][T18577] [ 1575.542531][T18577] Uninit was stored to memory at: [ 1575.547781][T18577] __get_compat_msghdr+0x514/0x750 [ 1575.553260][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1575.558312][T18577] ___sys_recvmsg+0x19d/0x870 [ 1575.563320][T18577] do_recvmmsg+0x63a/0x10a0 [ 1575.567977][T18577] __sys_recvmmsg+0x113/0x450 [ 1575.572975][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.579402][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1575.584750][T18577] do_fast_syscall_32+0x33/0x70 [ 1575.589771][T18577] do_SYSENTER_32+0x1b/0x20 [ 1575.594603][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1575.601163][T18577] [ 1575.603743][T18577] Uninit was stored to memory at: [ 1575.609002][T18577] __get_compat_msghdr+0x514/0x750 [ 1575.614484][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1575.617774][T18534] not chained 2170000 origins [ 1575.619482][T18577] ___sys_recvmsg+0x19d/0x870 [ 1575.624570][T18534] CPU: 0 PID: 18534 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1575.629030][T18577] do_recvmmsg+0x63a/0x10a0 [ 1575.639535][T18534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1575.639588][T18534] Call Trace: [ 1575.639620][T18534] [ 1575.639652][T18534] dump_stack_lvl+0x1c8/0x256 [ 1575.644237][T18577] __sys_recvmmsg+0x113/0x450 [ 1575.654241][T18534] dump_stack+0x1a/0x1c [ 1575.657606][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.660556][T18534] kmsan_internal_chain_origin+0x78/0x120 [ 1575.665317][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1575.669917][T18534] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1575.674166][T18577] do_fast_syscall_32+0x33/0x70 [ 1575.680333][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1575.686174][T18577] do_SYSENTER_32+0x1b/0x20 [ 1575.691085][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1575.697236][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1575.702019][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1575.707210][T18577] [ 1575.711639][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1575.717983][T18577] Local variable msg_sys created at: [ 1575.724228][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1575.729423][T18577] do_recvmmsg+0x5f/0x10a0 [ 1575.731763][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1575.737680][T18577] __sys_recvmmsg+0x113/0x450 [ 1575.742858][T18534] ? __get_compat_msghdr+0x5b/0x750 [ 1575.769440][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1575.774745][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1575.780749][T18534] ? should_fail+0x3f/0x810 [ 1575.785442][T18534] ? __stack_depot_save+0x21/0x4b0 [ 1575.790734][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1575.796030][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1575.802464][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1575.807759][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1575.813767][T18534] __msan_chain_origin+0xbd/0x140 [ 1575.818979][T18534] __get_compat_msghdr+0x514/0x750 [ 1575.824354][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1575.829429][T18534] ? ___sys_recvmsg+0xa9/0x870 [ 1575.834355][T18534] ? do_recvmmsg+0x63a/0x10a0 [ 1575.839194][T18534] ___sys_recvmsg+0x19d/0x870 [ 1575.844045][T18534] ? __schedule+0x1609/0x21d0 [ 1575.848895][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1575.854199][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1575.860205][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1575.865499][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1575.871503][T18534] do_recvmmsg+0x63a/0x10a0 [ 1575.876200][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1575.882655][T18534] ? __sys_recvmmsg+0x52/0x450 [ 1575.887577][T18534] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.894179][T18534] __sys_recvmmsg+0x113/0x450 [ 1575.899034][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1575.904344][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1575.910794][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1575.915994][T18534] ? exit_to_user_mode_prepare+0x119/0x220 [ 1575.921990][T18534] do_fast_syscall_32+0x33/0x70 [ 1575.927011][T18534] do_SYSENTER_32+0x1b/0x20 [ 1575.931671][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1575.938230][T18534] RIP: 0023:0xf7f3a549 [ 1575.942426][T18534] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1575.962231][T18534] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1575.970821][T18534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1575.978943][T18534] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1575.987072][T18534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1575.995174][T18534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1576.003293][T18534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1576.011439][T18534] [ 1576.021095][T18534] Uninit was stored to memory at: [ 1576.026975][T18534] __get_compat_msghdr+0x514/0x750 [ 1576.032402][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1576.037451][T18534] ___sys_recvmsg+0x19d/0x870 [ 1576.042395][T18534] do_recvmmsg+0x63a/0x10a0 [ 1576.047048][T18534] __sys_recvmmsg+0x113/0x450 [ 1576.051886][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1576.058443][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1576.063714][T18534] do_fast_syscall_32+0x33/0x70 [ 1576.068715][T18534] do_SYSENTER_32+0x1b/0x20 [ 1576.073486][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1576.080033][T18534] [ 1576.082546][T18534] Uninit was stored to memory at: [ 1576.087791][T18534] __get_compat_msghdr+0x514/0x750 [ 1576.093216][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1576.098274][T18534] ___sys_recvmsg+0x19d/0x870 [ 1576.103215][T18534] do_recvmmsg+0x63a/0x10a0 [ 1576.107870][T18534] __sys_recvmmsg+0x113/0x450 [ 1576.112822][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1576.119238][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1576.124539][T18534] do_fast_syscall_32+0x33/0x70 [ 1576.129539][T18534] do_SYSENTER_32+0x1b/0x20 [ 1576.134299][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1576.140854][T18534] [ 1576.143368][T18534] Uninit was stored to memory at: [ 1576.148613][T18534] __get_compat_msghdr+0x514/0x750 [ 1576.154056][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1576.159120][T18534] ___sys_recvmsg+0x19d/0x870 [ 1576.164080][T18534] do_recvmmsg+0x63a/0x10a0 [ 1576.168742][T18534] __sys_recvmmsg+0x113/0x450 [ 1576.173697][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1576.180128][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1576.185441][T18534] do_fast_syscall_32+0x33/0x70 [ 1576.190448][T18534] do_SYSENTER_32+0x1b/0x20 [ 1576.195224][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1576.201783][T18534] [ 1576.204293][T18534] Uninit was stored to memory at: [ 1576.209545][T18534] __get_compat_msghdr+0x514/0x750 [ 1576.214992][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1576.220048][T18534] ___sys_recvmsg+0x19d/0x870 [ 1576.225008][T18534] do_recvmmsg+0x63a/0x10a0 [ 1576.229669][T18534] __sys_recvmmsg+0x113/0x450 [ 1576.234608][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1576.241034][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1576.246352][T18534] do_fast_syscall_32+0x33/0x70 [ 1576.251359][T18534] do_SYSENTER_32+0x1b/0x20 [ 1576.256135][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1576.262782][T18534] [ 1576.265185][T18534] Uninit was stored to memory at: [ 1576.270432][T18534] __get_compat_msghdr+0x514/0x750 [ 1576.275866][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1576.280912][T18534] ___sys_recvmsg+0x19d/0x870 [ 1576.285862][T18534] do_recvmmsg+0x63a/0x10a0 [ 1576.290521][T18534] __sys_recvmmsg+0x113/0x450 [ 1576.295552][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1576.301975][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1576.307276][T18534] do_fast_syscall_32+0x33/0x70 [ 1576.312379][T18534] do_SYSENTER_32+0x1b/0x20 [ 1576.317030][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1576.323706][T18534] [ 1576.326110][T18534] Uninit was stored to memory at: [ 1576.331356][T18534] __get_compat_msghdr+0x514/0x750 [ 1576.336808][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1576.341863][T18534] ___sys_recvmsg+0x19d/0x870 [ 1576.346816][T18534] do_recvmmsg+0x63a/0x10a0 [ 1576.351470][T18534] __sys_recvmmsg+0x113/0x450 [ 1576.356435][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1576.362962][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1576.368142][T18534] do_fast_syscall_32+0x33/0x70 [ 1576.373257][T18534] do_SYSENTER_32+0x1b/0x20 [ 1576.377911][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1576.384577][T18534] [ 1576.386981][T18534] Uninit was stored to memory at: [ 1576.392335][T18534] __get_compat_msghdr+0x514/0x750 [ 1576.397653][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1576.402814][T18534] ___sys_recvmsg+0x19d/0x870 [ 1576.407646][T18534] do_recvmmsg+0x63a/0x10a0 [ 1576.412418][T18534] __sys_recvmmsg+0x113/0x450 [ 1576.417262][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1576.423830][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1576.429019][T18534] do_fast_syscall_32+0x33/0x70 [ 1576.434154][T18534] do_SYSENTER_32+0x1b/0x20 [ 1576.438809][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1576.445539][T18534] [ 1576.447953][T18534] Local variable msg_sys created at: [ 1576.453425][T18534] do_recvmmsg+0x5f/0x10a0 [ 1576.458002][T18534] __sys_recvmmsg+0x113/0x450 02:34:04 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) 02:34:04 executing program 4: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) 02:34:04 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) [ 1576.991856][T18581] not chained 2180000 origins [ 1576.997414][T18581] CPU: 0 PID: 18581 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1577.008100][T18581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1577.018276][T18581] Call Trace: [ 1577.021647][T18581] [ 1577.024662][T18581] dump_stack_lvl+0x1c8/0x256 [ 1577.029556][T18581] dump_stack+0x1a/0x1c [ 1577.033882][T18581] kmsan_internal_chain_origin+0x78/0x120 [ 1577.039768][T18581] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1577.046006][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1577.051284][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1577.057706][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1577.062977][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1577.068954][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1577.074227][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1577.080213][T18581] ? __get_compat_msghdr+0x5b/0x750 [ 1577.085610][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1577.090883][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1577.096866][T18581] ? should_fail+0x3f/0x810 [ 1577.101531][T18581] ? __stack_depot_save+0x21/0x4b0 [ 1577.106800][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1577.112073][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1577.118488][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1577.123758][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1577.129736][T18581] __msan_chain_origin+0xbd/0x140 [ 1577.134920][T18581] __get_compat_msghdr+0x514/0x750 [ 1577.140249][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1577.145291][T18581] ? ___sys_recvmsg+0xa9/0x870 [ 1577.150208][T18581] ? do_recvmmsg+0x63a/0x10a0 [ 1577.155032][T18581] ___sys_recvmsg+0x19d/0x870 [ 1577.159864][T18581] ? __schedule+0x1609/0x21d0 [ 1577.164697][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1577.169972][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1577.175970][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1577.181245][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1577.187236][T18581] do_recvmmsg+0x63a/0x10a0 [ 1577.191916][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1577.198339][T18581] ? __sys_recvmmsg+0x52/0x450 [ 1577.203243][T18581] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1577.209836][T18581] __sys_recvmmsg+0x113/0x450 [ 1577.214657][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1577.219966][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1577.226415][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1577.231598][T18581] ? exit_to_user_mode_prepare+0x119/0x220 [ 1577.237574][T18581] do_fast_syscall_32+0x33/0x70 [ 1577.242571][T18581] do_SYSENTER_32+0x1b/0x20 [ 1577.247211][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1577.253757][T18581] RIP: 0023:0xf7fc6549 [ 1577.257935][T18581] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1577.277735][T18581] RSP: 002b:00000000f7fa05cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1577.286332][T18581] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1577.294434][T18581] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1577.302522][T18581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1577.310612][T18581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1577.318703][T18581] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1577.326832][T18581] [ 1577.337454][T18581] Uninit was stored to memory at: [ 1577.343751][T18581] __get_compat_msghdr+0x514/0x750 [ 1577.349073][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1577.354267][T18581] ___sys_recvmsg+0x19d/0x870 [ 1577.359102][T18581] do_recvmmsg+0x63a/0x10a0 [ 1577.363896][T18581] __sys_recvmmsg+0x113/0x450 [ 1577.368734][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1577.375312][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1577.380503][T18581] do_fast_syscall_32+0x33/0x70 [ 1577.385639][T18581] do_SYSENTER_32+0x1b/0x20 [ 1577.390308][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1577.397013][T18581] [ 1577.399418][T18581] Uninit was stored to memory at: [ 1577.404775][T18581] __get_compat_msghdr+0x514/0x750 [ 1577.410110][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1577.415316][T18581] ___sys_recvmsg+0x19d/0x870 [ 1577.420156][T18581] do_recvmmsg+0x63a/0x10a0 [ 1577.424946][T18581] __sys_recvmmsg+0x113/0x450 [ 1577.429791][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1577.436343][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1577.441534][T18581] do_fast_syscall_32+0x33/0x70 [ 1577.446681][T18581] do_SYSENTER_32+0x1b/0x20 [ 1577.451350][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1577.458041][T18581] [ 1577.460465][T18581] Uninit was stored to memory at: [ 1577.465852][T18581] __get_compat_msghdr+0x514/0x750 [ 1577.471168][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1577.476344][T18581] ___sys_recvmsg+0x19d/0x870 [ 1577.481191][T18581] do_recvmmsg+0x63a/0x10a0 [ 1577.485988][T18581] __sys_recvmmsg+0x113/0x450 [ 1577.490830][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1577.497386][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1577.502689][T18581] do_fast_syscall_32+0x33/0x70 [ 1577.507701][T18581] do_SYSENTER_32+0x1b/0x20 [ 1577.512492][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1577.519075][T18581] [ 1577.521474][T18581] Uninit was stored to memory at: [ 1577.526863][T18581] __get_compat_msghdr+0x514/0x750 [ 1577.532174][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1577.537309][T18581] ___sys_recvmsg+0x19d/0x870 02:34:05 executing program 4: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1577.542147][T18581] do_recvmmsg+0x63a/0x10a0 [ 1577.546954][T18581] __sys_recvmmsg+0x113/0x450 [ 1577.551804][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1577.558369][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1577.563746][T18581] do_fast_syscall_32+0x33/0x70 [ 1577.568755][T18581] do_SYSENTER_32+0x1b/0x20 [ 1577.573558][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1577.580118][T18581] [ 1577.582655][T18581] Uninit was stored to memory at: [ 1577.587916][T18581] __get_compat_msghdr+0x514/0x750 [ 1577.593363][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1577.598423][T18581] ___sys_recvmsg+0x19d/0x870 [ 1577.603377][T18581] do_recvmmsg+0x63a/0x10a0 [ 1577.608033][T18581] __sys_recvmmsg+0x113/0x450 [ 1577.613006][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1577.619433][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1577.624756][T18581] do_fast_syscall_32+0x33/0x70 [ 1577.629779][T18581] do_SYSENTER_32+0x1b/0x20 [ 1577.634643][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1577.641203][T18581] [ 1577.643835][T18581] Uninit was stored to memory at: [ 1577.649104][T18581] __get_compat_msghdr+0x514/0x750 [ 1577.654624][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1577.659674][T18581] ___sys_recvmsg+0x19d/0x870 [ 1577.664705][T18581] do_recvmmsg+0x63a/0x10a0 [ 1577.669368][T18581] __sys_recvmmsg+0x113/0x450 [ 1577.674401][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1577.680824][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1577.686207][T18581] do_fast_syscall_32+0x33/0x70 [ 1577.691219][T18581] do_SYSENTER_32+0x1b/0x20 [ 1577.696078][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1577.702752][T18581] [ 1577.705161][T18581] Uninit was stored to memory at: [ 1577.710420][T18581] __get_compat_msghdr+0x514/0x750 [ 1577.715946][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1577.721013][T18581] ___sys_recvmsg+0x19d/0x870 [ 1577.726039][T18581] do_recvmmsg+0x63a/0x10a0 [ 1577.730697][T18581] __sys_recvmmsg+0x113/0x450 [ 1577.735723][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1577.742146][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1577.747483][T18581] do_fast_syscall_32+0x33/0x70 [ 1577.752618][T18581] do_SYSENTER_32+0x1b/0x20 [ 1577.757273][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1577.764060][T18581] [ 1577.766466][T18581] Local variable msg_sys created at: [ 1577.771843][T18581] do_recvmmsg+0x5f/0x10a0 [ 1577.776608][T18581] __sys_recvmmsg+0x113/0x450 02:34:06 executing program 4: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1578.855934][T18581] not chained 2190000 origins [ 1578.860769][T18581] CPU: 1 PID: 18581 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1578.871458][T18581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1578.881658][T18581] Call Trace: [ 1578.885047][T18581] [ 1578.888078][T18581] dump_stack_lvl+0x1c8/0x256 [ 1578.892973][T18581] dump_stack+0x1a/0x1c [ 1578.897312][T18581] kmsan_internal_chain_origin+0x78/0x120 [ 1578.903237][T18581] ? up_read+0x36/0x1c0 [ 1578.907607][T18581] ? do_user_addr_fault+0xfef/0x1710 [ 1578.913107][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1578.918409][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1578.924406][T18581] ? __get_compat_msghdr+0x5b/0x750 [ 1578.929825][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1578.935123][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1578.941143][T18581] ? should_fail+0x3f/0x810 [ 1578.945838][T18581] ? __stack_depot_save+0x21/0x4b0 [ 1578.951126][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1578.956427][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1578.962874][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1578.968170][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1578.974165][T18581] __msan_chain_origin+0xbd/0x140 [ 1578.979375][T18581] __get_compat_msghdr+0x514/0x750 [ 1578.984737][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1578.989811][T18581] ? ___sys_recvmsg+0xa9/0x870 [ 1578.994732][T18581] ? do_recvmmsg+0x63a/0x10a0 [ 1578.999584][T18581] ___sys_recvmsg+0x19d/0x870 [ 1579.004434][T18581] ? __schedule+0x1609/0x21d0 [ 1579.009279][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1579.014574][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1579.020579][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1579.025872][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1579.031886][T18581] do_recvmmsg+0x63a/0x10a0 [ 1579.036581][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1579.043029][T18581] ? __sys_recvmmsg+0x52/0x450 [ 1579.047964][T18581] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1579.054576][T18581] __sys_recvmmsg+0x113/0x450 [ 1579.059417][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1579.064732][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1579.071229][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1579.076423][T18581] ? exit_to_user_mode_prepare+0x119/0x220 [ 1579.082410][T18581] do_fast_syscall_32+0x33/0x70 [ 1579.087442][T18581] do_SYSENTER_32+0x1b/0x20 [ 1579.092110][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1579.098667][T18581] RIP: 0023:0xf7fc6549 [ 1579.102875][T18581] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1579.122697][T18581] RSP: 002b:00000000f7fa05cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1579.131289][T18581] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1579.139409][T18581] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1579.147527][T18581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1579.155653][T18581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1579.163777][T18581] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1579.171922][T18581] [ 1579.185565][T18581] Uninit was stored to memory at: [ 1579.190865][T18581] __get_compat_msghdr+0x514/0x750 [ 1579.197795][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1579.202957][T18581] ___sys_recvmsg+0x19d/0x870 [ 1579.207809][T18581] do_recvmmsg+0x63a/0x10a0 [ 1579.212575][T18581] __sys_recvmmsg+0x113/0x450 [ 1579.217423][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1579.223948][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1579.229133][T18581] do_fast_syscall_32+0x33/0x70 [ 1579.234224][T18581] do_SYSENTER_32+0x1b/0x20 [ 1579.238878][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1579.245542][T18581] [ 1579.247942][T18581] Uninit was stored to memory at: [ 1579.253370][T18581] __get_compat_msghdr+0x514/0x750 [ 1579.258685][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1579.263847][T18581] ___sys_recvmsg+0x19d/0x870 [ 1579.268683][T18581] do_recvmmsg+0x63a/0x10a0 [ 1579.273438][T18581] __sys_recvmmsg+0x113/0x450 [ 1579.278291][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1579.284815][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1579.289991][T18581] do_fast_syscall_32+0x33/0x70 [ 1579.295088][T18581] do_SYSENTER_32+0x1b/0x20 [ 1579.299748][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1579.306404][T18581] [ 1579.308814][T18581] Uninit was stored to memory at: [ 1579.314152][T18581] __get_compat_msghdr+0x514/0x750 [ 1579.319464][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1579.324605][T18581] ___sys_recvmsg+0x19d/0x870 [ 1579.329444][T18581] do_recvmmsg+0x63a/0x10a0 [ 1579.334202][T18581] __sys_recvmmsg+0x113/0x450 [ 1579.339055][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1579.345579][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1579.350775][T18581] do_fast_syscall_32+0x33/0x70 [ 1579.355881][T18581] do_SYSENTER_32+0x1b/0x20 [ 1579.360535][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1579.367201][T18581] [ 1579.369605][T18581] Uninit was stored to memory at: [ 1579.374956][T18581] __get_compat_msghdr+0x514/0x750 [ 1579.380267][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1579.385416][T18581] ___sys_recvmsg+0x19d/0x870 [ 1579.390250][T18581] do_recvmmsg+0x63a/0x10a0 [ 1579.394985][T18581] __sys_recvmmsg+0x113/0x450 [ 1579.399819][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1579.406338][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1579.411523][T18581] do_fast_syscall_32+0x33/0x70 [ 1579.416623][T18581] do_SYSENTER_32+0x1b/0x20 [ 1579.421285][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1579.427961][T18581] [ 1579.430372][T18581] Uninit was stored to memory at: [ 1579.435739][T18581] __get_compat_msghdr+0x514/0x750 [ 1579.441060][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1579.446216][T18581] ___sys_recvmsg+0x19d/0x870 [ 1579.451053][T18581] do_recvmmsg+0x63a/0x10a0 [ 1579.455804][T18581] __sys_recvmmsg+0x113/0x450 [ 1579.460638][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1579.467158][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1579.472435][T18581] do_fast_syscall_32+0x33/0x70 [ 1579.477448][T18581] do_SYSENTER_32+0x1b/0x20 [ 1579.482105][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1579.488763][T18581] [ 1579.491173][T18581] Uninit was stored to memory at: [ 1579.496535][T18581] __get_compat_msghdr+0x514/0x750 [ 1579.501865][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1579.507029][T18581] ___sys_recvmsg+0x19d/0x870 [ 1579.511868][T18581] do_recvmmsg+0x63a/0x10a0 [ 1579.516615][T18581] __sys_recvmmsg+0x113/0x450 [ 1579.521455][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1579.527977][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1579.533246][T18581] do_fast_syscall_32+0x33/0x70 [ 1579.538258][T18581] do_SYSENTER_32+0x1b/0x20 [ 1579.543012][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1579.549590][T18581] [ 1579.551999][T18581] Uninit was stored to memory at: [ 1579.557387][T18581] __get_compat_msghdr+0x514/0x750 [ 1579.562814][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1579.567877][T18581] ___sys_recvmsg+0x19d/0x870 [ 1579.572814][T18581] do_recvmmsg+0x63a/0x10a0 [ 1579.577501][T18581] __sys_recvmmsg+0x113/0x450 [ 1579.582441][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1579.588947][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1579.594239][T18581] do_fast_syscall_32+0x33/0x70 [ 1579.599250][T18581] do_SYSENTER_32+0x1b/0x20 [ 1579.604021][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1579.610576][T18581] [ 1579.613082][T18581] Local variable msg_sys created at: [ 1579.618458][T18581] do_recvmmsg+0x5f/0x10a0 [ 1579.623116][T18581] __sys_recvmmsg+0x113/0x450 [ 1579.770936][T18635] not chained 2200000 origins [ 1579.776189][T18635] CPU: 0 PID: 18635 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1579.786877][T18635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1579.797076][T18635] Call Trace: [ 1579.800459][T18635] [ 1579.803495][T18635] dump_stack_lvl+0x1c8/0x256 [ 1579.808383][T18635] dump_stack+0x1a/0x1c [ 1579.812729][T18635] kmsan_internal_chain_origin+0x78/0x120 [ 1579.818626][T18635] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1579.824867][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1579.830141][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1579.836559][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1579.841836][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1579.847816][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1579.853095][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1579.859072][T18635] ? __get_compat_msghdr+0x5b/0x750 [ 1579.864462][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1579.869755][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1579.875745][T18635] ? should_fail+0x3f/0x810 [ 1579.880418][T18635] ? __stack_depot_save+0x21/0x4b0 [ 1579.885693][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1579.890985][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1579.897402][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1579.902676][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1579.908665][T18635] __msan_chain_origin+0xbd/0x140 [ 1579.913866][T18635] __get_compat_msghdr+0x514/0x750 [ 1579.919206][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1579.924246][T18635] ? ___sys_recvmsg+0xa9/0x870 [ 1579.929152][T18635] ? do_recvmmsg+0x63a/0x10a0 [ 1579.933980][T18635] ___sys_recvmsg+0x19d/0x870 [ 1579.938815][T18635] ? __schedule+0x1609/0x21d0 [ 1579.943644][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1579.948924][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1579.954903][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1579.960172][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1579.966156][T18635] do_recvmmsg+0x63a/0x10a0 [ 1579.970833][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1579.977254][T18635] ? __sys_recvmmsg+0x52/0x450 [ 1579.982157][T18635] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1579.988748][T18635] __sys_recvmmsg+0x113/0x450 [ 1579.993570][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1579.998855][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1580.005303][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1580.010474][T18635] ? exit_to_user_mode_prepare+0x119/0x220 [ 1580.016439][T18635] do_fast_syscall_32+0x33/0x70 [ 1580.021438][T18635] do_SYSENTER_32+0x1b/0x20 [ 1580.026085][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1580.032645][T18635] RIP: 0023:0xf7fc4549 [ 1580.036825][T18635] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1580.056607][T18635] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1580.065169][T18635] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1580.073268][T18635] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1580.081360][T18635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1580.089451][T18635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1580.097538][T18635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1580.105652][T18635] [ 1580.114756][T18635] Uninit was stored to memory at: [ 1580.120043][T18635] __get_compat_msghdr+0x514/0x750 [ 1580.126041][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1580.131107][T18635] ___sys_recvmsg+0x19d/0x870 [ 1580.136081][T18635] do_recvmmsg+0x63a/0x10a0 [ 1580.140732][T18635] __sys_recvmmsg+0x113/0x450 [ 1580.145688][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1580.152131][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1580.157402][T18635] do_fast_syscall_32+0x33/0x70 [ 1580.162532][T18635] do_SYSENTER_32+0x1b/0x20 [ 1580.167189][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1580.173889][T18635] [ 1580.176288][T18635] Uninit was stored to memory at: [ 1580.181533][T18635] __get_compat_msghdr+0x514/0x750 [ 1580.186991][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1580.192081][T18635] ___sys_recvmsg+0x19d/0x870 [ 1580.197035][T18635] do_recvmmsg+0x63a/0x10a0 [ 1580.201721][T18635] __sys_recvmmsg+0x113/0x450 [ 1580.206690][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1580.213206][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1580.218387][T18635] do_fast_syscall_32+0x33/0x70 [ 1580.223502][T18635] do_SYSENTER_32+0x1b/0x20 [ 1580.228160][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1580.234838][T18635] [ 1580.237250][T18635] Uninit was stored to memory at: [ 1580.242623][T18635] __get_compat_msghdr+0x514/0x750 [ 1580.247942][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1580.253122][T18635] ___sys_recvmsg+0x19d/0x870 [ 1580.257962][T18635] do_recvmmsg+0x63a/0x10a0 [ 1580.262743][T18635] __sys_recvmmsg+0x113/0x450 [ 1580.267583][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1580.274148][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1580.279332][T18635] do_fast_syscall_32+0x33/0x70 [ 1580.284458][T18635] do_SYSENTER_32+0x1b/0x20 [ 1580.289121][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1580.295806][T18635] [ 1580.298214][T18635] Uninit was stored to memory at: [ 1580.303568][T18635] __get_compat_msghdr+0x514/0x750 [ 1580.308888][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1580.314075][T18635] ___sys_recvmsg+0x19d/0x870 [ 1580.318913][T18635] do_recvmmsg+0x63a/0x10a0 [ 1580.323723][T18635] __sys_recvmmsg+0x113/0x450 [ 1580.328565][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1580.335135][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1580.340328][T18635] do_fast_syscall_32+0x33/0x70 [ 1580.345535][T18635] do_SYSENTER_32+0x1b/0x20 [ 1580.350194][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1580.356948][T18635] [ 1580.359359][T18635] Uninit was stored to memory at: [ 1580.364782][T18635] __get_compat_msghdr+0x514/0x750 [ 1580.370098][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1580.375370][T18635] ___sys_recvmsg+0x19d/0x870 [ 1580.380208][T18635] do_recvmmsg+0x63a/0x10a0 [ 1580.385069][T18635] __sys_recvmmsg+0x113/0x450 [ 1580.389905][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1580.396512][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1580.401876][T18635] do_fast_syscall_32+0x33/0x70 [ 1580.407093][T18635] do_SYSENTER_32+0x1b/0x20 [ 1580.411747][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1580.418505][T18635] [ 1580.420921][T18635] Uninit was stored to memory at: [ 1580.426359][T18635] __get_compat_msghdr+0x514/0x750 [ 1580.431685][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1580.436956][T18635] ___sys_recvmsg+0x19d/0x870 [ 1580.441801][T18635] do_recvmmsg+0x63a/0x10a0 [ 1580.446654][T18635] __sys_recvmmsg+0x113/0x450 [ 1580.451492][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1580.458110][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1580.463394][T18635] do_fast_syscall_32+0x33/0x70 [ 1580.468400][T18635] do_SYSENTER_32+0x1b/0x20 [ 1580.473228][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1580.479792][T18635] [ 1580.482375][T18635] Uninit was stored to memory at: [ 1580.487631][T18635] __get_compat_msghdr+0x514/0x750 [ 1580.493143][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1580.498199][T18635] ___sys_recvmsg+0x19d/0x870 [ 1580.503236][T18635] do_recvmmsg+0x63a/0x10a0 [ 1580.507891][T18635] __sys_recvmmsg+0x113/0x450 [ 1580.512909][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1580.519340][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1580.524740][T18635] do_fast_syscall_32+0x33/0x70 [ 1580.529756][T18635] do_SYSENTER_32+0x1b/0x20 [ 1580.534605][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1580.541169][T18635] [ 1580.543772][T18635] Local variable msg_sys created at: [ 1580.549157][T18635] do_recvmmsg+0x5f/0x10a0 [ 1580.553914][T18635] __sys_recvmmsg+0x113/0x450 [ 1581.174098][T18577] not chained 2210000 origins [ 1581.178937][T18577] CPU: 0 PID: 18577 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1581.189644][T18577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1581.199869][T18577] Call Trace: [ 1581.203255][T18577] [ 1581.206283][T18577] dump_stack_lvl+0x1c8/0x256 [ 1581.211178][T18577] dump_stack+0x1a/0x1c [ 1581.215533][T18577] kmsan_internal_chain_origin+0x78/0x120 [ 1581.221447][T18577] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1581.227719][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1581.233028][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1581.239466][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1581.244763][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1581.250773][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1581.256069][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1581.262051][T18577] ? __get_compat_msghdr+0x5b/0x750 [ 1581.267446][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1581.272722][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1581.278715][T18577] ? should_fail+0x3f/0x810 [ 1581.283390][T18577] ? __stack_depot_save+0x21/0x4b0 [ 1581.288659][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1581.293937][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1581.300351][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1581.305621][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1581.311607][T18577] __msan_chain_origin+0xbd/0x140 [ 1581.316794][T18577] __get_compat_msghdr+0x514/0x750 [ 1581.322126][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1581.327171][T18577] ? ___sys_recvmsg+0xa9/0x870 [ 1581.332086][T18577] ? do_recvmmsg+0x63a/0x10a0 [ 1581.336919][T18577] ___sys_recvmsg+0x19d/0x870 [ 1581.341753][T18577] ? __schedule+0x1609/0x21d0 [ 1581.346591][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1581.351865][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1581.357845][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1581.363117][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1581.369104][T18577] do_recvmmsg+0x63a/0x10a0 [ 1581.373779][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1581.380202][T18577] ? __sys_recvmmsg+0x52/0x450 [ 1581.385107][T18577] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1581.391694][T18577] __sys_recvmmsg+0x113/0x450 [ 1581.396520][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1581.401808][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1581.408232][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1581.413432][T18577] ? exit_to_user_mode_prepare+0x119/0x220 [ 1581.419441][T18577] do_fast_syscall_32+0x33/0x70 [ 1581.424458][T18577] do_SYSENTER_32+0x1b/0x20 [ 1581.429104][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1581.435640][T18577] RIP: 0023:0xf7f92549 [ 1581.439820][T18577] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1581.459606][T18577] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1581.468171][T18577] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1581.476275][T18577] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1581.484371][T18577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1581.492470][T18577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1581.500559][T18577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1581.508670][T18577] [ 1581.518745][T18577] Uninit was stored to memory at: [ 1581.524982][T18577] __get_compat_msghdr+0x514/0x750 [ 1581.530334][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1581.535523][T18577] ___sys_recvmsg+0x19d/0x870 [ 1581.540362][T18577] do_recvmmsg+0x63a/0x10a0 [ 1581.545191][T18577] __sys_recvmmsg+0x113/0x450 [ 1581.550052][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1581.556602][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1581.561787][T18577] do_fast_syscall_32+0x33/0x70 [ 1581.566929][T18577] do_SYSENTER_32+0x1b/0x20 [ 1581.571594][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1581.578263][T18577] [ 1581.580674][T18577] Uninit was stored to memory at: [ 1581.586051][T18577] __get_compat_msghdr+0x514/0x750 [ 1581.591371][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1581.596552][T18577] ___sys_recvmsg+0x19d/0x870 [ 1581.601391][T18577] do_recvmmsg+0x63a/0x10a0 [ 1581.606178][T18577] __sys_recvmmsg+0x113/0x450 [ 1581.611018][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1581.617746][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1581.623038][T18577] do_fast_syscall_32+0x33/0x70 [ 1581.628046][T18577] do_SYSENTER_32+0x1b/0x20 [ 1581.632911][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1581.639467][T18577] [ 1581.641874][T18577] Uninit was stored to memory at: [ 1581.647246][T18577] __get_compat_msghdr+0x514/0x750 [ 1581.652657][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1581.657714][T18577] ___sys_recvmsg+0x19d/0x870 [ 1581.662685][T18577] do_recvmmsg+0x63a/0x10a0 [ 1581.667400][T18577] __sys_recvmmsg+0x113/0x450 [ 1581.672405][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1581.678834][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1581.684170][T18577] do_fast_syscall_32+0x33/0x70 [ 1581.689196][T18577] do_SYSENTER_32+0x1b/0x20 [ 1581.694012][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1581.700579][T18577] [ 1581.703114][T18577] Uninit was stored to memory at: [ 1581.708369][T18577] __get_compat_msghdr+0x514/0x750 [ 1581.713818][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1581.718881][T18577] ___sys_recvmsg+0x19d/0x870 [ 1581.723885][T18577] do_recvmmsg+0x63a/0x10a0 [ 1581.728549][T18577] __sys_recvmmsg+0x113/0x450 [ 1581.733526][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1581.739948][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1581.745258][T18577] do_fast_syscall_32+0x33/0x70 [ 1581.750277][T18577] do_SYSENTER_32+0x1b/0x20 [ 1581.755051][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1581.761604][T18577] [ 1581.764110][T18577] Uninit was stored to memory at: [ 1581.769379][T18577] __get_compat_msghdr+0x514/0x750 [ 1581.774837][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1581.779887][T18577] ___sys_recvmsg+0x19d/0x870 [ 1581.784932][T18577] do_recvmmsg+0x63a/0x10a0 [ 1581.789591][T18577] __sys_recvmmsg+0x113/0x450 [ 1581.794513][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1581.800931][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1581.806230][T18577] do_fast_syscall_32+0x33/0x70 [ 1581.811249][T18577] do_SYSENTER_32+0x1b/0x20 [ 1581.816040][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1581.822691][T18577] [ 1581.825093][T18577] Uninit was stored to memory at: [ 1581.830349][T18577] __get_compat_msghdr+0x514/0x750 [ 1581.835825][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1581.840886][T18577] ___sys_recvmsg+0x19d/0x870 [ 1581.845842][T18577] do_recvmmsg+0x63a/0x10a0 [ 1581.850497][T18577] __sys_recvmmsg+0x113/0x450 [ 1581.855461][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1581.861888][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1581.867203][T18577] do_fast_syscall_32+0x33/0x70 [ 1581.872321][T18577] do_SYSENTER_32+0x1b/0x20 [ 1581.876976][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1581.883662][T18577] [ 1581.886083][T18577] Uninit was stored to memory at: [ 1581.891336][T18577] __get_compat_msghdr+0x514/0x750 [ 1581.896776][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1581.901828][T18577] ___sys_recvmsg+0x19d/0x870 [ 1581.906778][T18577] do_recvmmsg+0x63a/0x10a0 [ 1581.911435][T18577] __sys_recvmmsg+0x113/0x450 [ 1581.916391][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1581.922914][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1581.928116][T18577] do_fast_syscall_32+0x33/0x70 [ 1581.933299][T18577] do_SYSENTER_32+0x1b/0x20 [ 1581.937958][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1581.944631][T18577] [ 1581.947038][T18577] Local variable msg_sys created at: [ 1581.952544][T18577] do_recvmmsg+0x5f/0x10a0 [ 1581.957116][T18577] __sys_recvmmsg+0x113/0x450 [ 1582.099993][T18581] not chained 2220000 origins [ 1582.104981][T18581] CPU: 0 PID: 18581 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1582.115653][T18581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1582.125831][T18581] Call Trace: [ 1582.129201][T18581] [ 1582.132219][T18581] dump_stack_lvl+0x1c8/0x256 [ 1582.137104][T18581] dump_stack+0x1a/0x1c [ 1582.141433][T18581] kmsan_internal_chain_origin+0x78/0x120 [ 1582.147328][T18581] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1582.153579][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1582.158860][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1582.165297][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1582.170576][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1582.176555][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1582.181827][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1582.187806][T18581] ? __get_compat_msghdr+0x5b/0x750 [ 1582.193200][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1582.198474][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1582.204461][T18581] ? should_fail+0x3f/0x810 [ 1582.209128][T18581] ? __stack_depot_save+0x21/0x4b0 [ 1582.214403][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1582.219676][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1582.226107][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1582.231378][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1582.237361][T18581] __msan_chain_origin+0xbd/0x140 [ 1582.242545][T18581] __get_compat_msghdr+0x514/0x750 [ 1582.247877][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1582.252917][T18581] ? ___sys_recvmsg+0xa9/0x870 [ 1582.257819][T18581] ? do_recvmmsg+0x63a/0x10a0 [ 1582.262645][T18581] ___sys_recvmsg+0x19d/0x870 [ 1582.267472][T18581] ? __schedule+0x1609/0x21d0 [ 1582.272307][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1582.277581][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1582.283556][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1582.288828][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1582.294814][T18581] do_recvmmsg+0x63a/0x10a0 [ 1582.299479][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1582.305901][T18581] ? __sys_recvmmsg+0x52/0x450 [ 1582.310808][T18581] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1582.317395][T18581] __sys_recvmmsg+0x113/0x450 [ 1582.322217][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1582.327514][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1582.333936][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1582.339134][T18581] ? exit_to_user_mode_prepare+0x119/0x220 [ 1582.345112][T18581] do_fast_syscall_32+0x33/0x70 [ 1582.350108][T18581] do_SYSENTER_32+0x1b/0x20 [ 1582.354751][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1582.361286][T18581] RIP: 0023:0xf7fc6549 [ 1582.365472][T18581] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1582.385256][T18581] RSP: 002b:00000000f7fa05cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1582.393833][T18581] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1582.401952][T18581] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1582.410042][T18581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1582.418129][T18581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1582.426224][T18581] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1582.434521][T18581] [ 1582.443673][T18581] Uninit was stored to memory at: [ 1582.448963][T18581] __get_compat_msghdr+0x514/0x750 [ 1582.459914][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1582.465545][T18581] ___sys_recvmsg+0x19d/0x870 [ 1582.470393][T18581] do_recvmmsg+0x63a/0x10a0 [ 1582.475200][T18581] __sys_recvmmsg+0x113/0x450 [ 1582.480071][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1582.486649][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1582.491849][T18581] do_fast_syscall_32+0x33/0x70 [ 1582.497007][T18581] do_SYSENTER_32+0x1b/0x20 [ 1582.501664][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1582.508351][T18581] [ 1582.510765][T18581] Uninit was stored to memory at: [ 1582.516124][T18581] __get_compat_msghdr+0x514/0x750 [ 1582.521439][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1582.526627][T18581] ___sys_recvmsg+0x19d/0x870 [ 1582.531474][T18581] do_recvmmsg+0x63a/0x10a0 [ 1582.536266][T18581] __sys_recvmmsg+0x113/0x450 [ 1582.541105][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1582.547661][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1582.552963][T18581] do_fast_syscall_32+0x33/0x70 [ 1582.557993][T18581] do_SYSENTER_32+0x1b/0x20 [ 1582.562863][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1582.569471][T18581] [ 1582.571881][T18581] Uninit was stored to memory at: [ 1582.577285][T18581] __get_compat_msghdr+0x514/0x750 [ 1582.582704][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1582.587762][T18581] ___sys_recvmsg+0x19d/0x870 [ 1582.592739][T18581] do_recvmmsg+0x63a/0x10a0 [ 1582.597402][T18581] __sys_recvmmsg+0x113/0x450 [ 1582.602350][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1582.608778][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1582.614116][T18581] do_fast_syscall_32+0x33/0x70 [ 1582.619135][T18581] do_SYSENTER_32+0x1b/0x20 [ 1582.623943][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1582.630508][T18581] [ 1582.633044][T18581] Uninit was stored to memory at: [ 1582.638304][T18581] __get_compat_msghdr+0x514/0x750 [ 1582.643757][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1582.648822][T18581] ___sys_recvmsg+0x19d/0x870 [ 1582.653782][T18581] do_recvmmsg+0x63a/0x10a0 [ 1582.658446][T18581] __sys_recvmmsg+0x113/0x450 [ 1582.663415][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1582.669842][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1582.675167][T18581] do_fast_syscall_32+0x33/0x70 [ 1582.680196][T18581] do_SYSENTER_32+0x1b/0x20 [ 1582.685064][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1582.691632][T18581] [ 1582.694184][T18581] Uninit was stored to memory at: [ 1582.699441][T18581] __get_compat_msghdr+0x514/0x750 [ 1582.704982][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1582.710042][T18581] ___sys_recvmsg+0x19d/0x870 [ 1582.715089][T18581] do_recvmmsg+0x63a/0x10a0 [ 1582.719755][T18581] __sys_recvmmsg+0x113/0x450 [ 1582.724761][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1582.731194][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1582.736594][T18581] do_fast_syscall_32+0x33/0x70 [ 1582.741604][T18581] do_SYSENTER_32+0x1b/0x20 [ 1582.746461][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1582.753129][T18581] [ 1582.755547][T18581] Uninit was stored to memory at: [ 1582.760798][T18581] __get_compat_msghdr+0x514/0x750 [ 1582.766338][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1582.771403][T18581] ___sys_recvmsg+0x19d/0x870 [ 1582.776449][T18581] do_recvmmsg+0x63a/0x10a0 [ 1582.781107][T18581] __sys_recvmmsg+0x113/0x450 [ 1582.786142][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1582.792664][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1582.797852][T18581] do_fast_syscall_32+0x33/0x70 [ 1582.803039][T18581] do_SYSENTER_32+0x1b/0x20 [ 1582.807687][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1582.814379][T18581] [ 1582.816785][T18581] Uninit was stored to memory at: [ 1582.822035][T18581] __get_compat_msghdr+0x514/0x750 [ 1582.827531][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1582.832776][T18581] ___sys_recvmsg+0x19d/0x870 [ 1582.837616][T18581] do_recvmmsg+0x63a/0x10a0 [ 1582.842470][T18581] __sys_recvmmsg+0x113/0x450 [ 1582.847302][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1582.853927][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1582.859115][T18581] do_fast_syscall_32+0x33/0x70 [ 1582.864316][T18581] do_SYSENTER_32+0x1b/0x20 [ 1582.868979][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1582.875741][T18581] [ 1582.878155][T18581] Local variable msg_sys created at: [ 1582.883711][T18581] do_recvmmsg+0x5f/0x10a0 [ 1582.888280][T18581] __sys_recvmmsg+0x113/0x450 [ 1582.998491][T18534] not chained 2230000 origins [ 1583.003666][T18534] CPU: 1 PID: 18534 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1583.014348][T18534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1583.024535][T18534] Call Trace: [ 1583.027908][T18534] [ 1583.030936][T18534] dump_stack_lvl+0x1c8/0x256 [ 1583.035834][T18534] dump_stack+0x1a/0x1c [ 1583.040178][T18534] kmsan_internal_chain_origin+0x78/0x120 [ 1583.046086][T18534] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1583.052350][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1583.057643][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1583.064079][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1583.069367][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1583.075372][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1583.080664][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1583.086679][T18534] ? __get_compat_msghdr+0x5b/0x750 [ 1583.092099][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1583.097391][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1583.103403][T18534] ? should_fail+0x3f/0x810 [ 1583.108085][T18534] ? __stack_depot_save+0x21/0x4b0 [ 1583.113371][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1583.118662][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1583.125099][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1583.130392][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1583.136389][T18534] __msan_chain_origin+0xbd/0x140 [ 1583.141596][T18534] __get_compat_msghdr+0x514/0x750 [ 1583.146960][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1583.152027][T18534] ? ___sys_recvmsg+0xa9/0x870 [ 1583.156953][T18534] ? do_recvmmsg+0x63a/0x10a0 [ 1583.161810][T18534] ___sys_recvmsg+0x19d/0x870 [ 1583.166666][T18534] ? __schedule+0x1609/0x21d0 [ 1583.171513][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1583.176807][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1583.182823][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1583.188128][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1583.194134][T18534] do_recvmmsg+0x63a/0x10a0 [ 1583.198808][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1583.205251][T18534] ? __sys_recvmmsg+0x52/0x450 [ 1583.210158][T18534] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1583.216752][T18534] __sys_recvmmsg+0x113/0x450 [ 1583.221577][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1583.226866][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1583.233325][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1583.238531][T18534] ? exit_to_user_mode_prepare+0x119/0x220 [ 1583.244527][T18534] do_fast_syscall_32+0x33/0x70 [ 1583.249528][T18534] do_SYSENTER_32+0x1b/0x20 [ 1583.254175][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1583.260714][T18534] RIP: 0023:0xf7f3a549 [ 1583.264910][T18534] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1583.285398][T18534] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1583.293963][T18534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1583.302060][T18534] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1583.310165][T18534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1583.318284][T18534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1583.326388][T18534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1583.334526][T18534] [ 1583.348492][T18534] Uninit was stored to memory at: [ 1583.355396][T18534] __get_compat_msghdr+0x514/0x750 [ 1583.360734][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1583.365888][T18534] ___sys_recvmsg+0x19d/0x870 [ 1583.370721][T18534] do_recvmmsg+0x63a/0x10a0 [ 1583.375473][T18534] __sys_recvmmsg+0x113/0x450 [ 1583.380304][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1583.386817][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1583.391995][T18534] do_fast_syscall_32+0x33/0x70 [ 1583.397075][T18534] do_SYSENTER_32+0x1b/0x20 [ 1583.401723][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1583.408390][T18534] [ 1583.410796][T18534] Uninit was stored to memory at: [ 1583.416153][T18534] __get_compat_msghdr+0x514/0x750 [ 1583.421471][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1583.426644][T18534] ___sys_recvmsg+0x19d/0x870 [ 1583.431479][T18534] do_recvmmsg+0x63a/0x10a0 [ 1583.436225][T18534] __sys_recvmmsg+0x113/0x450 [ 1583.441066][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1583.447581][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1583.452862][T18534] do_fast_syscall_32+0x33/0x70 [ 1583.457868][T18534] do_SYSENTER_32+0x1b/0x20 [ 1583.462613][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1583.469169][T18534] [ 1583.471573][T18534] Uninit was stored to memory at: [ 1583.476909][T18534] __get_compat_msghdr+0x514/0x750 [ 1583.482322][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1583.487378][T18534] ___sys_recvmsg+0x19d/0x870 [ 1583.492323][T18534] do_recvmmsg+0x63a/0x10a0 [ 1583.496972][T18534] __sys_recvmmsg+0x113/0x450 [ 1583.501799][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1583.508319][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1583.513594][T18534] do_fast_syscall_32+0x33/0x70 [ 1583.518601][T18534] do_SYSENTER_32+0x1b/0x20 [ 1583.523359][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1583.529909][T18534] [ 1583.532441][T18534] Uninit was stored to memory at: [ 1583.537696][T18534] __get_compat_msghdr+0x514/0x750 [ 1583.543177][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1583.548245][T18534] ___sys_recvmsg+0x19d/0x870 [ 1583.553233][T18534] do_recvmmsg+0x63a/0x10a0 [ 1583.557901][T18534] __sys_recvmmsg+0x113/0x450 [ 1583.562892][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1583.569321][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1583.574663][T18534] do_fast_syscall_32+0x33/0x70 [ 1583.579669][T18534] do_SYSENTER_32+0x1b/0x20 [ 1583.584489][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1583.591051][T18534] [ 1583.593631][T18534] Uninit was stored to memory at: [ 1583.598894][T18534] __get_compat_msghdr+0x514/0x750 [ 1583.604414][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1583.609472][T18534] ___sys_recvmsg+0x19d/0x870 [ 1583.614474][T18534] do_recvmmsg+0x63a/0x10a0 [ 1583.619136][T18534] __sys_recvmmsg+0x113/0x450 [ 1583.624125][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1583.630545][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1583.635919][T18534] do_fast_syscall_32+0x33/0x70 [ 1583.640938][T18534] do_SYSENTER_32+0x1b/0x20 [ 1583.645753][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1583.652415][T18534] [ 1583.654826][T18534] Uninit was stored to memory at: [ 1583.660086][T18534] __get_compat_msghdr+0x514/0x750 [ 1583.665593][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1583.670652][T18534] ___sys_recvmsg+0x19d/0x870 [ 1583.675664][T18534] do_recvmmsg+0x63a/0x10a0 [ 1583.680333][T18534] __sys_recvmmsg+0x113/0x450 [ 1583.685337][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1583.691770][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1583.697125][T18534] do_fast_syscall_32+0x33/0x70 [ 1583.702136][T18534] do_SYSENTER_32+0x1b/0x20 [ 1583.706957][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1583.713681][T18534] [ 1583.716089][T18534] Uninit was stored to memory at: [ 1583.721339][T18534] __get_compat_msghdr+0x514/0x750 [ 1583.726758][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1583.731812][T18534] ___sys_recvmsg+0x19d/0x870 [ 1583.736730][T18534] do_recvmmsg+0x63a/0x10a0 [ 1583.741382][T18534] __sys_recvmmsg+0x113/0x450 [ 1583.746327][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1583.752859][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1583.758043][T18534] do_fast_syscall_32+0x33/0x70 [ 1583.763141][T18534] do_SYSENTER_32+0x1b/0x20 [ 1583.767800][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1583.774462][T18534] [ 1583.776900][T18534] Local variable msg_sys created at: [ 1583.782379][T18534] do_recvmmsg+0x5f/0x10a0 [ 1583.786942][T18534] __sys_recvmmsg+0x113/0x450 [ 1583.864469][T18577] not chained 2240000 origins [ 1583.869298][T18577] CPU: 0 PID: 18577 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1583.879987][T18577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1583.890192][T18577] Call Trace: [ 1583.893583][T18577] [ 1583.896607][T18577] dump_stack_lvl+0x1c8/0x256 [ 1583.901519][T18577] dump_stack+0x1a/0x1c [ 1583.905881][T18577] kmsan_internal_chain_origin+0x78/0x120 [ 1583.911788][T18577] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1583.918053][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1583.923349][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1583.929798][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1583.935091][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1583.941092][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1583.946387][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1583.952379][T18577] ? __get_compat_msghdr+0x5b/0x750 [ 1583.957786][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1583.963078][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1583.969084][T18577] ? should_fail+0x3f/0x810 [ 1583.973774][T18577] ? __stack_depot_save+0x21/0x4b0 [ 1583.979082][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1583.984374][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1583.990808][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1583.996099][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1584.002106][T18577] __msan_chain_origin+0xbd/0x140 [ 1584.007305][T18577] __get_compat_msghdr+0x514/0x750 [ 1584.012655][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1584.017719][T18577] ? ___sys_recvmsg+0xa9/0x870 [ 1584.022639][T18577] ? do_recvmmsg+0x63a/0x10a0 [ 1584.027481][T18577] ___sys_recvmsg+0x19d/0x870 [ 1584.032327][T18577] ? __schedule+0x1609/0x21d0 [ 1584.037180][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1584.042478][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1584.048481][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1584.053765][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1584.059771][T18577] do_recvmmsg+0x63a/0x10a0 [ 1584.064461][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1584.070904][T18577] ? __sys_recvmmsg+0x52/0x450 [ 1584.075827][T18577] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.082432][T18577] __sys_recvmmsg+0x113/0x450 [ 1584.087264][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1584.092563][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.099028][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1584.104228][T18577] ? exit_to_user_mode_prepare+0x119/0x220 [ 1584.110216][T18577] do_fast_syscall_32+0x33/0x70 [ 1584.115234][T18577] do_SYSENTER_32+0x1b/0x20 [ 1584.119894][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1584.126453][T18577] RIP: 0023:0xf7f92549 [ 1584.130641][T18577] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1584.150452][T18577] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1584.159052][T18577] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1584.167169][T18577] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1584.175278][T18577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1584.183379][T18577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1584.191483][T18577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1584.199618][T18577] [ 1584.208632][T18577] Uninit was stored to memory at: [ 1584.214498][T18577] __get_compat_msghdr+0x514/0x750 [ 1584.219825][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1584.225005][T18577] ___sys_recvmsg+0x19d/0x870 [ 1584.229845][T18577] do_recvmmsg+0x63a/0x10a0 [ 1584.234607][T18577] __sys_recvmmsg+0x113/0x450 [ 1584.239438][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.246005][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1584.251200][T18577] do_fast_syscall_32+0x33/0x70 [ 1584.256341][T18577] do_SYSENTER_32+0x1b/0x20 [ 1584.261000][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1584.267682][T18577] [ 1584.270084][T18577] Uninit was stored to memory at: [ 1584.275449][T18577] __get_compat_msghdr+0x514/0x750 [ 1584.280758][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1584.285942][T18577] ___sys_recvmsg+0x19d/0x870 [ 1584.290785][T18577] do_recvmmsg+0x63a/0x10a0 [ 1584.295646][T18577] __sys_recvmmsg+0x113/0x450 [ 1584.300486][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.307031][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1584.312301][T18577] do_fast_syscall_32+0x33/0x70 [ 1584.317305][T18577] do_SYSENTER_32+0x1b/0x20 [ 1584.321960][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1584.328652][T18577] [ 1584.331055][T18577] Uninit was stored to memory at: [ 1584.336428][T18577] __get_compat_msghdr+0x514/0x750 [ 1584.341739][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1584.346922][T18577] ___sys_recvmsg+0x19d/0x870 [ 1584.351749][T18577] do_recvmmsg+0x63a/0x10a0 [ 1584.356527][T18577] __sys_recvmmsg+0x113/0x450 [ 1584.361356][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.367920][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1584.373223][T18577] do_fast_syscall_32+0x33/0x70 [ 1584.378234][T18577] do_SYSENTER_32+0x1b/0x20 [ 1584.383008][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1584.389558][T18577] [ 1584.392048][T18577] Uninit was stored to memory at: [ 1584.397416][T18577] __get_compat_msghdr+0x514/0x750 [ 1584.402840][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1584.407890][T18577] ___sys_recvmsg+0x19d/0x870 [ 1584.412849][T18577] do_recvmmsg+0x63a/0x10a0 [ 1584.417510][T18577] __sys_recvmmsg+0x113/0x450 [ 1584.422476][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.428895][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1584.434206][T18577] do_fast_syscall_32+0x33/0x70 [ 1584.439203][T18577] do_SYSENTER_32+0x1b/0x20 [ 1584.443979][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1584.450537][T18577] [ 1584.453061][T18577] Uninit was stored to memory at: [ 1584.458310][T18577] __get_compat_msghdr+0x514/0x750 [ 1584.463736][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1584.468789][T18577] ___sys_recvmsg+0x19d/0x870 [ 1584.473746][T18577] do_recvmmsg+0x63a/0x10a0 [ 1584.478413][T18577] __sys_recvmmsg+0x113/0x450 [ 1584.483378][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.489803][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1584.495104][T18577] do_fast_syscall_32+0x33/0x70 [ 1584.500125][T18577] do_SYSENTER_32+0x1b/0x20 [ 1584.504896][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1584.511439][T18577] [ 1584.513934][T18577] Uninit was stored to memory at: [ 1584.518377][T18534] not chained 2250000 origins [ 1584.519133][T18577] __get_compat_msghdr+0x514/0x750 [ 1584.523955][T18534] CPU: 1 PID: 18534 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1584.528935][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1584.539463][T18534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1584.539517][T18534] Call Trace: [ 1584.539550][T18534] [ 1584.539581][T18534] dump_stack_lvl+0x1c8/0x256 [ 1584.544515][T18577] ___sys_recvmsg+0x19d/0x870 [ 1584.554697][T18534] dump_stack+0x1a/0x1c [ 1584.554886][T18534] kmsan_internal_chain_origin+0x78/0x120 [ 1584.558185][T18577] do_recvmmsg+0x63a/0x10a0 [ 1584.561143][T18534] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1584.565965][T18577] __sys_recvmmsg+0x113/0x450 [ 1584.570525][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1584.574769][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.580410][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1584.585023][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1584.590997][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1584.595774][T18577] do_fast_syscall_32+0x33/0x70 [ 1584.600791][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1584.607136][T18577] do_SYSENTER_32+0x1b/0x20 [ 1584.613282][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1584.613401][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1584.618401][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1584.623524][T18534] ? __get_compat_msghdr+0x5b/0x750 [ 1584.628486][T18577] [ 1584.628506][T18577] Uninit was stored to memory at: [ 1584.634299][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1584.634418][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1584.639055][T18577] __get_compat_msghdr+0x514/0x750 [ 1584.644054][T18534] ? should_fail+0x3f/0x810 [ 1584.644176][T18534] ? __stack_depot_save+0x21/0x4b0 [ 1584.649962][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1584.656299][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1584.656415][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1584.661612][T18577] ___sys_recvmsg+0x19d/0x870 [ 1584.663956][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1584.664072][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1584.669068][T18577] do_recvmmsg+0x63a/0x10a0 [ 1584.674192][T18534] __msan_chain_origin+0xbd/0x140 [ 1584.674311][T18534] __get_compat_msghdr+0x514/0x750 [ 1584.680116][T18577] __sys_recvmmsg+0x113/0x450 [ 1584.685280][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1584.685436][T18534] ? ___sys_recvmsg+0xa9/0x870 [ 1584.689945][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.695062][T18534] ? do_recvmmsg+0x63a/0x10a0 [ 1584.695167][T18534] ___sys_recvmsg+0x19d/0x870 [ 1584.700037][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1584.705171][T18534] ? __schedule+0x1609/0x21d0 [ 1584.705280][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1584.711516][T18577] do_fast_syscall_32+0x33/0x70 [ 1584.716202][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1584.716330][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1584.721437][T18577] do_SYSENTER_32+0x1b/0x20 [ 1584.727255][T18534] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1584.727391][T18534] do_recvmmsg+0x63a/0x10a0 [ 1584.731869][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1584.736951][T18534] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1584.742151][T18577] [ 1584.742172][T18577] Local variable msg_sys created at: [ 1584.746938][T18534] ? __sys_recvmmsg+0x52/0x450 [ 1584.751784][T18577] do_recvmmsg+0x5f/0x10a0 [ 1584.756552][T18534] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.756681][T18534] __sys_recvmmsg+0x113/0x450 [ 1584.763032][T18577] __sys_recvmmsg+0x113/0x450 [ 1584.767612][T18534] ? kmsan_get_metadata+0x33/0x220 [ 1584.871004][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1584.877463][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1584.882654][T18534] ? exit_to_user_mode_prepare+0x119/0x220 [ 1584.888645][T18534] do_fast_syscall_32+0x33/0x70 [ 1584.893661][T18534] do_SYSENTER_32+0x1b/0x20 [ 1584.898325][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1584.904884][T18534] RIP: 0023:0xf7f3a549 [ 1584.909078][T18534] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1584.928890][T18534] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1584.937481][T18534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1584.945610][T18534] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1584.953722][T18534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1584.961835][T18534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1584.969944][T18534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1584.978086][T18534] [ 1584.987759][T18534] Uninit was stored to memory at: [ 1584.994505][T18534] __get_compat_msghdr+0x514/0x750 [ 1584.999831][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1585.004993][T18534] ___sys_recvmsg+0x19d/0x870 [ 1585.009831][T18534] do_recvmmsg+0x63a/0x10a0 [ 1585.014596][T18534] __sys_recvmmsg+0x113/0x450 [ 1585.019438][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.025961][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1585.031143][T18534] do_fast_syscall_32+0x33/0x70 [ 1585.036234][T18534] do_SYSENTER_32+0x1b/0x20 [ 1585.040883][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1585.047520][T18534] [ 1585.049922][T18534] Uninit was stored to memory at: [ 1585.055259][T18534] __get_compat_msghdr+0x514/0x750 [ 1585.060588][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1585.065735][T18534] ___sys_recvmsg+0x19d/0x870 [ 1585.070573][T18534] do_recvmmsg+0x63a/0x10a0 [ 1585.075307][T18534] __sys_recvmmsg+0x113/0x450 [ 1585.080136][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.086717][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1585.091933][T18534] do_fast_syscall_32+0x33/0x70 [ 1585.097039][T18534] do_SYSENTER_32+0x1b/0x20 [ 1585.101692][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1585.108345][T18534] [ 1585.110749][T18534] Uninit was stored to memory at: [ 1585.116091][T18534] __get_compat_msghdr+0x514/0x750 [ 1585.121405][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1585.126560][T18534] ___sys_recvmsg+0x19d/0x870 [ 1585.131398][T18534] do_recvmmsg+0x63a/0x10a0 [ 1585.136181][T18534] __sys_recvmmsg+0x113/0x450 [ 1585.141017][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.147536][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1585.152816][T18534] do_fast_syscall_32+0x33/0x70 [ 1585.157819][T18534] do_SYSENTER_32+0x1b/0x20 [ 1585.162565][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1585.169114][T18534] [ 1585.171514][T18534] Uninit was stored to memory at: [ 1585.176865][T18534] __get_compat_msghdr+0x514/0x750 [ 1585.182177][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1585.187301][T18534] ___sys_recvmsg+0x19d/0x870 [ 1585.192154][T18534] do_recvmmsg+0x63a/0x10a0 [ 1585.196903][T18534] __sys_recvmmsg+0x113/0x450 [ 1585.201729][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.208256][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1585.213536][T18534] do_fast_syscall_32+0x33/0x70 [ 1585.218540][T18534] do_SYSENTER_32+0x1b/0x20 [ 1585.223286][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1585.229842][T18534] [ 1585.232337][T18534] Uninit was stored to memory at: [ 1585.237586][T18534] __get_compat_msghdr+0x514/0x750 [ 1585.242993][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1585.248044][T18534] ___sys_recvmsg+0x19d/0x870 [ 1585.252955][T18534] do_recvmmsg+0x63a/0x10a0 [ 1585.257609][T18534] __sys_recvmmsg+0x113/0x450 [ 1585.262535][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.268948][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1585.274253][T18534] do_fast_syscall_32+0x33/0x70 [ 1585.279266][T18534] do_SYSENTER_32+0x1b/0x20 [ 1585.284021][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1585.290576][T18534] [ 1585.293066][T18534] Uninit was stored to memory at: [ 1585.298313][T18534] __get_compat_msghdr+0x514/0x750 [ 1585.303710][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1585.308777][T18534] ___sys_recvmsg+0x19d/0x870 [ 1585.313698][T18534] do_recvmmsg+0x63a/0x10a0 [ 1585.318361][T18534] __sys_recvmmsg+0x113/0x450 [ 1585.323270][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.329684][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1585.334964][T18534] do_fast_syscall_32+0x33/0x70 [ 1585.339974][T18534] do_SYSENTER_32+0x1b/0x20 [ 1585.344719][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1585.351281][T18534] [ 1585.353794][T18534] Uninit was stored to memory at: [ 1585.359079][T18534] __get_compat_msghdr+0x514/0x750 [ 1585.364513][T18534] get_compat_msghdr+0x8c/0x1c0 [ 1585.369583][T18534] ___sys_recvmsg+0x19d/0x870 [ 1585.374513][T18534] do_recvmmsg+0x63a/0x10a0 [ 1585.379169][T18534] __sys_recvmmsg+0x113/0x450 [ 1585.384100][T18534] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.390529][T18534] __do_fast_syscall_32+0x95/0xf0 [ 1585.395805][T18534] do_fast_syscall_32+0x33/0x70 [ 1585.400813][T18534] do_SYSENTER_32+0x1b/0x20 [ 1585.405558][T18534] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1585.412118][T18534] [ 1585.414614][T18534] Local variable msg_sys created at: [ 1585.419990][T18534] do_recvmmsg+0x5f/0x10a0 [ 1585.424653][T18534] __sys_recvmmsg+0x113/0x450 [ 1585.538657][T18577] not chained 2260000 origins [ 1585.543815][T18577] CPU: 1 PID: 18577 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1585.554493][T18577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1585.564691][T18577] Call Trace: [ 1585.568076][T18577] [ 1585.571301][T18577] dump_stack_lvl+0x1c8/0x256 [ 1585.576201][T18577] dump_stack+0x1a/0x1c [ 1585.580553][T18577] kmsan_internal_chain_origin+0x78/0x120 [ 1585.586463][T18577] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1585.592753][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1585.598068][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1585.604510][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1585.609818][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1585.615833][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1585.621135][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1585.627144][T18577] ? __get_compat_msghdr+0x5b/0x750 [ 1585.632563][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1585.637855][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1585.643862][T18577] ? should_fail+0x3f/0x810 [ 1585.648559][T18577] ? __stack_depot_save+0x21/0x4b0 [ 1585.653857][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1585.659158][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1585.665595][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1585.670895][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1585.676895][T18577] __msan_chain_origin+0xbd/0x140 [ 1585.682093][T18577] __get_compat_msghdr+0x514/0x750 [ 1585.687442][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1585.692499][T18577] ? ___sys_recvmsg+0xa9/0x870 [ 1585.697414][T18577] ? do_recvmmsg+0x63a/0x10a0 [ 1585.702251][T18577] ___sys_recvmsg+0x19d/0x870 [ 1585.707096][T18577] ? __schedule+0x1609/0x21d0 [ 1585.711946][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1585.717247][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1585.723258][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1585.728548][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1585.734550][T18577] do_recvmmsg+0x63a/0x10a0 [ 1585.739236][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1585.745691][T18577] ? __sys_recvmmsg+0x52/0x450 [ 1585.750619][T18577] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.757233][T18577] __sys_recvmmsg+0x113/0x450 [ 1585.762078][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1585.767380][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.773825][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1585.779061][T18577] ? exit_to_user_mode_prepare+0x119/0x220 [ 1585.785054][T18577] do_fast_syscall_32+0x33/0x70 [ 1585.790076][T18577] do_SYSENTER_32+0x1b/0x20 [ 1585.794732][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1585.801290][T18577] RIP: 0023:0xf7f92549 [ 1585.805487][T18577] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1585.825296][T18577] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1585.833884][T18577] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1585.842016][T18577] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1585.850160][T18577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1585.858268][T18577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1585.866392][T18577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1585.874523][T18577] [ 1585.883571][T18577] Uninit was stored to memory at: [ 1585.888857][T18577] __get_compat_msghdr+0x514/0x750 [ 1585.894751][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1585.899813][T18577] ___sys_recvmsg+0x19d/0x870 [ 1585.904746][T18577] do_recvmmsg+0x63a/0x10a0 [ 1585.909404][T18577] __sys_recvmmsg+0x113/0x450 [ 1585.914362][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.920785][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1585.926065][T18577] do_fast_syscall_32+0x33/0x70 [ 1585.931071][T18577] do_SYSENTER_32+0x1b/0x20 [ 1585.935823][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1585.942482][T18577] [ 1585.944884][T18577] Uninit was stored to memory at: [ 1585.950133][T18577] __get_compat_msghdr+0x514/0x750 [ 1585.955551][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1585.960616][T18577] ___sys_recvmsg+0x19d/0x870 [ 1585.965567][T18577] do_recvmmsg+0x63a/0x10a0 [ 1585.970237][T18577] __sys_recvmmsg+0x113/0x450 [ 1585.975191][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1585.981617][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1585.986901][T18577] do_fast_syscall_32+0x33/0x70 [ 1585.991906][T18577] do_SYSENTER_32+0x1b/0x20 [ 1585.996643][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.003294][T18577] [ 1586.005706][T18577] Uninit was stored to memory at: [ 1586.010954][T18577] __get_compat_msghdr+0x514/0x750 [ 1586.016370][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1586.021418][T18577] ___sys_recvmsg+0x19d/0x870 [ 1586.026363][T18577] do_recvmmsg+0x63a/0x10a0 [ 1586.031021][T18577] __sys_recvmmsg+0x113/0x450 [ 1586.035959][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.042473][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1586.047655][T18577] do_fast_syscall_32+0x33/0x70 [ 1586.052753][T18577] do_SYSENTER_32+0x1b/0x20 [ 1586.057403][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.064048][T18577] [ 1586.066457][T18577] Uninit was stored to memory at: [ 1586.071707][T18577] __get_compat_msghdr+0x514/0x750 [ 1586.077199][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1586.082383][T18577] ___sys_recvmsg+0x19d/0x870 [ 1586.087207][T18577] do_recvmmsg+0x63a/0x10a0 [ 1586.091871][T18577] __sys_recvmmsg+0x113/0x450 [ 1586.096806][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.103327][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1586.108508][T18577] do_fast_syscall_32+0x33/0x70 [ 1586.113605][T18577] do_SYSENTER_32+0x1b/0x20 [ 1586.118256][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.124912][T18577] [ 1586.127326][T18577] Uninit was stored to memory at: [ 1586.132670][T18577] __get_compat_msghdr+0x514/0x750 [ 1586.137985][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1586.143130][T18577] ___sys_recvmsg+0x19d/0x870 [ 1586.147967][T18577] do_recvmmsg+0x63a/0x10a0 [ 1586.152709][T18577] __sys_recvmmsg+0x113/0x450 [ 1586.157539][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.164033][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1586.169216][T18577] do_fast_syscall_32+0x33/0x70 [ 1586.174333][T18577] do_SYSENTER_32+0x1b/0x20 [ 1586.178983][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.185711][T18577] [ 1586.188135][T18577] Uninit was stored to memory at: [ 1586.193666][T18577] __get_compat_msghdr+0x514/0x750 [ 1586.198981][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1586.204217][T18577] ___sys_recvmsg+0x19d/0x870 [ 1586.209063][T18577] do_recvmmsg+0x63a/0x10a0 [ 1586.213876][T18577] __sys_recvmmsg+0x113/0x450 [ 1586.218712][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.225284][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1586.230468][T18577] do_fast_syscall_32+0x33/0x70 [ 1586.235643][T18577] do_SYSENTER_32+0x1b/0x20 [ 1586.240299][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.247016][T18577] [ 1586.249419][T18577] Uninit was stored to memory at: [ 1586.254770][T18577] __get_compat_msghdr+0x514/0x750 [ 1586.260083][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1586.265289][T18577] ___sys_recvmsg+0x19d/0x870 [ 1586.270165][T18577] do_recvmmsg+0x63a/0x10a0 [ 1586.274990][T18577] __sys_recvmmsg+0x113/0x450 [ 1586.279821][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.286403][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1586.291584][T18577] do_fast_syscall_32+0x33/0x70 [ 1586.296760][T18577] do_SYSENTER_32+0x1b/0x20 [ 1586.301415][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.308125][T18577] [ 1586.310545][T18577] Local variable msg_sys created at: [ 1586.316090][T18577] do_recvmmsg+0x5f/0x10a0 [ 1586.320638][T18577] __sys_recvmmsg+0x113/0x450 [ 1586.358137][T18581] not chained 2270000 origins [ 1586.363058][T18581] CPU: 1 PID: 18581 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1586.373741][T18581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1586.383937][T18581] Call Trace: [ 1586.387354][T18581] [ 1586.390381][T18581] dump_stack_lvl+0x1c8/0x256 [ 1586.395277][T18581] dump_stack+0x1a/0x1c [ 1586.399629][T18581] kmsan_internal_chain_origin+0x78/0x120 [ 1586.405546][T18581] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1586.411813][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1586.417114][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1586.423570][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1586.428902][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1586.434906][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1586.440198][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1586.446206][T18581] ? __get_compat_msghdr+0x5b/0x750 [ 1586.451623][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1586.456917][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1586.462922][T18581] ? should_fail+0x3f/0x810 [ 1586.467605][T18581] ? __stack_depot_save+0x21/0x4b0 [ 1586.472898][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1586.478193][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1586.484637][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1586.489926][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1586.495919][T18581] __msan_chain_origin+0xbd/0x140 [ 1586.501124][T18581] __get_compat_msghdr+0x514/0x750 [ 1586.506477][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1586.511534][T18581] ? ___sys_recvmsg+0xa9/0x870 [ 1586.516544][T18581] ? do_recvmmsg+0x63a/0x10a0 [ 1586.521390][T18581] ___sys_recvmsg+0x19d/0x870 [ 1586.526240][T18581] ? __schedule+0x1609/0x21d0 [ 1586.531095][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1586.536387][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1586.542379][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1586.547664][T18581] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1586.553670][T18581] do_recvmmsg+0x63a/0x10a0 [ 1586.558362][T18581] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1586.564817][T18581] ? __sys_recvmmsg+0x52/0x450 [ 1586.569742][T18581] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.576344][T18581] __sys_recvmmsg+0x113/0x450 [ 1586.581179][T18581] ? kmsan_get_metadata+0x33/0x220 [ 1586.586493][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.592941][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1586.598142][T18581] ? exit_to_user_mode_prepare+0x119/0x220 [ 1586.604151][T18581] do_fast_syscall_32+0x33/0x70 [ 1586.609179][T18581] do_SYSENTER_32+0x1b/0x20 [ 1586.613842][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.620410][T18581] RIP: 0023:0xf7fc6549 [ 1586.624609][T18581] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1586.644430][T18581] RSP: 002b:00000000f7fa05cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1586.653017][T18581] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1586.661148][T18581] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1586.669273][T18581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1586.677388][T18581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1586.685492][T18581] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1586.693626][T18581] [ 1586.696910][T18581] Uninit was stored to memory at: [ 1586.702168][T18581] __get_compat_msghdr+0x514/0x750 [ 1586.707575][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1586.712725][T18581] ___sys_recvmsg+0x19d/0x870 [ 1586.717567][T18581] do_recvmmsg+0x63a/0x10a0 [ 1586.722305][T18581] __sys_recvmmsg+0x113/0x450 [ 1586.727129][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.733644][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1586.738824][T18581] do_fast_syscall_32+0x33/0x70 [ 1586.743940][T18581] do_SYSENTER_32+0x1b/0x20 [ 1586.748601][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.755248][T18581] [ 1586.757647][T18581] Uninit was stored to memory at: [ 1586.762989][T18581] __get_compat_msghdr+0x514/0x750 [ 1586.768304][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1586.773465][T18581] ___sys_recvmsg+0x19d/0x870 [ 1586.778299][T18581] do_recvmmsg+0x63a/0x10a0 [ 1586.783120][T18581] __sys_recvmmsg+0x113/0x450 [ 1586.787956][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.794468][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1586.799649][T18581] do_fast_syscall_32+0x33/0x70 [ 1586.804756][T18581] do_SYSENTER_32+0x1b/0x20 [ 1586.809411][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.816067][T18581] [ 1586.818477][T18581] Uninit was stored to memory at: [ 1586.823816][T18581] __get_compat_msghdr+0x514/0x750 [ 1586.829138][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1586.834267][T18581] ___sys_recvmsg+0x19d/0x870 [ 1586.839099][T18581] do_recvmmsg+0x63a/0x10a0 [ 1586.843835][T18581] __sys_recvmmsg+0x113/0x450 [ 1586.848668][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.855176][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1586.860360][T18581] do_fast_syscall_32+0x33/0x70 [ 1586.865466][T18581] do_SYSENTER_32+0x1b/0x20 [ 1586.870139][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.876794][T18581] [ 1586.879202][T18581] Uninit was stored to memory at: [ 1586.884544][T18581] __get_compat_msghdr+0x514/0x750 [ 1586.889869][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1586.895033][T18581] ___sys_recvmsg+0x19d/0x870 [ 1586.899875][T18581] do_recvmmsg+0x63a/0x10a0 [ 1586.904616][T18581] __sys_recvmmsg+0x113/0x450 [ 1586.909445][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.915969][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1586.921153][T18581] do_fast_syscall_32+0x33/0x70 [ 1586.926244][T18581] do_SYSENTER_32+0x1b/0x20 [ 1586.930898][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.937543][T18581] [ 1586.939946][T18581] Uninit was stored to memory at: [ 1586.945282][T18581] __get_compat_msghdr+0x514/0x750 [ 1586.950598][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1586.955758][T18581] ___sys_recvmsg+0x19d/0x870 [ 1586.960600][T18581] do_recvmmsg+0x63a/0x10a0 [ 1586.965352][T18581] __sys_recvmmsg+0x113/0x450 [ 1586.970185][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1586.976699][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1586.981892][T18581] do_fast_syscall_32+0x33/0x70 [ 1586.986996][T18581] do_SYSENTER_32+0x1b/0x20 [ 1586.991658][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1586.998325][T18581] [ 1587.000729][T18581] Uninit was stored to memory at: [ 1587.006072][T18581] __get_compat_msghdr+0x514/0x750 [ 1587.011382][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1587.016508][T18581] ___sys_recvmsg+0x19d/0x870 [ 1587.021347][T18581] do_recvmmsg+0x63a/0x10a0 [ 1587.026116][T18581] __sys_recvmmsg+0x113/0x450 [ 1587.030957][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.037469][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1587.042735][T18581] do_fast_syscall_32+0x33/0x70 [ 1587.047749][T18581] do_SYSENTER_32+0x1b/0x20 [ 1587.052485][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1587.059051][T18581] [ 1587.061456][T18581] Uninit was stored to memory at: [ 1587.066825][T18581] __get_compat_msghdr+0x514/0x750 [ 1587.072150][T18581] get_compat_msghdr+0x8c/0x1c0 [ 1587.077287][T18581] ___sys_recvmsg+0x19d/0x870 [ 1587.082116][T18581] do_recvmmsg+0x63a/0x10a0 [ 1587.086877][T18581] __sys_recvmmsg+0x113/0x450 [ 1587.091700][T18581] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.098222][T18581] __do_fast_syscall_32+0x95/0xf0 [ 1587.103493][T18581] do_fast_syscall_32+0x33/0x70 [ 1587.108505][T18581] do_SYSENTER_32+0x1b/0x20 [ 1587.113254][T18581] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1587.119806][T18581] [ 1587.122314][T18581] Local variable msg_sys created at: [ 1587.127688][T18581] do_recvmmsg+0x5f/0x10a0 [ 1587.132344][T18581] __sys_recvmmsg+0x113/0x450 [ 1587.195526][T18635] not chained 2280000 origins [ 1587.200353][T18635] CPU: 1 PID: 18635 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1587.211032][T18635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1587.221224][T18635] Call Trace: [ 1587.224604][T18635] [ 1587.227627][T18635] dump_stack_lvl+0x1c8/0x256 [ 1587.232519][T18635] dump_stack+0x1a/0x1c [ 1587.236859][T18635] kmsan_internal_chain_origin+0x78/0x120 [ 1587.242765][T18635] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1587.249023][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1587.254314][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1587.260745][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1587.266042][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1587.272041][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1587.277336][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1587.283343][T18635] ? __get_compat_msghdr+0x5b/0x750 [ 1587.288752][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1587.294049][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1587.300051][T18635] ? should_fail+0x3f/0x810 [ 1587.304735][T18635] ? __stack_depot_save+0x21/0x4b0 [ 1587.310028][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1587.315316][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1587.321748][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1587.327043][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1587.333042][T18635] __msan_chain_origin+0xbd/0x140 [ 1587.338250][T18635] __get_compat_msghdr+0x514/0x750 [ 1587.343600][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1587.348661][T18635] ? ___sys_recvmsg+0xa9/0x870 [ 1587.353610][T18635] ? do_recvmmsg+0x63a/0x10a0 [ 1587.358453][T18635] ___sys_recvmsg+0x19d/0x870 [ 1587.363286][T18635] ? _raw_spin_unlock+0x25/0x40 [ 1587.368326][T18635] ? __schedule+0x1035/0x21d0 [ 1587.373176][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1587.378469][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1587.384472][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1587.389766][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1587.395772][T18635] do_recvmmsg+0x63a/0x10a0 [ 1587.400472][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1587.406917][T18635] ? __sys_recvmmsg+0x52/0x450 [ 1587.411846][T18635] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.418453][T18635] __sys_recvmmsg+0x113/0x450 [ 1587.423292][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1587.428598][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.435041][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1587.440227][T18635] ? exit_to_user_mode_prepare+0x119/0x220 [ 1587.446208][T18635] do_fast_syscall_32+0x33/0x70 [ 1587.451222][T18635] do_SYSENTER_32+0x1b/0x20 [ 1587.455882][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1587.462436][T18635] RIP: 0023:0xf7fc4549 [ 1587.466625][T18635] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1587.486526][T18635] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1587.495113][T18635] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1587.503230][T18635] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1587.511337][T18635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1587.519436][T18635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1587.527542][T18635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1587.535678][T18635] [ 1587.548838][T18635] Uninit was stored to memory at: [ 1587.555820][T18635] __get_compat_msghdr+0x514/0x750 [ 1587.561163][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1587.566325][T18635] ___sys_recvmsg+0x19d/0x870 [ 1587.571182][T18635] do_recvmmsg+0x63a/0x10a0 [ 1587.575936][T18635] __sys_recvmmsg+0x113/0x450 [ 1587.580762][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.587282][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1587.592545][T18635] do_fast_syscall_32+0x33/0x70 [ 1587.597547][T18635] do_SYSENTER_32+0x1b/0x20 [ 1587.602283][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1587.608839][T18635] [ 1587.611244][T18635] Uninit was stored to memory at: [ 1587.616597][T18635] __get_compat_msghdr+0x514/0x750 [ 1587.621920][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1587.627072][T18635] ___sys_recvmsg+0x19d/0x870 [ 1587.631906][T18635] do_recvmmsg+0x63a/0x10a0 [ 1587.636646][T18635] __sys_recvmmsg+0x113/0x450 [ 1587.641488][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.648018][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1587.653300][T18635] do_fast_syscall_32+0x33/0x70 [ 1587.658306][T18635] do_SYSENTER_32+0x1b/0x20 [ 1587.663040][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1587.669587][T18635] [ 1587.671985][T18635] Uninit was stored to memory at: [ 1587.677329][T18635] __get_compat_msghdr+0x514/0x750 [ 1587.682738][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1587.687815][T18635] ___sys_recvmsg+0x19d/0x870 [ 1587.692758][T18635] do_recvmmsg+0x63a/0x10a0 [ 1587.697434][T18635] __sys_recvmmsg+0x113/0x450 [ 1587.702372][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.708797][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1587.714080][T18635] do_fast_syscall_32+0x33/0x70 [ 1587.719084][T18635] do_SYSENTER_32+0x1b/0x20 [ 1587.723824][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1587.730380][T18635] [ 1587.732878][T18635] Uninit was stored to memory at: [ 1587.738130][T18635] __get_compat_msghdr+0x514/0x750 [ 1587.743545][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1587.748591][T18635] ___sys_recvmsg+0x19d/0x870 [ 1587.753507][T18635] do_recvmmsg+0x63a/0x10a0 [ 1587.758159][T18635] __sys_recvmmsg+0x113/0x450 [ 1587.763072][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.769490][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1587.774758][T18635] do_fast_syscall_32+0x33/0x70 [ 1587.779765][T18635] do_SYSENTER_32+0x1b/0x20 [ 1587.784507][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1587.791065][T18635] [ 1587.794086][T18635] Uninit was stored to memory at: [ 1587.799336][T18635] __get_compat_msghdr+0x514/0x750 [ 1587.804818][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1587.809932][T18635] ___sys_recvmsg+0x19d/0x870 [ 1587.814859][T18635] do_recvmmsg+0x63a/0x10a0 [ 1587.819525][T18635] __sys_recvmmsg+0x113/0x450 [ 1587.824533][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.830954][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1587.836234][T18635] do_fast_syscall_32+0x33/0x70 [ 1587.841246][T18635] do_SYSENTER_32+0x1b/0x20 [ 1587.846006][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1587.852637][T18635] [ 1587.855037][T18635] Uninit was stored to memory at: [ 1587.860289][T18635] __get_compat_msghdr+0x514/0x750 [ 1587.865709][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1587.870766][T18635] ___sys_recvmsg+0x19d/0x870 [ 1587.875697][T18635] do_recvmmsg+0x63a/0x10a0 [ 1587.880353][T18635] __sys_recvmmsg+0x113/0x450 [ 1587.885282][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.891703][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1587.896999][T18635] do_fast_syscall_32+0x33/0x70 [ 1587.902012][T18635] do_SYSENTER_32+0x1b/0x20 [ 1587.906755][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1587.913834][T18635] [ 1587.916239][T18635] Uninit was stored to memory at: [ 1587.921493][T18635] __get_compat_msghdr+0x514/0x750 [ 1587.926920][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1587.931985][T18635] ___sys_recvmsg+0x19d/0x870 [ 1587.936946][T18635] do_recvmmsg+0x63a/0x10a0 [ 1587.941605][T18635] __sys_recvmmsg+0x113/0x450 [ 1587.946526][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1587.953044][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1587.958232][T18635] do_fast_syscall_32+0x33/0x70 [ 1587.963341][T18635] do_SYSENTER_32+0x1b/0x20 [ 1587.968003][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1587.974643][T18635] [ 1587.977050][T18635] Local variable msg_sys created at: [ 1587.982514][T18635] do_recvmmsg+0x5f/0x10a0 [ 1587.987080][T18635] __sys_recvmmsg+0x113/0x450 [ 1588.099559][T18622] not chained 2290000 origins [ 1588.104596][T18622] CPU: 0 PID: 18622 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1588.115273][T18622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1588.125478][T18622] Call Trace: [ 1588.128854][T18622] [ 1588.131881][T18622] dump_stack_lvl+0x1c8/0x256 [ 1588.136775][T18622] dump_stack+0x1a/0x1c [ 1588.141116][T18622] kmsan_internal_chain_origin+0x78/0x120 [ 1588.147019][T18622] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1588.153267][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1588.158558][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1588.164991][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1588.170285][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.176282][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1588.181577][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.187571][T18622] ? __get_compat_msghdr+0x5b/0x750 [ 1588.192982][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1588.198279][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.204292][T18622] ? should_fail+0x3f/0x810 [ 1588.208978][T18622] ? __stack_depot_save+0x21/0x4b0 [ 1588.214264][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1588.219558][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1588.225999][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1588.231289][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.237294][T18622] __msan_chain_origin+0xbd/0x140 [ 1588.242497][T18622] __get_compat_msghdr+0x514/0x750 [ 1588.247848][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1588.252908][T18622] ? ___sys_recvmsg+0xa9/0x870 [ 1588.257824][T18622] ? do_recvmmsg+0x63a/0x10a0 [ 1588.262656][T18622] ___sys_recvmsg+0x19d/0x870 [ 1588.267496][T18622] ? __schedule+0x1609/0x21d0 [ 1588.272340][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1588.277644][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.283637][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1588.288924][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.294927][T18622] do_recvmmsg+0x63a/0x10a0 [ 1588.299619][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1588.306062][T18622] ? __sys_recvmmsg+0x52/0x450 [ 1588.310979][T18622] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1588.317587][T18622] __sys_recvmmsg+0x113/0x450 [ 1588.322430][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1588.327733][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1588.334173][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1588.339357][T18622] ? exit_to_user_mode_prepare+0x119/0x220 [ 1588.345350][T18622] do_fast_syscall_32+0x33/0x70 [ 1588.350368][T18622] do_SYSENTER_32+0x1b/0x20 [ 1588.355031][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1588.361586][T18622] RIP: 0023:0xf7fce549 [ 1588.365777][T18622] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1588.385598][T18622] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1588.394180][T18622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1588.402296][T18622] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1588.410411][T18622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1588.418515][T18622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1588.426620][T18622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1588.434753][T18622] [ 1588.445620][T18622] Uninit was stored to memory at: [ 1588.450914][T18622] __get_compat_msghdr+0x514/0x750 [ 1588.456905][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1588.461963][T18622] ___sys_recvmsg+0x19d/0x870 [ 1588.466921][T18622] do_recvmmsg+0x63a/0x10a0 [ 1588.471580][T18622] __sys_recvmmsg+0x113/0x450 [ 1588.476536][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1588.483046][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1588.488231][T18622] do_fast_syscall_32+0x33/0x70 [ 1588.493355][T18622] do_SYSENTER_32+0x1b/0x20 [ 1588.498016][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1588.504695][T18622] [ 1588.507105][T18622] Uninit was stored to memory at: [ 1588.512460][T18622] __get_compat_msghdr+0x514/0x750 [ 1588.517793][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1588.523110][T18622] ___sys_recvmsg+0x19d/0x870 [ 1588.527961][T18622] do_recvmmsg+0x63a/0x10a0 [ 1588.532762][T18622] __sys_recvmmsg+0x113/0x450 [ 1588.537611][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1588.544168][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1588.549360][T18622] do_fast_syscall_32+0x33/0x70 [ 1588.554492][T18622] do_SYSENTER_32+0x1b/0x20 [ 1588.559160][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1588.565853][T18622] [ 1588.568256][T18622] Uninit was stored to memory at: [ 1588.573599][T18622] __get_compat_msghdr+0x514/0x750 [ 1588.578966][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1588.584182][T18622] ___sys_recvmsg+0x19d/0x870 [ 1588.589032][T18622] do_recvmmsg+0x63a/0x10a0 [ 1588.593855][T18622] __sys_recvmmsg+0x113/0x450 [ 1588.598698][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1588.605269][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1588.610467][T18622] do_fast_syscall_32+0x33/0x70 [ 1588.615611][T18622] do_SYSENTER_32+0x1b/0x20 [ 1588.620273][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1588.626964][T18622] [ 1588.629370][T18622] Uninit was stored to memory at: [ 1588.634715][T18622] __get_compat_msghdr+0x514/0x750 [ 1588.640037][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1588.645311][T18622] ___sys_recvmsg+0x19d/0x870 [ 1588.650151][T18622] do_recvmmsg+0x63a/0x10a0 [ 1588.655013][T18622] __sys_recvmmsg+0x113/0x450 [ 1588.659851][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1588.666474][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1588.671656][T18622] do_fast_syscall_32+0x33/0x70 [ 1588.676858][T18622] do_SYSENTER_32+0x1b/0x20 [ 1588.681515][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1588.688269][T18622] [ 1588.690678][T18622] Uninit was stored to memory at: [ 1588.696058][T18622] __get_compat_msghdr+0x514/0x750 [ 1588.701462][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1588.706702][T18622] ___sys_recvmsg+0x19d/0x870 [ 1588.711536][T18622] do_recvmmsg+0x63a/0x10a0 [ 1588.716393][T18622] __sys_recvmmsg+0x113/0x450 [ 1588.721227][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1588.727843][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1588.733125][T18622] do_fast_syscall_32+0x33/0x70 [ 1588.738137][T18622] do_SYSENTER_32+0x1b/0x20 [ 1588.742981][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1588.749530][T18622] [ 1588.749913][T18577] not chained 2300000 origins [ 1588.751891][T18622] Uninit was stored to memory at: [ 1588.752048][T18622] __get_compat_msghdr+0x514/0x750 [ 1588.756947][T18577] CPU: 1 PID: 18577 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1588.761787][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1588.766909][T18577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1588.766963][T18577] Call Trace: [ 1588.766995][T18577] [ 1588.767025][T18577] dump_stack_lvl+0x1c8/0x256 [ 1588.777641][T18622] ___sys_recvmsg+0x19d/0x870 [ 1588.782412][T18577] dump_stack+0x1a/0x1c [ 1588.792650][T18622] do_recvmmsg+0x63a/0x10a0 [ 1588.795846][T18577] kmsan_internal_chain_origin+0x78/0x120 [ 1588.798787][T18622] __sys_recvmmsg+0x113/0x450 [ 1588.803470][T18577] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1588.803596][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1588.808258][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1588.812425][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1588.812556][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1588.817034][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1588.822764][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.822898][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1588.827544][T18622] do_fast_syscall_32+0x33/0x70 [ 1588.833622][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.833749][T18577] ? __get_compat_msghdr+0x5b/0x750 [ 1588.838841][T18622] do_SYSENTER_32+0x1b/0x20 [ 1588.845091][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1588.845208][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.851440][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1588.856567][T18577] ? should_fail+0x3f/0x810 [ 1588.856686][T18577] ? __stack_depot_save+0x21/0x4b0 [ 1588.861696][T18622] [ 1588.861714][T18622] Uninit was stored to memory at: [ 1588.867510][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1588.867629][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1588.872938][T18622] __get_compat_msghdr+0x514/0x750 [ 1588.877601][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1588.877713][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.883643][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1588.888748][T18577] __msan_chain_origin+0xbd/0x140 [ 1588.893358][T18622] ___sys_recvmsg+0x19d/0x870 [ 1588.898375][T18577] __get_compat_msghdr+0x514/0x750 [ 1588.904283][T18622] do_recvmmsg+0x63a/0x10a0 [ 1588.910545][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1588.915123][T18622] __sys_recvmmsg+0x113/0x450 [ 1588.920143][T18577] ? ___sys_recvmsg+0xa9/0x870 [ 1588.922565][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1588.927514][T18577] ? do_recvmmsg+0x63a/0x10a0 [ 1588.932737][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1588.938892][T18577] ___sys_recvmsg+0x19d/0x870 [ 1588.944104][T18622] do_fast_syscall_32+0x33/0x70 [ 1588.949132][T18577] ? __schedule+0x1609/0x21d0 [ 1588.955044][T18622] do_SYSENTER_32+0x1b/0x20 [ 1588.959817][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1588.964933][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1588.969518][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.974715][T18622] [ 1588.979148][T18577] ? kmsan_get_metadata+0x33/0x220 02:34:17 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) 02:34:17 executing program 4: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1588.984108][T18622] Local variable msg_sys created at: [ 1588.988692][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1588.993558][T18622] do_recvmmsg+0x5f/0x10a0 [ 1588.999718][T18577] do_recvmmsg+0x63a/0x10a0 [ 1589.004493][T18622] __sys_recvmmsg+0x113/0x450 [ 1589.009453][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1589.086620][T18577] ? __sys_recvmmsg+0x52/0x450 [ 1589.091561][T18577] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1589.098180][T18577] __sys_recvmmsg+0x113/0x450 [ 1589.103029][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1589.108340][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1589.114792][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1589.119981][T18577] ? exit_to_user_mode_prepare+0x119/0x220 [ 1589.125974][T18577] do_fast_syscall_32+0x33/0x70 [ 1589.130998][T18577] do_SYSENTER_32+0x1b/0x20 [ 1589.135669][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1589.142239][T18577] RIP: 0023:0xf7f92549 [ 1589.146423][T18577] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1589.166233][T18577] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1589.174846][T18577] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1589.182970][T18577] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1589.191084][T18577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1589.199193][T18577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1589.207312][T18577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1589.215446][T18577] [ 1589.228325][T18577] Uninit was stored to memory at: [ 1589.236880][T18577] __get_compat_msghdr+0x514/0x750 [ 1589.242319][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1589.247386][T18577] ___sys_recvmsg+0x19d/0x870 [ 1589.252311][T18577] do_recvmmsg+0x63a/0x10a0 [ 1589.256963][T18577] __sys_recvmmsg+0x113/0x450 [ 1589.261790][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1589.268293][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1589.273567][T18577] do_fast_syscall_32+0x33/0x70 [ 1589.278571][T18577] do_SYSENTER_32+0x1b/0x20 [ 1589.283316][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1589.289876][T18577] [ 1589.292372][T18577] Uninit was stored to memory at: [ 1589.297618][T18577] __get_compat_msghdr+0x514/0x750 [ 1589.303042][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1589.308106][T18577] ___sys_recvmsg+0x19d/0x870 [ 1589.313035][T18577] do_recvmmsg+0x63a/0x10a0 [ 1589.317708][T18577] __sys_recvmmsg+0x113/0x450 [ 1589.322631][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1589.329060][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1589.334346][T18577] do_fast_syscall_32+0x33/0x70 [ 1589.339433][T18577] do_SYSENTER_32+0x1b/0x20 [ 1589.344172][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1589.350723][T18577] [ 1589.353223][T18577] Uninit was stored to memory at: [ 1589.358474][T18577] __get_compat_msghdr+0x514/0x750 [ 1589.363899][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1589.368958][T18577] ___sys_recvmsg+0x19d/0x870 [ 1589.373887][T18577] do_recvmmsg+0x63a/0x10a0 [ 1589.378547][T18577] __sys_recvmmsg+0x113/0x450 [ 1589.383489][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1589.389921][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1589.395205][T18577] do_fast_syscall_32+0x33/0x70 [ 1589.400220][T18577] do_SYSENTER_32+0x1b/0x20 [ 1589.404973][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1589.411539][T18577] [ 1589.414051][T18577] Uninit was stored to memory at: [ 1589.419311][T18577] __get_compat_msghdr+0x514/0x750 [ 1589.424731][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1589.429805][T18577] ___sys_recvmsg+0x19d/0x870 [ 1589.434741][T18577] do_recvmmsg+0x63a/0x10a0 [ 1589.439409][T18577] __sys_recvmmsg+0x113/0x450 [ 1589.444438][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1589.450866][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1589.456157][T18577] do_fast_syscall_32+0x33/0x70 [ 1589.461165][T18577] do_SYSENTER_32+0x1b/0x20 [ 1589.465920][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1589.472571][T18577] [ 1589.474984][T18577] Uninit was stored to memory at: [ 1589.480235][T18577] __get_compat_msghdr+0x514/0x750 [ 1589.485658][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1589.490717][T18577] ___sys_recvmsg+0x19d/0x870 [ 1589.495644][T18577] do_recvmmsg+0x63a/0x10a0 [ 1589.500298][T18577] __sys_recvmmsg+0x113/0x450 [ 1589.505231][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1589.511660][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1589.516946][T18577] do_fast_syscall_32+0x33/0x70 [ 1589.521959][T18577] do_SYSENTER_32+0x1b/0x20 [ 1589.526708][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1589.533373][T18577] [ 1589.535788][T18577] Uninit was stored to memory at: [ 1589.541044][T18577] __get_compat_msghdr+0x514/0x750 [ 1589.546479][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1589.551538][T18577] ___sys_recvmsg+0x19d/0x870 [ 1589.556549][T18577] do_recvmmsg+0x63a/0x10a0 [ 1589.561222][T18577] __sys_recvmmsg+0x113/0x450 [ 1589.566241][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1589.572758][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1589.577953][T18577] do_fast_syscall_32+0x33/0x70 [ 1589.583116][T18577] do_SYSENTER_32+0x1b/0x20 [ 1589.587776][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1589.594588][T18577] [ 1589.596991][T18577] Uninit was stored to memory at: [ 1589.602461][T18577] __get_compat_msghdr+0x514/0x750 [ 1589.607791][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1589.612954][T18577] ___sys_recvmsg+0x19d/0x870 [ 1589.617807][T18577] do_recvmmsg+0x63a/0x10a0 [ 1589.622619][T18577] __sys_recvmmsg+0x113/0x450 [ 1589.627463][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1589.633990][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1589.639178][T18577] do_fast_syscall_32+0x33/0x70 [ 1589.644339][T18577] do_SYSENTER_32+0x1b/0x20 [ 1589.649002][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1589.655719][T18577] [ 1589.658139][T18577] Local variable msg_sys created at: [ 1589.663695][T18577] do_recvmmsg+0x5f/0x10a0 [ 1589.668286][T18577] __sys_recvmmsg+0x113/0x450 [ 1589.830587][T18577] not chained 2310000 origins [ 1589.835569][T18577] CPU: 1 PID: 18577 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1589.846254][T18577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1589.856454][T18577] Call Trace: [ 1589.859840][T18577] [ 1589.862866][T18577] dump_stack_lvl+0x1c8/0x256 [ 1589.867744][T18577] dump_stack+0x1a/0x1c [ 1589.872070][T18577] kmsan_internal_chain_origin+0x78/0x120 [ 1589.877960][T18577] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1589.884195][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1589.889469][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1589.895885][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1589.901157][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1589.907133][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1589.912411][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1589.918386][T18577] ? __get_compat_msghdr+0x5b/0x750 [ 1589.923785][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1589.929069][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1589.935076][T18577] ? should_fail+0x3f/0x810 [ 1589.939753][T18577] ? __stack_depot_save+0x21/0x4b0 [ 1589.945020][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1589.950294][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1589.956713][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1589.961984][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1589.967959][T18577] __msan_chain_origin+0xbd/0x140 [ 1589.973141][T18577] __get_compat_msghdr+0x514/0x750 [ 1589.978481][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1589.983519][T18577] ? ___sys_recvmsg+0xa9/0x870 [ 1589.988423][T18577] ? do_recvmmsg+0x63a/0x10a0 [ 1589.993249][T18577] ___sys_recvmsg+0x19d/0x870 [ 1589.998081][T18577] ? __schedule+0x1609/0x21d0 [ 1590.002909][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1590.008179][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1590.014157][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1590.019435][T18577] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1590.025425][T18577] do_recvmmsg+0x63a/0x10a0 [ 1590.030094][T18577] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1590.036511][T18577] ? __sys_recvmmsg+0x52/0x450 [ 1590.041418][T18577] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1590.048001][T18577] __sys_recvmmsg+0x113/0x450 [ 1590.052820][T18577] ? kmsan_get_metadata+0x33/0x220 [ 1590.058103][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1590.064522][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1590.069691][T18577] ? exit_to_user_mode_prepare+0x119/0x220 [ 1590.075661][T18577] do_fast_syscall_32+0x33/0x70 [ 1590.080656][T18577] do_SYSENTER_32+0x1b/0x20 [ 1590.085299][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1590.091842][T18577] RIP: 0023:0xf7f92549 [ 1590.096017][T18577] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1590.115890][T18577] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1590.124457][T18577] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1590.132556][T18577] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1590.140652][T18577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1590.148757][T18577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1590.156847][T18577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1590.164963][T18577] [ 1590.174412][T18577] Uninit was stored to memory at: [ 1590.179703][T18577] __get_compat_msghdr+0x514/0x750 [ 1590.185730][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1590.190805][T18577] ___sys_recvmsg+0x19d/0x870 [ 1590.195741][T18577] do_recvmmsg+0x63a/0x10a0 [ 1590.200417][T18577] __sys_recvmmsg+0x113/0x450 [ 1590.205348][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1590.211776][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1590.217057][T18577] do_fast_syscall_32+0x33/0x70 [ 1590.222063][T18577] do_SYSENTER_32+0x1b/0x20 [ 1590.226815][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1590.233470][T18577] [ 1590.235873][T18577] Uninit was stored to memory at: [ 1590.241149][T18577] __get_compat_msghdr+0x514/0x750 [ 1590.246588][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1590.251647][T18577] ___sys_recvmsg+0x19d/0x870 [ 1590.256575][T18577] do_recvmmsg+0x63a/0x10a0 [ 1590.261232][T18577] __sys_recvmmsg+0x113/0x450 [ 1590.266175][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1590.272675][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1590.277857][T18577] do_fast_syscall_32+0x33/0x70 [ 1590.282955][T18577] do_SYSENTER_32+0x1b/0x20 [ 1590.287613][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1590.294324][T18577] [ 1590.296732][T18577] Uninit was stored to memory at: [ 1590.301980][T18577] __get_compat_msghdr+0x514/0x750 [ 1590.307468][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1590.312608][T18577] ___sys_recvmsg+0x19d/0x870 [ 1590.317456][T18577] do_recvmmsg+0x63a/0x10a0 [ 1590.322121][T18577] __sys_recvmmsg+0x113/0x450 [ 1590.327134][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1590.333711][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1590.338893][T18577] do_fast_syscall_32+0x33/0x70 [ 1590.344003][T18577] do_SYSENTER_32+0x1b/0x20 [ 1590.348662][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1590.355357][T18577] [ 1590.357768][T18577] Uninit was stored to memory at: [ 1590.363168][T18577] __get_compat_msghdr+0x514/0x750 [ 1590.368481][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1590.373708][T18577] ___sys_recvmsg+0x19d/0x870 [ 1590.378558][T18577] do_recvmmsg+0x63a/0x10a0 [ 1590.383367][T18577] __sys_recvmmsg+0x113/0x450 [ 1590.388208][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1590.394787][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1590.399991][T18577] do_fast_syscall_32+0x33/0x70 [ 1590.405152][T18577] do_SYSENTER_32+0x1b/0x20 [ 1590.409803][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1590.416516][T18577] [ 1590.418922][T18577] Uninit was stored to memory at: [ 1590.424364][T18577] __get_compat_msghdr+0x514/0x750 [ 1590.429685][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1590.434909][T18577] ___sys_recvmsg+0x19d/0x870 [ 1590.439753][T18577] do_recvmmsg+0x63a/0x10a0 [ 1590.444565][T18577] __sys_recvmmsg+0x113/0x450 [ 1590.449420][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1590.456000][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1590.461210][T18577] do_fast_syscall_32+0x33/0x70 [ 1590.466378][T18577] do_SYSENTER_32+0x1b/0x20 [ 1590.471036][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1590.477745][T18577] [ 1590.480156][T18577] Uninit was stored to memory at: [ 1590.485566][T18577] __get_compat_msghdr+0x514/0x750 [ 1590.490904][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1590.496117][T18577] ___sys_recvmsg+0x19d/0x870 [ 1590.500955][T18577] do_recvmmsg+0x63a/0x10a0 [ 1590.505784][T18577] __sys_recvmmsg+0x113/0x450 [ 1590.510625][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1590.517204][T18577] __do_fast_syscall_32+0x95/0xf0 [ 1590.522488][T18577] do_fast_syscall_32+0x33/0x70 [ 1590.527488][T18577] do_SYSENTER_32+0x1b/0x20 [ 1590.532135][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1590.538847][T18577] [ 1590.541253][T18577] Uninit was stored to memory at: [ 1590.546648][T18577] __get_compat_msghdr+0x514/0x750 [ 1590.551987][T18577] get_compat_msghdr+0x8c/0x1c0 [ 1590.557198][T18577] ___sys_recvmsg+0x19d/0x870 [ 1590.562029][T18577] do_recvmmsg+0x63a/0x10a0 [ 1590.566863][T18577] __sys_recvmmsg+0x113/0x450 [ 1590.571710][T18577] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1590.578295][T18577] __do_fast_syscall_32+0x95/0xf0 02:34:18 executing program 4: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1590.583590][T18577] do_fast_syscall_32+0x33/0x70 [ 1590.588595][T18577] do_SYSENTER_32+0x1b/0x20 [ 1590.593396][T18577] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1590.599950][T18577] [ 1590.602520][T18577] Local variable msg_sys created at: [ 1590.607902][T18577] do_recvmmsg+0x5f/0x10a0 [ 1590.612632][T18577] __sys_recvmmsg+0x113/0x450 [ 1590.935541][T18635] not chained 2320000 origins [ 1590.940381][T18635] CPU: 1 PID: 18635 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1590.951060][T18635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1590.961249][T18635] Call Trace: [ 1590.964632][T18635] [ 1590.967660][T18635] dump_stack_lvl+0x1c8/0x256 [ 1590.972550][T18635] dump_stack+0x1a/0x1c [ 1590.976887][T18635] kmsan_internal_chain_origin+0x78/0x120 [ 1590.982786][T18635] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1590.989037][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1590.994322][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1591.000754][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1591.006045][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1591.012040][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1591.017327][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1591.023331][T18635] ? __get_compat_msghdr+0x5b/0x750 [ 1591.028753][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1591.034048][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1591.040052][T18635] ? should_fail+0x3f/0x810 [ 1591.044733][T18635] ? __stack_depot_save+0x21/0x4b0 [ 1591.050014][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1591.055305][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1591.061751][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1591.067061][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1591.073075][T18635] __msan_chain_origin+0xbd/0x140 [ 1591.078282][T18635] __get_compat_msghdr+0x514/0x750 [ 1591.083653][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1591.088717][T18635] ? ___sys_recvmsg+0xa9/0x870 [ 1591.093641][T18635] ? do_recvmmsg+0x63a/0x10a0 [ 1591.098490][T18635] ___sys_recvmsg+0x19d/0x870 [ 1591.103352][T18635] ? __schedule+0x1609/0x21d0 [ 1591.108210][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1591.113516][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1591.119518][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1591.124813][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1591.130820][T18635] do_recvmmsg+0x63a/0x10a0 [ 1591.135511][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1591.141955][T18635] ? __sys_recvmmsg+0x52/0x450 [ 1591.146882][T18635] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1591.153500][T18635] __sys_recvmmsg+0x113/0x450 [ 1591.158344][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1591.163651][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1591.170101][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1591.175296][T18635] ? exit_to_user_mode_prepare+0x119/0x220 [ 1591.181290][T18635] do_fast_syscall_32+0x33/0x70 [ 1591.186309][T18635] do_SYSENTER_32+0x1b/0x20 [ 1591.190975][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1591.197623][T18635] RIP: 0023:0xf7fc4549 [ 1591.201812][T18635] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1591.221604][T18635] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1591.230172][T18635] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1591.238271][T18635] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1591.246386][T18635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1591.254474][T18635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1591.262566][T18635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1591.270682][T18635] [ 1591.279925][T18635] Uninit was stored to memory at: [ 1591.296283][T18635] __get_compat_msghdr+0x514/0x750 [ 1591.301635][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1591.306821][T18635] ___sys_recvmsg+0x19d/0x870 [ 1591.311664][T18635] do_recvmmsg+0x63a/0x10a0 [ 1591.316436][T18635] __sys_recvmmsg+0x113/0x450 [ 1591.321307][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1591.327888][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1591.333232][T18635] do_fast_syscall_32+0x33/0x70 [ 1591.338255][T18635] do_SYSENTER_32+0x1b/0x20 [ 1591.343103][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1591.349674][T18635] [ 1591.352096][T18635] Uninit was stored to memory at: [ 1591.357532][T18635] __get_compat_msghdr+0x514/0x750 [ 1591.362964][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1591.368023][T18635] ___sys_recvmsg+0x19d/0x870 [ 1591.372965][T18635] do_recvmmsg+0x63a/0x10a0 [ 1591.377639][T18635] __sys_recvmmsg+0x113/0x450 [ 1591.382568][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1591.388980][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1591.394264][T18635] do_fast_syscall_32+0x33/0x70 [ 1591.399288][T18635] do_SYSENTER_32+0x1b/0x20 [ 1591.404045][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1591.410606][T18635] [ 1591.413109][T18635] Uninit was stored to memory at: [ 1591.418382][T18635] __get_compat_msghdr+0x514/0x750 [ 1591.423797][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1591.428860][T18635] ___sys_recvmsg+0x19d/0x870 [ 1591.433786][T18635] do_recvmmsg+0x63a/0x10a0 [ 1591.438446][T18635] __sys_recvmmsg+0x113/0x450 [ 1591.443370][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1591.449791][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1591.455073][T18635] do_fast_syscall_32+0x33/0x70 [ 1591.460098][T18635] do_SYSENTER_32+0x1b/0x20 [ 1591.464838][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1591.471400][T18635] [ 1591.473897][T18635] Uninit was stored to memory at: [ 1591.479185][T18635] __get_compat_msghdr+0x514/0x750 [ 1591.484605][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1591.489653][T18635] ___sys_recvmsg+0x19d/0x870 [ 1591.494567][T18635] do_recvmmsg+0x63a/0x10a0 [ 1591.499220][T18635] __sys_recvmmsg+0x113/0x450 [ 1591.504150][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1591.510589][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1591.515871][T18635] do_fast_syscall_32+0x33/0x70 [ 1591.520887][T18635] do_SYSENTER_32+0x1b/0x20 [ 1591.525636][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1591.532285][T18635] [ 1591.534690][T18635] Uninit was stored to memory at: [ 1591.539942][T18635] __get_compat_msghdr+0x514/0x750 [ 1591.545361][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1591.550436][T18635] ___sys_recvmsg+0x19d/0x870 [ 1591.555376][T18635] do_recvmmsg+0x63a/0x10a0 [ 1591.560055][T18635] __sys_recvmmsg+0x113/0x450 [ 1591.565038][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1591.571466][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1591.576745][T18635] do_fast_syscall_32+0x33/0x70 [ 1591.581750][T18635] do_SYSENTER_32+0x1b/0x20 [ 1591.586592][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1591.593255][T18635] [ 1591.595673][T18635] Uninit was stored to memory at: [ 1591.600931][T18635] __get_compat_msghdr+0x514/0x750 [ 1591.606406][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1591.611450][T18635] ___sys_recvmsg+0x19d/0x870 [ 1591.616383][T18635] do_recvmmsg+0x63a/0x10a0 [ 1591.621064][T18635] __sys_recvmmsg+0x113/0x450 [ 1591.626068][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1591.632585][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1591.637793][T18635] do_fast_syscall_32+0x33/0x70 [ 1591.642949][T18635] do_SYSENTER_32+0x1b/0x20 [ 1591.647621][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1591.654332][T18635] [ 1591.656747][T18635] Uninit was stored to memory at: [ 1591.661993][T18635] __get_compat_msghdr+0x514/0x750 [ 1591.667490][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1591.672633][T18635] ___sys_recvmsg+0x19d/0x870 [ 1591.677513][T18635] do_recvmmsg+0x63a/0x10a0 [ 1591.682381][T18635] __sys_recvmmsg+0x113/0x450 [ 1591.687228][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1591.693757][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1591.698946][T18635] do_fast_syscall_32+0x33/0x70 [ 1591.704138][T18635] do_SYSENTER_32+0x1b/0x20 [ 1591.708803][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1591.715453][T18635] [ 1591.717864][T18635] Local variable msg_sys created at: [ 1591.723347][T18635] do_recvmmsg+0x5f/0x10a0 [ 1591.727910][T18635] __sys_recvmmsg+0x113/0x450 [ 1592.638103][T18635] not chained 2330000 origins [ 1592.643126][T18635] CPU: 0 PID: 18635 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1592.653805][T18635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1592.664025][T18635] Call Trace: [ 1592.667407][T18635] [ 1592.670469][T18635] dump_stack_lvl+0x1c8/0x256 [ 1592.675390][T18635] dump_stack+0x1a/0x1c [ 1592.679739][T18635] kmsan_internal_chain_origin+0x78/0x120 [ 1592.685659][T18635] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1592.691932][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1592.697234][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1592.703703][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1592.708998][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1592.714997][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1592.720302][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1592.726307][T18635] ? __get_compat_msghdr+0x5b/0x750 [ 1592.731718][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1592.737013][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1592.743020][T18635] ? should_fail+0x3f/0x810 [ 1592.747701][T18635] ? __stack_depot_save+0x21/0x4b0 [ 1592.752992][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1592.758289][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1592.764721][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1592.770016][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1592.776009][T18635] __msan_chain_origin+0xbd/0x140 [ 1592.781212][T18635] __get_compat_msghdr+0x514/0x750 [ 1592.786574][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1592.791638][T18635] ? ___sys_recvmsg+0xa9/0x870 [ 1592.796594][T18635] ? do_recvmmsg+0x63a/0x10a0 [ 1592.801437][T18635] ___sys_recvmsg+0x19d/0x870 [ 1592.806289][T18635] ? __schedule+0x1609/0x21d0 [ 1592.811137][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1592.816447][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1592.822448][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1592.827742][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1592.833747][T18635] do_recvmmsg+0x63a/0x10a0 [ 1592.838450][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1592.844900][T18635] ? __sys_recvmmsg+0x52/0x450 [ 1592.849823][T18635] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1592.856435][T18635] __sys_recvmmsg+0x113/0x450 [ 1592.861278][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1592.866597][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1592.873045][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1592.878236][T18635] ? exit_to_user_mode_prepare+0x119/0x220 [ 1592.884240][T18635] do_fast_syscall_32+0x33/0x70 [ 1592.889262][T18635] do_SYSENTER_32+0x1b/0x20 [ 1592.893921][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1592.900480][T18635] RIP: 0023:0xf7fc4549 [ 1592.904673][T18635] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1592.924490][T18635] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1592.933258][T18635] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1592.941369][T18635] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1592.949476][T18635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1592.957591][T18635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1592.965706][T18635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1592.973849][T18635] [ 1592.982652][T18635] Uninit was stored to memory at: [ 1592.987970][T18635] __get_compat_msghdr+0x514/0x750 [ 1592.993959][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1592.999075][T18635] ___sys_recvmsg+0x19d/0x870 [ 1593.004054][T18635] do_recvmmsg+0x63a/0x10a0 [ 1593.008713][T18635] __sys_recvmmsg+0x113/0x450 [ 1593.013691][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1593.020122][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1593.025432][T18635] do_fast_syscall_32+0x33/0x70 [ 1593.030439][T18635] do_SYSENTER_32+0x1b/0x20 [ 1593.035219][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1593.041770][T18635] [ 1593.044289][T18635] Uninit was stored to memory at: [ 1593.049540][T18635] __get_compat_msghdr+0x514/0x750 [ 1593.054998][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1593.060057][T18635] ___sys_recvmsg+0x19d/0x870 [ 1593.065043][T18635] do_recvmmsg+0x63a/0x10a0 [ 1593.069699][T18635] __sys_recvmmsg+0x113/0x450 [ 1593.074642][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1593.081064][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1593.086394][T18635] do_fast_syscall_32+0x33/0x70 [ 1593.091408][T18635] do_SYSENTER_32+0x1b/0x20 [ 1593.096193][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1593.102865][T18635] [ 1593.105270][T18635] Uninit was stored to memory at: [ 1593.110603][T18635] __get_compat_msghdr+0x514/0x750 [ 1593.116063][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1593.121128][T18635] ___sys_recvmsg+0x19d/0x870 [ 1593.126095][T18635] do_recvmmsg+0x63a/0x10a0 [ 1593.130760][T18635] __sys_recvmmsg+0x113/0x450 [ 1593.135750][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1593.142184][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1593.147476][T18635] do_fast_syscall_32+0x33/0x70 [ 1593.152604][T18635] do_SYSENTER_32+0x1b/0x20 [ 1593.157264][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1593.164036][T18635] [ 1593.166534][T18635] Uninit was stored to memory at: [ 1593.171776][T18635] __get_compat_msghdr+0x514/0x750 [ 1593.177297][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1593.182459][T18635] ___sys_recvmsg+0x19d/0x870 [ 1593.187301][T18635] do_recvmmsg+0x63a/0x10a0 [ 1593.191964][T18635] __sys_recvmmsg+0x113/0x450 [ 1593.196998][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1593.203529][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1593.208714][T18635] do_fast_syscall_32+0x33/0x70 [ 1593.213927][T18635] do_SYSENTER_32+0x1b/0x20 [ 1593.218594][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1593.225341][T18635] [ 1593.227746][T18635] Uninit was stored to memory at: [ 1593.233156][T18635] __get_compat_msghdr+0x514/0x750 [ 1593.238474][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1593.243709][T18635] ___sys_recvmsg+0x19d/0x870 [ 1593.248549][T18635] do_recvmmsg+0x63a/0x10a0 [ 1593.253395][T18635] __sys_recvmmsg+0x113/0x450 [ 1593.258230][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1593.264858][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1593.270047][T18635] do_fast_syscall_32+0x33/0x70 [ 1593.275248][T18635] do_SYSENTER_32+0x1b/0x20 [ 1593.279907][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1593.286665][T18635] [ 1593.289071][T18635] Uninit was stored to memory at: [ 1593.294492][T18635] __get_compat_msghdr+0x514/0x750 [ 1593.299808][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1593.305095][T18635] ___sys_recvmsg+0x19d/0x870 [ 1593.309927][T18635] do_recvmmsg+0x63a/0x10a0 [ 1593.314687][T18635] __sys_recvmmsg+0x113/0x450 [ 1593.319525][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1593.326141][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1593.331327][T18635] do_fast_syscall_32+0x33/0x70 [ 1593.336532][T18635] do_SYSENTER_32+0x1b/0x20 [ 1593.341186][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1593.347945][T18635] [ 1593.350353][T18635] Uninit was stored to memory at: [ 1593.355803][T18635] __get_compat_msghdr+0x514/0x750 [ 1593.361128][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1593.366383][T18635] ___sys_recvmsg+0x19d/0x870 [ 1593.371224][T18635] do_recvmmsg+0x63a/0x10a0 [ 1593.376087][T18635] __sys_recvmmsg+0x113/0x450 [ 1593.380925][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 02:34:21 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) ptrace$setopts(0x4206, r0, 0x6, 0x2) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x3}, 0x0) syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrlimit(0x3, &(0x7f0000000000)) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x9, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@metacopy_off}]}) 02:34:21 executing program 0: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) 02:34:21 executing program 4: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1593.387539][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1593.392832][T18635] do_fast_syscall_32+0x33/0x70 [ 1593.397856][T18635] do_SYSENTER_32+0x1b/0x20 [ 1593.402708][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1593.409264][T18635] [ 1593.411671][T18635] Local variable msg_sys created at: [ 1593.417180][T18635] do_recvmmsg+0x5f/0x10a0 [ 1593.421755][T18635] __sys_recvmmsg+0x113/0x450 02:34:21 executing program 0: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1594.301194][T18669] not chained 2340000 origins [ 1594.306480][T18669] CPU: 1 PID: 18669 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1594.317168][T18669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1594.327376][T18669] Call Trace: [ 1594.330763][T18669] [ 1594.333791][T18669] dump_stack_lvl+0x1c8/0x256 [ 1594.338694][T18669] dump_stack+0x1a/0x1c [ 1594.343054][T18669] kmsan_internal_chain_origin+0x78/0x120 [ 1594.348974][T18669] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1594.355246][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1594.360557][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1594.367008][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1594.372316][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1594.378334][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1594.383642][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1594.389656][T18669] ? __get_compat_msghdr+0x5b/0x750 [ 1594.395080][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1594.400381][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1594.406399][T18669] ? should_fail+0x3f/0x810 [ 1594.411091][T18669] ? __stack_depot_save+0x21/0x4b0 [ 1594.416388][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1594.421693][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1594.428169][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1594.433478][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1594.439488][T18669] __msan_chain_origin+0xbd/0x140 [ 1594.444699][T18669] __get_compat_msghdr+0x514/0x750 [ 1594.450052][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1594.455125][T18669] ? ___sys_recvmsg+0xa9/0x870 [ 1594.460060][T18669] ? do_recvmmsg+0x63a/0x10a0 [ 1594.464909][T18669] ___sys_recvmsg+0x19d/0x870 [ 1594.469758][T18669] ? __schedule+0x1609/0x21d0 [ 1594.474605][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1594.479907][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1594.485907][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1594.491205][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1594.497318][T18669] do_recvmmsg+0x63a/0x10a0 [ 1594.502017][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1594.508462][T18669] ? __sys_recvmmsg+0x52/0x450 [ 1594.513388][T18669] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1594.519996][T18669] __sys_recvmmsg+0x113/0x450 [ 1594.524843][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1594.530161][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1594.536620][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1594.541811][T18669] ? exit_to_user_mode_prepare+0x119/0x220 [ 1594.547803][T18669] do_fast_syscall_32+0x33/0x70 [ 1594.552829][T18669] do_SYSENTER_32+0x1b/0x20 [ 1594.557493][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1594.564065][T18669] RIP: 0023:0xf7f3a549 [ 1594.568264][T18669] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1594.588085][T18669] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1594.596756][T18669] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1594.604891][T18669] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1594.613007][T18669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1594.621139][T18669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1594.629258][T18669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1594.637407][T18669] [ 1594.646604][T18669] Uninit was stored to memory at: [ 1594.651902][T18669] __get_compat_msghdr+0x514/0x750 [ 1594.657817][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1594.662993][T18669] ___sys_recvmsg+0x19d/0x870 [ 1594.667838][T18669] do_recvmmsg+0x63a/0x10a0 [ 1594.672611][T18669] __sys_recvmmsg+0x113/0x450 [ 1594.677449][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1594.683977][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1594.689164][T18669] do_fast_syscall_32+0x33/0x70 [ 1594.694280][T18669] do_SYSENTER_32+0x1b/0x20 [ 1594.698941][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1594.705625][T18669] [ 1594.708035][T18669] Uninit was stored to memory at: [ 1594.713402][T18669] __get_compat_msghdr+0x514/0x750 [ 1594.718724][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1594.723889][T18669] ___sys_recvmsg+0x19d/0x870 [ 1594.728726][T18669] do_recvmmsg+0x63a/0x10a0 [ 1594.733491][T18669] __sys_recvmmsg+0x113/0x450 [ 1594.738325][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1594.744850][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1594.750037][T18669] do_fast_syscall_32+0x33/0x70 [ 1594.755145][T18669] do_SYSENTER_32+0x1b/0x20 [ 1594.759801][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1594.766466][T18669] [ 1594.768875][T18669] Uninit was stored to memory at: [ 1594.774230][T18669] __get_compat_msghdr+0x514/0x750 [ 1594.779548][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1594.784702][T18669] ___sys_recvmsg+0x19d/0x870 [ 1594.789542][T18669] do_recvmmsg+0x63a/0x10a0 [ 1594.794303][T18669] __sys_recvmmsg+0x113/0x450 [ 1594.799144][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1594.805667][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1594.810858][T18669] do_fast_syscall_32+0x33/0x70 [ 1594.815974][T18669] do_SYSENTER_32+0x1b/0x20 [ 1594.820640][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1594.827300][T18669] [ 1594.829711][T18669] Uninit was stored to memory at: [ 1594.835062][T18669] __get_compat_msghdr+0x514/0x750 [ 1594.840379][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1594.845599][T18669] ___sys_recvmsg+0x19d/0x870 [ 1594.850434][T18669] do_recvmmsg+0x63a/0x10a0 [ 1594.855196][T18669] __sys_recvmmsg+0x113/0x450 [ 1594.860033][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1594.866562][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1594.871754][T18669] do_fast_syscall_32+0x33/0x70 [ 1594.876883][T18669] do_SYSENTER_32+0x1b/0x20 [ 1594.881578][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1594.888250][T18669] [ 1594.890674][T18669] Uninit was stored to memory at: [ 1594.896026][T18669] __get_compat_msghdr+0x514/0x750 [ 1594.901343][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1594.906510][T18669] ___sys_recvmsg+0x19d/0x870 [ 1594.911389][T18669] do_recvmmsg+0x63a/0x10a0 [ 1594.916154][T18669] __sys_recvmmsg+0x113/0x450 [ 1594.920990][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1594.927531][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1594.932894][T18669] do_fast_syscall_32+0x33/0x70 [ 1594.937903][T18669] do_SYSENTER_32+0x1b/0x20 [ 1594.942642][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1594.949196][T18669] [ 1594.951618][T18669] Uninit was stored to memory at: [ 1594.956974][T18669] __get_compat_msghdr+0x514/0x750 [ 1594.962395][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1594.967467][T18669] ___sys_recvmsg+0x19d/0x870 [ 1594.972385][T18669] do_recvmmsg+0x63a/0x10a0 [ 1594.977038][T18669] __sys_recvmmsg+0x113/0x450 [ 1594.981866][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1594.988398][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1594.993667][T18669] do_fast_syscall_32+0x33/0x70 [ 1594.998671][T18669] do_SYSENTER_32+0x1b/0x20 [ 1595.003413][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1595.009983][T18669] [ 1595.012482][T18669] Uninit was stored to memory at: [ 1595.017723][T18669] __get_compat_msghdr+0x514/0x750 [ 1595.023135][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1595.028194][T18669] ___sys_recvmsg+0x19d/0x870 [ 1595.033119][T18669] do_recvmmsg+0x63a/0x10a0 [ 1595.037767][T18669] __sys_recvmmsg+0x113/0x450 [ 1595.042690][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1595.049104][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1595.054392][T18669] do_fast_syscall_32+0x33/0x70 [ 1595.059430][T18669] do_SYSENTER_32+0x1b/0x20 [ 1595.064193][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1595.070749][T18669] [ 1595.073250][T18669] Local variable msg_sys created at: [ 1595.078633][T18669] do_recvmmsg+0x5f/0x10a0 [ 1595.083299][T18669] __sys_recvmmsg+0x113/0x450 [ 1596.091266][T18669] not chained 2350000 origins [ 1596.096450][T18669] CPU: 0 PID: 18669 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1596.107136][T18669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1596.117338][T18669] Call Trace: [ 1596.120708][T18669] [ 1596.123736][T18669] dump_stack_lvl+0x1c8/0x256 [ 1596.128634][T18669] dump_stack+0x1a/0x1c [ 1596.132971][T18669] kmsan_internal_chain_origin+0x78/0x120 [ 1596.138881][T18669] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1596.145155][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1596.150466][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1596.156919][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1596.162243][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1596.168243][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1596.173530][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1596.179530][T18669] ? __get_compat_msghdr+0x5b/0x750 [ 1596.184970][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1596.190260][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1596.196347][T18669] ? should_fail+0x3f/0x810 [ 1596.201029][T18669] ? __stack_depot_save+0x21/0x4b0 [ 1596.206318][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1596.211610][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1596.218047][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1596.223339][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1596.229343][T18669] __msan_chain_origin+0xbd/0x140 [ 1596.234549][T18669] __get_compat_msghdr+0x514/0x750 [ 1596.239916][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1596.244975][T18669] ? ___sys_recvmsg+0xa9/0x870 [ 1596.249904][T18669] ? do_recvmmsg+0x63a/0x10a0 [ 1596.254747][T18669] ___sys_recvmsg+0x19d/0x870 [ 1596.259598][T18669] ? __schedule+0x1609/0x21d0 [ 1596.264444][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1596.269733][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1596.275734][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1596.281032][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1596.287036][T18669] do_recvmmsg+0x63a/0x10a0 [ 1596.291728][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1596.298163][T18669] ? __sys_recvmmsg+0x52/0x450 [ 1596.303082][T18669] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1596.309685][T18669] __sys_recvmmsg+0x113/0x450 [ 1596.314525][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1596.319838][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1596.326291][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1596.331486][T18669] ? exit_to_user_mode_prepare+0x119/0x220 [ 1596.337474][T18669] do_fast_syscall_32+0x33/0x70 [ 1596.342481][T18669] do_SYSENTER_32+0x1b/0x20 [ 1596.347137][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1596.353700][T18669] RIP: 0023:0xf7f3a549 [ 1596.357898][T18669] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1596.377708][T18669] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1596.386303][T18669] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1596.394437][T18669] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1596.402562][T18669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1596.410670][T18669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1596.418777][T18669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1596.426917][T18669] [ 1596.435511][T18669] Uninit was stored to memory at: [ 1596.440797][T18669] __get_compat_msghdr+0x514/0x750 [ 1596.446780][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1596.451849][T18669] ___sys_recvmsg+0x19d/0x870 [ 1596.456827][T18669] do_recvmmsg+0x63a/0x10a0 [ 1596.461482][T18669] __sys_recvmmsg+0x113/0x450 [ 1596.466432][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1596.472941][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1596.478145][T18669] do_fast_syscall_32+0x33/0x70 [ 1596.483292][T18669] do_SYSENTER_32+0x1b/0x20 [ 1596.487948][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1596.494626][T18669] [ 1596.497030][T18669] Uninit was stored to memory at: [ 1596.502429][T18669] __get_compat_msghdr+0x514/0x750 [ 1596.507833][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1596.513024][T18669] ___sys_recvmsg+0x19d/0x870 [ 1596.517861][T18669] do_recvmmsg+0x63a/0x10a0 [ 1596.522643][T18669] __sys_recvmmsg+0x113/0x450 [ 1596.527480][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1596.534038][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1596.539234][T18669] do_fast_syscall_32+0x33/0x70 [ 1596.544439][T18669] do_SYSENTER_32+0x1b/0x20 [ 1596.549096][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1596.555844][T18669] [ 1596.558251][T18669] Uninit was stored to memory at: [ 1596.563674][T18669] __get_compat_msghdr+0x514/0x750 [ 1596.568991][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1596.574229][T18669] ___sys_recvmsg+0x19d/0x870 [ 1596.579078][T18669] do_recvmmsg+0x63a/0x10a0 [ 1596.583934][T18669] __sys_recvmmsg+0x113/0x450 [ 1596.588863][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1596.595447][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1596.600642][T18669] do_fast_syscall_32+0x33/0x70 [ 1596.605900][T18669] do_SYSENTER_32+0x1b/0x20 [ 1596.610569][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1596.617331][T18669] [ 1596.619741][T18669] Uninit was stored to memory at: [ 1596.625172][T18669] __get_compat_msghdr+0x514/0x750 [ 1596.630513][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1596.635939][T18669] ___sys_recvmsg+0x19d/0x870 [ 1596.640817][T18669] do_recvmmsg+0x63a/0x10a0 [ 1596.645664][T18669] __sys_recvmmsg+0x113/0x450 [ 1596.650495][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1596.657119][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1596.662403][T18669] do_fast_syscall_32+0x33/0x70 [ 1596.667413][T18669] do_SYSENTER_32+0x1b/0x20 [ 1596.672063][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1596.678798][T18669] [ 1596.681207][T18669] Uninit was stored to memory at: [ 1596.686671][T18669] __get_compat_msghdr+0x514/0x750 [ 1596.691988][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1596.697299][T18669] ___sys_recvmsg+0x19d/0x870 [ 1596.702143][T18669] do_recvmmsg+0x63a/0x10a0 [ 1596.706987][T18669] __sys_recvmmsg+0x113/0x450 [ 1596.711820][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1596.718446][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1596.723734][T18669] do_fast_syscall_32+0x33/0x70 [ 1596.728739][T18669] do_SYSENTER_32+0x1b/0x20 [ 1596.733570][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1596.740123][T18669] [ 1596.742703][T18669] Uninit was stored to memory at: [ 1596.747955][T18669] __get_compat_msghdr+0x514/0x750 [ 1596.753461][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1596.758512][T18669] ___sys_recvmsg+0x19d/0x870 [ 1596.763538][T18669] do_recvmmsg+0x63a/0x10a0 [ 1596.768195][T18669] __sys_recvmmsg+0x113/0x450 [ 1596.773202][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1596.779628][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1596.784995][T18669] do_fast_syscall_32+0x33/0x70 [ 1596.789995][T18669] do_SYSENTER_32+0x1b/0x20 [ 1596.794808][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1596.801489][T18669] [ 1596.804071][T18669] Uninit was stored to memory at: [ 1596.809332][T18669] __get_compat_msghdr+0x514/0x750 [ 1596.814827][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1596.819878][T18669] ___sys_recvmsg+0x19d/0x870 [ 1596.824894][T18669] do_recvmmsg+0x63a/0x10a0 [ 1596.829552][T18669] __sys_recvmmsg+0x113/0x450 [ 1596.834568][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1596.840988][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1596.846362][T18669] do_fast_syscall_32+0x33/0x70 [ 1596.851374][T18669] do_SYSENTER_32+0x1b/0x20 [ 1596.856212][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1596.862861][T18669] [ 1596.865278][T18669] Local variable msg_sys created at: [ 1596.870657][T18669] do_recvmmsg+0x5f/0x10a0 [ 1596.875440][T18669] __sys_recvmmsg+0x113/0x450 [ 1597.210040][T18622] not chained 2360000 origins [ 1597.215271][T18622] CPU: 1 PID: 18622 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1597.225959][T18622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1597.236162][T18622] Call Trace: [ 1597.239541][T18622] [ 1597.242568][T18622] dump_stack_lvl+0x1c8/0x256 [ 1597.247463][T18622] dump_stack+0x1a/0x1c [ 1597.251815][T18622] kmsan_internal_chain_origin+0x78/0x120 [ 1597.257725][T18622] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1597.263998][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1597.269303][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1597.275754][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1597.281056][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1597.287061][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1597.292367][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1597.298358][T18622] ? __get_compat_msghdr+0x5b/0x750 [ 1597.303768][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1597.309065][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1597.315074][T18622] ? should_fail+0x3f/0x810 [ 1597.319768][T18622] ? __stack_depot_save+0x21/0x4b0 [ 1597.325074][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1597.330369][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1597.336811][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1597.342112][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1597.348115][T18622] __msan_chain_origin+0xbd/0x140 [ 1597.353327][T18622] __get_compat_msghdr+0x514/0x750 [ 1597.358679][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1597.363727][T18622] ? ___sys_recvmsg+0xa9/0x870 [ 1597.368643][T18622] ? do_recvmmsg+0x63a/0x10a0 [ 1597.373472][T18622] ___sys_recvmsg+0x19d/0x870 [ 1597.378298][T18622] ? __schedule+0x1609/0x21d0 [ 1597.383130][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1597.388410][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1597.394390][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1597.399661][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1597.405659][T18622] do_recvmmsg+0x63a/0x10a0 [ 1597.410342][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1597.416778][T18622] ? __sys_recvmmsg+0x52/0x450 [ 1597.421689][T18622] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1597.428278][T18622] __sys_recvmmsg+0x113/0x450 [ 1597.433098][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1597.438386][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1597.444809][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1597.449977][T18622] ? exit_to_user_mode_prepare+0x119/0x220 [ 1597.455946][T18622] do_fast_syscall_32+0x33/0x70 [ 1597.460940][T18622] do_SYSENTER_32+0x1b/0x20 [ 1597.465583][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1597.472124][T18622] RIP: 0023:0xf7fce549 [ 1597.476324][T18622] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1597.496103][T18622] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1597.504666][T18622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1597.512852][T18622] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1597.521118][T18622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1597.529202][T18622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1597.537291][T18622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1597.545491][T18622] [ 1597.554595][T18622] Uninit was stored to memory at: [ 1597.559888][T18622] __get_compat_msghdr+0x514/0x750 [ 1597.565681][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1597.570745][T18622] ___sys_recvmsg+0x19d/0x870 [ 1597.575694][T18622] do_recvmmsg+0x63a/0x10a0 [ 1597.580369][T18622] __sys_recvmmsg+0x113/0x450 [ 1597.585303][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1597.591729][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1597.597027][T18622] do_fast_syscall_32+0x33/0x70 [ 1597.602034][T18622] do_SYSENTER_32+0x1b/0x20 [ 1597.606807][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1597.613490][T18622] [ 1597.615902][T18622] Uninit was stored to memory at: [ 1597.621145][T18622] __get_compat_msghdr+0x514/0x750 [ 1597.626569][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1597.631635][T18622] ___sys_recvmsg+0x19d/0x870 [ 1597.636578][T18622] do_recvmmsg+0x63a/0x10a0 [ 1597.641241][T18622] __sys_recvmmsg+0x113/0x450 [ 1597.646191][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1597.652704][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1597.657897][T18622] do_fast_syscall_32+0x33/0x70 [ 1597.663003][T18622] do_SYSENTER_32+0x1b/0x20 [ 1597.667657][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1597.674315][T18622] [ 1597.676719][T18622] Uninit was stored to memory at: [ 1597.681977][T18622] __get_compat_msghdr+0x514/0x750 [ 1597.687419][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1597.692606][T18622] ___sys_recvmsg+0x19d/0x870 [ 1597.697450][T18622] do_recvmmsg+0x63a/0x10a0 [ 1597.702113][T18622] __sys_recvmmsg+0x113/0x450 [ 1597.707066][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1597.713617][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1597.718811][T18622] do_fast_syscall_32+0x33/0x70 [ 1597.723953][T18622] do_SYSENTER_32+0x1b/0x20 [ 1597.728619][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1597.735285][T18622] [ 1597.737693][T18622] Uninit was stored to memory at: [ 1597.743027][T18622] __get_compat_msghdr+0x514/0x750 [ 1597.748356][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1597.753524][T18622] ___sys_recvmsg+0x19d/0x870 [ 1597.758368][T18622] do_recvmmsg+0x63a/0x10a0 [ 1597.763130][T18622] __sys_recvmmsg+0x113/0x450 [ 1597.767964][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1597.774486][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1597.779673][T18622] do_fast_syscall_32+0x33/0x70 [ 1597.784774][T18622] do_SYSENTER_32+0x1b/0x20 [ 1597.789430][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1597.796099][T18622] [ 1597.798504][T18622] Uninit was stored to memory at: [ 1597.803848][T18622] __get_compat_msghdr+0x514/0x750 [ 1597.809168][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1597.814361][T18622] ___sys_recvmsg+0x19d/0x870 [ 1597.819196][T18622] do_recvmmsg+0x63a/0x10a0 [ 1597.824052][T18622] __sys_recvmmsg+0x113/0x450 [ 1597.828904][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1597.835509][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1597.840702][T18622] do_fast_syscall_32+0x33/0x70 [ 1597.845872][T18622] do_SYSENTER_32+0x1b/0x20 [ 1597.850533][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1597.857252][T18622] [ 1597.859667][T18622] Uninit was stored to memory at: [ 1597.865076][T18622] __get_compat_msghdr+0x514/0x750 [ 1597.870399][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1597.875620][T18622] ___sys_recvmsg+0x19d/0x870 [ 1597.880587][T18622] do_recvmmsg+0x63a/0x10a0 [ 1597.885406][T18622] __sys_recvmmsg+0x113/0x450 [ 1597.890242][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1597.896772][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1597.901960][T18622] do_fast_syscall_32+0x33/0x70 [ 1597.907139][T18622] do_SYSENTER_32+0x1b/0x20 [ 1597.911798][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1597.918452][T18622] [ 1597.920857][T18622] Uninit was stored to memory at: [ 1597.926193][T18622] __get_compat_msghdr+0x514/0x750 [ 1597.931514][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1597.936663][T18622] ___sys_recvmsg+0x19d/0x870 [ 1597.941503][T18622] do_recvmmsg+0x63a/0x10a0 [ 1597.946256][T18622] __sys_recvmmsg+0x113/0x450 [ 1597.951177][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1597.957703][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1597.962983][T18622] do_fast_syscall_32+0x33/0x70 [ 1597.967993][T18622] do_SYSENTER_32+0x1b/0x20 [ 1597.972729][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1597.979278][T18622] [ 1597.981686][T18622] Local variable msg_sys created at: [ 1597.987159][T18622] do_recvmmsg+0x5f/0x10a0 [ 1597.991728][T18622] __sys_recvmmsg+0x113/0x450 [ 1598.368587][T18689] not chained 2370000 origins [ 1598.373766][T18689] CPU: 0 PID: 18689 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1598.384451][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1598.394647][T18689] Call Trace: [ 1598.398035][T18689] [ 1598.401070][T18689] dump_stack_lvl+0x1c8/0x256 [ 1598.405978][T18689] dump_stack+0x1a/0x1c [ 1598.410343][T18689] kmsan_internal_chain_origin+0x78/0x120 [ 1598.416268][T18689] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1598.422533][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1598.427829][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1598.434275][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1598.439574][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1598.445585][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1598.450879][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1598.456891][T18689] ? __get_compat_msghdr+0x5b/0x750 [ 1598.462381][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1598.467724][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1598.473749][T18689] ? should_fail+0x3f/0x810 [ 1598.478440][T18689] ? __stack_depot_save+0x21/0x4b0 [ 1598.483730][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1598.489030][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1598.495456][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1598.500745][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1598.506754][T18689] __msan_chain_origin+0xbd/0x140 [ 1598.511956][T18689] __get_compat_msghdr+0x514/0x750 [ 1598.517305][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1598.522365][T18689] ? ___sys_recvmsg+0xa9/0x870 [ 1598.527289][T18689] ? do_recvmmsg+0x63a/0x10a0 [ 1598.532132][T18689] ___sys_recvmsg+0x19d/0x870 [ 1598.536980][T18689] ? __schedule+0x1609/0x21d0 [ 1598.541845][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1598.547147][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1598.553152][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1598.558436][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1598.564552][T18689] do_recvmmsg+0x63a/0x10a0 [ 1598.569261][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1598.575730][T18689] ? __sys_recvmmsg+0x52/0x450 [ 1598.580666][T18689] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1598.587302][T18689] __sys_recvmmsg+0x113/0x450 [ 1598.592149][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1598.597460][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1598.603917][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1598.609105][T18689] ? exit_to_user_mode_prepare+0x119/0x220 [ 1598.615086][T18689] do_fast_syscall_32+0x33/0x70 [ 1598.620096][T18689] do_SYSENTER_32+0x1b/0x20 [ 1598.624755][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1598.631312][T18689] RIP: 0023:0xf7f92549 [ 1598.635591][T18689] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1598.655570][T18689] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1598.664157][T18689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1598.672266][T18689] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1598.680376][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1598.688482][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1598.696589][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1598.704708][T18689] [ 1598.713654][T18689] Uninit was stored to memory at: [ 1598.718934][T18689] __get_compat_msghdr+0x514/0x750 [ 1598.724948][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1598.730007][T18689] ___sys_recvmsg+0x19d/0x870 [ 1598.734963][T18689] do_recvmmsg+0x63a/0x10a0 [ 1598.739622][T18689] __sys_recvmmsg+0x113/0x450 [ 1598.744561][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1598.750983][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1598.756278][T18689] do_fast_syscall_32+0x33/0x70 [ 1598.761301][T18689] do_SYSENTER_32+0x1b/0x20 [ 1598.766075][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1598.772717][T18689] [ 1598.775122][T18689] Uninit was stored to memory at: [ 1598.780371][T18689] __get_compat_msghdr+0x514/0x750 [ 1598.785810][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1598.790863][T18689] ___sys_recvmsg+0x19d/0x870 [ 1598.795802][T18689] do_recvmmsg+0x63a/0x10a0 [ 1598.800453][T18689] __sys_recvmmsg+0x113/0x450 [ 1598.805401][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1598.811817][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1598.817124][T18689] do_fast_syscall_32+0x33/0x70 [ 1598.822128][T18689] do_SYSENTER_32+0x1b/0x20 [ 1598.826862][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1598.833617][T18689] [ 1598.836014][T18689] Uninit was stored to memory at: [ 1598.841264][T18689] __get_compat_msghdr+0x514/0x750 [ 1598.846704][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1598.851767][T18689] ___sys_recvmsg+0x19d/0x870 [ 1598.856733][T18689] do_recvmmsg+0x63a/0x10a0 [ 1598.861392][T18689] __sys_recvmmsg+0x113/0x450 [ 1598.866361][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1598.872881][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1598.878189][T18689] do_fast_syscall_32+0x33/0x70 [ 1598.883320][T18689] do_SYSENTER_32+0x1b/0x20 [ 1598.887979][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1598.894658][T18689] [ 1598.897070][T18689] Uninit was stored to memory at: [ 1598.902429][T18689] __get_compat_msghdr+0x514/0x750 [ 1598.907739][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1598.912911][T18689] ___sys_recvmsg+0x19d/0x870 [ 1598.917749][T18689] do_recvmmsg+0x63a/0x10a0 [ 1598.922589][T18689] __sys_recvmmsg+0x113/0x450 [ 1598.927422][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1598.934049][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1598.939231][T18689] do_fast_syscall_32+0x33/0x70 [ 1598.944431][T18689] do_SYSENTER_32+0x1b/0x20 [ 1598.949085][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1598.955770][T18689] [ 1598.958173][T18689] Uninit was stored to memory at: [ 1598.963595][T18689] __get_compat_msghdr+0x514/0x750 [ 1598.968910][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1598.974153][T18689] ___sys_recvmsg+0x19d/0x870 [ 1598.979004][T18689] do_recvmmsg+0x63a/0x10a0 [ 1598.983861][T18689] __sys_recvmmsg+0x113/0x450 [ 1598.988690][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1598.995295][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1599.000488][T18689] do_fast_syscall_32+0x33/0x70 [ 1599.005677][T18689] do_SYSENTER_32+0x1b/0x20 [ 1599.010334][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1599.017083][T18689] [ 1599.019491][T18689] Uninit was stored to memory at: [ 1599.024899][T18689] __get_compat_msghdr+0x514/0x750 [ 1599.030218][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1599.035478][T18689] ___sys_recvmsg+0x19d/0x870 [ 1599.040318][T18689] do_recvmmsg+0x63a/0x10a0 [ 1599.045143][T18689] __sys_recvmmsg+0x113/0x450 [ 1599.049982][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1599.056598][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1599.061784][T18689] do_fast_syscall_32+0x33/0x70 [ 1599.066985][T18689] do_SYSENTER_32+0x1b/0x20 [ 1599.071640][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1599.078385][T18689] [ 1599.080792][T18689] Uninit was stored to memory at: [ 1599.086222][T18689] __get_compat_msghdr+0x514/0x750 [ 1599.091563][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1599.096802][T18689] ___sys_recvmsg+0x19d/0x870 [ 1599.101635][T18689] do_recvmmsg+0x63a/0x10a0 [ 1599.106488][T18689] __sys_recvmmsg+0x113/0x450 [ 1599.111324][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1599.117932][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1599.123225][T18689] do_fast_syscall_32+0x33/0x70 [ 1599.128239][T18689] do_SYSENTER_32+0x1b/0x20 [ 1599.133067][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1599.139615][T18689] [ 1599.142017][T18689] Local variable msg_sys created at: [ 1599.147565][T18689] do_recvmmsg+0x5f/0x10a0 [ 1599.152130][T18689] __sys_recvmmsg+0x113/0x450 [ 1599.421254][T18622] not chained 2380000 origins [ 1599.426325][T18622] CPU: 0 PID: 18622 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1599.437013][T18622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1599.447219][T18622] Call Trace: [ 1599.450614][T18622] [ 1599.453642][T18622] dump_stack_lvl+0x1c8/0x256 [ 1599.458541][T18622] dump_stack+0x1a/0x1c [ 1599.462887][T18622] kmsan_internal_chain_origin+0x78/0x120 [ 1599.468785][T18622] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1599.475041][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1599.480337][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1599.486767][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1599.492054][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1599.498047][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1599.503348][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1599.509358][T18622] ? __get_compat_msghdr+0x5b/0x750 [ 1599.514780][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1599.520075][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1599.526083][T18622] ? should_fail+0x3f/0x810 [ 1599.530766][T18622] ? __stack_depot_save+0x21/0x4b0 [ 1599.536047][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1599.541352][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1599.547790][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1599.553080][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1599.559079][T18622] __msan_chain_origin+0xbd/0x140 [ 1599.564286][T18622] __get_compat_msghdr+0x514/0x750 [ 1599.569648][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1599.574704][T18622] ? ___sys_recvmsg+0xa9/0x870 [ 1599.579625][T18622] ? do_recvmmsg+0x63a/0x10a0 [ 1599.584466][T18622] ___sys_recvmsg+0x19d/0x870 [ 1599.589321][T18622] ? __schedule+0x1609/0x21d0 [ 1599.594161][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1599.599452][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1599.605462][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1599.610744][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1599.616734][T18622] do_recvmmsg+0x63a/0x10a0 [ 1599.621413][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1599.627835][T18622] ? __sys_recvmmsg+0x52/0x450 [ 1599.632745][T18622] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1599.639338][T18622] __sys_recvmmsg+0x113/0x450 [ 1599.644158][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1599.649447][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1599.655865][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1599.661042][T18622] ? exit_to_user_mode_prepare+0x119/0x220 [ 1599.667013][T18622] do_fast_syscall_32+0x33/0x70 [ 1599.672011][T18622] do_SYSENTER_32+0x1b/0x20 [ 1599.676657][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1599.683230][T18622] RIP: 0023:0xf7fce549 [ 1599.687432][T18622] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1599.707404][T18622] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1599.715993][T18622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1599.724098][T18622] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1599.732189][T18622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1599.740278][T18622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1599.748377][T18622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1599.756492][T18622] [ 1599.766522][T18622] Uninit was stored to memory at: [ 1599.771790][T18622] __get_compat_msghdr+0x514/0x750 [ 1599.778645][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1599.783788][T18622] ___sys_recvmsg+0x19d/0x870 [ 1599.788614][T18622] do_recvmmsg+0x63a/0x10a0 [ 1599.793371][T18622] __sys_recvmmsg+0x113/0x450 [ 1599.798187][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1599.804714][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1599.809883][T18622] do_fast_syscall_32+0x33/0x70 [ 1599.815014][T18622] do_SYSENTER_32+0x1b/0x20 [ 1599.819660][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1599.826328][T18622] [ 1599.828733][T18622] Uninit was stored to memory at: [ 1599.834080][T18622] __get_compat_msghdr+0x514/0x750 [ 1599.839379][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1599.844545][T18622] ___sys_recvmsg+0x19d/0x870 [ 1599.849371][T18622] do_recvmmsg+0x63a/0x10a0 [ 1599.854132][T18622] __sys_recvmmsg+0x113/0x450 [ 1599.858955][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1599.865518][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1599.870695][T18622] do_fast_syscall_32+0x33/0x70 [ 1599.875810][T18622] do_SYSENTER_32+0x1b/0x20 [ 1599.880460][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1599.887123][T18622] [ 1599.889526][T18622] Uninit was stored to memory at: [ 1599.894853][T18622] __get_compat_msghdr+0x514/0x750 [ 1599.900156][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1599.905364][T18622] ___sys_recvmsg+0x19d/0x870 [ 1599.910189][T18622] do_recvmmsg+0x63a/0x10a0 [ 1599.915014][T18622] __sys_recvmmsg+0x113/0x450 [ 1599.919833][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1599.926444][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1599.931615][T18622] do_fast_syscall_32+0x33/0x70 [ 1599.936783][T18622] do_SYSENTER_32+0x1b/0x20 [ 1599.941425][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1599.948151][T18622] [ 1599.950547][T18622] Uninit was stored to memory at: [ 1599.955905][T18622] __get_compat_msghdr+0x514/0x750 [ 1599.961208][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1599.966400][T18622] ___sys_recvmsg+0x19d/0x870 [ 1599.971226][T18622] do_recvmmsg+0x63a/0x10a0 [ 1599.976053][T18622] __sys_recvmmsg+0x113/0x450 [ 1599.980866][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1599.987464][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1599.992717][T18622] do_fast_syscall_32+0x33/0x70 [ 1599.997703][T18622] do_SYSENTER_32+0x1b/0x20 [ 1600.002504][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1600.009043][T18622] [ 1600.011438][T18622] Uninit was stored to memory at: [ 1600.016843][T18622] __get_compat_msghdr+0x514/0x750 [ 1600.022147][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1600.027405][T18622] ___sys_recvmsg+0x19d/0x870 [ 1600.032351][T18622] do_recvmmsg+0x63a/0x10a0 [ 1600.036999][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.041821][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1600.048425][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1600.053709][T18622] do_fast_syscall_32+0x33/0x70 [ 1600.058701][T18622] do_SYSENTER_32+0x1b/0x20 [ 1600.063511][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1600.070041][T18622] [ 1600.072559][T18622] Uninit was stored to memory at: [ 1600.077796][T18622] __get_compat_msghdr+0x514/0x750 [ 1600.083278][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1600.088315][T18622] ___sys_recvmsg+0x19d/0x870 [ 1600.093249][T18622] do_recvmmsg+0x63a/0x10a0 [ 1600.097893][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.102877][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1600.109287][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1600.114639][T18622] do_fast_syscall_32+0x33/0x70 [ 1600.119635][T18622] do_SYSENTER_32+0x1b/0x20 [ 1600.124446][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1600.130983][T18622] [ 1600.133564][T18622] Uninit was stored to memory at: [ 1600.138803][T18622] __get_compat_msghdr+0x514/0x750 [ 1600.144311][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1600.149347][T18622] ___sys_recvmsg+0x19d/0x870 [ 1600.154342][T18622] do_recvmmsg+0x63a/0x10a0 [ 1600.159012][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.164050][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1600.170455][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1600.175808][T18622] do_fast_syscall_32+0x33/0x70 [ 1600.180808][T18622] do_SYSENTER_32+0x1b/0x20 [ 1600.185639][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1600.192169][T18622] [ 1600.194719][T18622] Local variable msg_sys created at: [ 1600.200085][T18622] do_recvmmsg+0x5f/0x10a0 [ 1600.204821][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.290720][T18622] not chained 2390000 origins [ 1600.295702][T18622] CPU: 0 PID: 18622 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1600.306365][T18622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1600.316542][T18622] Call Trace: [ 1600.319905][T18622] [ 1600.322934][T18622] dump_stack_lvl+0x1c8/0x256 [ 1600.327810][T18622] dump_stack+0x1a/0x1c [ 1600.332142][T18622] kmsan_internal_chain_origin+0x78/0x120 [ 1600.338037][T18622] ? up_read+0x36/0x1c0 [ 1600.342376][T18622] ? do_user_addr_fault+0xfef/0x1710 [ 1600.347829][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1600.353142][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1600.359124][T18622] ? __get_compat_msghdr+0x5b/0x750 [ 1600.364514][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1600.369781][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1600.375771][T18622] ? should_fail+0x3f/0x810 [ 1600.380441][T18622] ? __stack_depot_save+0x21/0x4b0 [ 1600.385715][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1600.390991][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1600.397402][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1600.402671][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1600.408645][T18622] __msan_chain_origin+0xbd/0x140 [ 1600.413832][T18622] __get_compat_msghdr+0x514/0x750 [ 1600.419172][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1600.424210][T18622] ? ___sys_recvmsg+0xa9/0x870 [ 1600.429111][T18622] ? do_recvmmsg+0x63a/0x10a0 [ 1600.433938][T18622] ___sys_recvmsg+0x19d/0x870 [ 1600.438768][T18622] ? __schedule+0x1609/0x21d0 [ 1600.443597][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1600.448869][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1600.454854][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1600.460146][T18622] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1600.466131][T18622] do_recvmmsg+0x63a/0x10a0 [ 1600.470803][T18622] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1600.477229][T18622] ? __sys_recvmmsg+0x52/0x450 [ 1600.482132][T18622] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1600.488715][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.493535][T18622] ? kmsan_get_metadata+0x33/0x220 [ 1600.498820][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1600.505270][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1600.510439][T18622] ? exit_to_user_mode_prepare+0x119/0x220 [ 1600.516408][T18622] do_fast_syscall_32+0x33/0x70 [ 1600.521402][T18622] do_SYSENTER_32+0x1b/0x20 [ 1600.526043][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1600.532578][T18622] RIP: 0023:0xf7fce549 [ 1600.536751][T18622] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1600.556717][T18622] RSP: 002b:00000000f7fa85cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1600.565284][T18622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1600.573385][T18622] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1600.581473][T18622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1600.589565][T18622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1600.597662][T18622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1600.605782][T18622] [ 1600.615811][T18622] Uninit was stored to memory at: [ 1600.621085][T18622] __get_compat_msghdr+0x514/0x750 [ 1600.626925][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1600.631964][T18622] ___sys_recvmsg+0x19d/0x870 [ 1600.636889][T18622] do_recvmmsg+0x63a/0x10a0 [ 1600.641533][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.646470][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1600.652967][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1600.658135][T18622] do_fast_syscall_32+0x33/0x70 [ 1600.663239][T18622] do_SYSENTER_32+0x1b/0x20 [ 1600.667873][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1600.674522][T18622] [ 1600.676921][T18622] Uninit was stored to memory at: [ 1600.682161][T18622] __get_compat_msghdr+0x514/0x750 [ 1600.687564][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1600.692709][T18622] ___sys_recvmsg+0x19d/0x870 [ 1600.697536][T18622] do_recvmmsg+0x63a/0x10a0 [ 1600.702180][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.707118][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1600.713642][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1600.718807][T18622] do_fast_syscall_32+0x33/0x70 [ 1600.723917][T18622] do_SYSENTER_32+0x1b/0x20 [ 1600.728553][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1600.735198][T18622] [ 1600.737595][T18622] Uninit was stored to memory at: [ 1600.742920][T18622] __get_compat_msghdr+0x514/0x750 [ 1600.748216][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1600.753359][T18622] ___sys_recvmsg+0x19d/0x870 [ 1600.758179][T18622] do_recvmmsg+0x63a/0x10a0 [ 1600.762947][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.767765][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1600.774280][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1600.779452][T18622] do_fast_syscall_32+0x33/0x70 [ 1600.784559][T18622] do_SYSENTER_32+0x1b/0x20 [ 1600.789204][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1600.795936][T18622] [ 1600.798334][T18622] Uninit was stored to memory at: [ 1600.803655][T18622] __get_compat_msghdr+0x514/0x750 [ 1600.808953][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1600.814097][T18622] ___sys_recvmsg+0x19d/0x870 [ 1600.818919][T18622] do_recvmmsg+0x63a/0x10a0 [ 1600.823685][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.828501][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1600.835011][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1600.840178][T18622] do_fast_syscall_32+0x33/0x70 [ 1600.845280][T18622] do_SYSENTER_32+0x1b/0x20 [ 1600.849926][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1600.856565][T18622] [ 1600.858965][T18622] Uninit was stored to memory at: [ 1600.864304][T18622] __get_compat_msghdr+0x514/0x750 [ 1600.869610][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1600.874748][T18622] ___sys_recvmsg+0x19d/0x870 [ 1600.879568][T18622] do_recvmmsg+0x63a/0x10a0 [ 1600.884420][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.889238][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1600.895763][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1600.899662][T18635] not chained 2400000 origins [ 1600.900885][T18622] do_fast_syscall_32+0x33/0x70 [ 1600.905822][T18635] CPU: 1 PID: 18635 Comm: syz-executor.1 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1600.910528][T18622] do_SYSENTER_32+0x1b/0x20 [ 1600.921028][T18635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1600.921080][T18635] Call Trace: [ 1600.921110][T18635] [ 1600.921140][T18635] dump_stack_lvl+0x1c8/0x256 [ 1600.925729][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1600.935714][T18635] dump_stack+0x1a/0x1c [ 1600.939082][T18622] [ 1600.939099][T18622] Uninit was stored to memory at: [ 1600.942026][T18635] kmsan_internal_chain_origin+0x78/0x120 [ 1600.946922][T18622] __get_compat_msghdr+0x514/0x750 [ 1600.953027][T18635] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1600.957259][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1600.959597][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1600.964714][T18622] ___sys_recvmsg+0x19d/0x870 [ 1600.970342][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1600.975542][T18622] do_recvmmsg+0x63a/0x10a0 [ 1600.981526][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1600.986465][T18622] __sys_recvmmsg+0x113/0x450 [ 1600.991492][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1600.996260][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.002416][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1601.006987][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1601.012101][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1601.016869][T18622] do_fast_syscall_32+0x33/0x70 [ 1601.022584][T18635] ? __get_compat_msghdr+0x5b/0x750 [ 1601.028899][T18622] do_SYSENTER_32+0x1b/0x20 [ 1601.034014][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1601.034124][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1601.039134][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1601.044955][T18635] ? should_fail+0x3f/0x810 [ 1601.045069][T18635] ? __stack_depot_save+0x21/0x4b0 [ 1601.049892][T18622] [ 1601.049908][T18622] Uninit was stored to memory at: [ 1601.055092][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1601.055202][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1601.059815][T18622] __get_compat_msghdr+0x514/0x750 [ 1601.064819][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1601.064927][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1601.070719][T18622] get_compat_msghdr+0x8c/0x1c0 [ 1601.077054][T18635] __msan_chain_origin+0xbd/0x140 [ 1601.077164][T18635] __get_compat_msghdr+0x514/0x750 [ 1601.081649][T18622] ___sys_recvmsg+0x19d/0x870 [ 1601.086793][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1601.089195][T18622] do_recvmmsg+0x63a/0x10a0 [ 1601.094227][T18635] ? ___sys_recvmsg+0xa9/0x870 [ 1601.094316][T18635] ? do_recvmmsg+0x63a/0x10a0 [ 1601.099412][T18622] __sys_recvmmsg+0x113/0x450 [ 1601.105667][T18635] ___sys_recvmsg+0x19d/0x870 [ 1601.105769][T18635] ? __schedule+0x1609/0x21d0 [ 1601.110870][T18622] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.115997][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1601.116107][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1601.121886][T18622] __do_fast_syscall_32+0x95/0xf0 [ 1601.126745][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1601.126853][T18635] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1601.131901][T18622] do_fast_syscall_32+0x33/0x70 [ 1601.137023][T18635] do_recvmmsg+0x63a/0x10a0 [ 1601.137138][T18635] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1601.141784][T18622] do_SYSENTER_32+0x1b/0x20 [ 1601.146649][T18635] ? __sys_recvmmsg+0x52/0x450 [ 1601.146739][T18635] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.151242][T18622] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1601.156018][T18635] __sys_recvmmsg+0x113/0x450 [ 1601.156109][T18635] ? kmsan_get_metadata+0x33/0x220 [ 1601.160781][T18622] [ 1601.160802][T18622] Local variable msg_sys created at: [ 1601.165473][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.165600][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1601.170235][T18622] do_recvmmsg+0x5f/0x10a0 [ 1601.174916][T18635] ? exit_to_user_mode_prepare+0x119/0x220 [ 1601.175027][T18635] do_fast_syscall_32+0x33/0x70 [ 1601.181253][T18622] __sys_recvmmsg+0x113/0x450 [ 1601.186375][T18635] do_SYSENTER_32+0x1b/0x20 [ 1601.186467][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1601.308146][T18635] RIP: 0023:0xf7fc4549 [ 1601.312346][T18635] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1601.332151][T18635] RSP: 002b:00000000f7f9e5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1601.340723][T18635] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1601.348836][T18635] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1601.356942][T18635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1601.365044][T18635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1601.373155][T18635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1601.381305][T18635] [ 1601.390104][T18635] Uninit was stored to memory at: [ 1601.401497][T18635] __get_compat_msghdr+0x514/0x750 [ 1601.407429][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1601.412661][T18635] ___sys_recvmsg+0x19d/0x870 [ 1601.417503][T18635] do_recvmmsg+0x63a/0x10a0 [ 1601.422176][T18635] __sys_recvmmsg+0x113/0x450 [ 1601.427168][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.433768][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1601.438966][T18635] do_fast_syscall_32+0x33/0x70 [ 1601.444152][T18635] do_SYSENTER_32+0x1b/0x20 [ 1601.448817][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1601.455716][T18635] [ 1601.458133][T18635] Uninit was stored to memory at: [ 1601.463532][T18635] __get_compat_msghdr+0x514/0x750 [ 1601.468846][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1601.474100][T18635] ___sys_recvmsg+0x19d/0x870 [ 1601.478948][T18635] do_recvmmsg+0x63a/0x10a0 [ 1601.483787][T18635] __sys_recvmmsg+0x113/0x450 [ 1601.488627][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.495153][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1601.500362][T18635] do_fast_syscall_32+0x33/0x70 [ 1601.505529][T18635] do_SYSENTER_32+0x1b/0x20 [ 1601.510186][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1601.516929][T18635] [ 1601.519345][T18635] Uninit was stored to memory at: [ 1601.524768][T18635] __get_compat_msghdr+0x514/0x750 [ 1601.530096][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1601.535334][T18635] ___sys_recvmsg+0x19d/0x870 [ 1601.540174][T18635] do_recvmmsg+0x63a/0x10a0 [ 1601.545014][T18635] __sys_recvmmsg+0x113/0x450 [ 1601.549850][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.556464][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1601.561662][T18635] do_fast_syscall_32+0x33/0x70 [ 1601.566816][T18635] do_SYSENTER_32+0x1b/0x20 [ 1601.571462][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1601.578185][T18635] [ 1601.580601][T18635] Uninit was stored to memory at: [ 1601.586014][T18635] __get_compat_msghdr+0x514/0x750 [ 1601.591336][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1601.596550][T18635] ___sys_recvmsg+0x19d/0x870 [ 1601.601387][T18635] do_recvmmsg+0x63a/0x10a0 [ 1601.606202][T18635] __sys_recvmmsg+0x113/0x450 [ 1601.611042][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.617628][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1601.622913][T18635] do_fast_syscall_32+0x33/0x70 [ 1601.627934][T18635] do_SYSENTER_32+0x1b/0x20 [ 1601.632740][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1601.639301][T18635] [ 1601.641708][T18635] Uninit was stored to memory at: [ 1601.647132][T18635] __get_compat_msghdr+0x514/0x750 [ 1601.652545][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1601.657599][T18635] ___sys_recvmsg+0x19d/0x870 [ 1601.662564][T18635] do_recvmmsg+0x63a/0x10a0 [ 1601.667221][T18635] __sys_recvmmsg+0x113/0x450 [ 1601.672057][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.678650][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1601.684005][T18635] do_fast_syscall_32+0x33/0x70 [ 1601.689016][T18635] do_SYSENTER_32+0x1b/0x20 [ 1601.693830][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1601.700389][T18635] [ 1601.702942][T18635] Uninit was stored to memory at: [ 1601.708200][T18635] __get_compat_msghdr+0x514/0x750 [ 1601.713620][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1601.718674][T18635] ___sys_recvmsg+0x19d/0x870 [ 1601.723673][T18635] do_recvmmsg+0x63a/0x10a0 [ 1601.728329][T18635] __sys_recvmmsg+0x113/0x450 [ 1601.733316][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.739733][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1601.745080][T18635] do_fast_syscall_32+0x33/0x70 [ 1601.750097][T18635] do_SYSENTER_32+0x1b/0x20 [ 1601.754926][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1601.761480][T18635] [ 1601.764051][T18635] Uninit was stored to memory at: [ 1601.769308][T18635] __get_compat_msghdr+0x514/0x750 [ 1601.774780][T18635] get_compat_msghdr+0x8c/0x1c0 [ 1601.779841][T18635] ___sys_recvmsg+0x19d/0x870 [ 1601.784837][T18635] do_recvmmsg+0x63a/0x10a0 [ 1601.789495][T18635] __sys_recvmmsg+0x113/0x450 [ 1601.794487][T18635] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1601.800916][T18635] __do_fast_syscall_32+0x95/0xf0 [ 1601.806256][T18635] do_fast_syscall_32+0x33/0x70 [ 1601.811266][T18635] do_SYSENTER_32+0x1b/0x20 [ 1601.816092][T18635] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1601.822739][T18635] [ 1601.825146][T18635] Local variable msg_sys created at: [ 1601.830517][T18635] do_recvmmsg+0x5f/0x10a0 [ 1601.835236][T18635] __sys_recvmmsg+0x113/0x450 [ 1602.384373][T18669] not chained 2410000 origins [ 1602.389210][T18669] CPU: 0 PID: 18669 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1602.399888][T18669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1602.410089][T18669] Call Trace: [ 1602.413468][T18669] [ 1602.416512][T18669] dump_stack_lvl+0x1c8/0x256 [ 1602.421414][T18669] dump_stack+0x1a/0x1c [ 1602.425765][T18669] kmsan_internal_chain_origin+0x78/0x120 [ 1602.431671][T18669] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1602.437926][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1602.443218][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1602.449654][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1602.454943][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1602.460939][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1602.466220][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1602.472216][T18669] ? __get_compat_msghdr+0x5b/0x750 [ 1602.477623][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1602.482910][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1602.488913][T18669] ? should_fail+0x3f/0x810 [ 1602.493596][T18669] ? __stack_depot_save+0x21/0x4b0 [ 1602.498880][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1602.504186][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1602.510619][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1602.515906][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1602.521899][T18669] __msan_chain_origin+0xbd/0x140 [ 1602.527093][T18669] __get_compat_msghdr+0x514/0x750 [ 1602.532460][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1602.537532][T18669] ? ___sys_recvmsg+0xa9/0x870 [ 1602.542460][T18669] ? do_recvmmsg+0x63a/0x10a0 [ 1602.547307][T18669] ___sys_recvmsg+0x19d/0x870 [ 1602.552157][T18669] ? __schedule+0x1609/0x21d0 [ 1602.557001][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1602.562381][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1602.568383][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1602.573670][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1602.579677][T18669] do_recvmmsg+0x63a/0x10a0 [ 1602.584368][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1602.590808][T18669] ? __sys_recvmmsg+0x52/0x450 [ 1602.595729][T18669] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1602.602336][T18669] __sys_recvmmsg+0x113/0x450 [ 1602.607176][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1602.612486][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1602.618926][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1602.624131][T18669] ? exit_to_user_mode_prepare+0x119/0x220 [ 1602.630120][T18669] do_fast_syscall_32+0x33/0x70 [ 1602.635133][T18669] do_SYSENTER_32+0x1b/0x20 [ 1602.639789][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1602.646345][T18669] RIP: 0023:0xf7f3a549 [ 1602.650543][T18669] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1602.670348][T18669] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1602.679040][T18669] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1602.687155][T18669] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1602.695292][T18669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1602.703407][T18669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1602.711509][T18669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1602.719636][T18669] [ 1602.728730][T18669] Uninit was stored to memory at: [ 1602.736933][T18669] __get_compat_msghdr+0x514/0x750 [ 1602.742669][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1602.747720][T18669] ___sys_recvmsg+0x19d/0x870 [ 1602.752680][T18669] do_recvmmsg+0x63a/0x10a0 [ 1602.757345][T18669] __sys_recvmmsg+0x113/0x450 [ 1602.762182][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1602.768726][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1602.774030][T18669] do_fast_syscall_32+0x33/0x70 [ 1602.779048][T18669] do_SYSENTER_32+0x1b/0x20 [ 1602.783810][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1602.790376][T18669] [ 1602.792904][T18669] Uninit was stored to memory at: [ 1602.798164][T18669] __get_compat_msghdr+0x514/0x750 [ 1602.803610][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1602.808671][T18669] ___sys_recvmsg+0x19d/0x870 [ 1602.813636][T18669] do_recvmmsg+0x63a/0x10a0 [ 1602.818295][T18669] __sys_recvmmsg+0x113/0x450 [ 1602.823270][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1602.829740][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1602.835062][T18669] do_fast_syscall_32+0x33/0x70 [ 1602.840079][T18669] do_SYSENTER_32+0x1b/0x20 [ 1602.844854][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1602.851417][T18669] [ 1602.853950][T18669] Uninit was stored to memory at: [ 1602.859199][T18669] __get_compat_msghdr+0x514/0x750 [ 1602.864644][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1602.869703][T18669] ___sys_recvmsg+0x19d/0x870 [ 1602.872777][T18689] not chained 2420000 origins [ 1602.874606][T18669] do_recvmmsg+0x63a/0x10a0 [ 1602.879180][T18689] CPU: 1 PID: 18689 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1602.883792][T18669] __sys_recvmmsg+0x113/0x450 [ 1602.894189][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1602.894247][T18689] Call Trace: [ 1602.894279][T18689] [ 1602.894312][T18689] dump_stack_lvl+0x1c8/0x256 [ 1602.898983][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1602.909073][T18689] dump_stack+0x1a/0x1c [ 1602.909203][T18689] kmsan_internal_chain_origin+0x78/0x120 [ 1602.912536][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1602.915405][T18689] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1602.920085][T18669] do_fast_syscall_32+0x33/0x70 [ 1602.926339][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1602.926456][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1602.930605][T18669] do_SYSENTER_32+0x1b/0x20 [ 1602.936337][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1602.936454][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1602.941468][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1602.947544][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1602.947661][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1602.952584][T18669] [ 1602.957624][T18689] ? __get_compat_msghdr+0x5b/0x750 [ 1602.963978][T18669] Uninit was stored to memory at: [ 1602.968389][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1602.973732][T18669] __get_compat_msghdr+0x514/0x750 [ 1602.979319][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1602.985759][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1602.990785][T18689] ? should_fail+0x3f/0x810 [ 1602.996687][T18669] ___sys_recvmsg+0x19d/0x870 [ 1602.998922][T18689] ? __stack_depot_save+0x21/0x4b0 [ 1603.004218][T18669] do_recvmmsg+0x63a/0x10a0 [ 1603.009172][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1603.014398][T18669] __sys_recvmmsg+0x113/0x450 [ 1603.019414][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1603.025323][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.030092][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1603.034679][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1603.039288][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1603.044503][T18669] do_fast_syscall_32+0x33/0x70 [ 1603.048915][T18689] __msan_chain_origin+0xbd/0x140 [ 1603.054129][T18669] do_SYSENTER_32+0x1b/0x20 [ 1603.058716][T18689] __get_compat_msghdr+0x514/0x750 [ 1603.065059][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.071238][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1603.076428][T18669] [ 1603.081362][T18689] ? ___sys_recvmsg+0xa9/0x870 [ 1603.087276][T18669] Uninit was stored to memory at: [ 1603.092031][T18689] ? do_recvmmsg+0x63a/0x10a0 [ 1603.097292][T18669] __get_compat_msghdr+0x514/0x750 [ 1603.101580][T18689] ___sys_recvmsg+0x19d/0x870 [ 1603.106791][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1603.113037][T18689] ? __schedule+0x1609/0x21d0 [ 1603.113146][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1603.117962][T18669] ___sys_recvmsg+0x19d/0x870 [ 1603.120305][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1603.125174][T18669] do_recvmmsg+0x63a/0x10a0 [ 1603.130107][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1603.134890][T18669] __sys_recvmmsg+0x113/0x450 [ 1603.139915][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1603.144675][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.149459][T18689] do_recvmmsg+0x63a/0x10a0 [ 1603.154230][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1603.159279][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1603.164032][T18669] do_fast_syscall_32+0x33/0x70 [ 1603.169758][T18689] ? __sys_recvmmsg+0x52/0x450 [ 1603.174353][T18669] do_SYSENTER_32+0x1b/0x20 [ 1603.179382][T18689] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.184172][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.189889][T18689] __sys_recvmmsg+0x113/0x450 [ 1603.196231][T18669] [ 1603.200637][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1603.205764][T18669] Uninit was stored to memory at: [ 1603.211929][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.217005][T18669] __get_compat_msghdr+0x514/0x750 [ 1603.221566][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1603.226157][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1603.232475][T18689] ? exit_to_user_mode_prepare+0x119/0x220 [ 1603.232594][T18689] do_fast_syscall_32+0x33/0x70 [ 1603.238890][T18669] ___sys_recvmsg+0x19d/0x870 [ 1603.243582][T18689] do_SYSENTER_32+0x1b/0x20 [ 1603.243676][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.246018][T18669] do_recvmmsg+0x63a/0x10a0 [ 1603.251136][T18689] RIP: 0023:0xf7f92549 [ 1603.256352][T18669] __sys_recvmmsg+0x113/0x450 [ 1603.262499][T18689] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1603.262601][T18689] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 [ 1603.267697][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.272727][T18689] ORIG_RAX: 0000000000000151 [ 1603.272762][T18689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1603.272832][T18689] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1603.277690][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1603.283510][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1603.283571][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1603.283631][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1603.288473][T18669] do_fast_syscall_32+0x33/0x70 [ 1603.293181][T18689] [ 1603.299023][T18689] Uninit was stored to memory at: [ 1603.304245][T18669] do_SYSENTER_32+0x1b/0x20 [ 1603.304341][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.304501][T18669] [ 1603.304517][T18669] Uninit was stored to memory at: [ 1603.304673][T18669] __get_compat_msghdr+0x514/0x750 [ 1603.309235][T18689] __get_compat_msghdr+0x514/0x750 [ 1603.313298][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1603.317956][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1603.337693][T18669] ___sys_recvmsg+0x19d/0x870 [ 1603.343825][T18689] ___sys_recvmsg+0x19d/0x870 [ 1603.350078][T18669] do_recvmmsg+0x63a/0x10a0 [ 1603.354841][T18689] do_recvmmsg+0x63a/0x10a0 [ 1603.362934][T18669] __sys_recvmmsg+0x113/0x450 [ 1603.370922][T18689] __sys_recvmmsg+0x113/0x450 [ 1603.376059][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.384102][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.392090][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1603.400158][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1603.405133][T18669] do_fast_syscall_32+0x33/0x70 [ 1603.408141][T18689] do_fast_syscall_32+0x33/0x70 [ 1603.413255][T18669] do_SYSENTER_32+0x1b/0x20 [ 1603.417853][T18689] do_SYSENTER_32+0x1b/0x20 [ 1603.424290][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.426606][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.431635][T18669] [ 1603.431656][T18669] Local variable msg_sys created at: [ 1603.436828][T18689] [ 1603.436845][T18689] Uninit was stored to memory at: [ 1603.437005][T18689] __get_compat_msghdr+0x514/0x750 [ 1603.441969][T18669] do_recvmmsg+0x5f/0x10a0 [ 1603.446907][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1603.451781][T18669] __sys_recvmmsg+0x113/0x450 [ 1603.456546][T18689] ___sys_recvmsg+0x19d/0x870 [ 1603.579082][T18689] do_recvmmsg+0x63a/0x10a0 [ 1603.583845][T18689] __sys_recvmmsg+0x113/0x450 [ 1603.588688][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.595253][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1603.600451][T18689] do_fast_syscall_32+0x33/0x70 [ 1603.605551][T18689] do_SYSENTER_32+0x1b/0x20 [ 1603.610202][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.616836][T18689] [ 1603.619250][T18689] Uninit was stored to memory at: [ 1603.624604][T18689] __get_compat_msghdr+0x514/0x750 [ 1603.629927][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1603.635067][T18689] ___sys_recvmsg+0x19d/0x870 [ 1603.639909][T18689] do_recvmmsg+0x63a/0x10a0 [ 1603.644653][T18689] __sys_recvmmsg+0x113/0x450 [ 1603.649482][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.656002][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1603.661184][T18689] do_fast_syscall_32+0x33/0x70 [ 1603.666287][T18689] do_SYSENTER_32+0x1b/0x20 [ 1603.670937][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.677582][T18689] [ 1603.679991][T18689] Uninit was stored to memory at: [ 1603.685322][T18689] __get_compat_msghdr+0x514/0x750 [ 1603.690640][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1603.695792][T18689] ___sys_recvmsg+0x19d/0x870 [ 1603.700632][T18689] do_recvmmsg+0x63a/0x10a0 [ 1603.705378][T18689] __sys_recvmmsg+0x113/0x450 [ 1603.710211][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.716722][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1603.721916][T18689] do_fast_syscall_32+0x33/0x70 [ 1603.727013][T18689] do_SYSENTER_32+0x1b/0x20 [ 1603.731664][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.738315][T18689] [ 1603.740721][T18689] Uninit was stored to memory at: [ 1603.746072][T18689] __get_compat_msghdr+0x514/0x750 [ 1603.751389][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1603.756545][T18689] ___sys_recvmsg+0x19d/0x870 [ 1603.761383][T18689] do_recvmmsg+0x63a/0x10a0 [ 1603.766129][T18689] __sys_recvmmsg+0x113/0x450 [ 1603.770956][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.777474][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1603.782745][T18689] do_fast_syscall_32+0x33/0x70 [ 1603.787747][T18689] do_SYSENTER_32+0x1b/0x20 [ 1603.792496][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.799058][T18689] [ 1603.801460][T18689] Uninit was stored to memory at: [ 1603.806799][T18689] __get_compat_msghdr+0x514/0x750 [ 1603.812122][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1603.817264][T18689] ___sys_recvmsg+0x19d/0x870 [ 1603.822100][T18689] do_recvmmsg+0x63a/0x10a0 [ 1603.826847][T18689] __sys_recvmmsg+0x113/0x450 [ 1603.831694][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.838220][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1603.843499][T18689] do_fast_syscall_32+0x33/0x70 [ 1603.848504][T18689] do_SYSENTER_32+0x1b/0x20 [ 1603.853252][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.859802][T18689] [ 1603.862308][T18689] Uninit was stored to memory at: [ 1603.867560][T18689] __get_compat_msghdr+0x514/0x750 [ 1603.872983][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1603.878051][T18689] ___sys_recvmsg+0x19d/0x870 [ 1603.882988][T18689] do_recvmmsg+0x63a/0x10a0 [ 1603.887642][T18689] __sys_recvmmsg+0x113/0x450 [ 1603.892567][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1603.899007][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1603.904291][T18689] do_fast_syscall_32+0x33/0x70 [ 1603.909299][T18689] do_SYSENTER_32+0x1b/0x20 [ 1603.914082][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1603.920636][T18689] [ 1603.923130][T18689] Local variable msg_sys created at: [ 1603.928507][T18689] do_recvmmsg+0x5f/0x10a0 [ 1603.933183][T18689] __sys_recvmmsg+0x113/0x450 [ 1604.337868][T18689] not chained 2430000 origins [ 1604.342942][T18689] CPU: 0 PID: 18689 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1604.353629][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1604.363824][T18689] Call Trace: [ 1604.367201][T18689] [ 1604.370228][T18689] dump_stack_lvl+0x1c8/0x256 [ 1604.375128][T18689] dump_stack+0x1a/0x1c [ 1604.379471][T18689] kmsan_internal_chain_origin+0x78/0x120 [ 1604.385390][T18689] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1604.391671][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1604.396986][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1604.403430][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1604.408728][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1604.414748][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1604.420044][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1604.426037][T18689] ? __get_compat_msghdr+0x5b/0x750 [ 1604.431446][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1604.436732][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1604.442750][T18689] ? should_fail+0x3f/0x810 [ 1604.447433][T18689] ? __stack_depot_save+0x21/0x4b0 [ 1604.452715][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1604.458008][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1604.464442][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1604.469734][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1604.475742][T18689] __msan_chain_origin+0xbd/0x140 [ 1604.480952][T18689] __get_compat_msghdr+0x514/0x750 [ 1604.486312][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1604.491382][T18689] ? ___sys_recvmsg+0xa9/0x870 [ 1604.496307][T18689] ? do_recvmmsg+0x63a/0x10a0 [ 1604.501149][T18689] ___sys_recvmsg+0x19d/0x870 [ 1604.505991][T18689] ? __schedule+0x1609/0x21d0 [ 1604.510838][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1604.516129][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1604.522120][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1604.527403][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1604.533419][T18689] do_recvmmsg+0x63a/0x10a0 [ 1604.538110][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1604.544555][T18689] ? __sys_recvmmsg+0x52/0x450 [ 1604.549480][T18689] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1604.556100][T18689] __sys_recvmmsg+0x113/0x450 [ 1604.560940][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1604.566250][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1604.572697][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1604.577896][T18689] ? exit_to_user_mode_prepare+0x119/0x220 [ 1604.583898][T18689] do_fast_syscall_32+0x33/0x70 [ 1604.588930][T18689] do_SYSENTER_32+0x1b/0x20 [ 1604.593596][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1604.600505][T18689] RIP: 0023:0xf7f92549 [ 1604.604699][T18689] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1604.624512][T18689] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1604.633116][T18689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1604.641253][T18689] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1604.649358][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1604.657465][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1604.665574][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1604.673700][T18689] [ 1604.682369][T18689] Uninit was stored to memory at: [ 1604.687647][T18689] __get_compat_msghdr+0x514/0x750 [ 1604.693839][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1604.698906][T18689] ___sys_recvmsg+0x19d/0x870 [ 1604.703886][T18689] do_recvmmsg+0x63a/0x10a0 [ 1604.708541][T18689] __sys_recvmmsg+0x113/0x450 [ 1604.713502][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1604.719926][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1604.725246][T18689] do_fast_syscall_32+0x33/0x70 [ 1604.730254][T18689] do_SYSENTER_32+0x1b/0x20 02:34:32 executing program 0: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) 02:34:32 executing program 4: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1604.735005][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1604.741545][T18689] [ 1604.744078][T18689] Uninit was stored to memory at: [ 1604.749345][T18689] __get_compat_msghdr+0x514/0x750 [ 1604.754814][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1604.759883][T18689] ___sys_recvmsg+0x19d/0x870 [ 1604.764869][T18689] do_recvmmsg+0x63a/0x10a0 [ 1604.769527][T18689] __sys_recvmmsg+0x113/0x450 [ 1604.774480][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1604.780907][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1604.786229][T18689] do_fast_syscall_32+0x33/0x70 [ 1604.791238][T18689] do_SYSENTER_32+0x1b/0x20 [ 1604.796019][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1604.802657][T18689] [ 1604.805058][T18689] Uninit was stored to memory at: [ 1604.810310][T18689] __get_compat_msghdr+0x514/0x750 [ 1604.815769][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1604.820827][T18689] ___sys_recvmsg+0x19d/0x870 [ 1604.825829][T18689] do_recvmmsg+0x63a/0x10a0 [ 1604.830496][T18689] __sys_recvmmsg+0x113/0x450 [ 1604.835464][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1604.841885][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1604.847211][T18689] do_fast_syscall_32+0x33/0x70 [ 1604.852305][T18689] do_SYSENTER_32+0x1b/0x20 [ 1604.856955][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1604.863653][T18689] [ 1604.866409][T18689] Uninit was stored to memory at: [ 1604.871661][T18689] __get_compat_msghdr+0x514/0x750 [ 1604.877117][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1604.882181][T18689] ___sys_recvmsg+0x19d/0x870 [ 1604.887114][T18689] do_recvmmsg+0x63a/0x10a0 [ 1604.891784][T18689] __sys_recvmmsg+0x113/0x450 [ 1604.896763][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1604.903303][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1604.908490][T18689] do_fast_syscall_32+0x33/0x70 [ 1604.913611][T18689] do_SYSENTER_32+0x1b/0x20 [ 1604.918265][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1604.924966][T18689] [ 1604.927374][T18689] Uninit was stored to memory at: [ 1604.932736][T18689] __get_compat_msghdr+0x514/0x750 [ 1604.938058][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1604.943246][T18689] ___sys_recvmsg+0x19d/0x870 [ 1604.948095][T18689] do_recvmmsg+0x63a/0x10a0 [ 1604.952881][T18689] __sys_recvmmsg+0x113/0x450 [ 1604.957712][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1604.964256][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1604.969447][T18689] do_fast_syscall_32+0x33/0x70 [ 1604.974579][T18689] do_SYSENTER_32+0x1b/0x20 [ 1604.979239][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1604.985922][T18689] 02:34:33 executing program 1: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) [ 1604.988342][T18689] Uninit was stored to memory at: [ 1604.993692][T18689] __get_compat_msghdr+0x514/0x750 [ 1604.999031][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1605.004230][T18689] ___sys_recvmsg+0x19d/0x870 [ 1605.009071][T18689] do_recvmmsg+0x63a/0x10a0 [ 1605.013852][T18689] __sys_recvmmsg+0x113/0x450 [ 1605.018689][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1605.025243][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1605.030438][T18689] do_fast_syscall_32+0x33/0x70 [ 1605.035581][T18689] do_SYSENTER_32+0x1b/0x20 [ 1605.040238][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1605.046929][T18689] [ 1605.049340][T18689] Uninit was stored to memory at: [ 1605.054682][T18689] __get_compat_msghdr+0x514/0x750 [ 1605.059993][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1605.065180][T18689] ___sys_recvmsg+0x19d/0x870 [ 1605.070012][T18689] do_recvmmsg+0x63a/0x10a0 [ 1605.074797][T18689] __sys_recvmmsg+0x113/0x450 [ 1605.079645][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1605.086287][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1605.091481][T18689] do_fast_syscall_32+0x33/0x70 [ 1605.096628][T18689] do_SYSENTER_32+0x1b/0x20 [ 1605.101294][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1605.108034][T18689] [ 1605.110447][T18689] Local variable msg_sys created at: [ 1605.115957][T18689] do_recvmmsg+0x5f/0x10a0 [ 1605.120538][T18689] __sys_recvmmsg+0x113/0x450 02:34:33 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="cc", 0x1) 02:34:33 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) timer_create(0x3, &(0x7f0000000040)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) read$FUSE(r0, &(0x7f00000039c0)={0x2020}, 0x2020) signalfd4(r0, &(0x7f00000000c0)={[0xffffffffffffeb3e]}, 0x8, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000140)={{}, {0x0, r1+60000000}}, 0x0) timer_settime(0x0, 0xffffffffffffffff, &(0x7f0000000080)={{0x77359400}, {0x0, 0x9}}, 0x0) [ 1607.723663][T18689] not chained 2440000 origins [ 1607.728589][T18689] CPU: 1 PID: 18689 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1607.739273][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1607.749470][T18689] Call Trace: [ 1607.752852][T18689] [ 1607.755881][T18689] dump_stack_lvl+0x1c8/0x256 [ 1607.760784][T18689] dump_stack+0x1a/0x1c [ 1607.765132][T18689] kmsan_internal_chain_origin+0x78/0x120 [ 1607.771038][T18689] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1607.777299][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1607.782612][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1607.789055][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1607.794353][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1607.800336][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1607.805627][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1607.811630][T18689] ? __get_compat_msghdr+0x5b/0x750 [ 1607.817046][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1607.822337][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1607.828347][T18689] ? should_fail+0x3f/0x810 [ 1607.833029][T18689] ? __stack_depot_save+0x21/0x4b0 [ 1607.838315][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1607.843606][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1607.850044][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1607.855339][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1607.861340][T18689] __msan_chain_origin+0xbd/0x140 [ 1607.866548][T18689] __get_compat_msghdr+0x514/0x750 [ 1607.871906][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1607.876972][T18689] ? ___sys_recvmsg+0xa9/0x870 [ 1607.881896][T18689] ? do_recvmmsg+0x63a/0x10a0 [ 1607.886739][T18689] ___sys_recvmsg+0x19d/0x870 [ 1607.891592][T18689] ? __schedule+0x1609/0x21d0 [ 1607.896442][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1607.901735][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1607.907738][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1607.913038][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1607.919061][T18689] do_recvmmsg+0x63a/0x10a0 [ 1607.923751][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1607.930196][T18689] ? __sys_recvmmsg+0x52/0x450 [ 1607.935118][T18689] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1607.941725][T18689] __sys_recvmmsg+0x113/0x450 [ 1607.946566][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1607.951877][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1607.958326][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1607.963525][T18689] ? exit_to_user_mode_prepare+0x119/0x220 [ 1607.969511][T18689] do_fast_syscall_32+0x33/0x70 [ 1607.974522][T18689] do_SYSENTER_32+0x1b/0x20 [ 1607.979182][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1607.985740][T18689] RIP: 0023:0xf7f92549 [ 1607.989939][T18689] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1608.009749][T18689] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1608.018348][T18689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1608.026470][T18689] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1608.034583][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1608.042687][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1608.050802][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1608.058938][T18689] [ 1608.067958][T18689] Uninit was stored to memory at: [ 1608.073699][T18689] __get_compat_msghdr+0x514/0x750 [ 1608.079044][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1608.084197][T18689] ___sys_recvmsg+0x19d/0x870 [ 1608.089033][T18689] do_recvmmsg+0x63a/0x10a0 [ 1608.093783][T18689] __sys_recvmmsg+0x113/0x450 [ 1608.098614][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1608.105139][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1608.110324][T18689] do_fast_syscall_32+0x33/0x70 [ 1608.115426][T18689] do_SYSENTER_32+0x1b/0x20 [ 1608.120079][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1608.126728][T18689] [ 1608.129141][T18689] Uninit was stored to memory at: [ 1608.134456][T18689] __get_compat_msghdr+0x514/0x750 [ 1608.139773][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1608.144918][T18689] ___sys_recvmsg+0x19d/0x870 [ 1608.149766][T18689] do_recvmmsg+0x63a/0x10a0 [ 1608.154515][T18689] __sys_recvmmsg+0x113/0x450 [ 1608.159352][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1608.165880][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1608.171066][T18689] do_fast_syscall_32+0x33/0x70 [ 1608.176169][T18689] do_SYSENTER_32+0x1b/0x20 [ 1608.180824][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1608.187475][T18689] [ 1608.189882][T18689] Uninit was stored to memory at: [ 1608.195224][T18689] __get_compat_msghdr+0x514/0x750 [ 1608.200537][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1608.205678][T18689] ___sys_recvmsg+0x19d/0x870 [ 1608.210513][T18689] do_recvmmsg+0x63a/0x10a0 [ 1608.215254][T18689] __sys_recvmmsg+0x113/0x450 [ 1608.220085][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1608.226596][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1608.231782][T18689] do_fast_syscall_32+0x33/0x70 [ 1608.236882][T18689] do_SYSENTER_32+0x1b/0x20 [ 1608.241535][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1608.248177][T18689] [ 1608.250580][T18689] Uninit was stored to memory at: [ 1608.255915][T18689] __get_compat_msghdr+0x514/0x750 [ 1608.261225][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1608.266371][T18689] ___sys_recvmsg+0x19d/0x870 [ 1608.271204][T18689] do_recvmmsg+0x63a/0x10a0 [ 1608.275947][T18689] __sys_recvmmsg+0x113/0x450 [ 1608.280786][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1608.287296][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1608.292567][T18689] do_fast_syscall_32+0x33/0x70 [ 1608.297573][T18689] do_SYSENTER_32+0x1b/0x20 [ 1608.302327][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1608.308884][T18689] [ 1608.311287][T18689] Uninit was stored to memory at: [ 1608.316648][T18689] __get_compat_msghdr+0x514/0x750 [ 1608.321980][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1608.327143][T18689] ___sys_recvmsg+0x19d/0x870 [ 1608.331982][T18689] do_recvmmsg+0x63a/0x10a0 [ 1608.336740][T18689] __sys_recvmmsg+0x113/0x450 [ 1608.341586][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1608.348117][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1608.353408][T18689] do_fast_syscall_32+0x33/0x70 [ 1608.358421][T18689] do_SYSENTER_32+0x1b/0x20 [ 1608.363176][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1608.369735][T18689] [ 1608.372147][T18689] Uninit was stored to memory at: [ 1608.377510][T18689] __get_compat_msghdr+0x514/0x750 [ 1608.382934][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1608.388006][T18689] ___sys_recvmsg+0x19d/0x870 [ 1608.392942][T18689] do_recvmmsg+0x63a/0x10a0 [ 1608.397602][T18689] __sys_recvmmsg+0x113/0x450 [ 1608.402547][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1608.408972][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1608.414266][T18689] do_fast_syscall_32+0x33/0x70 [ 1608.419307][T18689] do_SYSENTER_32+0x1b/0x20 [ 1608.424104][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1608.430672][T18689] [ 1608.433186][T18689] Uninit was stored to memory at: [ 1608.438445][T18689] __get_compat_msghdr+0x514/0x750 [ 1608.443866][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1608.448935][T18689] ___sys_recvmsg+0x19d/0x870 [ 1608.453893][T18689] do_recvmmsg+0x63a/0x10a0 [ 1608.458554][T18689] __sys_recvmmsg+0x113/0x450 [ 1608.463539][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1608.469963][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1608.475260][T18689] do_fast_syscall_32+0x33/0x70 [ 1608.480272][T18689] do_SYSENTER_32+0x1b/0x20 [ 1608.485081][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1608.491636][T18689] [ 1608.494217][T18689] Local variable msg_sys created at: [ 1608.499615][T18689] do_recvmmsg+0x5f/0x10a0 [ 1608.504346][T18689] __sys_recvmmsg+0x113/0x450 [ 1609.375009][T18689] not chained 2450000 origins [ 1609.379926][T18689] CPU: 0 PID: 18689 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1609.390612][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1609.400820][T18689] Call Trace: [ 1609.404204][T18689] [ 1609.407224][T18689] dump_stack_lvl+0x1c8/0x256 [ 1609.412127][T18689] dump_stack+0x1a/0x1c [ 1609.416465][T18689] kmsan_internal_chain_origin+0x78/0x120 [ 1609.422387][T18689] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1609.428652][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1609.433950][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1609.440404][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1609.445707][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1609.451711][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1609.457007][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1609.463012][T18689] ? __get_compat_msghdr+0x5b/0x750 [ 1609.468426][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1609.473721][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1609.479729][T18689] ? should_fail+0x3f/0x810 [ 1609.484412][T18689] ? __stack_depot_save+0x21/0x4b0 [ 1609.489698][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1609.494984][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1609.501419][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1609.506718][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1609.512719][T18689] __msan_chain_origin+0xbd/0x140 [ 1609.517926][T18689] __get_compat_msghdr+0x514/0x750 [ 1609.523290][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1609.528359][T18689] ? ___sys_recvmsg+0xa9/0x870 [ 1609.533281][T18689] ? do_recvmmsg+0x63a/0x10a0 [ 1609.538128][T18689] ___sys_recvmsg+0x19d/0x870 [ 1609.542975][T18689] ? __schedule+0x1609/0x21d0 [ 1609.547822][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1609.553113][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1609.559114][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1609.564408][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1609.570426][T18689] do_recvmmsg+0x63a/0x10a0 [ 1609.575133][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1609.581607][T18689] ? __sys_recvmmsg+0x52/0x450 [ 1609.586543][T18689] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1609.593161][T18689] __sys_recvmmsg+0x113/0x450 [ 1609.598005][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1609.603321][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1609.609769][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1609.614955][T18689] ? exit_to_user_mode_prepare+0x119/0x220 [ 1609.620945][T18689] do_fast_syscall_32+0x33/0x70 [ 1609.625963][T18689] do_SYSENTER_32+0x1b/0x20 [ 1609.630622][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1609.637171][T18689] RIP: 0023:0xf7f92549 [ 1609.641359][T18689] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1609.661172][T18689] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1609.669759][T18689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1609.677878][T18689] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1609.685987][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1609.694096][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1609.702208][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1609.710365][T18689] [ 1609.718814][T18689] Uninit was stored to memory at: [ 1609.724734][T18689] __get_compat_msghdr+0x514/0x750 [ 1609.730063][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1609.735246][T18689] ___sys_recvmsg+0x19d/0x870 [ 1609.740084][T18689] do_recvmmsg+0x63a/0x10a0 [ 1609.744839][T18689] __sys_recvmmsg+0x113/0x450 [ 1609.749671][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1609.756226][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1609.761419][T18689] do_fast_syscall_32+0x33/0x70 [ 1609.766552][T18689] do_SYSENTER_32+0x1b/0x20 [ 1609.771203][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1609.777882][T18689] [ 1609.780282][T18689] Uninit was stored to memory at: [ 1609.785655][T18689] __get_compat_msghdr+0x514/0x750 [ 1609.790967][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1609.796139][T18689] ___sys_recvmsg+0x19d/0x870 [ 1609.800971][T18689] do_recvmmsg+0x63a/0x10a0 [ 1609.805761][T18689] __sys_recvmmsg+0x113/0x450 [ 1609.810593][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1609.817134][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1609.822424][T18689] do_fast_syscall_32+0x33/0x70 [ 1609.827428][T18689] do_SYSENTER_32+0x1b/0x20 [ 1609.832082][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1609.838757][T18689] [ 1609.841160][T18689] Uninit was stored to memory at: [ 1609.846549][T18689] __get_compat_msghdr+0x514/0x750 [ 1609.851863][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1609.857044][T18689] ___sys_recvmsg+0x19d/0x870 [ 1609.861882][T18689] do_recvmmsg+0x63a/0x10a0 [ 1609.866667][T18689] __sys_recvmmsg+0x113/0x450 [ 1609.871498][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1609.878142][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1609.883432][T18689] do_fast_syscall_32+0x33/0x70 [ 1609.888447][T18689] do_SYSENTER_32+0x1b/0x20 [ 1609.893237][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1609.899804][T18689] [ 1609.902342][T18689] Uninit was stored to memory at: [ 1609.907594][T18689] __get_compat_msghdr+0x514/0x750 [ 1609.913038][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1609.918095][T18689] ___sys_recvmsg+0x19d/0x870 [ 1609.923061][T18689] do_recvmmsg+0x63a/0x10a0 [ 1609.927719][T18689] __sys_recvmmsg+0x113/0x450 [ 1609.932678][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1609.939106][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1609.944430][T18689] do_fast_syscall_32+0x33/0x70 [ 1609.949440][T18689] do_SYSENTER_32+0x1b/0x20 [ 1609.954228][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1609.960796][T18689] [ 1609.963337][T18689] Uninit was stored to memory at: [ 1609.968588][T18689] __get_compat_msghdr+0x514/0x750 [ 1609.974028][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1609.979088][T18689] ___sys_recvmsg+0x19d/0x870 [ 1609.984055][T18689] do_recvmmsg+0x63a/0x10a0 [ 1609.988712][T18689] __sys_recvmmsg+0x113/0x450 [ 1609.993657][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1610.000077][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1610.005394][T18689] do_fast_syscall_32+0x33/0x70 [ 1610.010401][T18689] do_SYSENTER_32+0x1b/0x20 [ 1610.015181][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1610.021741][T18689] [ 1610.024318][T18689] Uninit was stored to memory at: [ 1610.029566][T18689] __get_compat_msghdr+0x514/0x750 [ 1610.035001][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1610.040061][T18689] ___sys_recvmsg+0x19d/0x870 [ 1610.045020][T18689] do_recvmmsg+0x63a/0x10a0 [ 1610.049676][T18689] __sys_recvmmsg+0x113/0x450 [ 1610.054605][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1610.061024][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1610.066340][T18689] do_fast_syscall_32+0x33/0x70 [ 1610.071354][T18689] do_SYSENTER_32+0x1b/0x20 [ 1610.076126][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1610.082775][T18689] [ 1610.085177][T18689] Uninit was stored to memory at: [ 1610.090427][T18689] __get_compat_msghdr+0x514/0x750 [ 1610.095860][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1610.100914][T18689] ___sys_recvmsg+0x19d/0x870 [ 1610.105866][T18689] do_recvmmsg+0x63a/0x10a0 [ 1610.110527][T18689] __sys_recvmmsg+0x113/0x450 [ 1610.115478][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1610.121904][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1610.127216][T18689] do_fast_syscall_32+0x33/0x70 [ 1610.132326][T18689] do_SYSENTER_32+0x1b/0x20 [ 1610.136983][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1610.143671][T18689] [ 1610.146092][T18689] Local variable msg_sys created at: [ 1610.151469][T18689] do_recvmmsg+0x5f/0x10a0 [ 1610.156161][T18689] __sys_recvmmsg+0x113/0x450 [ 1610.448436][T18669] not chained 2460000 origins [ 1610.453711][T18669] CPU: 1 PID: 18669 Comm: syz-executor.2 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1610.464384][T18669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1610.474563][T18669] Call Trace: [ 1610.477928][T18669] [ 1610.480941][T18669] dump_stack_lvl+0x1c8/0x256 [ 1610.485818][T18669] dump_stack+0x1a/0x1c [ 1610.490143][T18669] kmsan_internal_chain_origin+0x78/0x120 [ 1610.496031][T18669] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1610.502271][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1610.507551][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1610.513974][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1610.519252][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1610.525239][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1610.530516][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1610.536514][T18669] ? __get_compat_msghdr+0x5b/0x750 [ 1610.541938][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1610.547231][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1610.553231][T18669] ? should_fail+0x3f/0x810 [ 1610.557903][T18669] ? __stack_depot_save+0x21/0x4b0 [ 1610.563175][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1610.568454][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1610.574871][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1610.580141][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1610.586124][T18669] __msan_chain_origin+0xbd/0x140 [ 1610.591319][T18669] __get_compat_msghdr+0x514/0x750 [ 1610.596671][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1610.601744][T18669] ? ___sys_recvmsg+0xa9/0x870 [ 1610.606658][T18669] ? do_recvmmsg+0x63a/0x10a0 [ 1610.611490][T18669] ___sys_recvmsg+0x19d/0x870 [ 1610.616320][T18669] ? __schedule+0x1609/0x21d0 [ 1610.621155][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1610.626434][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1610.632410][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1610.637681][T18669] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1610.643667][T18669] do_recvmmsg+0x63a/0x10a0 [ 1610.648340][T18669] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1610.654781][T18669] ? __sys_recvmmsg+0x52/0x450 [ 1610.659724][T18669] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1610.666329][T18669] __sys_recvmmsg+0x113/0x450 [ 1610.671152][T18669] ? kmsan_get_metadata+0x33/0x220 [ 1610.676471][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1610.682894][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1610.688093][T18669] ? exit_to_user_mode_prepare+0x119/0x220 [ 1610.694085][T18669] do_fast_syscall_32+0x33/0x70 [ 1610.699089][T18669] do_SYSENTER_32+0x1b/0x20 [ 1610.703733][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1610.710271][T18669] RIP: 0023:0xf7f3a549 [ 1610.714454][T18669] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1610.734234][T18669] RSP: 002b:00000000f7f145cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1610.742807][T18669] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1610.750903][T18669] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1610.759007][T18669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1610.767101][T18669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1610.775192][T18669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1610.783305][T18669] [ 1610.793414][T18669] Uninit was stored to memory at: [ 1610.798703][T18669] __get_compat_msghdr+0x514/0x750 [ 1610.804508][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1610.809589][T18669] ___sys_recvmsg+0x19d/0x870 [ 1610.814526][T18669] do_recvmmsg+0x63a/0x10a0 [ 1610.819204][T18669] __sys_recvmmsg+0x113/0x450 [ 1610.824139][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1610.830568][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1610.835854][T18669] do_fast_syscall_32+0x33/0x70 [ 1610.840868][T18669] do_SYSENTER_32+0x1b/0x20 [ 1610.845619][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1610.852175][T18669] [ 1610.854686][T18669] Uninit was stored to memory at: [ 1610.859934][T18669] __get_compat_msghdr+0x514/0x750 [ 1610.865357][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1610.870406][T18669] ___sys_recvmsg+0x19d/0x870 [ 1610.875347][T18669] do_recvmmsg+0x63a/0x10a0 [ 1610.880151][T18669] __sys_recvmmsg+0x113/0x450 [ 1610.885091][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1610.891517][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1610.896839][T18669] do_fast_syscall_32+0x33/0x70 [ 1610.901853][T18669] do_SYSENTER_32+0x1b/0x20 [ 1610.906615][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1610.913259][T18669] [ 1610.915668][T18669] Uninit was stored to memory at: [ 1610.920916][T18669] __get_compat_msghdr+0x514/0x750 [ 1610.926406][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1610.931465][T18669] ___sys_recvmsg+0x19d/0x870 [ 1610.936396][T18669] do_recvmmsg+0x63a/0x10a0 [ 1610.941064][T18669] __sys_recvmmsg+0x113/0x450 [ 1610.945991][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1610.952509][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1610.957686][T18669] do_fast_syscall_32+0x33/0x70 [ 1610.962781][T18669] do_SYSENTER_32+0x1b/0x20 [ 1610.967439][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1610.974089][T18669] [ 1610.976495][T18669] Uninit was stored to memory at: [ 1610.981740][T18669] __get_compat_msghdr+0x514/0x750 [ 1610.987163][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1610.992317][T18669] ___sys_recvmsg+0x19d/0x870 [ 1610.997153][T18669] do_recvmmsg+0x63a/0x10a0 [ 1611.001800][T18669] __sys_recvmmsg+0x113/0x450 [ 1611.006719][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1611.013244][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1611.018434][T18669] do_fast_syscall_32+0x33/0x70 [ 1611.023529][T18669] do_SYSENTER_32+0x1b/0x20 [ 1611.028176][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1611.034826][T18669] [ 1611.037229][T18669] Uninit was stored to memory at: [ 1611.042564][T18669] __get_compat_msghdr+0x514/0x750 [ 1611.047874][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1611.053023][T18669] ___sys_recvmsg+0x19d/0x870 [ 1611.057852][T18669] do_recvmmsg+0x63a/0x10a0 [ 1611.062595][T18669] __sys_recvmmsg+0x113/0x450 [ 1611.067430][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1611.073954][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1611.079148][T18669] do_fast_syscall_32+0x33/0x70 [ 1611.084257][T18669] do_SYSENTER_32+0x1b/0x20 [ 1611.088910][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1611.095548][T18669] [ 1611.097951][T18669] Uninit was stored to memory at: [ 1611.103297][T18669] __get_compat_msghdr+0x514/0x750 [ 1611.108620][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1611.113769][T18669] ___sys_recvmsg+0x19d/0x870 [ 1611.118603][T18669] do_recvmmsg+0x63a/0x10a0 [ 1611.123359][T18669] __sys_recvmmsg+0x113/0x450 [ 1611.128193][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1611.134706][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1611.139883][T18669] do_fast_syscall_32+0x33/0x70 [ 1611.144990][T18669] do_SYSENTER_32+0x1b/0x20 [ 1611.149644][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1611.156291][T18669] [ 1611.158701][T18669] Uninit was stored to memory at: [ 1611.164042][T18669] __get_compat_msghdr+0x514/0x750 [ 1611.169362][T18669] get_compat_msghdr+0x8c/0x1c0 [ 1611.174518][T18669] ___sys_recvmsg+0x19d/0x870 [ 1611.179350][T18669] do_recvmmsg+0x63a/0x10a0 [ 1611.184160][T18669] __sys_recvmmsg+0x113/0x450 [ 1611.188993][T18669] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1611.195571][T18669] __do_fast_syscall_32+0x95/0xf0 [ 1611.200755][T18669] do_fast_syscall_32+0x33/0x70 [ 1611.205919][T18669] do_SYSENTER_32+0x1b/0x20 [ 1611.210571][T18669] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1611.217281][T18669] [ 1611.219697][T18669] Local variable msg_sys created at: [ 1611.225226][T18669] do_recvmmsg+0x5f/0x10a0 [ 1611.229794][T18669] __sys_recvmmsg+0x113/0x450 [ 1611.688541][T18689] not chained 2470000 origins [ 1611.693544][T18689] CPU: 1 PID: 18689 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1611.704222][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1611.714424][T18689] Call Trace: [ 1611.717801][T18689] [ 1611.720825][T18689] dump_stack_lvl+0x1c8/0x256 [ 1611.725729][T18689] dump_stack+0x1a/0x1c [ 1611.730084][T18689] kmsan_internal_chain_origin+0x78/0x120 [ 1611.736001][T18689] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1611.742268][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1611.747567][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1611.754011][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1611.759307][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1611.765311][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1611.770607][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1611.776605][T18689] ? __get_compat_msghdr+0x5b/0x750 [ 1611.782013][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1611.787311][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1611.793322][T18689] ? should_fail+0x3f/0x810 [ 1611.798002][T18689] ? __stack_depot_save+0x21/0x4b0 [ 1611.803294][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1611.808587][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1611.815024][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1611.820319][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1611.826316][T18689] __msan_chain_origin+0xbd/0x140 [ 1611.831516][T18689] __get_compat_msghdr+0x514/0x750 [ 1611.836866][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1611.841922][T18689] ? ___sys_recvmsg+0xa9/0x870 [ 1611.846845][T18689] ? do_recvmmsg+0x63a/0x10a0 [ 1611.851685][T18689] ___sys_recvmsg+0x19d/0x870 [ 1611.856527][T18689] ? __schedule+0x1609/0x21d0 [ 1611.861372][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1611.866660][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1611.872654][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1611.877949][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1611.883964][T18689] do_recvmmsg+0x63a/0x10a0 [ 1611.888692][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1611.895134][T18689] ? __sys_recvmmsg+0x52/0x450 [ 1611.900059][T18689] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1611.906666][T18689] __sys_recvmmsg+0x113/0x450 [ 1611.911505][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1611.916809][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1611.923248][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1611.928439][T18689] ? exit_to_user_mode_prepare+0x119/0x220 [ 1611.934442][T18689] do_fast_syscall_32+0x33/0x70 [ 1611.939472][T18689] do_SYSENTER_32+0x1b/0x20 [ 1611.944134][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1611.950704][T18689] RIP: 0023:0xf7f92549 [ 1611.954901][T18689] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1611.974722][T18689] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1611.983336][T18689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1611.991458][T18689] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1611.999568][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1612.007678][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1612.015786][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1612.023922][T18689] [ 1612.032424][T18689] Uninit was stored to memory at: [ 1612.037701][T18689] __get_compat_msghdr+0x514/0x750 [ 1612.061880][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1612.067087][T18689] ___sys_recvmsg+0x19d/0x870 [ 1612.071941][T18689] do_recvmmsg+0x63a/0x10a0 [ 1612.076723][T18689] __sys_recvmmsg+0x113/0x450 [ 1612.081570][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1612.088117][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1612.093429][T18689] do_fast_syscall_32+0x33/0x70 [ 1612.098449][T18689] do_SYSENTER_32+0x1b/0x20 [ 1612.103205][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1612.109751][T18689] [ 1612.112148][T18689] Uninit was stored to memory at: [ 1612.117504][T18689] __get_compat_msghdr+0x514/0x750 [ 1612.122913][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1612.127964][T18689] ___sys_recvmsg+0x19d/0x870 [ 1612.132898][T18689] do_recvmmsg+0x63a/0x10a0 [ 1612.137552][T18689] __sys_recvmmsg+0x113/0x450 [ 1612.142462][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1612.148881][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1612.154159][T18689] do_fast_syscall_32+0x33/0x70 [ 1612.159170][T18689] do_SYSENTER_32+0x1b/0x20 [ 1612.163933][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1612.170488][T18689] [ 1612.173030][T18689] Uninit was stored to memory at: [ 1612.178290][T18689] __get_compat_msghdr+0x514/0x750 [ 1612.183794][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1612.188874][T18689] ___sys_recvmsg+0x19d/0x870 [ 1612.193903][T18689] do_recvmmsg+0x63a/0x10a0 [ 1612.198571][T18689] __sys_recvmmsg+0x113/0x450 [ 1612.203616][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1612.210053][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1612.215419][T18689] do_fast_syscall_32+0x33/0x70 [ 1612.220420][T18689] do_SYSENTER_32+0x1b/0x20 [ 1612.225238][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1612.231803][T18689] [ 1612.234374][T18689] Uninit was stored to memory at: [ 1612.239631][T18689] __get_compat_msghdr+0x514/0x750 [ 1612.245099][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1612.250157][T18689] ___sys_recvmsg+0x19d/0x870 [ 1612.255077][T18689] do_recvmmsg+0x63a/0x10a0 [ 1612.259731][T18689] __sys_recvmmsg+0x113/0x450 [ 1612.264724][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1612.271151][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1612.276506][T18689] do_fast_syscall_32+0x33/0x70 [ 1612.281522][T18689] do_SYSENTER_32+0x1b/0x20 [ 1612.286337][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1612.292980][T18689] [ 1612.295386][T18689] Uninit was stored to memory at: [ 1612.300632][T18689] __get_compat_msghdr+0x514/0x750 [ 1612.306100][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1612.311156][T18689] ___sys_recvmsg+0x19d/0x870 [ 1612.316158][T18689] do_recvmmsg+0x63a/0x10a0 [ 1612.320828][T18689] __sys_recvmmsg+0x113/0x450 [ 1612.325822][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1612.332347][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1612.337531][T18689] do_fast_syscall_32+0x33/0x70 [ 1612.342683][T18689] do_SYSENTER_32+0x1b/0x20 [ 1612.347344][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1612.354049][T18689] [ 1612.356451][T18689] Uninit was stored to memory at: [ 1612.361704][T18689] __get_compat_msghdr+0x514/0x750 [ 1612.367268][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1612.372440][T18689] ___sys_recvmsg+0x19d/0x870 [ 1612.377290][T18689] do_recvmmsg+0x63a/0x10a0 [ 1612.381954][T18689] __sys_recvmmsg+0x113/0x450 [ 1612.386939][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1612.393457][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1612.398640][T18689] do_fast_syscall_32+0x33/0x70 [ 1612.403802][T18689] do_SYSENTER_32+0x1b/0x20 [ 1612.408467][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1612.415177][T18689] [ 1612.417589][T18689] Uninit was stored to memory at: [ 1612.422992][T18689] __get_compat_msghdr+0x514/0x750 [ 1612.428321][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1612.433464][T18689] ___sys_recvmsg+0x19d/0x870 [ 1612.438298][T18689] do_recvmmsg+0x63a/0x10a0 [ 1612.443109][T18689] __sys_recvmmsg+0x113/0x450 [ 1612.447945][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1612.454525][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1612.459711][T18689] do_fast_syscall_32+0x33/0x70 [ 1612.464872][T18689] do_SYSENTER_32+0x1b/0x20 [ 1612.469527][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1612.476231][T18689] [ 1612.478647][T18689] Local variable msg_sys created at: [ 1612.484181][T18689] do_recvmmsg+0x5f/0x10a0 [ 1612.488755][T18689] __sys_recvmmsg+0x113/0x450 [ 1612.731145][T18689] not chained 2480000 origins [ 1612.736267][T18689] CPU: 0 PID: 18689 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1612.746956][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1612.757147][T18689] Call Trace: [ 1612.760522][T18689] [ 1612.763549][T18689] dump_stack_lvl+0x1c8/0x256 [ 1612.768453][T18689] dump_stack+0x1a/0x1c [ 1612.772816][T18689] kmsan_internal_chain_origin+0x78/0x120 [ 1612.778727][T18689] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1612.785005][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1612.790308][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1612.796763][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1612.802056][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1612.808052][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1612.813346][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1612.819345][T18689] ? __get_compat_msghdr+0x5b/0x750 [ 1612.824761][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1612.830057][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1612.836072][T18689] ? should_fail+0x3f/0x810 [ 1612.840767][T18689] ? __stack_depot_save+0x21/0x4b0 [ 1612.846059][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1612.851355][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1612.857788][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1612.863080][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1612.869078][T18689] __msan_chain_origin+0xbd/0x140 [ 1612.874286][T18689] __get_compat_msghdr+0x514/0x750 [ 1612.879635][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1612.884705][T18689] ? ___sys_recvmsg+0xa9/0x870 [ 1612.889632][T18689] ? do_recvmmsg+0x63a/0x10a0 [ 1612.894473][T18689] ___sys_recvmsg+0x19d/0x870 [ 1612.899318][T18689] ? __schedule+0x1609/0x21d0 [ 1612.904163][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1612.909454][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1612.915448][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1612.920736][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1612.926741][T18689] do_recvmmsg+0x63a/0x10a0 [ 1612.931432][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1612.937873][T18689] ? __sys_recvmmsg+0x52/0x450 [ 1612.942800][T18689] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1612.949399][T18689] __sys_recvmmsg+0x113/0x450 [ 1612.954232][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1612.959541][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1612.965979][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1612.971161][T18689] ? exit_to_user_mode_prepare+0x119/0x220 [ 1612.977147][T18689] do_fast_syscall_32+0x33/0x70 [ 1612.982158][T18689] do_SYSENTER_32+0x1b/0x20 [ 1612.986809][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1612.993358][T18689] RIP: 0023:0xf7f92549 [ 1612.997546][T18689] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1613.017349][T18689] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1613.025930][T18689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1613.034044][T18689] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1613.042147][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1613.050242][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1613.058345][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1613.066480][T18689] [ 1613.076721][T18689] Uninit was stored to memory at: [ 1613.082010][T18689] __get_compat_msghdr+0x514/0x750 [ 1613.088393][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1613.093563][T18689] ___sys_recvmsg+0x19d/0x870 [ 1613.098397][T18689] do_recvmmsg+0x63a/0x10a0 [ 1613.103164][T18689] __sys_recvmmsg+0x113/0x450 [ 1613.107995][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1613.114527][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1613.119707][T18689] do_fast_syscall_32+0x33/0x70 [ 1613.124821][T18689] do_SYSENTER_32+0x1b/0x20 [ 1613.129483][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1613.136146][T18689] [ 1613.138547][T18689] Uninit was stored to memory at: [ 1613.143899][T18689] __get_compat_msghdr+0x514/0x750 [ 1613.149226][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1613.154427][T18689] ___sys_recvmsg+0x19d/0x870 [ 1613.159277][T18689] do_recvmmsg+0x63a/0x10a0 [ 1613.164063][T18689] __sys_recvmmsg+0x113/0x450 [ 1613.168901][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1613.175437][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1613.180632][T18689] do_fast_syscall_32+0x33/0x70 [ 1613.185777][T18689] do_SYSENTER_32+0x1b/0x20 [ 1613.190442][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1613.197134][T18689] [ 1613.199536][T18689] Uninit was stored to memory at: [ 1613.204890][T18689] __get_compat_msghdr+0x514/0x750 [ 1613.210212][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1613.215416][T18689] ___sys_recvmsg+0x19d/0x870 [ 1613.220252][T18689] do_recvmmsg+0x63a/0x10a0 [ 1613.225046][T18689] __sys_recvmmsg+0x113/0x450 [ 1613.229883][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1613.236421][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1613.241600][T18689] do_fast_syscall_32+0x33/0x70 [ 1613.246724][T18689] do_SYSENTER_32+0x1b/0x20 [ 1613.251385][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1613.258061][T18689] [ 1613.260467][T18689] Uninit was stored to memory at: [ 1613.265852][T18689] __get_compat_msghdr+0x514/0x750 [ 1613.271170][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1613.276413][T18689] ___sys_recvmsg+0x19d/0x870 [ 1613.281259][T18689] do_recvmmsg+0x63a/0x10a0 [ 1613.286126][T18689] __sys_recvmmsg+0x113/0x450 [ 1613.290970][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1613.297587][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1613.302874][T18689] do_fast_syscall_32+0x33/0x70 [ 1613.307884][T18689] do_SYSENTER_32+0x1b/0x20 [ 1613.312722][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1613.319282][T18689] [ 1613.321685][T18689] Uninit was stored to memory at: [ 1613.327145][T18689] __get_compat_msghdr+0x514/0x750 [ 1613.332556][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1613.337612][T18689] ___sys_recvmsg+0x19d/0x870 [ 1613.342634][T18689] do_recvmmsg+0x63a/0x10a0 [ 1613.347293][T18689] __sys_recvmmsg+0x113/0x450 [ 1613.352403][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1613.358837][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1613.364237][T18689] do_fast_syscall_32+0x33/0x70 [ 1613.369249][T18689] do_SYSENTER_32+0x1b/0x20 [ 1613.374136][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1613.380706][T18689] [ 1613.383305][T18689] Uninit was stored to memory at: [ 1613.388566][T18689] __get_compat_msghdr+0x514/0x750 [ 1613.394072][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1613.399134][T18689] ___sys_recvmsg+0x19d/0x870 [ 1613.404157][T18689] do_recvmmsg+0x63a/0x10a0 [ 1613.408850][T18689] __sys_recvmmsg+0x113/0x450 [ 1613.413807][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1613.420253][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1613.425582][T18689] do_fast_syscall_32+0x33/0x70 [ 1613.430596][T18689] do_SYSENTER_32+0x1b/0x20 [ 1613.435392][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1613.441949][T18689] [ 1613.444445][T18689] Uninit was stored to memory at: [ 1613.449690][T18689] __get_compat_msghdr+0x514/0x750 [ 1613.455133][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1613.460197][T18689] ___sys_recvmsg+0x19d/0x870 [ 1613.465180][T18689] do_recvmmsg+0x63a/0x10a0 [ 1613.469836][T18689] __sys_recvmmsg+0x113/0x450 [ 1613.474761][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1613.481180][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1613.486495][T18689] do_fast_syscall_32+0x33/0x70 [ 1613.491512][T18689] do_SYSENTER_32+0x1b/0x20 [ 1613.496287][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1613.502930][T18689] [ 1613.505337][T18689] Local variable msg_sys created at: [ 1613.510715][T18689] do_recvmmsg+0x5f/0x10a0 [ 1613.515423][T18689] __sys_recvmmsg+0x113/0x450 [ 1613.534141][T14003] Bluetooth: hci4: command 0x0406 tx timeout [ 1613.568778][T18689] not chained 2490000 origins [ 1613.573925][T18689] CPU: 0 PID: 18689 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1613.584620][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1613.594824][T18689] Call Trace: [ 1613.598201][T18689] [ 1613.601241][T18689] dump_stack_lvl+0x1c8/0x256 [ 1613.606164][T18689] dump_stack+0x1a/0x1c [ 1613.610536][T18689] kmsan_internal_chain_origin+0x78/0x120 [ 1613.616460][T18689] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1613.622732][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1613.628041][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1613.634484][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1613.639775][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1613.645766][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1613.651053][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1613.657033][T18689] ? __get_compat_msghdr+0x5b/0x750 [ 1613.662422][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1613.667692][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1613.673699][T18689] ? should_fail+0x3f/0x810 [ 1613.678393][T18689] ? __stack_depot_save+0x21/0x4b0 [ 1613.683690][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1613.688986][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1613.695427][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1613.700714][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1613.706704][T18689] __msan_chain_origin+0xbd/0x140 [ 1613.711897][T18689] __get_compat_msghdr+0x514/0x750 [ 1613.717229][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1613.722269][T18689] ? ___sys_recvmsg+0xa9/0x870 [ 1613.727173][T18689] ? do_recvmmsg+0x63a/0x10a0 [ 1613.731998][T18689] ___sys_recvmsg+0x19d/0x870 [ 1613.736822][T18689] ? __schedule+0x1609/0x21d0 [ 1613.741649][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1613.746925][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1613.752904][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1613.758177][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1613.764162][T18689] do_recvmmsg+0x63a/0x10a0 [ 1613.768831][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1613.775248][T18689] ? __sys_recvmmsg+0x52/0x450 [ 1613.780154][T18689] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1613.786752][T18689] __sys_recvmmsg+0x113/0x450 [ 1613.791572][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1613.796862][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1613.803281][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1613.808451][T18689] ? exit_to_user_mode_prepare+0x119/0x220 [ 1613.814419][T18689] do_fast_syscall_32+0x33/0x70 [ 1613.819414][T18689] do_SYSENTER_32+0x1b/0x20 [ 1613.824054][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1613.830594][T18689] RIP: 0023:0xf7f92549 [ 1613.834778][T18689] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1613.854560][T18689] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1613.863122][T18689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1613.871220][T18689] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1613.879307][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1613.887398][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1613.895488][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1613.903597][T18689] [ 1613.912351][T18689] Uninit was stored to memory at: [ 1613.917635][T18689] __get_compat_msghdr+0x514/0x750 [ 1613.923517][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1613.928585][T18689] ___sys_recvmsg+0x19d/0x870 [ 1613.933551][T18689] do_recvmmsg+0x63a/0x10a0 [ 1613.938211][T18689] __sys_recvmmsg+0x113/0x450 [ 1613.943171][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1613.949592][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1613.954907][T18689] do_fast_syscall_32+0x33/0x70 [ 1613.959917][T18689] do_SYSENTER_32+0x1b/0x20 [ 1613.964677][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1613.971238][T18689] [ 1613.973827][T18689] Uninit was stored to memory at: [ 1613.979092][T18689] __get_compat_msghdr+0x514/0x750 [ 1613.984525][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1613.989576][T18689] ___sys_recvmsg+0x19d/0x870 [ 1613.994518][T18689] do_recvmmsg+0x63a/0x10a0 [ 1613.999168][T18689] __sys_recvmmsg+0x113/0x450 [ 1614.004111][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1614.010527][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1614.015825][T18689] do_fast_syscall_32+0x33/0x70 [ 1614.020836][T18689] do_SYSENTER_32+0x1b/0x20 [ 1614.025615][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1614.032171][T18689] [ 1614.034665][T18689] Uninit was stored to memory at: [ 1614.040089][T18689] __get_compat_msghdr+0x514/0x750 [ 1614.045512][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1614.050564][T18689] ___sys_recvmsg+0x19d/0x870 [ 1614.055580][T18689] do_recvmmsg+0x63a/0x10a0 [ 1614.060243][T18689] __sys_recvmmsg+0x113/0x450 [ 1614.065265][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1614.071690][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1614.077070][T18689] do_fast_syscall_32+0x33/0x70 [ 1614.082083][T18689] do_SYSENTER_32+0x1b/0x20 02:34:42 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) timer_create(0x3, &(0x7f0000000040)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) read$FUSE(r0, &(0x7f00000039c0)={0x2020}, 0x2020) signalfd4(r0, &(0x7f00000000c0)={[0xffffffffffffeb3e]}, 0x8, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000140)={{}, {0x0, r1+60000000}}, 0x0) timer_settime(0x0, 0xffffffffffffffff, &(0x7f0000000080)={{0x77359400}, {0x0, 0x9}}, 0x0) 02:34:42 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) mknod(&(0x7f0000000180)='./file0\x00', 0x1000, 0x0) open$dir(&(0x7f00000004c0)='./file0\x00', 0x0, 0x0) dup2(r1, r0) 02:34:42 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="cc", 0x1) [ 1614.086916][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1614.093663][T18689] [ 1614.096068][T18689] Uninit was stored to memory at: [ 1614.101315][T18689] __get_compat_msghdr+0x514/0x750 [ 1614.106832][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1614.111902][T18689] ___sys_recvmsg+0x19d/0x870 [ 1614.116950][T18689] do_recvmmsg+0x63a/0x10a0 [ 1614.121616][T18689] __sys_recvmmsg+0x113/0x450 [ 1614.126650][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1614.133176][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1614.138364][T18689] do_fast_syscall_32+0x33/0x70 [ 1614.143580][T18689] do_SYSENTER_32+0x1b/0x20 [ 1614.148255][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1614.154950][T18689] [ 1614.157353][T18689] Uninit was stored to memory at: [ 1614.162682][T18689] __get_compat_msghdr+0x514/0x750 [ 1614.168003][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1614.173172][T18689] ___sys_recvmsg+0x19d/0x870 [ 1614.178004][T18689] do_recvmmsg+0x63a/0x10a0 [ 1614.182765][T18689] __sys_recvmmsg+0x113/0x450 [ 1614.187595][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1614.194148][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1614.199335][T18689] do_fast_syscall_32+0x33/0x70 [ 1614.204465][T18689] do_SYSENTER_32+0x1b/0x20 [ 1614.209125][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1614.215815][T18689] [ 1614.218228][T18689] Uninit was stored to memory at: [ 1614.223595][T18689] __get_compat_msghdr+0x514/0x750 [ 1614.228923][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1614.234115][T18689] ___sys_recvmsg+0x19d/0x870 [ 1614.238950][T18689] do_recvmmsg+0x63a/0x10a0 [ 1614.243765][T18689] __sys_recvmmsg+0x113/0x450 [ 1614.248604][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1614.255163][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1614.260348][T18689] do_fast_syscall_32+0x33/0x70 [ 1614.265478][T18689] do_SYSENTER_32+0x1b/0x20 [ 1614.270141][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1614.276835][T18689] [ 1614.279245][T18689] Uninit was stored to memory at: [ 1614.284587][T18689] __get_compat_msghdr+0x514/0x750 [ 1614.289906][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1614.295088][T18689] ___sys_recvmsg+0x19d/0x870 [ 1614.299919][T18689] do_recvmmsg+0x63a/0x10a0 [ 1614.304664][T18689] __sys_recvmmsg+0x113/0x450 [ 1614.309503][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1614.316049][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1614.321234][T18689] do_fast_syscall_32+0x33/0x70 [ 1614.326376][T18689] do_SYSENTER_32+0x1b/0x20 [ 1614.331040][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1614.337716][T18689] [ 1614.340127][T18689] Local variable msg_sys created at: [ 1614.345710][T18689] do_recvmmsg+0x5f/0x10a0 [ 1614.350292][T18689] __sys_recvmmsg+0x113/0x450 [ 1615.821604][T18689] not chained 2500000 origins [ 1615.826741][T18689] CPU: 0 PID: 18689 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1615.837417][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1615.847621][T18689] Call Trace: [ 1615.850993][T18689] [ 1615.854009][T18689] dump_stack_lvl+0x1c8/0x256 [ 1615.858883][T18689] dump_stack+0x1a/0x1c [ 1615.863227][T18689] kmsan_internal_chain_origin+0x78/0x120 [ 1615.869143][T18689] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1615.875382][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1615.880651][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1615.887071][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1615.892356][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1615.898342][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1615.903618][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1615.909593][T18689] ? __get_compat_msghdr+0x5b/0x750 [ 1615.914987][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1615.920255][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1615.926250][T18689] ? should_fail+0x3f/0x810 [ 1615.930920][T18689] ? __stack_depot_save+0x21/0x4b0 [ 1615.936192][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1615.941478][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1615.947898][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1615.953178][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1615.959160][T18689] __msan_chain_origin+0xbd/0x140 [ 1615.964349][T18689] __get_compat_msghdr+0x514/0x750 [ 1615.969681][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1615.974720][T18689] ? ___sys_recvmsg+0xa9/0x870 [ 1615.979623][T18689] ? do_recvmmsg+0x63a/0x10a0 [ 1615.984446][T18689] ___sys_recvmsg+0x19d/0x870 [ 1615.989272][T18689] ? __schedule+0x1609/0x21d0 [ 1615.994110][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1615.999380][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1616.005362][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1616.010633][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1616.016618][T18689] do_recvmmsg+0x63a/0x10a0 [ 1616.021284][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1616.027715][T18689] ? __sys_recvmmsg+0x52/0x450 [ 1616.032618][T18689] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1616.039204][T18689] __sys_recvmmsg+0x113/0x450 [ 1616.044027][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1616.049315][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1616.055732][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1616.060898][T18689] ? exit_to_user_mode_prepare+0x119/0x220 [ 1616.066868][T18689] do_fast_syscall_32+0x33/0x70 [ 1616.071862][T18689] do_SYSENTER_32+0x1b/0x20 [ 1616.076505][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1616.083041][T18689] RIP: 0023:0xf7f92549 [ 1616.087218][T18689] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1616.107003][T18689] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1616.115568][T18689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1616.123664][T18689] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1616.131754][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1616.139842][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1616.147932][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1616.156045][T18689] [ 1616.164404][T18689] Uninit was stored to memory at: [ 1616.169687][T18689] __get_compat_msghdr+0x514/0x750 [ 1616.175551][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1616.180619][T18689] ___sys_recvmsg+0x19d/0x870 [ 1616.185579][T18689] do_recvmmsg+0x63a/0x10a0 [ 1616.190245][T18689] __sys_recvmmsg+0x113/0x450 [ 1616.195197][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1616.201638][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1616.206933][T18689] do_fast_syscall_32+0x33/0x70 [ 1616.211946][T18689] do_SYSENTER_32+0x1b/0x20 [ 1616.216730][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1616.223388][T18689] [ 1616.225808][T18689] Uninit was stored to memory at: [ 1616.231061][T18689] __get_compat_msghdr+0x514/0x750 [ 1616.236501][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1616.241556][T18689] ___sys_recvmsg+0x19d/0x870 [ 1616.246517][T18689] do_recvmmsg+0x63a/0x10a0 [ 1616.251175][T18689] __sys_recvmmsg+0x113/0x450 [ 1616.256144][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1616.262669][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1616.267873][T18689] do_fast_syscall_32+0x33/0x70 [ 1616.273008][T18689] do_SYSENTER_32+0x1b/0x20 [ 1616.277663][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1616.284354][T18689] [ 1616.286756][T18689] Uninit was stored to memory at: [ 1616.292002][T18689] __get_compat_msghdr+0x514/0x750 [ 1616.297447][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1616.302599][T18689] ___sys_recvmsg+0x19d/0x870 [ 1616.307434][T18689] do_recvmmsg+0x63a/0x10a0 [ 1616.312086][T18689] __sys_recvmmsg+0x113/0x450 [ 1616.317047][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1616.323603][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1616.328809][T18689] do_fast_syscall_32+0x33/0x70 [ 1616.333940][T18689] do_SYSENTER_32+0x1b/0x20 [ 1616.338589][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1616.345274][T18689] [ 1616.347683][T18689] Uninit was stored to memory at: [ 1616.353025][T18689] __get_compat_msghdr+0x514/0x750 [ 1616.358367][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1616.363553][T18689] ___sys_recvmsg+0x19d/0x870 [ 1616.368384][T18689] do_recvmmsg+0x63a/0x10a0 [ 1616.373183][T18689] __sys_recvmmsg+0x113/0x450 [ 1616.378030][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1616.384641][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1616.389829][T18689] do_fast_syscall_32+0x33/0x70 [ 1616.395035][T18689] do_SYSENTER_32+0x1b/0x20 [ 1616.399696][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1616.406449][T18689] [ 1616.408860][T18689] Uninit was stored to memory at: [ 1616.414257][T18689] __get_compat_msghdr+0x514/0x750 [ 1616.419590][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1616.424854][T18689] ___sys_recvmsg+0x19d/0x870 [ 1616.429691][T18689] do_recvmmsg+0x63a/0x10a0 [ 1616.434563][T18689] __sys_recvmmsg+0x113/0x450 [ 1616.439403][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1616.446022][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1616.451213][T18689] do_fast_syscall_32+0x33/0x70 [ 1616.456421][T18689] do_SYSENTER_32+0x1b/0x20 [ 1616.461082][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1616.467832][T18689] [ 1616.470246][T18689] Uninit was stored to memory at: [ 1616.475690][T18689] __get_compat_msghdr+0x514/0x750 [ 1616.481006][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1616.486257][T18689] ___sys_recvmsg+0x19d/0x870 [ 1616.491100][T18689] do_recvmmsg+0x63a/0x10a0 [ 1616.495942][T18689] __sys_recvmmsg+0x113/0x450 [ 1616.500779][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1616.507390][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1616.512675][T18689] do_fast_syscall_32+0x33/0x70 [ 1616.517678][T18689] do_SYSENTER_32+0x1b/0x20 [ 1616.522502][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1616.529051][T18689] [ 1616.531455][T18689] Uninit was stored to memory at: [ 1616.536888][T18689] __get_compat_msghdr+0x514/0x750 [ 1616.542298][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1616.547379][T18689] ___sys_recvmsg+0x19d/0x870 [ 1616.552414][T18689] do_recvmmsg+0x63a/0x10a0 [ 1616.557085][T18689] __sys_recvmmsg+0x113/0x450 [ 1616.561924][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1616.568559][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1616.573852][T18689] do_fast_syscall_32+0x33/0x70 [ 1616.578865][T18689] do_SYSENTER_32+0x1b/0x20 [ 1616.583733][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1616.590289][T18689] [ 1616.592892][T18689] Local variable msg_sys created at: [ 1616.598280][T18689] do_recvmmsg+0x5f/0x10a0 [ 1616.603063][T18689] __sys_recvmmsg+0x113/0x450 [ 1616.909749][T18689] not chained 2510000 origins [ 1616.914943][T18689] CPU: 0 PID: 18689 Comm: syz-executor.5 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1616.925632][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1616.935844][T18689] Call Trace: [ 1616.939235][T18689] [ 1616.942266][T18689] dump_stack_lvl+0x1c8/0x256 [ 1616.947192][T18689] dump_stack+0x1a/0x1c [ 1616.951541][T18689] kmsan_internal_chain_origin+0x78/0x120 [ 1616.957452][T18689] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1616.963713][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1616.969018][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1616.975461][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1616.980756][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1616.986758][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1616.992062][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1616.998072][T18689] ? __get_compat_msghdr+0x5b/0x750 [ 1617.003493][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1617.008788][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1617.014801][T18689] ? should_fail+0x3f/0x810 [ 1617.019491][T18689] ? __stack_depot_save+0x21/0x4b0 [ 1617.024782][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1617.030082][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1617.036521][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1617.041818][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1617.047823][T18689] __msan_chain_origin+0xbd/0x140 [ 1617.053036][T18689] __get_compat_msghdr+0x514/0x750 [ 1617.058387][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1617.063449][T18689] ? ___sys_recvmsg+0xa9/0x870 [ 1617.068368][T18689] ? do_recvmmsg+0x63a/0x10a0 [ 1617.073206][T18689] ___sys_recvmsg+0x19d/0x870 [ 1617.078060][T18689] ? __schedule+0x1609/0x21d0 [ 1617.082915][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1617.088210][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1617.094207][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1617.099501][T18689] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1617.105509][T18689] do_recvmmsg+0x63a/0x10a0 [ 1617.110205][T18689] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1617.116647][T18689] ? __sys_recvmmsg+0x52/0x450 [ 1617.121565][T18689] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1617.128169][T18689] __sys_recvmmsg+0x113/0x450 [ 1617.133007][T18689] ? kmsan_get_metadata+0x33/0x220 [ 1617.138314][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1617.144756][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1617.149951][T18689] ? exit_to_user_mode_prepare+0x119/0x220 [ 1617.155960][T18689] do_fast_syscall_32+0x33/0x70 [ 1617.160981][T18689] do_SYSENTER_32+0x1b/0x20 [ 1617.165656][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1617.172212][T18689] RIP: 0023:0xf7f92549 [ 1617.176399][T18689] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1617.196214][T18689] RSP: 002b:00000000f7f6c5cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1617.204814][T18689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1617.212945][T18689] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1617.221058][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1617.229174][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1617.237288][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1617.245421][T18689] [ 1617.253711][T18689] Uninit was stored to memory at: [ 1617.259020][T18689] __get_compat_msghdr+0x514/0x750 [ 1617.264963][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1617.270036][T18689] ___sys_recvmsg+0x19d/0x870 [ 1617.274996][T18689] do_recvmmsg+0x63a/0x10a0 [ 1617.279654][T18689] __sys_recvmmsg+0x113/0x450 [ 1617.284588][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1617.291007][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1617.296322][T18689] do_fast_syscall_32+0x33/0x70 [ 1617.301334][T18689] do_SYSENTER_32+0x1b/0x20 [ 1617.306117][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1617.312769][T18689] [ 1617.315174][T18689] Uninit was stored to memory at: [ 1617.320427][T18689] __get_compat_msghdr+0x514/0x750 [ 1617.325944][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1617.331002][T18689] ___sys_recvmsg+0x19d/0x870 [ 1617.336046][T18689] do_recvmmsg+0x63a/0x10a0 [ 1617.340703][T18689] __sys_recvmmsg+0x113/0x450 [ 1617.345731][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1617.352163][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1617.357522][T18689] do_fast_syscall_32+0x33/0x70 [ 1617.362736][T18689] do_SYSENTER_32+0x1b/0x20 [ 1617.367406][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1617.374161][T18689] [ 1617.376565][T18689] Uninit was stored to memory at: [ 1617.381826][T18689] __get_compat_msghdr+0x514/0x750 [ 1617.387296][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1617.392519][T18689] ___sys_recvmsg+0x19d/0x870 [ 1617.397357][T18689] do_recvmmsg+0x63a/0x10a0 [ 1617.402025][T18689] __sys_recvmmsg+0x113/0x450 [ 1617.407091][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1617.413628][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1617.418835][T18689] do_fast_syscall_32+0x33/0x70 [ 1617.424071][T18689] do_SYSENTER_32+0x1b/0x20 [ 1617.428745][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1617.435500][T18689] [ 1617.437897][T18689] Uninit was stored to memory at: [ 1617.443329][T18689] __get_compat_msghdr+0x514/0x750 [ 1617.448679][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1617.453945][T18689] ___sys_recvmsg+0x19d/0x870 [ 1617.458788][T18689] do_recvmmsg+0x63a/0x10a0 [ 1617.463630][T18689] __sys_recvmmsg+0x113/0x450 [ 1617.468464][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1617.475014][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1617.480206][T18689] do_fast_syscall_32+0x33/0x70 [ 1617.485423][T18689] do_SYSENTER_32+0x1b/0x20 [ 1617.490084][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1617.496851][T18689] [ 1617.499263][T18689] Uninit was stored to memory at: [ 1617.504611][T18689] __get_compat_msghdr+0x514/0x750 [ 1617.509936][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1617.515206][T18689] ___sys_recvmsg+0x19d/0x870 [ 1617.520058][T18689] do_recvmmsg+0x63a/0x10a0 [ 1617.524895][T18689] __sys_recvmmsg+0x113/0x450 [ 1617.529729][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1617.536344][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1617.541533][T18689] do_fast_syscall_32+0x33/0x70 [ 1617.546777][T18689] do_SYSENTER_32+0x1b/0x20 [ 1617.551470][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1617.558252][T18689] [ 1617.560677][T18689] Uninit was stored to memory at: [ 1617.566132][T18689] __get_compat_msghdr+0x514/0x750 [ 1617.571428][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1617.576694][T18689] ___sys_recvmsg+0x19d/0x870 [ 1617.581547][T18689] do_recvmmsg+0x63a/0x10a0 [ 1617.586408][T18689] __sys_recvmmsg+0x113/0x450 [ 1617.591246][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1617.597875][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1617.603177][T18689] do_fast_syscall_32+0x33/0x70 [ 1617.608189][T18689] do_SYSENTER_32+0x1b/0x20 [ 1617.613050][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1617.619601][T18689] [ 1617.622005][T18689] Uninit was stored to memory at: [ 1617.627457][T18689] __get_compat_msghdr+0x514/0x750 [ 1617.632886][T18689] get_compat_msghdr+0x8c/0x1c0 [ 1617.637945][T18689] ___sys_recvmsg+0x19d/0x870 [ 1617.642963][T18689] do_recvmmsg+0x63a/0x10a0 [ 1617.647628][T18689] __sys_recvmmsg+0x113/0x450 [ 1617.652640][T18689] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1617.659069][T18689] __do_fast_syscall_32+0x95/0xf0 [ 1617.664380][T18689] do_fast_syscall_32+0x33/0x70 [ 1617.669385][T18689] do_SYSENTER_32+0x1b/0x20 [ 1617.674225][T18689] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1617.680787][T18689] [ 1617.683374][T18689] Local variable msg_sys created at: [ 1617.688761][T18689] do_recvmmsg+0x5f/0x10a0 [ 1617.693533][T18689] __sys_recvmmsg+0x113/0x450 02:34:46 executing program 2: syz_open_dev$loop(0x0, 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) r1 = memfd_create(&(0x7f0000000480)='\x02\a\xc5(\xec[r\xe1:', 0x0) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, 0xffffffffffffffff, 0x0, 0x24002da8) write$binfmt_script(r1, 0x0, 0x143) ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000200)={0x2400, {0x12}, 0x0, {}, 0xfffffffd, 0x0, 0x0, 0x8, "2bf7b4965238ac7fee648ebd17b263d0bbc2097203d244823975b9f37a5645516bb851bf29c2ec5252ad0dc236dc814b8d6cf05e51e312f6897c353cb4dc1ff2", "b894653ed35f352d585219cdc003000000209163966d2681d88940b154dfaa8e"}) inotify_init1(0x800) ioctl$LOOP_CLR_FD(r0, 0x4c01) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, 0x0, 0x0, 0x2, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x10, r2, 0x0) 02:34:46 executing program 1: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) 02:34:46 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) timer_create(0x3, &(0x7f0000000040)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) read$FUSE(r0, &(0x7f00000039c0)={0x2020}, 0x2020) signalfd4(r0, &(0x7f00000000c0)={[0xffffffffffffeb3e]}, 0x8, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000140)={{}, {0x0, r1+60000000}}, 0x0) timer_settime(0x0, 0xffffffffffffffff, &(0x7f0000000080)={{0x77359400}, {0x0, 0x9}}, 0x0) 02:34:46 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) mknod(&(0x7f0000000180)='./file0\x00', 0x1000, 0x0) open$dir(&(0x7f00000004c0)='./file0\x00', 0x0, 0x0) dup2(r1, r0) 02:34:46 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="cc", 0x1) 02:34:46 executing program 5: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x2, &(0x7f00000000c0)=0x0) syz_clone3(&(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001a80)=[r1, 0x0], 0x2}, 0x58) 02:34:46 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) timer_create(0x3, &(0x7f0000000040)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) read$FUSE(r0, &(0x7f00000039c0)={0x2020}, 0x2020) signalfd4(r0, &(0x7f00000000c0)={[0xffffffffffffeb3e]}, 0x8, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000140)={{}, {0x0, r1+60000000}}, 0x0) timer_settime(0x0, 0xffffffffffffffff, &(0x7f0000000080)={{0x77359400}, {0x0, 0x9}}, 0x0) 02:34:47 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x1ff, 0x101, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)="cc7375fa1e0300740000000000200000000009009a1b92ae66a1b6276e36c19b31b72b4253d09a7ccd5b56289c893bc44d9d3f9d215bbd82cd10416be7030223703f63382214881d4d068d3cb28d4a62803d778378632752ceae46abe7d8290e5c94ec75560cd288db74211353e2239e1b85adb6ef826f6d55194bd24b3e8611b045985277d334371165e1d35c6ca07c86c0bfab084ea55b5144dd4a0daad4005549ae9a5c32b9af60b0d1372afb9fa646a9fb387cf94d8581b2308d55d728344a48dc73fb2c8e03bfc93107687dfcf9521924f4b680bbacc7300200000061216a6f97cb61aa20dcc4520000000000000000ffa795bc5023e90edcad61c90fa01488dcbad57c1fb013d10d7efd62ec6eee1a445aec29685841618eedd85f08eadf91bb8bb45fc478f84788d5e7c075e38758e0a108624822954e5df8198df73161eede285de1512590e8ff5959d8d4b8", &(0x7f0000000000), 0x2b1, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001700)='I', 0x0, 0x2, r0}, 0x38) 02:34:47 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) mknod(&(0x7f0000000180)='./file0\x00', 0x1000, 0x0) open$dir(&(0x7f00000004c0)='./file0\x00', 0x0, 0x0) dup2(r1, r0) 02:34:47 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x3, 0x4, &(0x7f0000000240)=@framed={{}, [@alu={0x8000000201a7fe3, 0x0, 0x7, 0x61, 0x0, 0x2d}]}, &(0x7f0000000000)='GPL\x00', 0x5, 0x3e2, &(0x7f00001a7f05)=""/251}, 0x34) 02:34:47 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x1ff, 0x101, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)="cc7375fa1e0300740000000000200000000009009a1b92ae66a1b6276e36c19b31b72b4253d09a7ccd5b56289c893bc44d9d3f9d215bbd82cd10416be7030223703f63382214881d4d068d3cb28d4a62803d778378632752ceae46abe7d8290e5c94ec75560cd288db74211353e2239e1b85adb6ef826f6d55194bd24b3e8611b045985277d334371165e1d35c6ca07c86c0bfab084ea55b5144dd4a0daad4005549ae9a5c32b9af60b0d1372afb9fa646a9fb387cf94d8581b2308d55d728344a48dc73fb2c8e03bfc93107687dfcf9521924f4b680bbacc7300200000061216a6f97cb61aa20dcc4520000000000000000ffa795bc5023e90edcad61c90fa01488dcbad57c1fb013d10d7efd62ec6eee1a445aec29685841618eedd85f08eadf91bb8bb45fc478f84788d5e7c075e38758e0a108624822954e5df8198df73161eede285de1512590e8ff5959d8d4b8", &(0x7f0000000000), 0x2b1, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001700)='I', 0x0, 0x2, r0}, 0x38) 02:34:48 executing program 5: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x2, &(0x7f00000000c0)=0x0) syz_clone3(&(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001a80)=[r1, 0x0], 0x2}, 0x58) 02:34:48 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x3, 0x4, &(0x7f0000000240)=@framed={{}, [@alu={0x8000000201a7fe3, 0x0, 0x7, 0x61, 0x0, 0x2d}]}, &(0x7f0000000000)='GPL\x00', 0x5, 0x3e2, &(0x7f00001a7f05)=""/251}, 0x34) [ 1624.322898][ T6895] unregister_netdevice: waiting for wlan1 to become free. Usage count = 2 02:34:54 executing program 1: syz_open_procfs$namespace(0x0, 0x0) pipe2$watch_queue(0x0, 0x80) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x38, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@beacon=[@NL80211_ATTR_BEACON_TAIL={0x15, 0xe, [@perr={0x1c, 0xf, {0x0, 0x1, [@not_ext={{}, @device_b}]}}]}]]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000093ffef8cf56ba1f982fcaad6da5cc693dbf5aff561d045e749d5a9438097f4aec4dcf1bdc169e92e7d097dfcf5bc407bf0e509fa2a7949840ce011f3096a36d11afa833a447bae66", @ANYRES16=r0, @ANYBLOB="29032abd7000fcdbdf25"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20050881) r2 = fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) io_submit(0x0, 0x20000000000001cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.idle_time\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000440)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000400)=""/20, 0x14}], 0x2, 0x80000000, 0x0) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x103280, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f0000000300), 0x12) 02:34:54 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x1ff, 0x101, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)="cc7375fa1e0300740000000000200000000009009a1b92ae66a1b6276e36c19b31b72b4253d09a7ccd5b56289c893bc44d9d3f9d215bbd82cd10416be7030223703f63382214881d4d068d3cb28d4a62803d778378632752ceae46abe7d8290e5c94ec75560cd288db74211353e2239e1b85adb6ef826f6d55194bd24b3e8611b045985277d334371165e1d35c6ca07c86c0bfab084ea55b5144dd4a0daad4005549ae9a5c32b9af60b0d1372afb9fa646a9fb387cf94d8581b2308d55d728344a48dc73fb2c8e03bfc93107687dfcf9521924f4b680bbacc7300200000061216a6f97cb61aa20dcc4520000000000000000ffa795bc5023e90edcad61c90fa01488dcbad57c1fb013d10d7efd62ec6eee1a445aec29685841618eedd85f08eadf91bb8bb45fc478f84788d5e7c075e38758e0a108624822954e5df8198df73161eede285de1512590e8ff5959d8d4b8", &(0x7f0000000000), 0x2b1, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001700)='I', 0x0, 0x2, r0}, 0x38) 02:34:54 executing program 5: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x2, &(0x7f00000000c0)=0x0) syz_clone3(&(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001a80)=[r1, 0x0], 0x2}, 0x58) 02:34:54 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x3, 0x4, &(0x7f0000000240)=@framed={{}, [@alu={0x8000000201a7fe3, 0x0, 0x7, 0x61, 0x0, 0x2d}]}, &(0x7f0000000000)='GPL\x00', 0x5, 0x3e2, &(0x7f00001a7f05)=""/251}, 0x34) 02:34:54 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="cc", 0x1) 02:34:54 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) mknod(&(0x7f0000000180)='./file0\x00', 0x1000, 0x0) open$dir(&(0x7f00000004c0)='./file0\x00', 0x0, 0x0) dup2(r1, r0) 02:34:55 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x3, 0x4, &(0x7f0000000240)=@framed={{}, [@alu={0x8000000201a7fe3, 0x0, 0x7, 0x61, 0x0, 0x2d}]}, &(0x7f0000000000)='GPL\x00', 0x5, 0x3e2, &(0x7f00001a7f05)=""/251}, 0x34) 02:34:55 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x1ff, 0x101, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)="cc7375fa1e0300740000000000200000000009009a1b92ae66a1b6276e36c19b31b72b4253d09a7ccd5b56289c893bc44d9d3f9d215bbd82cd10416be7030223703f63382214881d4d068d3cb28d4a62803d778378632752ceae46abe7d8290e5c94ec75560cd288db74211353e2239e1b85adb6ef826f6d55194bd24b3e8611b045985277d334371165e1d35c6ca07c86c0bfab084ea55b5144dd4a0daad4005549ae9a5c32b9af60b0d1372afb9fa646a9fb387cf94d8581b2308d55d728344a48dc73fb2c8e03bfc93107687dfcf9521924f4b680bbacc7300200000061216a6f97cb61aa20dcc4520000000000000000ffa795bc5023e90edcad61c90fa01488dcbad57c1fb013d10d7efd62ec6eee1a445aec29685841618eedd85f08eadf91bb8bb45fc478f84788d5e7c075e38758e0a108624822954e5df8198df73161eede285de1512590e8ff5959d8d4b8", &(0x7f0000000000), 0x2b1, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001700)='I', 0x0, 0x2, r0}, 0x38) 02:34:55 executing program 5: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x2, &(0x7f00000000c0)=0x0) syz_clone3(&(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001a80)=[r1, 0x0], 0x2}, 0x58) 02:34:56 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x2, &(0x7f00000000c0)=0x0) syz_clone3(&(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001a80)=[r1, 0x0], 0x2}, 0x58) 02:34:56 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x1ff, 0x101, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)="cc7375fa1e0300740000000000200000000009009a1b92ae66a1b6276e36c19b31b72b4253d09a7ccd5b56289c893bc44d9d3f9d215bbd82cd10416be7030223703f63382214881d4d068d3cb28d4a62803d778378632752ceae46abe7d8290e5c94ec75560cd288db74211353e2239e1b85adb6ef826f6d55194bd24b3e8611b045985277d334371165e1d35c6ca07c86c0bfab084ea55b5144dd4a0daad4005549ae9a5c32b9af60b0d1372afb9fa646a9fb387cf94d8581b2308d55d728344a48dc73fb2c8e03bfc93107687dfcf9521924f4b680bbacc7300200000061216a6f97cb61aa20dcc4520000000000000000ffa795bc5023e90edcad61c90fa01488dcbad57c1fb013d10d7efd62ec6eee1a445aec29685841618eedd85f08eadf91bb8bb45fc478f84788d5e7c075e38758e0a108624822954e5df8198df73161eede285de1512590e8ff5959d8d4b8", &(0x7f0000000000), 0x2b1, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001700)='I', 0x0, 0x2, r0}, 0x38) 02:34:56 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x1ff, 0x101, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)="cc7375fa1e0300740000000000200000000009009a1b92ae66a1b6276e36c19b31b72b4253d09a7ccd5b56289c893bc44d9d3f9d215bbd82cd10416be7030223703f63382214881d4d068d3cb28d4a62803d778378632752ceae46abe7d8290e5c94ec75560cd288db74211353e2239e1b85adb6ef826f6d55194bd24b3e8611b045985277d334371165e1d35c6ca07c86c0bfab084ea55b5144dd4a0daad4005549ae9a5c32b9af60b0d1372afb9fa646a9fb387cf94d8581b2308d55d728344a48dc73fb2c8e03bfc93107687dfcf9521924f4b680bbacc7300200000061216a6f97cb61aa20dcc4520000000000000000ffa795bc5023e90edcad61c90fa01488dcbad57c1fb013d10d7efd62ec6eee1a445aec29685841618eedd85f08eadf91bb8bb45fc478f84788d5e7c075e38758e0a108624822954e5df8198df73161eede285de1512590e8ff5959d8d4b8", &(0x7f0000000000), 0x2b1, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001700)='I', 0x0, 0x2, r0}, 0x38) [ 1631.182620][ T1196] ieee802154 phy0 wpan0: encryption failed: -22 [ 1631.189324][ T1196] ieee802154 phy1 wpan1: encryption failed: -22 02:35:06 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x1ff, 0x101, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)="cc7375fa1e0300740000000000200000000009009a1b92ae66a1b6276e36c19b31b72b4253d09a7ccd5b56289c893bc44d9d3f9d215bbd82cd10416be7030223703f63382214881d4d068d3cb28d4a62803d778378632752ceae46abe7d8290e5c94ec75560cd288db74211353e2239e1b85adb6ef826f6d55194bd24b3e8611b045985277d334371165e1d35c6ca07c86c0bfab084ea55b5144dd4a0daad4005549ae9a5c32b9af60b0d1372afb9fa646a9fb387cf94d8581b2308d55d728344a48dc73fb2c8e03bfc93107687dfcf9521924f4b680bbacc7300200000061216a6f97cb61aa20dcc4520000000000000000ffa795bc5023e90edcad61c90fa01488dcbad57c1fb013d10d7efd62ec6eee1a445aec29685841618eedd85f08eadf91bb8bb45fc478f84788d5e7c075e38758e0a108624822954e5df8198df73161eede285de1512590e8ff5959d8d4b8", &(0x7f0000000000), 0x2b1, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001700)='I', 0x0, 0x2, r0}, 0x38) 02:35:06 executing program 2: r0 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r0, &(0x7f0000000000)={0x2a, 0x1, 0x7ffe}, 0xc) 02:35:06 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x1ff, 0x101, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)="cc7375fa1e0300740000000000200000000009009a1b92ae66a1b6276e36c19b31b72b4253d09a7ccd5b56289c893bc44d9d3f9d215bbd82cd10416be7030223703f63382214881d4d068d3cb28d4a62803d778378632752ceae46abe7d8290e5c94ec75560cd288db74211353e2239e1b85adb6ef826f6d55194bd24b3e8611b045985277d334371165e1d35c6ca07c86c0bfab084ea55b5144dd4a0daad4005549ae9a5c32b9af60b0d1372afb9fa646a9fb387cf94d8581b2308d55d728344a48dc73fb2c8e03bfc93107687dfcf9521924f4b680bbacc7300200000061216a6f97cb61aa20dcc4520000000000000000ffa795bc5023e90edcad61c90fa01488dcbad57c1fb013d10d7efd62ec6eee1a445aec29685841618eedd85f08eadf91bb8bb45fc478f84788d5e7c075e38758e0a108624822954e5df8198df73161eede285de1512590e8ff5959d8d4b8", &(0x7f0000000000), 0x2b1, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001700)='I', 0x0, 0x2, r0}, 0x38) 02:35:06 executing program 5: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) 02:35:06 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x2, &(0x7f00000000c0)=0x0) syz_clone3(&(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001a80)=[r1, 0x0], 0x2}, 0x58) 02:35:06 executing program 1: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000000000408c0d220000000000000109022400010800000009040000090300000009210000000122090009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x24, 0x0, 0x0, &(0x7f0000000e40)={0x0, 0x22, 0x9, {[@local=@item_012={0x2, 0x2, 0x0, "b294"}, @main=@item_012={0x2, 0x0, 0x9, "d450"}, @main=@item_012={0x2, 0x0, 0x0, "ee30"}]}}, 0x0}, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x40, 0x0) ioctl$EVIOCGKEYCODE(r1, 0x80284504, &(0x7f0000000080)) 02:35:06 executing program 2: r0 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r0, &(0x7f0000000000)={0x2a, 0x1, 0x7ffe}, 0xc) 02:35:06 executing program 5: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) 02:35:06 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x1ff, 0x101, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)="cc7375fa1e0300740000000000200000000009009a1b92ae66a1b6276e36c19b31b72b4253d09a7ccd5b56289c893bc44d9d3f9d215bbd82cd10416be7030223703f63382214881d4d068d3cb28d4a62803d778378632752ceae46abe7d8290e5c94ec75560cd288db74211353e2239e1b85adb6ef826f6d55194bd24b3e8611b045985277d334371165e1d35c6ca07c86c0bfab084ea55b5144dd4a0daad4005549ae9a5c32b9af60b0d1372afb9fa646a9fb387cf94d8581b2308d55d728344a48dc73fb2c8e03bfc93107687dfcf9521924f4b680bbacc7300200000061216a6f97cb61aa20dcc4520000000000000000ffa795bc5023e90edcad61c90fa01488dcbad57c1fb013d10d7efd62ec6eee1a445aec29685841618eedd85f08eadf91bb8bb45fc478f84788d5e7c075e38758e0a108624822954e5df8198df73161eede285de1512590e8ff5959d8d4b8", &(0x7f0000000000), 0x2b1, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001700)='I', 0x0, 0x2, r0}, 0x38) 02:35:06 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x1ff, 0x101, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)="cc7375fa1e0300740000000000200000000009009a1b92ae66a1b6276e36c19b31b72b4253d09a7ccd5b56289c893bc44d9d3f9d215bbd82cd10416be7030223703f63382214881d4d068d3cb28d4a62803d778378632752ceae46abe7d8290e5c94ec75560cd288db74211353e2239e1b85adb6ef826f6d55194bd24b3e8611b045985277d334371165e1d35c6ca07c86c0bfab084ea55b5144dd4a0daad4005549ae9a5c32b9af60b0d1372afb9fa646a9fb387cf94d8581b2308d55d728344a48dc73fb2c8e03bfc93107687dfcf9521924f4b680bbacc7300200000061216a6f97cb61aa20dcc4520000000000000000ffa795bc5023e90edcad61c90fa01488dcbad57c1fb013d10d7efd62ec6eee1a445aec29685841618eedd85f08eadf91bb8bb45fc478f84788d5e7c075e38758e0a108624822954e5df8198df73161eede285de1512590e8ff5959d8d4b8", &(0x7f0000000000), 0x2b1, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001700)='I', 0x0, 0x2, r0}, 0x38) 02:35:06 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x2, &(0x7f00000000c0)=0x0) syz_clone3(&(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001a80)=[r1, 0x0], 0x2}, 0x58) 02:35:07 executing program 5: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) 02:35:07 executing program 2: r0 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r0, &(0x7f0000000000)={0x2a, 0x1, 0x7ffe}, 0xc) 02:35:07 executing program 3: syz_mount_image$fuse(0x0, &(0x7f0000000c40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, 0x0, 0x3) 02:35:07 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x80, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) recvmmsg(0xffffffffffffffff, 0x0, 0xfffffffffffffe6f, 0x40002000, 0x0) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) getsockopt$inet_tcp_buf(r0, 0x6, 0xb, 0x0, &(0x7f0000000140)) 02:35:07 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x10, 0x9, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x2f}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:35:07 executing program 5: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) [ 1648.083522][T14003] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 1648.453592][T14003] usb 2-1: config 8 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1648.465284][T14003] usb 2-1: config 8 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1648.475529][T14003] usb 2-1: config 8 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1648.488788][T14003] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 1648.498344][T14003] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 02:35:16 executing program 3: syz_mount_image$fuse(0x0, &(0x7f0000000c40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, 0x0, 0x3) 02:35:16 executing program 2: r0 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r0, &(0x7f0000000000)={0x2a, 0x1, 0x7ffe}, 0xc) 02:35:16 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x10, 0x9, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x2f}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:35:16 executing program 5: syz_mount_image$fuse(0x0, &(0x7f0000000c40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, 0x0, 0x3) [ 1648.654145][T14003] usb 2-1: can't set config #8, error -71 [ 1648.668031][T14003] usb 2-1: USB disconnect, device number 9 02:35:16 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x80, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) recvmmsg(0xffffffffffffffff, 0x0, 0xfffffffffffffe6f, 0x40002000, 0x0) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) getsockopt$inet_tcp_buf(r0, 0x6, 0xb, 0x0, &(0x7f0000000140)) 02:35:16 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x80, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) recvmmsg(0xffffffffffffffff, 0x0, 0xfffffffffffffe6f, 0x40002000, 0x0) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) getsockopt$inet_tcp_buf(r0, 0x6, 0xb, 0x0, &(0x7f0000000140)) 02:35:17 executing program 5: syz_mount_image$fuse(0x0, &(0x7f0000000c40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, 0x0, 0x3) 02:35:17 executing program 3: syz_mount_image$fuse(0x0, &(0x7f0000000c40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, 0x0, 0x3) 02:35:17 executing program 2: r0 = memfd_create(&(0x7f00000000c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4T\xc0\xd9\x05\x00\x00\x00i\xe4^\xd5\xfd\xa9\r\xac7A\x94\x03\xce\t\x00\x90k\xd6\x05\rP7\x1c\b\x8c`\xea\x13A\x81m\xb6&\xd0\x9d\x15\x00\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99\xc0\x8b\x19W\xb7R~d\xcb:\b\x1eS\xb7\xb4\xee\xa8\xf7\xbe zA\xe3\xd4\xcb\xde\x90]\xa5\xd8\x99h\x05\x9044\'\xadLLj(\xe5gB\x1e\xe9\x0f\x86u\t\xb3FF\x00\xe2/\x1d\x89\xf93\rs\xb7\xd9\x7f\x8e\xd3I0\x16\xab\xacJ\xbe\x1d=\x90g\xce\"x\xc4\x01\xff\xc29\xfd\xe76\xdc}\xfb\xc6\x90\xde\xbd\xb6T\x7f\x9b\xcd\xc3\xf0\xfe\x17\xcc\xbae\xc1)\xfc=)\x99/', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa601, 0x2012, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mincore(&(0x7f00002a7000/0x2000)=nil, 0x2000, 0x0) 02:35:17 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x10, 0x9, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x2f}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:35:17 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x10, 0x9, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0x2f}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:35:17 executing program 3: syz_mount_image$fuse(0x0, &(0x7f0000000c40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, 0x0, 0x3) 02:35:17 executing program 5: syz_mount_image$fuse(0x0, &(0x7f0000000c40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, 0x0, 0x3) 02:35:17 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x80, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) recvmmsg(0xffffffffffffffff, 0x0, 0xfffffffffffffe6f, 0x40002000, 0x0) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) getsockopt$inet_tcp_buf(r0, 0x6, 0xb, 0x0, &(0x7f0000000140)) 02:35:18 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x0, 0x0, @dev, 0xfffff1b9}], 0x2c) 02:35:18 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r2, 0x89f0, &(0x7f0000000080)={'bridge0\x00', @ifru_data=&(0x7f0000000000)="1000000000000000770000000005002b4ed3fbb8155d6e92000000001a0700"}) 02:35:18 executing program 5: syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "f51565", 0x0, 0x84, 0x0, @local, @mcast2}}}}, 0x0) 02:35:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x80, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) recvmmsg(0xffffffffffffffff, 0x0, 0xfffffffffffffe6f, 0x40002000, 0x0) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) getsockopt$inet_tcp_buf(r0, 0x6, 0xb, 0x0, &(0x7f0000000140)) 02:35:31 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x80, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) recvmmsg(0xffffffffffffffff, 0x0, 0xfffffffffffffe6f, 0x40002000, 0x0) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) getsockopt$inet_tcp_buf(r0, 0x6, 0xb, 0x0, &(0x7f0000000140)) 02:35:31 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x0, 0x0, @dev, 0xfffff1b9}], 0x2c) 02:35:31 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r2, 0x89f0, &(0x7f0000000080)={'bridge0\x00', @ifru_data=&(0x7f0000000000)="1000000000000000770000000005002b4ed3fbb8155d6e92000000001a0700"}) 02:35:31 executing program 5: syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "f51565", 0x0, 0x84, 0x0, @local, @mcast2}}}}, 0x0) 02:35:31 executing program 2: r0 = memfd_create(&(0x7f00000000c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4T\xc0\xd9\x05\x00\x00\x00i\xe4^\xd5\xfd\xa9\r\xac7A\x94\x03\xce\t\x00\x90k\xd6\x05\rP7\x1c\b\x8c`\xea\x13A\x81m\xb6&\xd0\x9d\x15\x00\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99\xc0\x8b\x19W\xb7R~d\xcb:\b\x1eS\xb7\xb4\xee\xa8\xf7\xbe zA\xe3\xd4\xcb\xde\x90]\xa5\xd8\x99h\x05\x9044\'\xadLLj(\xe5gB\x1e\xe9\x0f\x86u\t\xb3FF\x00\xe2/\x1d\x89\xf93\rs\xb7\xd9\x7f\x8e\xd3I0\x16\xab\xacJ\xbe\x1d=\x90g\xce\"x\xc4\x01\xff\xc29\xfd\xe76\xdc}\xfb\xc6\x90\xde\xbd\xb6T\x7f\x9b\xcd\xc3\xf0\xfe\x17\xcc\xbae\xc1)\xfc=)\x99/', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa601, 0x2012, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mincore(&(0x7f00002a7000/0x2000)=nil, 0x2000, 0x0) 02:35:31 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x0, 0x0, @dev, 0xfffff1b9}], 0x2c) 02:35:31 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r2, 0x89f0, &(0x7f0000000080)={'bridge0\x00', @ifru_data=&(0x7f0000000000)="1000000000000000770000000005002b4ed3fbb8155d6e92000000001a0700"}) 02:35:31 executing program 5: syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "f51565", 0x0, 0x84, 0x0, @local, @mcast2}}}}, 0x0) 02:35:32 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x0, 0x0, @dev, 0xfffff1b9}], 0x2c) 02:35:32 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r2, 0x89f0, &(0x7f0000000080)={'bridge0\x00', @ifru_data=&(0x7f0000000000)="1000000000000000770000000005002b4ed3fbb8155d6e92000000001a0700"}) 02:35:32 executing program 5: syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "f51565", 0x0, 0x84, 0x0, @local, @mcast2}}}}, 0x0) 02:35:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x80, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) recvmmsg(0xffffffffffffffff, 0x0, 0xfffffffffffffe6f, 0x40002000, 0x0) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) getsockopt$inet_tcp_buf(r0, 0x6, 0xb, 0x0, &(0x7f0000000140)) 02:35:41 executing program 4: r0 = memfd_create(&(0x7f00000000c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4T\xc0\xd9\x05\x00\x00\x00i\xe4^\xd5\xfd\xa9\r\xac7A\x94\x03\xce\t\x00\x90k\xd6\x05\rP7\x1c\b\x8c`\xea\x13A\x81m\xb6&\xd0\x9d\x15\x00\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99\xc0\x8b\x19W\xb7R~d\xcb:\b\x1eS\xb7\xb4\xee\xa8\xf7\xbe zA\xe3\xd4\xcb\xde\x90]\xa5\xd8\x99h\x05\x9044\'\xadLLj(\xe5gB\x1e\xe9\x0f\x86u\t\xb3FF\x00\xe2/\x1d\x89\xf93\rs\xb7\xd9\x7f\x8e\xd3I0\x16\xab\xacJ\xbe\x1d=\x90g\xce\"x\xc4\x01\xff\xc29\xfd\xe76\xdc}\xfb\xc6\x90\xde\xbd\xb6T\x7f\x9b\xcd\xc3\xf0\xfe\x17\xcc\xbae\xc1)\xfc=)\x99/', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa601, 0x2012, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mincore(&(0x7f00002a7000/0x2000)=nil, 0x2000, 0x0) 02:35:41 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) 02:35:41 executing program 0: r0 = memfd_create(&(0x7f00000000c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4T\xc0\xd9\x05\x00\x00\x00i\xe4^\xd5\xfd\xa9\r\xac7A\x94\x03\xce\t\x00\x90k\xd6\x05\rP7\x1c\b\x8c`\xea\x13A\x81m\xb6&\xd0\x9d\x15\x00\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99\xc0\x8b\x19W\xb7R~d\xcb:\b\x1eS\xb7\xb4\xee\xa8\xf7\xbe zA\xe3\xd4\xcb\xde\x90]\xa5\xd8\x99h\x05\x9044\'\xadLLj(\xe5gB\x1e\xe9\x0f\x86u\t\xb3FF\x00\xe2/\x1d\x89\xf93\rs\xb7\xd9\x7f\x8e\xd3I0\x16\xab\xacJ\xbe\x1d=\x90g\xce\"x\xc4\x01\xff\xc29\xfd\xe76\xdc}\xfb\xc6\x90\xde\xbd\xb6T\x7f\x9b\xcd\xc3\xf0\xfe\x17\xcc\xbae\xc1)\xfc=)\x99/', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa601, 0x2012, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mincore(&(0x7f00002a7000/0x2000)=nil, 0x2000, 0x0) 02:35:41 executing program 5: syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040000000000000180000001f0000000200000002000000020000000100000018", 0x45, 0x400}, {&(0x7f0000000500)="000000000800000000000000fff929c4821e4141057a76d0c724a749000000000000000000000000000000020000002d2dec81b235ee4a185e49f50b709a94305cf7cd6b44f5b06ed88df1eb83fa1f75a9812e702513226757b530993413", 0x5e, 0xc80}], 0x0, &(0x7f0000014500)) 02:35:41 executing program 2: r0 = memfd_create(&(0x7f00000000c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4T\xc0\xd9\x05\x00\x00\x00i\xe4^\xd5\xfd\xa9\r\xac7A\x94\x03\xce\t\x00\x90k\xd6\x05\rP7\x1c\b\x8c`\xea\x13A\x81m\xb6&\xd0\x9d\x15\x00\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99\xc0\x8b\x19W\xb7R~d\xcb:\b\x1eS\xb7\xb4\xee\xa8\xf7\xbe zA\xe3\xd4\xcb\xde\x90]\xa5\xd8\x99h\x05\x9044\'\xadLLj(\xe5gB\x1e\xe9\x0f\x86u\t\xb3FF\x00\xe2/\x1d\x89\xf93\rs\xb7\xd9\x7f\x8e\xd3I0\x16\xab\xacJ\xbe\x1d=\x90g\xce\"x\xc4\x01\xff\xc29\xfd\xe76\xdc}\xfb\xc6\x90\xde\xbd\xb6T\x7f\x9b\xcd\xc3\xf0\xfe\x17\xcc\xbae\xc1)\xfc=)\x99/', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa601, 0x2012, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mincore(&(0x7f00002a7000/0x2000)=nil, 0x2000, 0x0) [ 1674.027037][T19432] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 02:35:42 executing program 5: syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040000000000000180000001f0000000200000002000000020000000100000018", 0x45, 0x400}, {&(0x7f0000000500)="000000000800000000000000fff929c4821e4141057a76d0c724a749000000000000000000000000000000020000002d2dec81b235ee4a185e49f50b709a94305cf7cd6b44f5b06ed88df1eb83fa1f75a9812e702513226757b530993413", 0x5e, 0xc80}], 0x0, &(0x7f0000014500)) 02:35:42 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) 02:35:42 executing program 5: syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040000000000000180000001f0000000200000002000000020000000100000018", 0x45, 0x400}, {&(0x7f0000000500)="000000000800000000000000fff929c4821e4141057a76d0c724a749000000000000000000000000000000020000002d2dec81b235ee4a185e49f50b709a94305cf7cd6b44f5b06ed88df1eb83fa1f75a9812e702513226757b530993413", 0x5e, 0xc80}], 0x0, &(0x7f0000014500)) [ 1674.875111][T19443] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 02:35:43 executing program 5: syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040000000000000180000001f0000000200000002000000020000000100000018", 0x45, 0x400}, {&(0x7f0000000500)="000000000800000000000000fff929c4821e4141057a76d0c724a749000000000000000000000000000000020000002d2dec81b235ee4a185e49f50b709a94305cf7cd6b44f5b06ed88df1eb83fa1f75a9812e702513226757b530993413", 0x5e, 0xc80}], 0x0, &(0x7f0000014500)) 02:35:43 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) [ 1675.969099][T19457] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 02:35:44 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) [ 1676.596246][T19465] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. 02:35:56 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) 02:35:56 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) 02:35:56 executing program 2: r0 = memfd_create(&(0x7f00000000c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4T\xc0\xd9\x05\x00\x00\x00i\xe4^\xd5\xfd\xa9\r\xac7A\x94\x03\xce\t\x00\x90k\xd6\x05\rP7\x1c\b\x8c`\xea\x13A\x81m\xb6&\xd0\x9d\x15\x00\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99\xc0\x8b\x19W\xb7R~d\xcb:\b\x1eS\xb7\xb4\xee\xa8\xf7\xbe zA\xe3\xd4\xcb\xde\x90]\xa5\xd8\x99h\x05\x9044\'\xadLLj(\xe5gB\x1e\xe9\x0f\x86u\t\xb3FF\x00\xe2/\x1d\x89\xf93\rs\xb7\xd9\x7f\x8e\xd3I0\x16\xab\xacJ\xbe\x1d=\x90g\xce\"x\xc4\x01\xff\xc29\xfd\xe76\xdc}\xfb\xc6\x90\xde\xbd\xb6T\x7f\x9b\xcd\xc3\xf0\xfe\x17\xcc\xbae\xc1)\xfc=)\x99/', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa601, 0x2012, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mincore(&(0x7f00002a7000/0x2000)=nil, 0x2000, 0x0) 02:35:56 executing program 4: r0 = memfd_create(&(0x7f00000000c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4T\xc0\xd9\x05\x00\x00\x00i\xe4^\xd5\xfd\xa9\r\xac7A\x94\x03\xce\t\x00\x90k\xd6\x05\rP7\x1c\b\x8c`\xea\x13A\x81m\xb6&\xd0\x9d\x15\x00\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99\xc0\x8b\x19W\xb7R~d\xcb:\b\x1eS\xb7\xb4\xee\xa8\xf7\xbe zA\xe3\xd4\xcb\xde\x90]\xa5\xd8\x99h\x05\x9044\'\xadLLj(\xe5gB\x1e\xe9\x0f\x86u\t\xb3FF\x00\xe2/\x1d\x89\xf93\rs\xb7\xd9\x7f\x8e\xd3I0\x16\xab\xacJ\xbe\x1d=\x90g\xce\"x\xc4\x01\xff\xc29\xfd\xe76\xdc}\xfb\xc6\x90\xde\xbd\xb6T\x7f\x9b\xcd\xc3\xf0\xfe\x17\xcc\xbae\xc1)\xfc=)\x99/', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa601, 0x2012, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mincore(&(0x7f00002a7000/0x2000)=nil, 0x2000, 0x0) 02:35:56 executing program 0: r0 = memfd_create(&(0x7f00000000c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4T\xc0\xd9\x05\x00\x00\x00i\xe4^\xd5\xfd\xa9\r\xac7A\x94\x03\xce\t\x00\x90k\xd6\x05\rP7\x1c\b\x8c`\xea\x13A\x81m\xb6&\xd0\x9d\x15\x00\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99\xc0\x8b\x19W\xb7R~d\xcb:\b\x1eS\xb7\xb4\xee\xa8\xf7\xbe zA\xe3\xd4\xcb\xde\x90]\xa5\xd8\x99h\x05\x9044\'\xadLLj(\xe5gB\x1e\xe9\x0f\x86u\t\xb3FF\x00\xe2/\x1d\x89\xf93\rs\xb7\xd9\x7f\x8e\xd3I0\x16\xab\xacJ\xbe\x1d=\x90g\xce\"x\xc4\x01\xff\xc29\xfd\xe76\xdc}\xfb\xc6\x90\xde\xbd\xb6T\x7f\x9b\xcd\xc3\xf0\xfe\x17\xcc\xbae\xc1)\xfc=)\x99/', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa601, 0x2012, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mincore(&(0x7f00002a7000/0x2000)=nil, 0x2000, 0x0) [ 1688.621248][T19594] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 02:35:56 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) [ 1688.875589][T19596] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. 02:35:57 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) 02:35:57 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) [ 1689.623244][T19606] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1690.020249][T19613] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. 02:35:58 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) 02:35:58 executing program 5: syz_clone(0x40000000, 0x0, 0x30, 0x0, 0x0, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000180), 0x0) [ 1690.888641][T19622] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 02:35:59 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) [ 1691.940559][T19633] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 02:36:00 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in6=@empty, 0x0, 0x0, 0x33}, [@mark={0xc}]}, 0x34}}, 0x0) 02:36:00 executing program 3: r0 = epoll_create(0x2) r1 = io_uring_setup(0x2858, &(0x7f0000000a80)) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0xfffffffd, 0x0, 0x0) r2 = dup(r0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380)={0x1000000c}) 02:36:00 executing program 0: r0 = memfd_create(&(0x7f00000000c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4T\xc0\xd9\x05\x00\x00\x00i\xe4^\xd5\xfd\xa9\r\xac7A\x94\x03\xce\t\x00\x90k\xd6\x05\rP7\x1c\b\x8c`\xea\x13A\x81m\xb6&\xd0\x9d\x15\x00\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99\xc0\x8b\x19W\xb7R~d\xcb:\b\x1eS\xb7\xb4\xee\xa8\xf7\xbe zA\xe3\xd4\xcb\xde\x90]\xa5\xd8\x99h\x05\x9044\'\xadLLj(\xe5gB\x1e\xe9\x0f\x86u\t\xb3FF\x00\xe2/\x1d\x89\xf93\rs\xb7\xd9\x7f\x8e\xd3I0\x16\xab\xacJ\xbe\x1d=\x90g\xce\"x\xc4\x01\xff\xc29\xfd\xe76\xdc}\xfb\xc6\x90\xde\xbd\xb6T\x7f\x9b\xcd\xc3\xf0\xfe\x17\xcc\xbae\xc1)\xfc=)\x99/', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa601, 0x2012, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mincore(&(0x7f00002a7000/0x2000)=nil, 0x2000, 0x0) [ 1692.623894][ T1196] ieee802154 phy0 wpan0: encryption failed: -22 [ 1692.630587][ T1196] ieee802154 phy1 wpan1: encryption failed: -22 [ 1692.658353][ T1196] aoe: packet could not be sent on ipvlan0. consider increasing tx_queue_len [ 1692.667650][ T1196] aoe: packet could not be sent on ipvlan1. consider increasing tx_queue_len 02:36:00 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in6=@empty, 0x0, 0x0, 0x33}, [@mark={0xc}]}, 0x34}}, 0x0) 02:36:01 executing program 4: r0 = memfd_create(&(0x7f00000000c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4T\xc0\xd9\x05\x00\x00\x00i\xe4^\xd5\xfd\xa9\r\xac7A\x94\x03\xce\t\x00\x90k\xd6\x05\rP7\x1c\b\x8c`\xea\x13A\x81m\xb6&\xd0\x9d\x15\x00\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99\xc0\x8b\x19W\xb7R~d\xcb:\b\x1eS\xb7\xb4\xee\xa8\xf7\xbe zA\xe3\xd4\xcb\xde\x90]\xa5\xd8\x99h\x05\x9044\'\xadLLj(\xe5gB\x1e\xe9\x0f\x86u\t\xb3FF\x00\xe2/\x1d\x89\xf93\rs\xb7\xd9\x7f\x8e\xd3I0\x16\xab\xacJ\xbe\x1d=\x90g\xce\"x\xc4\x01\xff\xc29\xfd\xe76\xdc}\xfb\xc6\x90\xde\xbd\xb6T\x7f\x9b\xcd\xc3\xf0\xfe\x17\xcc\xbae\xc1)\xfc=)\x99/', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa601, 0x2012, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) mincore(&(0x7f00002a7000/0x2000)=nil, 0x2000, 0x0) 02:36:01 executing program 3: r0 = epoll_create(0x2) r1 = io_uring_setup(0x2858, &(0x7f0000000a80)) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0xfffffffd, 0x0, 0x0) r2 = dup(r0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380)={0x1000000c}) 02:36:11 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) 02:36:11 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in6=@empty, 0x0, 0x0, 0x33}, [@mark={0xc}]}, 0x34}}, 0x0) 02:36:11 executing program 3: r0 = epoll_create(0x2) r1 = io_uring_setup(0x2858, &(0x7f0000000a80)) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0xfffffffd, 0x0, 0x0) r2 = dup(r0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380)={0x1000000c}) 02:36:11 executing program 4: r0 = epoll_create(0x2) r1 = io_uring_setup(0x2858, &(0x7f0000000a80)) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0xfffffffd, 0x0, 0x0) r2 = dup(r0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380)={0x1000000c}) 02:36:11 executing program 5: syz_clone(0x40000000, 0x0, 0x30, 0x0, 0x0, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000180), 0x0) 02:36:11 executing program 0: syz_clone(0x40000000, 0x0, 0x30, 0x0, 0x0, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000180), 0x0) 02:36:11 executing program 3: r0 = epoll_create(0x2) r1 = io_uring_setup(0x2858, &(0x7f0000000a80)) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0xfffffffd, 0x0, 0x0) r2 = dup(r0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380)={0x1000000c}) 02:36:11 executing program 4: r0 = epoll_create(0x2) r1 = io_uring_setup(0x2858, &(0x7f0000000a80)) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0xfffffffd, 0x0, 0x0) r2 = dup(r0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380)={0x1000000c}) 02:36:11 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@getsa={0x34, 0x12, 0x1, 0x0, 0x0, {@in6=@empty, 0x0, 0x0, 0x33}, [@mark={0xc}]}, 0x34}}, 0x0) 02:36:12 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r1) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ppp={{0x8}, {0xc, 0x2, 0x0, 0x1, {0x8, 0x1, r1}}}}]}, 0x38}}, 0x0) 02:36:12 executing program 4: r0 = epoll_create(0x2) r1 = io_uring_setup(0x2858, &(0x7f0000000a80)) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0xfffffffd, 0x0, 0x0) r2 = dup(r0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380)={0x1000000c}) 02:36:12 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000001c0)={'ip6gre0\x00', 0x0}) [ 1717.320745][T19891] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 02:36:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = dup3(r0, r1, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000800)="8a", 0x1}], 0x1}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000024000b0f00"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r7, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0xa, 0x0, r2, {0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}]}, 0x68}}, 0x0) 02:36:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x100, 0x0) chdir(&(0x7f0000000080)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') stat(&(0x7f0000000480)='./file0/file0\x00', 0x0) 02:36:25 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r1) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ppp={{0x8}, {0xc, 0x2, 0x0, 0x1, {0x8, 0x1, r1}}}}]}, 0x38}}, 0x0) 02:36:25 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000001c0)={'ip6gre0\x00', 0x0}) 02:36:25 executing program 5: syz_clone(0x40000000, 0x0, 0x30, 0x0, 0x0, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000180), 0x0) 02:36:25 executing program 0: syz_clone(0x40000000, 0x0, 0x30, 0x0, 0x0, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000180), 0x0) 02:36:25 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000001c0)={'ip6gre0\x00', 0x0}) 02:36:25 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r1) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ppp={{0x8}, {0xc, 0x2, 0x0, 0x1, {0x8, 0x1, r1}}}}]}, 0x38}}, 0x0) 02:36:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x100, 0x0) chdir(&(0x7f0000000080)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') stat(&(0x7f0000000480)='./file0/file0\x00', 0x0) 02:36:26 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r1) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ppp={{0x8}, {0xc, 0x2, 0x0, 0x1, {0x8, 0x1, r1}}}}]}, 0x38}}, 0x0) 02:36:26 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x100, 0x0) chdir(&(0x7f0000000080)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') stat(&(0x7f0000000480)='./file0/file0\x00', 0x0) 02:36:26 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000001c0)={'ip6gre0\x00', 0x0}) [ 1731.269161][T20033] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 02:36:39 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x100, 0x0) chdir(&(0x7f0000000080)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') stat(&(0x7f0000000480)='./file0/file0\x00', 0x0) 02:36:39 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x100, 0x0) chdir(&(0x7f0000000080)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') stat(&(0x7f0000000480)='./file0/file0\x00', 0x0) 02:36:39 executing program 2: r0 = epoll_create1(0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0xa000200e}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)={0x4}) 02:36:39 executing program 5: syz_clone(0x40000000, 0x0, 0x30, 0x0, 0x0, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000180), 0x0) 02:36:39 executing program 0: syz_clone(0x40000000, 0x0, 0x30, 0x0, 0x0, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000180), 0x0) 02:36:39 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x100, 0x0) chdir(&(0x7f0000000080)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') stat(&(0x7f0000000480)='./file0/file0\x00', 0x0) 02:36:39 executing program 2: r0 = epoll_create1(0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0xa000200e}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)={0x4}) 02:36:40 executing program 1: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) ioctl$SNDCTL_DSP_GETBLKSIZE(r0, 0xc0045004, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000100)=0x3) 02:36:40 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000200)=@acquire={0x1ac, 0x17, 0x1, 0x0, 0x0, {{@in=@empty}, @in=@dev, {@in6=@mcast1, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {{@in6=@dev, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, [@tmpl={0x84, 0x5, [{{@in6=@empty, 0x0, 0x33}, 0x0, @in=@dev}, {{@in=@multicast1, 0x0, 0x6c}, 0x0, @in=@remote}]}]}, 0x1ac}}, 0x0) 02:36:40 executing program 2: r0 = epoll_create1(0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0xa000200e}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)={0x4}) [ 1732.527136][T20061] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 02:36:40 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000200)=@acquire={0x1ac, 0x17, 0x1, 0x0, 0x0, {{@in=@empty}, @in=@dev, {@in6=@mcast1, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {{@in6=@dev, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, [@tmpl={0x84, 0x5, [{{@in6=@empty, 0x0, 0x33}, 0x0, @in=@dev}, {{@in=@multicast1, 0x0, 0x6c}, 0x0, @in=@remote}]}]}, 0x1ac}}, 0x0) 02:36:40 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x100, 0x0) chdir(&(0x7f0000000080)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') stat(&(0x7f0000000480)='./file0/file0\x00', 0x0) 02:36:41 executing program 2: r0 = epoll_create1(0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0xa000200e}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)={0x4}) [ 1733.041280][T20067] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 02:36:41 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000200)=@acquire={0x1ac, 0x17, 0x1, 0x0, 0x0, {{@in=@empty}, @in=@dev, {@in6=@mcast1, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {{@in6=@dev, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, [@tmpl={0x84, 0x5, [{{@in6=@empty, 0x0, 0x33}, 0x0, @in=@dev}, {{@in=@multicast1, 0x0, 0x6c}, 0x0, @in=@remote}]}]}, 0x1ac}}, 0x0) 02:36:41 executing program 3: syz_mount_image$adfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000280)={[{}, {'$-'}]}) [ 1733.747647][T20073] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 02:36:44 executing program 3: mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) munlock(&(0x7f0000b67000/0x4000)=nil, 0x4000) munlockall() 02:36:44 executing program 2: r0 = syz_open_dev$I2C(&(0x7f00000000c0), 0x0, 0x0) ioctl$I2C_PEC(r0, 0x708, 0x8001) ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000140)={0x0, 0x0, 0x5, &(0x7f0000000100)={0x0, "c2801d859c26d6ac1f231402f8608bbc5e763d7bf851c8ade4b6dd97bf6add0210"}}) 02:36:44 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000200)=@acquire={0x1ac, 0x17, 0x1, 0x0, 0x0, {{@in=@empty}, @in=@dev, {@in6=@mcast1, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {{@in6=@dev, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, [@tmpl={0x84, 0x5, [{{@in6=@empty, 0x0, 0x33}, 0x0, @in=@dev}, {{@in=@multicast1, 0x0, 0x6c}, 0x0, @in=@remote}]}]}, 0x1ac}}, 0x0) [ 1736.763383][T20095] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 02:36:44 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000001980)=[{0x6, 0x0, 0x0, 0x7fff0001}]}) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) 02:36:52 executing program 1: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) ioctl$SNDCTL_DSP_GETBLKSIZE(r0, 0xc0045004, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000100)=0x3) 02:36:52 executing program 3: mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) munlock(&(0x7f0000b67000/0x4000)=nil, 0x4000) munlockall() 02:36:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000001980)=[{0x6, 0x0, 0x0, 0x7fff0001}]}) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) 02:36:52 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e20, @remote}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xe6, &(0x7f0000000100), &(0x7f0000000000)=0x15) 02:36:52 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) dup3(r1, r0, 0x0) 02:36:52 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@bridge_getneigh={0x20, 0x2a, 0x507}, 0x20}}, 0x0) 02:36:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000001980)=[{0x6, 0x0, 0x0, 0x7fff0001}]}) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) 02:36:52 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=./bus,nfs_export=on']) 02:36:52 executing program 3: mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) munlock(&(0x7f0000b67000/0x4000)=nil, 0x4000) munlockall() 02:36:52 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@bridge_getneigh={0x20, 0x2a, 0x507}, 0x20}}, 0x0) [ 1745.000200][T20174] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 1745.007748][T20174] overlayfs: upper fs does not support xattr, falling back to index=off,metacopy=off. [ 1745.017725][T20174] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 1745.111161][T20174] overlayfs: failed to resolve './file0': -2 02:36:53 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e20, @remote}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xe6, &(0x7f0000000100), &(0x7f0000000000)=0x15) 02:36:53 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000001980)=[{0x6, 0x0, 0x0, 0x7fff0001}]}) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) [ 1754.049319][ T1196] ieee802154 phy0 wpan0: encryption failed: -22 [ 1754.056192][ T1196] ieee802154 phy1 wpan1: encryption failed: -22 [ 1754.092566][ T1196] aoe: packet could not be sent on ipvlan0. consider increasing tx_queue_len [ 1754.101807][ T1196] aoe: packet could not be sent on ipvlan1. consider increasing tx_queue_len 02:37:02 executing program 1: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) ioctl$SNDCTL_DSP_GETBLKSIZE(r0, 0xc0045004, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000100)=0x3) 02:37:02 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e20, @remote}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xe6, &(0x7f0000000100), &(0x7f0000000000)=0x15) 02:37:02 executing program 3: mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) munlock(&(0x7f0000b67000/0x4000)=nil, 0x4000) munlockall() 02:37:02 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@bridge_getneigh={0x20, 0x2a, 0x507}, 0x20}}, 0x0) 02:37:02 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0xca, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0100", 0x54, 0x6, 0x0, @remote={0xfe, 0x50}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x400000000000012e, 0x0, 0x0, 0x0, 0x0, {[@exp_fastopen={0x3, 0x8, 0xf989, "6ac8a70800000000000000e77130f556"}, @mss={0x2, 0x3}, @sack_perm={0x4, 0x2}, @timestamp={0x5, 0xa}, @mptcp=@synack={0x1e, 0x10}, @window={0x22, 0x3}, @sack={0x5, 0x6, [0x0]}, @mptcp=@mp_fclose={0x1e, 0xc}, @exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0) 02:37:02 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=./bus,nfs_export=on']) 02:37:03 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6}, 0x10) close(r0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) [ 1755.091631][T20240] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 1755.104909][T20240] overlayfs: upper fs does not support xattr, falling back to index=off,metacopy=off. [ 1755.115327][T20240] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. 02:37:03 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@bridge_getneigh={0x20, 0x2a, 0x507}, 0x20}}, 0x0) 02:37:03 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0xca, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0100", 0x54, 0x6, 0x0, @remote={0xfe, 0x50}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x400000000000012e, 0x0, 0x0, 0x0, 0x0, {[@exp_fastopen={0x3, 0x8, 0xf989, "6ac8a70800000000000000e77130f556"}, @mss={0x2, 0x3}, @sack_perm={0x4, 0x2}, @timestamp={0x5, 0xa}, @mptcp=@synack={0x1e, 0x10}, @window={0x22, 0x3}, @sack={0x5, 0x6, [0x0]}, @mptcp=@mp_fclose={0x1e, 0xc}, @exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0) [ 1755.160790][T20240] overlayfs: failed to resolve './file0': -2 02:37:03 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=./bus,nfs_export=on']) 02:37:03 executing program 4: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, 0xffffffffffffffff) 02:37:03 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6}, 0x10) close(r0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) [ 1755.885211][T20250] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 1755.892598][T20250] overlayfs: upper fs does not support xattr, falling back to index=off,metacopy=off. [ 1755.902555][T20250] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 1756.015935][T20250] overlayfs: failed to resolve './file0': -2 [ 1764.452604][ T6895] unregister_netdevice: waiting for wlan1 to become free. Usage count = 2 02:37:12 executing program 1: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) ioctl$SNDCTL_DSP_GETBLKSIZE(r0, 0xc0045004, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000100)=0x3) 02:37:12 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0xca, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0100", 0x54, 0x6, 0x0, @remote={0xfe, 0x50}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x400000000000012e, 0x0, 0x0, 0x0, 0x0, {[@exp_fastopen={0x3, 0x8, 0xf989, "6ac8a70800000000000000e77130f556"}, @mss={0x2, 0x3}, @sack_perm={0x4, 0x2}, @timestamp={0x5, 0xa}, @mptcp=@synack={0x1e, 0x10}, @window={0x22, 0x3}, @sack={0x5, 0x6, [0x0]}, @mptcp=@mp_fclose={0x1e, 0xc}, @exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0) 02:37:12 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=./bus,nfs_export=on']) 02:37:12 executing program 4: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6}, 0x10) close(r0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) 02:37:12 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e20, @remote}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xe6, &(0x7f0000000100), &(0x7f0000000000)=0x15) 02:37:12 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6}, 0x10) close(r0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) [ 1764.714177][T20353] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 1764.721617][T20353] overlayfs: upper fs does not support xattr, falling back to index=off,metacopy=off. [ 1764.737532][T20353] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. 02:37:12 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0xca, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0100", 0x54, 0x6, 0x0, @remote={0xfe, 0x50}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x400000000000012e, 0x0, 0x0, 0x0, 0x0, {[@exp_fastopen={0x3, 0x8, 0xf989, "6ac8a70800000000000000e77130f556"}, @mss={0x2, 0x3}, @sack_perm={0x4, 0x2}, @timestamp={0x5, 0xa}, @mptcp=@synack={0x1e, 0x10}, @window={0x22, 0x3}, @sack={0x5, 0x6, [0x0]}, @mptcp=@mp_fclose={0x1e, 0xc}, @exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0) 02:37:12 executing program 4: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6}, 0x10) close(r0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) [ 1764.856256][T20353] overlayfs: failed to resolve './file0': -2 02:37:12 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6}, 0x10) close(r0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) 02:37:13 executing program 4: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6}, 0x10) close(r0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) 02:37:13 executing program 5: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xd}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:37:13 executing program 2: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) recvmmsg(r0, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/45, 0x2d}}, {{0x0, 0x0, 0x0, 0x2, &(0x7f0000000b80)=""/4096, 0x1000}}], 0x2, 0x2002, 0x0) 02:37:25 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x400}, 0x8) set_mempolicy(0x2, &(0x7f0000000040)=0x100000001, 0x3) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) 02:37:25 executing program 5: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xd}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:37:25 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000100)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x18) 02:37:25 executing program 2: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) recvmmsg(r0, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/45, 0x2d}}, {{0x0, 0x0, 0x0, 0x2, &(0x7f0000000b80)=""/4096, 0x1000}}], 0x2, 0x2002, 0x0) 02:37:25 executing program 4: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) recvmmsg(r0, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/45, 0x2d}}, {{0x0, 0x0, 0x0, 0x2, &(0x7f0000000b80)=""/4096, 0x1000}}], 0x2, 0x2002, 0x0) 02:37:25 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x4, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6e}]}, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 02:37:25 executing program 4: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) recvmmsg(r0, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/45, 0x2d}}, {{0x0, 0x0, 0x0, 0x2, &(0x7f0000000b80)=""/4096, 0x1000}}], 0x2, 0x2002, 0x0) 02:37:25 executing program 5: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xd}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:37:25 executing program 2: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) recvmmsg(r0, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/45, 0x2d}}, {{0x0, 0x0, 0x0, 0x2, &(0x7f0000000b80)=""/4096, 0x1000}}], 0x2, 0x2002, 0x0) 02:37:26 executing program 5: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xd}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:37:26 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000100)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x18) 02:37:26 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x400}, 0x8) set_mempolicy(0x2, &(0x7f0000000040)=0x100000001, 0x3) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) 02:37:26 executing program 4: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) recvmmsg(r0, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/45, 0x2d}}, {{0x0, 0x0, 0x0, 0x2, &(0x7f0000000b80)=""/4096, 0x1000}}], 0x2, 0x2002, 0x0) 02:37:26 executing program 2: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) recvmmsg(r0, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/45, 0x2d}}, {{0x0, 0x0, 0x0, 0x2, &(0x7f0000000b80)=""/4096, 0x1000}}], 0x2, 0x2002, 0x0) 02:37:27 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000100)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x18) 02:37:27 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000100)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x18) 02:37:27 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) getsockname$packet(r0, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000003c0)=0x14) getsockname$packet(r0, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000200)=0x14) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000829256de447c6af49f7a9b09d2fbd7000fedbdf2510ff00000600280003000000fd9dc4d06eb6e31f1eb2bf5f166fddf5d8b8e3d2f200b39924f4de4b1b7693a7571c9fd4cb06ecd12b412000e959dd1185532e8b42b4a16e9da5d56b01b9a127043ba1fc7d10e208ab0257b98042bd6505eba39529bb2e7f848e65d92358e6011cd4fcb799d7b228570adf81d2c1e307b0e4c66a659330ec176fe3cb4ce5e5f49f23925973990baa1952223b00000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x844}, 0x8804) ioctl$TIOCSLCKTRMIOS(r1, 0x5457, &(0x7f0000000100)) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000140)={0xd06, 0x9, 0xfffff000, 0x7ff, 0x1a, "d7d13ccb979f3d7c31e93237f0312621ce7911"}) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000240)={0xd21, 0x7, 0x0, 0x8, 0x16, "e090b51e138847ac67ec7dc532f45b9e3b0c02"}) 02:37:35 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000002c0), 0x0, 0x0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000300)) 02:37:35 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)={0x1c, 0x5f, 0x401, 0x0, 0x0, "", [@typed={0x4}, @typed={0x8, 0x0, 0x0, 0x0, @pid}]}, 0x1c}], 0x1}, 0x0) 02:37:35 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x400}, 0x8) set_mempolicy(0x2, &(0x7f0000000040)=0x100000001, 0x3) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) 02:37:35 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000100)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x18) 02:37:35 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000100)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x18) 02:37:35 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000100)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x18) 02:37:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)={0x1c, 0x5f, 0x401, 0x0, 0x0, "", [@typed={0x4}, @typed={0x8, 0x0, 0x0, 0x0, @pid}]}, 0x1c}], 0x1}, 0x0) 02:37:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)={0x1c, 0x5f, 0x401, 0x0, 0x0, "", [@typed={0x4}, @typed={0x8, 0x0, 0x0, 0x0, @pid}]}, 0x1c}], 0x1}, 0x0) 02:37:36 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000100)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x18) 02:37:37 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000100)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x18) 02:37:37 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x400}, 0x8) set_mempolicy(0x2, &(0x7f0000000040)=0x100000001, 0x3) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) 02:37:37 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000100)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x18) 02:37:46 executing program 1: syz_emit_ethernet(0x46, &(0x7f0000000300)={@random="43d4c03974e7", @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a0f009", 0x10, 0x3a, 0xff, @local={0xfe, 0x1c}, @mcast2, {[], @ndisc_ra}}}}}, 0x0) 02:37:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)={0x1c, 0x5f, 0x401, 0x0, 0x0, "", [@typed={0x4}, @typed={0x8, 0x0, 0x0, 0x0, @pid}]}, 0x1c}], 0x1}, 0x0) 02:37:46 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:37:46 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="83", 0x1) 02:37:46 executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000001f6ffc50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='9p_client_req\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b26, &(0x7f0000000040)={'wlan1\x00'}) 02:37:46 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x4, 0x404, 0x1}, 0x48) [ 1798.266405][ T24] audit: type=1804 audit(1658803066.312:637): pid=20734 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1241240187/syzkaller.eePS8a/936/bus" dev="sda1" ino=1181 res=1 errno=0 [ 1798.292817][ T24] audit: type=1800 audit(1658803066.312:638): pid=20734 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1181 res=0 errno=0 02:37:46 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x4, 0x404, 0x1}, 0x48) [ 1798.638459][ T24] audit: type=1804 audit(1658803066.422:639): pid=20734 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1241240187/syzkaller.eePS8a/936/bus" dev="sda1" ino=1181 res=1 errno=0 [ 1798.667310][ T24] audit: type=1804 audit(1658803066.432:640): pid=20734 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1241240187/syzkaller.eePS8a/936/bus" dev="sda1" ino=1181 res=1 errno=0 02:37:47 executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000001f6ffc50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='9p_client_req\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b26, &(0x7f0000000040)={'wlan1\x00'}) 02:37:47 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x4, 0x404, 0x1}, 0x48) 02:37:47 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:37:47 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) [ 1799.460676][ T24] audit: type=1804 audit(1658803067.502:641): pid=20745 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2734175915/syzkaller.J7Ef6u/900/bus" dev="sda1" ino=1169 res=1 errno=0 [ 1799.486888][ T24] audit: type=1800 audit(1658803067.502:642): pid=20745 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1169 res=0 errno=0 02:37:47 executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000001f6ffc50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='9p_client_req\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b26, &(0x7f0000000040)={'wlan1\x00'}) [ 1799.605811][ T24] audit: type=1804 audit(1658803067.592:643): pid=20746 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2734175915/syzkaller.J7Ef6u/900/bus" dev="sda1" ino=1169 res=1 errno=0 [ 1799.697192][ T24] audit: type=1804 audit(1658803067.682:644): pid=20745 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2734175915/syzkaller.J7Ef6u/900/bus" dev="sda1" ino=1169 res=1 errno=0 [ 1799.829041][ T24] audit: type=1804 audit(1658803067.842:645): pid=20751 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1241240187/syzkaller.eePS8a/937/bus" dev="sda1" ino=1175 res=1 errno=0 [ 1799.859211][ T24] audit: type=1800 audit(1658803067.842:646): pid=20751 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1175 res=0 errno=0 02:37:53 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="83", 0x1) 02:37:53 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x4, 0x404, 0x1}, 0x48) 02:37:53 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:37:53 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:37:53 executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000001f6ffc50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='9p_client_req\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b26, &(0x7f0000000040)={'wlan1\x00'}) 02:37:53 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="83", 0x1) [ 1806.162938][ T24] kauditd_printk_skb: 2 callbacks suppressed [ 1806.163012][ T24] audit: type=1804 audit(1658803074.182:649): pid=20822 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1241240187/syzkaller.eePS8a/938/bus" dev="sda1" ino=1181 res=1 errno=0 [ 1806.195276][ T24] audit: type=1800 audit(1658803074.182:650): pid=20822 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1181 res=0 errno=0 [ 1806.591431][ T24] audit: type=1804 audit(1658803074.322:651): pid=20822 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1241240187/syzkaller.eePS8a/938/bus" dev="sda1" ino=1181 res=1 errno=0 [ 1806.621506][ T24] audit: type=1804 audit(1658803074.342:652): pid=20822 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1241240187/syzkaller.eePS8a/938/bus" dev="sda1" ino=1181 res=1 errno=0 02:37:55 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:37:55 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:37:55 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:37:55 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:37:55 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="83", 0x1) [ 1807.285678][ T24] audit: type=1804 audit(1658803075.332:653): pid=20829 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir8526519/syzkaller.MlxNaq/108/bus" dev="sda1" ino=1165 res=1 errno=0 [ 1807.311138][ T24] audit: type=1800 audit(1658803075.332:654): pid=20829 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1165 res=0 errno=0 [ 1807.545663][ T24] audit: type=1804 audit(1658803075.392:655): pid=20829 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir8526519/syzkaller.MlxNaq/108/bus" dev="sda1" ino=1165 res=1 errno=0 [ 1807.570763][ T24] audit: type=1804 audit(1658803075.432:656): pid=20829 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir8526519/syzkaller.MlxNaq/108/bus" dev="sda1" ino=1165 res=1 errno=0 [ 1807.596628][ T24] audit: type=1804 audit(1658803075.482:657): pid=20832 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir419791918/syzkaller.ZnYwej/929/bus" dev="sda1" ino=1166 res=1 errno=0 [ 1807.622417][ T24] audit: type=1800 audit(1658803075.482:658): pid=20832 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1166 res=0 errno=0 02:37:55 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) [ 1815.498542][ T1196] ieee802154 phy0 wpan0: encryption failed: -22 [ 1815.505489][ T1196] ieee802154 phy1 wpan1: encryption failed: -22 [ 1815.542540][ T1196] aoe: packet could not be sent on ipvlan0. consider increasing tx_queue_len [ 1815.551877][ T1196] aoe: packet could not be sent on ipvlan1. consider increasing tx_queue_len 02:38:07 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="83", 0x1) 02:38:07 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:38:07 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:38:07 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000001f6ffc50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='9p_client_req\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b26, &(0x7f0000000040)={'wlan1\x00'}) 02:38:07 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:38:07 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="83", 0x1) [ 1819.135577][ T24] kauditd_printk_skb: 14 callbacks suppressed [ 1819.135648][ T24] audit: type=1804 audit(1658803087.142:673): pid=20945 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2734175915/syzkaller.J7Ef6u/903/bus" dev="sda1" ino=1181 res=1 errno=0 [ 1819.167942][ T24] audit: type=1800 audit(1658803087.152:674): pid=20945 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1181 res=0 errno=0 [ 1819.189400][ T24] audit: type=1804 audit(1658803087.182:675): pid=20945 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2734175915/syzkaller.J7Ef6u/903/bus" dev="sda1" ino=1181 res=1 errno=0 02:38:07 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000001f6ffc50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='9p_client_req\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b26, &(0x7f0000000040)={'wlan1\x00'}) [ 1819.629618][ T24] audit: type=1804 audit(1658803087.332:676): pid=20945 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2734175915/syzkaller.J7Ef6u/903/bus" dev="sda1" ino=1181 res=1 errno=0 [ 1820.067304][ T24] audit: type=1804 audit(1658803088.082:677): pid=20949 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir8526519/syzkaller.MlxNaq/110/bus" dev="sda1" ino=1172 res=1 errno=0 [ 1820.094242][ T24] audit: type=1800 audit(1658803088.082:678): pid=20949 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1172 res=0 errno=0 [ 1820.115718][ T24] audit: type=1804 audit(1658803088.092:679): pid=20949 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir8526519/syzkaller.MlxNaq/110/bus" dev="sda1" ino=1172 res=1 errno=0 [ 1820.144797][ T24] audit: type=1804 audit(1658803088.112:680): pid=20949 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir8526519/syzkaller.MlxNaq/110/bus" dev="sda1" ino=1172 res=1 errno=0 02:38:08 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000001f6ffc50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='9p_client_req\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b26, &(0x7f0000000040)={'wlan1\x00'}) 02:38:08 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:38:08 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:38:08 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x1) syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@eol]}}}}}}}}, 0x0) [ 1820.567149][ T24] audit: type=1804 audit(1658803088.222:681): pid=20946 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir419791918/syzkaller.ZnYwej/930/bus" dev="sda1" ino=1183 res=1 errno=0 [ 1820.592968][ T24] audit: type=1800 audit(1658803088.222:682): pid=20946 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1183 res=0 errno=0 02:38:09 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x1) syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@eol]}}}}}}}}, 0x0) [ 1821.132532][T20969] syz-executor.5 (20969) used greatest stack depth: 4984 bytes left 02:38:21 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="83", 0x1) 02:38:21 executing program 4: syz_mount_image$xfs(&(0x7f0000000380), &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000001c00)={[{@quota}]}) 02:38:21 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @loopback}, 0x1c) sendmmsg$alg(r0, &(0x7f0000000b00)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000002780)=[@assoc={0x10, 0x29}], 0x10}], 0x1, 0x0) 02:38:21 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) r3 = open(&(0x7f0000000440)='./bus\x00', 0x4d00, 0x0) dup3(r3, r2, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r5, 0x800) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0xeffe) io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, 0x0, r2, &(0x7f0000000000), 0x40000}]) 02:38:21 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x1) syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@eol]}}}}}}}}, 0x0) 02:38:21 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.log\x00', 0x2040, 0x0) vmsplice(r0, &(0x7f0000000840)=[{&(0x7f0000000440)='d', 0x1}], 0x1, 0x0) [ 1833.777837][ T24] kauditd_printk_skb: 10 callbacks suppressed [ 1833.777912][ T24] audit: type=1804 audit(1658803101.822:693): pid=21125 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2734175915/syzkaller.J7Ef6u/905/bus" dev="sda1" ino=1177 res=1 errno=0 02:38:21 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @loopback}, 0x1c) sendmmsg$alg(r0, &(0x7f0000000b00)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000002780)=[@assoc={0x10, 0x29}], 0x10}], 0x1, 0x0) [ 1833.811376][ T24] audit: type=1800 audit(1658803101.822:694): pid=21125 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1177 res=0 errno=0 [ 1833.833326][ T24] audit: type=1804 audit(1658803101.842:695): pid=21125 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2734175915/syzkaller.J7Ef6u/905/bus" dev="sda1" ino=1177 res=1 errno=0 02:38:22 executing program 4: syz_mount_image$xfs(&(0x7f0000000380), &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000001c00)={[{@quota}]}) 02:38:22 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.log\x00', 0x2040, 0x0) vmsplice(r0, &(0x7f0000000840)=[{&(0x7f0000000440)='d', 0x1}], 0x1, 0x0) 02:38:22 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x1) syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@eol]}}}}}}}}, 0x0) 02:38:22 executing program 2: unshare(0x28000400) r0 = mq_open(&(0x7f0000000080)='m$\x00\xdc\xb7\xb8\xd0>,\xb0\x13\x8b3z>K\x84\x05\x00\x00\x00\x9c\x81\xed\xc2\x00', 0x6e93ebbbcc0884ee, 0x0, 0x0) mq_getsetattr(r0, 0x0, &(0x7f0000000040)) [ 1834.342714][ T24] audit: type=1804 audit(1658803101.922:696): pid=21130 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2734175915/syzkaller.J7Ef6u/905/bus" dev="sda1" ino=1177 res=1 errno=0 02:38:22 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @loopback}, 0x1c) sendmmsg$alg(r0, &(0x7f0000000b00)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000002780)=[@assoc={0x10, 0x29}], 0x10}], 0x1, 0x0) 02:38:32 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.log\x00', 0x2040, 0x0) vmsplice(r0, &(0x7f0000000840)=[{&(0x7f0000000440)='d', 0x1}], 0x1, 0x0) 02:38:32 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @loopback}, 0x1c) sendmmsg$alg(r0, &(0x7f0000000b00)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000002780)=[@assoc={0x10, 0x29}], 0x10}], 0x1, 0x0) 02:38:32 executing program 2: unshare(0x28000400) r0 = mq_open(&(0x7f0000000080)='m$\x00\xdc\xb7\xb8\xd0>,\xb0\x13\x8b3z>K\x84\x05\x00\x00\x00\x9c\x81\xed\xc2\x00', 0x6e93ebbbcc0884ee, 0x0, 0x0) mq_getsetattr(r0, 0x0, &(0x7f0000000040)) 02:38:32 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x68}}, 0x0) 02:38:32 executing program 4: syz_mount_image$xfs(&(0x7f0000000380), &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000001c00)={[{@quota}]}) 02:38:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x24, r1, 0x1, 0x0, 0x0, {{0x1a}}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'b\x00'}, @NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}]}, 0x24}}, 0x0) 02:38:32 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.log\x00', 0x2040, 0x0) vmsplice(r0, &(0x7f0000000840)=[{&(0x7f0000000440)='d', 0x1}], 0x1, 0x0) 02:38:32 executing program 4: syz_mount_image$xfs(&(0x7f0000000380), &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000001c00)={[{@quota}]}) 02:38:32 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x68}}, 0x0) 02:38:32 executing program 2: unshare(0x28000400) r0 = mq_open(&(0x7f0000000080)='m$\x00\xdc\xb7\xb8\xd0>,\xb0\x13\x8b3z>K\x84\x05\x00\x00\x00\x9c\x81\xed\xc2\x00', 0x6e93ebbbcc0884ee, 0x0, 0x0) mq_getsetattr(r0, 0x0, &(0x7f0000000040)) 02:38:32 executing program 0: timer_create(0x0, &(0x7f0000000340)={0x0, 0x12}, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) poll(&(0x7f00000000c0)=[{r1}], 0x1, 0x203) close(r1) 02:38:33 executing program 2: unshare(0x28000400) r0 = mq_open(&(0x7f0000000080)='m$\x00\xdc\xb7\xb8\xd0>,\xb0\x13\x8b3z>K\x84\x05\x00\x00\x00\x9c\x81\xed\xc2\x00', 0x6e93ebbbcc0884ee, 0x0, 0x0) mq_getsetattr(r0, 0x0, &(0x7f0000000040)) 02:38:33 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) bpf$BPF_GET_MAP_INFO(0x15, &(0x7f00000000c0)={r0, 0x0, 0x0}, 0x10) 02:38:33 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x68}}, 0x0) 02:38:33 executing program 4: pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) rt_sigprocmask(0x0, &(0x7f0000002c00), 0x0, 0x8) 02:38:33 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f00000002c0)='cpuacct.usage_all\x00', 0x26e1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000018c00)={0x18, 0x3, &(0x7f00000016c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500db000000000012cc19280a9c380b460d593093747e2e299e5a30a6fab908000000912b2b9c326f8af5e837e85559448b689fb549252e5fbaf3b888083c8ba6c3f76eb6de459ebc2e6090bf2d7e6a0aaee54ab764ee6531ccdb438c5eda380d87f48b7bc53ee353568f2d5396ef6b8088c1d0ad7842"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rcu_utilization\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001c80)={0x6, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001d00)={0xffffffffffffffff}, 0xc) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000001f80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4c}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x11ffffce1) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1, 0x9, 0x3f, 0x7fff, 0x0, 0x1}, 0x48) 02:38:33 executing program 0: timer_create(0x0, &(0x7f0000000340)={0x0, 0x12}, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) poll(&(0x7f00000000c0)=[{r1}], 0x1, 0x203) close(r1) 02:38:42 executing program 1: pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) rt_sigprocmask(0x0, &(0x7f0000002c00), 0x0, 0x8) 02:38:42 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) bpf$BPF_GET_MAP_INFO(0x15, &(0x7f00000000c0)={r0, 0x0, 0x0}, 0x10) 02:38:42 executing program 4: pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) rt_sigprocmask(0x0, &(0x7f0000002c00), 0x0, 0x8) 02:38:42 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x68}}, 0x0) 02:38:42 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f00000002c0)='cpuacct.usage_all\x00', 0x26e1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000018c00)={0x18, 0x3, &(0x7f00000016c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500db000000000012cc19280a9c380b460d593093747e2e299e5a30a6fab908000000912b2b9c326f8af5e837e85559448b689fb549252e5fbaf3b888083c8ba6c3f76eb6de459ebc2e6090bf2d7e6a0aaee54ab764ee6531ccdb438c5eda380d87f48b7bc53ee353568f2d5396ef6b8088c1d0ad7842"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rcu_utilization\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001c80)={0x6, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001d00)={0xffffffffffffffff}, 0xc) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000001f80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4c}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x11ffffce1) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1, 0x9, 0x3f, 0x7fff, 0x0, 0x1}, 0x48) 02:38:42 executing program 0: timer_create(0x0, &(0x7f0000000340)={0x0, 0x12}, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) poll(&(0x7f00000000c0)=[{r1}], 0x1, 0x203) close(r1) 02:38:42 executing program 4: pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) rt_sigprocmask(0x0, &(0x7f0000002c00), 0x0, 0x8) 02:38:42 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) bpf$BPF_GET_MAP_INFO(0x15, &(0x7f00000000c0)={r0, 0x0, 0x0}, 0x10) 02:38:43 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000ec0)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1}, 0x6e) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000000000)=@file={0x1}, 0x6e) 02:38:43 executing program 0: timer_create(0x0, &(0x7f0000000340)={0x0, 0x12}, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) poll(&(0x7f00000000c0)=[{r1}], 0x1, 0x203) close(r1) 02:38:43 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000ec0)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1}, 0x6e) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000000000)=@file={0x1}, 0x6e) 02:38:43 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) bpf$BPF_GET_MAP_INFO(0x15, &(0x7f00000000c0)={r0, 0x0, 0x0}, 0x10) 02:38:50 executing program 1: pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) rt_sigprocmask(0x0, &(0x7f0000002c00), 0x0, 0x8) 02:38:50 executing program 4: pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) rt_sigprocmask(0x0, &(0x7f0000002c00), 0x0, 0x8) 02:38:50 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f00000002c0)='cpuacct.usage_all\x00', 0x26e1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000018c00)={0x18, 0x3, &(0x7f00000016c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500db000000000012cc19280a9c380b460d593093747e2e299e5a30a6fab908000000912b2b9c326f8af5e837e85559448b689fb549252e5fbaf3b888083c8ba6c3f76eb6de459ebc2e6090bf2d7e6a0aaee54ab764ee6531ccdb438c5eda380d87f48b7bc53ee353568f2d5396ef6b8088c1d0ad7842"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rcu_utilization\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001c80)={0x6, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001d00)={0xffffffffffffffff}, 0xc) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000001f80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4c}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x11ffffce1) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1, 0x9, 0x3f, 0x7fff, 0x0, 0x1}, 0x48) 02:38:50 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000ec0)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1}, 0x6e) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000000000)=@file={0x1}, 0x6e) 02:38:50 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x5, [], 0x0, [0x8], [0x0, 0x8, 0x168]}}]}}]}, 0x8c}}, 0x0) 02:38:50 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002040)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8532717d54867ae8b09ee9e69ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095cd35f5e228026579e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc41ab48dafb7a2c8cb482bac0ac502d9ba96ffffff670000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74ab8cac95900fca0493cf29b33dcc9ffffffffffa6adffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241075f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe58201000000010000007050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2ea85de82328e513063aad3335457acf37331766e472391e358c31a5b3d1863d0165100fb2d33dc9119b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb251c19ed2514e3a22a2a998de44aeadea2a40da8daccf080842a4867217373927aa3b97152916cf6f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1435b1fad6ec9a31137ab0ee404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b013dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632f9fc11785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e72041b267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb686f5870d05f88a0f463db88d377442e1349acaf7662fab44a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e0e4492a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a92144e43a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a66c8e941fdbd6ea6cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c9db6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109bec12f63b85325522d2b81f56b2f9e20db7f1bd0bef314a895df1c5757f6cd6f7d08bec128b7e40907ddfbb7750d2278c093b623dde73940bc9f7147c8a9cbbcdde349addd5d1527c3a8a1c45d5f52400bd84b7b332b70be0a5eb01a5d7d90000e70b001e7b9ae3f7a23fada40556559c24e287be02d8b66eb09b1db2dd194f85f95ee7bd2ccb630b9619db4b955845d5961aa6964ce245785e616372c64878d45e5a2540de9a4e0cd4972d34a314b58367588192dec33e184313fce6f51811f657a720feb4fadfe1236c1f2d0fdb161ecf439a87724f384b632be170fc6ef2119a38ca8a348283f3bd7436bea4688976047bf68150d8230dacbdd862be6980a848ea278fa53d1a4227"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = memfd_create(&(0x7f0000001fc1)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\b\xedcJ\x8e\x84\xd4N\x12\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9?\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97_\t~\xf3Y\x12\"p^\xc1\x0f', 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) openat2(0xffffffffffffff9c, 0x0, &(0x7f00000003c0), 0x18) 02:38:50 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x5, [], 0x0, [0x8], [0x0, 0x8, 0x168]}}]}}]}, 0x8c}}, 0x0) 02:38:50 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000ec0)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1}, 0x6e) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000000000)=@file={0x1}, 0x6e) 02:38:50 executing program 4: mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000240)='./bus\x00') chdir(&(0x7f0000000380)='./file0\x00') mknod$loop(&(0x7f0000000300)='./bus\x00', 0x0, 0x0) 02:38:51 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002040)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8532717d54867ae8b09ee9e69ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095cd35f5e228026579e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc41ab48dafb7a2c8cb482bac0ac502d9ba96ffffff670000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74ab8cac95900fca0493cf29b33dcc9ffffffffffa6adffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241075f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe58201000000010000007050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2ea85de82328e513063aad3335457acf37331766e472391e358c31a5b3d1863d0165100fb2d33dc9119b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb251c19ed2514e3a22a2a998de44aeadea2a40da8daccf080842a4867217373927aa3b97152916cf6f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1435b1fad6ec9a31137ab0ee404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b013dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632f9fc11785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e72041b267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb686f5870d05f88a0f463db88d377442e1349acaf7662fab44a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e0e4492a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a92144e43a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a66c8e941fdbd6ea6cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c9db6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109bec12f63b85325522d2b81f56b2f9e20db7f1bd0bef314a895df1c5757f6cd6f7d08bec128b7e40907ddfbb7750d2278c093b623dde73940bc9f7147c8a9cbbcdde349addd5d1527c3a8a1c45d5f52400bd84b7b332b70be0a5eb01a5d7d90000e70b001e7b9ae3f7a23fada40556559c24e287be02d8b66eb09b1db2dd194f85f95ee7bd2ccb630b9619db4b955845d5961aa6964ce245785e616372c64878d45e5a2540de9a4e0cd4972d34a314b58367588192dec33e184313fce6f51811f657a720feb4fadfe1236c1f2d0fdb161ecf439a87724f384b632be170fc6ef2119a38ca8a348283f3bd7436bea4688976047bf68150d8230dacbdd862be6980a848ea278fa53d1a4227"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = memfd_create(&(0x7f0000001fc1)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\b\xedcJ\x8e\x84\xd4N\x12\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9?\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97_\t~\xf3Y\x12\"p^\xc1\x0f', 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) openat2(0xffffffffffffff9c, 0x0, &(0x7f00000003c0), 0x18) 02:38:51 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f00000002c0)='cpuacct.usage_all\x00', 0x26e1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000018c00)={0x18, 0x3, &(0x7f00000016c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500db000000000012cc19280a9c380b460d593093747e2e299e5a30a6fab908000000912b2b9c326f8af5e837e85559448b689fb549252e5fbaf3b888083c8ba6c3f76eb6de459ebc2e6090bf2d7e6a0aaee54ab764ee6531ccdb438c5eda380d87f48b7bc53ee353568f2d5396ef6b8088c1d0ad7842"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rcu_utilization\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001c80)={0x6, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001d00)={0xffffffffffffffff}, 0xc) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000001f80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4c}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x11ffffce1) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1, 0x9, 0x3f, 0x7fff, 0x0, 0x1}, 0x48) 02:38:51 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002040)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8532717d54867ae8b09ee9e69ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095cd35f5e228026579e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc41ab48dafb7a2c8cb482bac0ac502d9ba96ffffff670000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74ab8cac95900fca0493cf29b33dcc9ffffffffffa6adffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241075f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe58201000000010000007050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2ea85de82328e513063aad3335457acf37331766e472391e358c31a5b3d1863d0165100fb2d33dc9119b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb251c19ed2514e3a22a2a998de44aeadea2a40da8daccf080842a4867217373927aa3b97152916cf6f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1435b1fad6ec9a31137ab0ee404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b013dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632f9fc11785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e72041b267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb686f5870d05f88a0f463db88d377442e1349acaf7662fab44a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e0e4492a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a92144e43a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a66c8e941fdbd6ea6cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c9db6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109bec12f63b85325522d2b81f56b2f9e20db7f1bd0bef314a895df1c5757f6cd6f7d08bec128b7e40907ddfbb7750d2278c093b623dde73940bc9f7147c8a9cbbcdde349addd5d1527c3a8a1c45d5f52400bd84b7b332b70be0a5eb01a5d7d90000e70b001e7b9ae3f7a23fada40556559c24e287be02d8b66eb09b1db2dd194f85f95ee7bd2ccb630b9619db4b955845d5961aa6964ce245785e616372c64878d45e5a2540de9a4e0cd4972d34a314b58367588192dec33e184313fce6f51811f657a720feb4fadfe1236c1f2d0fdb161ecf439a87724f384b632be170fc6ef2119a38ca8a348283f3bd7436bea4688976047bf68150d8230dacbdd862be6980a848ea278fa53d1a4227"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = memfd_create(&(0x7f0000001fc1)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\b\xedcJ\x8e\x84\xd4N\x12\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9?\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97_\t~\xf3Y\x12\"p^\xc1\x0f', 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) openat2(0xffffffffffffff9c, 0x0, &(0x7f00000003c0), 0x18) 02:38:58 executing program 1: pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) rt_sigprocmask(0x0, &(0x7f0000002c00), 0x0, 0x8) 02:38:58 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x5, [], 0x0, [0x8], [0x0, 0x8, 0x168]}}]}}]}, 0x8c}}, 0x0) 02:38:58 executing program 4: mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000240)='./bus\x00') chdir(&(0x7f0000000380)='./file0\x00') mknod$loop(&(0x7f0000000300)='./bus\x00', 0x0, 0x0) 02:38:58 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002040)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8532717d54867ae8b09ee9e69ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095cd35f5e228026579e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc41ab48dafb7a2c8cb482bac0ac502d9ba96ffffff670000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74ab8cac95900fca0493cf29b33dcc9ffffffffffa6adffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241075f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe58201000000010000007050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2ea85de82328e513063aad3335457acf37331766e472391e358c31a5b3d1863d0165100fb2d33dc9119b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb251c19ed2514e3a22a2a998de44aeadea2a40da8daccf080842a4867217373927aa3b97152916cf6f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1435b1fad6ec9a31137ab0ee404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b013dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632f9fc11785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e72041b267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb686f5870d05f88a0f463db88d377442e1349acaf7662fab44a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e0e4492a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a92144e43a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a66c8e941fdbd6ea6cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c9db6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109bec12f63b85325522d2b81f56b2f9e20db7f1bd0bef314a895df1c5757f6cd6f7d08bec128b7e40907ddfbb7750d2278c093b623dde73940bc9f7147c8a9cbbcdde349addd5d1527c3a8a1c45d5f52400bd84b7b332b70be0a5eb01a5d7d90000e70b001e7b9ae3f7a23fada40556559c24e287be02d8b66eb09b1db2dd194f85f95ee7bd2ccb630b9619db4b955845d5961aa6964ce245785e616372c64878d45e5a2540de9a4e0cd4972d34a314b58367588192dec33e184313fce6f51811f657a720feb4fadfe1236c1f2d0fdb161ecf439a87724f384b632be170fc6ef2119a38ca8a348283f3bd7436bea4688976047bf68150d8230dacbdd862be6980a848ea278fa53d1a4227"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = memfd_create(&(0x7f0000001fc1)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\b\xedcJ\x8e\x84\xd4N\x12\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9?\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97_\t~\xf3Y\x12\"p^\xc1\x0f', 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) openat2(0xffffffffffffff9c, 0x0, &(0x7f00000003c0), 0x18) 02:38:58 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002040)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8532717d54867ae8b09ee9e69ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095cd35f5e228026579e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc41ab48dafb7a2c8cb482bac0ac502d9ba96ffffff670000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74ab8cac95900fca0493cf29b33dcc9ffffffffffa6adffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241075f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe58201000000010000007050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2ea85de82328e513063aad3335457acf37331766e472391e358c31a5b3d1863d0165100fb2d33dc9119b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb251c19ed2514e3a22a2a998de44aeadea2a40da8daccf080842a4867217373927aa3b97152916cf6f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1435b1fad6ec9a31137ab0ee404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b013dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632f9fc11785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e72041b267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb686f5870d05f88a0f463db88d377442e1349acaf7662fab44a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e0e4492a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a92144e43a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a66c8e941fdbd6ea6cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c9db6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109bec12f63b85325522d2b81f56b2f9e20db7f1bd0bef314a895df1c5757f6cd6f7d08bec128b7e40907ddfbb7750d2278c093b623dde73940bc9f7147c8a9cbbcdde349addd5d1527c3a8a1c45d5f52400bd84b7b332b70be0a5eb01a5d7d90000e70b001e7b9ae3f7a23fada40556559c24e287be02d8b66eb09b1db2dd194f85f95ee7bd2ccb630b9619db4b955845d5961aa6964ce245785e616372c64878d45e5a2540de9a4e0cd4972d34a314b58367588192dec33e184313fce6f51811f657a720feb4fadfe1236c1f2d0fdb161ecf439a87724f384b632be170fc6ef2119a38ca8a348283f3bd7436bea4688976047bf68150d8230dacbdd862be6980a848ea278fa53d1a4227"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = memfd_create(&(0x7f0000001fc1)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\b\xedcJ\x8e\x84\xd4N\x12\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9?\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97_\t~\xf3Y\x12\"p^\xc1\x0f', 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) openat2(0xffffffffffffff9c, 0x0, &(0x7f00000003c0), 0x18) 02:38:58 executing program 2: mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000240)='./bus\x00') chdir(&(0x7f0000000380)='./file0\x00') mknod$loop(&(0x7f0000000300)='./bus\x00', 0x0, 0x0) 02:38:59 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x5, [], 0x0, [0x8], [0x0, 0x8, 0x168]}}]}}]}, 0x8c}}, 0x0) 02:38:59 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002040)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8532717d54867ae8b09ee9e69ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095cd35f5e228026579e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc41ab48dafb7a2c8cb482bac0ac502d9ba96ffffff670000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74ab8cac95900fca0493cf29b33dcc9ffffffffffa6adffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241075f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe58201000000010000007050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2ea85de82328e513063aad3335457acf37331766e472391e358c31a5b3d1863d0165100fb2d33dc9119b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb251c19ed2514e3a22a2a998de44aeadea2a40da8daccf080842a4867217373927aa3b97152916cf6f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1435b1fad6ec9a31137ab0ee404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b013dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632f9fc11785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e72041b267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb686f5870d05f88a0f463db88d377442e1349acaf7662fab44a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e0e4492a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a92144e43a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a66c8e941fdbd6ea6cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c9db6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109bec12f63b85325522d2b81f56b2f9e20db7f1bd0bef314a895df1c5757f6cd6f7d08bec128b7e40907ddfbb7750d2278c093b623dde73940bc9f7147c8a9cbbcdde349addd5d1527c3a8a1c45d5f52400bd84b7b332b70be0a5eb01a5d7d90000e70b001e7b9ae3f7a23fada40556559c24e287be02d8b66eb09b1db2dd194f85f95ee7bd2ccb630b9619db4b955845d5961aa6964ce245785e616372c64878d45e5a2540de9a4e0cd4972d34a314b58367588192dec33e184313fce6f51811f657a720feb4fadfe1236c1f2d0fdb161ecf439a87724f384b632be170fc6ef2119a38ca8a348283f3bd7436bea4688976047bf68150d8230dacbdd862be6980a848ea278fa53d1a4227"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = memfd_create(&(0x7f0000001fc1)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\b\xedcJ\x8e\x84\xd4N\x12\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9?\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97_\t~\xf3Y\x12\"p^\xc1\x0f', 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) openat2(0xffffffffffffff9c, 0x0, &(0x7f00000003c0), 0x18) 02:38:59 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002040)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8532717d54867ae8b09ee9e69ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095cd35f5e228026579e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc41ab48dafb7a2c8cb482bac0ac502d9ba96ffffff670000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74ab8cac95900fca0493cf29b33dcc9ffffffffffa6adffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241075f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe58201000000010000007050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2ea85de82328e513063aad3335457acf37331766e472391e358c31a5b3d1863d0165100fb2d33dc9119b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb251c19ed2514e3a22a2a998de44aeadea2a40da8daccf080842a4867217373927aa3b97152916cf6f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1435b1fad6ec9a31137ab0ee404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b013dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632f9fc11785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e72041b267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb686f5870d05f88a0f463db88d377442e1349acaf7662fab44a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e0e4492a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a92144e43a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a66c8e941fdbd6ea6cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c9db6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109bec12f63b85325522d2b81f56b2f9e20db7f1bd0bef314a895df1c5757f6cd6f7d08bec128b7e40907ddfbb7750d2278c093b623dde73940bc9f7147c8a9cbbcdde349addd5d1527c3a8a1c45d5f52400bd84b7b332b70be0a5eb01a5d7d90000e70b001e7b9ae3f7a23fada40556559c24e287be02d8b66eb09b1db2dd194f85f95ee7bd2ccb630b9619db4b955845d5961aa6964ce245785e616372c64878d45e5a2540de9a4e0cd4972d34a314b58367588192dec33e184313fce6f51811f657a720feb4fadfe1236c1f2d0fdb161ecf439a87724f384b632be170fc6ef2119a38ca8a348283f3bd7436bea4688976047bf68150d8230dacbdd862be6980a848ea278fa53d1a4227"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = memfd_create(&(0x7f0000001fc1)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\b\xedcJ\x8e\x84\xd4N\x12\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9?\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97_\t~\xf3Y\x12\"p^\xc1\x0f', 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) openat2(0xffffffffffffff9c, 0x0, &(0x7f00000003c0), 0x18) 02:38:59 executing program 4: mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000240)='./bus\x00') chdir(&(0x7f0000000380)='./file0\x00') mknod$loop(&(0x7f0000000300)='./bus\x00', 0x0, 0x0) 02:38:59 executing program 2: mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000240)='./bus\x00') chdir(&(0x7f0000000380)='./file0\x00') mknod$loop(&(0x7f0000000300)='./bus\x00', 0x0, 0x0) 02:38:59 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="00400000ec1f00001320000012000000000000000020000000040000611cad49840300001e000000000000000010ec03020001005265497345724673000000000200000002000100000000000100000003000000000000000000000000000000000000000000000000000000000000000000000001001e003ac1655f004eed00", 0x80, 0x10000}, {&(0x7f0000010100)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0f00"/1056, 0x420, 0x11000}, {&(0x7f0000010600)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x800, 0x11800}, {&(0x7f0000010e00)="00000000000000000000000012000000000000000020000000040000611cad49840300001e00"/64, 0x40, 0x2012000}, {&(0x7f0000010f00)="01000200750f0000000000000000000000000000000000000100000002000000000000000000000000002000e00f0000010000000200000001000000f401000002002300bd0f00"/96, 0x60, 0x2013000}, {&(0x7f0000011000)="000000000000000000000000000000000000000000000000000000000001000000010000000200000022000400020000000000000001000000200004002e2e2eed4103005cf9535f230000003ac1655f3ac1655f3ac1655f01000000ffffffff", 0x60, 0x2013fa0}], 0x0, &(0x7f0000011100)) [ 1872.208349][T21566] overlayfs: failed to resolve './file1': -2 [ 1876.940214][ T1196] ieee802154 phy0 wpan0: encryption failed: -22 [ 1876.947153][ T1196] ieee802154 phy1 wpan1: encryption failed: -22 [ 1876.989745][ T1196] aoe: packet could not be sent on ipvlan0. consider increasing tx_queue_len [ 1876.999386][ T1196] aoe: packet could not be sent on ipvlan1. consider increasing tx_queue_len 02:39:06 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) close(r0) 02:39:06 executing program 0: syz_emit_ethernet(0x24e, &(0x7f0000000780)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "4d888c", 0x218, 0x3a, 0xff, @private0, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @local, [{0x0, 0x0, '-'}, {0x0, 0xe, "403c34fbacb8b788947cc4fef8cbe9a02af73cb2bbb2bfab56a1f7ad568a9a3fb3eec4307fe259f6ccb43efb05b15e8812f16007a3518857053b74b4e53f62e8fbf9d01caffb38ad401913c0358a27309f7ca264ab27da1339831be73856bd9b930252417d648703b8ba6dc467b1b044061ab496105ba4e155f2963bace8fa3a5018a7a852c46a5e737f10b559e65c932b77bc91080bfb57315e830ee71b1c17c46fed70004bb8fffeaef41e46cd0801c5ffffffffffffffd66a218979b30c0000"}, {0x0, 0x10, "e1df83bb49bb10f9c32d59fe85a41f56f6a65aaba58b90d8080a8f2e7bcf95e19bf9be4c05e68ac840000d06048ab68a423c7efdeebf2a0f6d5841c8c9bbb4d227fafb665aa9c42adf3ed735d7af3c26518f8558b870cff561508af652059b6079918a16574f639ba59c2b0ac59c77bc7936de55e4859b9611550a1c292ea4ff"}, {0x0, 0xe, "264c6c61ff62f2b4479e59903a635d01c91da59269c35dd0fd968b42b78416eb2c32eec494396f22e7bce91f32258a60b96057f1f9805da61eacfa6e2a57e3634de3b5f2b6c0b1206af16e4f83b36b1c6cc678b43cb7d0916694bc254df852c2b20f96e2df78fdb123254bfee7d75c43549637"}, {0x0, 0x8, "f3569511d4933906107183880e81fe5f81741d19956a34499aaaa0d51d1e0bd8e5b7a5437689576556ac60e94300def1351b753dc2c4b14b66e440a899f165e43b8e8940fa"}]}}}}}}, 0x0) 02:39:06 executing program 5: r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0x1c}}, 0x0) 02:39:06 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x20d, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r6}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}]}, 0x44}}, 0x0) 02:39:06 executing program 4: mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000240)='./bus\x00') chdir(&(0x7f0000000380)='./file0\x00') mknod$loop(&(0x7f0000000300)='./bus\x00', 0x0, 0x0) 02:39:06 executing program 2: mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000240)='./bus\x00') chdir(&(0x7f0000000380)='./file0\x00') mknod$loop(&(0x7f0000000300)='./bus\x00', 0x0, 0x0) [ 1878.751635][T21634] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 1878.759916][T21634] team0: Device ipvlan2 failed to register rx_handler 02:39:06 executing program 0: syz_emit_ethernet(0x24e, &(0x7f0000000780)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "4d888c", 0x218, 0x3a, 0xff, @private0, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @local, [{0x0, 0x0, '-'}, {0x0, 0xe, "403c34fbacb8b788947cc4fef8cbe9a02af73cb2bbb2bfab56a1f7ad568a9a3fb3eec4307fe259f6ccb43efb05b15e8812f16007a3518857053b74b4e53f62e8fbf9d01caffb38ad401913c0358a27309f7ca264ab27da1339831be73856bd9b930252417d648703b8ba6dc467b1b044061ab496105ba4e155f2963bace8fa3a5018a7a852c46a5e737f10b559e65c932b77bc91080bfb57315e830ee71b1c17c46fed70004bb8fffeaef41e46cd0801c5ffffffffffffffd66a218979b30c0000"}, {0x0, 0x10, "e1df83bb49bb10f9c32d59fe85a41f56f6a65aaba58b90d8080a8f2e7bcf95e19bf9be4c05e68ac840000d06048ab68a423c7efdeebf2a0f6d5841c8c9bbb4d227fafb665aa9c42adf3ed735d7af3c26518f8558b870cff561508af652059b6079918a16574f639ba59c2b0ac59c77bc7936de55e4859b9611550a1c292ea4ff"}, {0x0, 0xe, "264c6c61ff62f2b4479e59903a635d01c91da59269c35dd0fd968b42b78416eb2c32eec494396f22e7bce91f32258a60b96057f1f9805da61eacfa6e2a57e3634de3b5f2b6c0b1206af16e4f83b36b1c6cc678b43cb7d0916694bc254df852c2b20f96e2df78fdb123254bfee7d75c43549637"}, {0x0, 0x8, "f3569511d4933906107183880e81fe5f81741d19956a34499aaaa0d51d1e0bd8e5b7a5437689576556ac60e94300def1351b753dc2c4b14b66e440a899f165e43b8e8940fa"}]}}}}}}, 0x0) 02:39:07 executing program 5: r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0x1c}}, 0x0) [ 1879.007887][T21636] overlayfs: failed to resolve './file1': -2 02:39:07 executing program 0: syz_emit_ethernet(0x24e, &(0x7f0000000780)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "4d888c", 0x218, 0x3a, 0xff, @private0, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @local, [{0x0, 0x0, '-'}, {0x0, 0xe, "403c34fbacb8b788947cc4fef8cbe9a02af73cb2bbb2bfab56a1f7ad568a9a3fb3eec4307fe259f6ccb43efb05b15e8812f16007a3518857053b74b4e53f62e8fbf9d01caffb38ad401913c0358a27309f7ca264ab27da1339831be73856bd9b930252417d648703b8ba6dc467b1b044061ab496105ba4e155f2963bace8fa3a5018a7a852c46a5e737f10b559e65c932b77bc91080bfb57315e830ee71b1c17c46fed70004bb8fffeaef41e46cd0801c5ffffffffffffffd66a218979b30c0000"}, {0x0, 0x10, "e1df83bb49bb10f9c32d59fe85a41f56f6a65aaba58b90d8080a8f2e7bcf95e19bf9be4c05e68ac840000d06048ab68a423c7efdeebf2a0f6d5841c8c9bbb4d227fafb665aa9c42adf3ed735d7af3c26518f8558b870cff561508af652059b6079918a16574f639ba59c2b0ac59c77bc7936de55e4859b9611550a1c292ea4ff"}, {0x0, 0xe, "264c6c61ff62f2b4479e59903a635d01c91da59269c35dd0fd968b42b78416eb2c32eec494396f22e7bce91f32258a60b96057f1f9805da61eacfa6e2a57e3634de3b5f2b6c0b1206af16e4f83b36b1c6cc678b43cb7d0916694bc254df852c2b20f96e2df78fdb123254bfee7d75c43549637"}, {0x0, 0x8, "f3569511d4933906107183880e81fe5f81741d19956a34499aaaa0d51d1e0bd8e5b7a5437689576556ac60e94300def1351b753dc2c4b14b66e440a899f165e43b8e8940fa"}]}}}}}}, 0x0) 02:39:07 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x20d, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r6}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}]}, 0x44}}, 0x0) 02:39:07 executing program 5: r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0x1c}}, 0x0) 02:39:08 executing program 2: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setuid(r2) setsockopt$sock_int(r0, 0x1, 0x45, &(0x7f00000015c0)=0xeef, 0x4) [ 1880.194568][T21655] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 1880.203002][T21655] team0: Device ipvlan2 failed to register rx_handler 02:39:14 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) close(r0) 02:39:14 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r3}]}}}]}, 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_SPORT={0x6}]}}}]}, 0x3c}}, 0x0) 02:39:14 executing program 2: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setuid(r2) setsockopt$sock_int(r0, 0x1, 0x45, &(0x7f00000015c0)=0xeef, 0x4) 02:39:14 executing program 5: r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0x1c}}, 0x0) 02:39:14 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x20d, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r6}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}]}, 0x44}}, 0x0) 02:39:14 executing program 0: syz_emit_ethernet(0x24e, &(0x7f0000000780)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "4d888c", 0x218, 0x3a, 0xff, @private0, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @local, [{0x0, 0x0, '-'}, {0x0, 0xe, "403c34fbacb8b788947cc4fef8cbe9a02af73cb2bbb2bfab56a1f7ad568a9a3fb3eec4307fe259f6ccb43efb05b15e8812f16007a3518857053b74b4e53f62e8fbf9d01caffb38ad401913c0358a27309f7ca264ab27da1339831be73856bd9b930252417d648703b8ba6dc467b1b044061ab496105ba4e155f2963bace8fa3a5018a7a852c46a5e737f10b559e65c932b77bc91080bfb57315e830ee71b1c17c46fed70004bb8fffeaef41e46cd0801c5ffffffffffffffd66a218979b30c0000"}, {0x0, 0x10, "e1df83bb49bb10f9c32d59fe85a41f56f6a65aaba58b90d8080a8f2e7bcf95e19bf9be4c05e68ac840000d06048ab68a423c7efdeebf2a0f6d5841c8c9bbb4d227fafb665aa9c42adf3ed735d7af3c26518f8558b870cff561508af652059b6079918a16574f639ba59c2b0ac59c77bc7936de55e4859b9611550a1c292ea4ff"}, {0x0, 0xe, "264c6c61ff62f2b4479e59903a635d01c91da59269c35dd0fd968b42b78416eb2c32eec494396f22e7bce91f32258a60b96057f1f9805da61eacfa6e2a57e3634de3b5f2b6c0b1206af16e4f83b36b1c6cc678b43cb7d0916694bc254df852c2b20f96e2df78fdb123254bfee7d75c43549637"}, {0x0, 0x8, "f3569511d4933906107183880e81fe5f81741d19956a34499aaaa0d51d1e0bd8e5b7a5437689576556ac60e94300def1351b753dc2c4b14b66e440a899f165e43b8e8940fa"}]}}}}}}, 0x0) [ 1886.146355][T21719] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 1886.156159][T21719] team0: Device ipvlan2 failed to register rx_handler 02:39:14 executing program 0: syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0xe2, 0xe9, 0xde, 0x40, 0xbfd, 0x11, 0x217b, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0xda, 0xf9, 0x5b, 0x0, [], [{{0x9, 0x5, 0xc, 0x2}}, {{0x9, 0x5, 0xf}}]}}]}}]}}, 0x0) 02:39:14 executing program 2: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setuid(r2) setsockopt$sock_int(r0, 0x1, 0x45, &(0x7f00000015c0)=0xeef, 0x4) 02:39:14 executing program 5: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:14 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r3}]}}}]}, 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_SPORT={0x6}]}}}]}, 0x3c}}, 0x0) 02:39:14 executing program 2: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setuid(r2) setsockopt$sock_int(r0, 0x1, 0x45, &(0x7f00000015c0)=0xeef, 0x4) 02:39:15 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x20d, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r6}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}]}, 0x44}}, 0x0) 02:39:15 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0xcbc75d680b708405}, [@NFTA_TABLE_NAME={0x5, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x9c}}, 0x0) [ 1887.728521][T21742] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 1887.736749][T21742] team0: Device ipvlan2 failed to register rx_handler [ 1887.774087][T21744] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:24 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) close(r0) 02:39:24 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r3}]}}}]}, 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_SPORT={0x6}]}}}]}, 0x3c}}, 0x0) 02:39:24 executing program 2: setreuid(0xee01, 0x0) r0 = getuid() setreuid(0xee01, r0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000980)={'sit0\x00', &(0x7f0000000900)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @private}}}}) 02:39:24 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0xcbc75d680b708405}, [@NFTA_TABLE_NAME={0x5, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x9c}}, 0x0) 02:39:24 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f00000001c0)=0x328, 0x4) recvmmsg(r0, &(0x7f0000000200), 0x38c, 0x0, 0x0) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000040)=ANY=[], 0x8) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) getsockopt$sock_buf(r0, 0x1, 0x37, &(0x7f00000000c0)=""/141, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001cc0)=ANY=[], 0x28) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890c, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001ec0)) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{}, 0x0, 0x0, @unused=[0x0, 0x6, 0x70000000, 0xfff], @devid}) 02:39:24 executing program 5: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) [ 1896.368478][T21821] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1896.448473][T21820] not chained 2520000 origins [ 1896.453682][T21820] CPU: 0 PID: 21820 Comm: syz-executor.3 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1896.464366][T21820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1896.474563][T21820] Call Trace: [ 1896.477942][T21820] [ 1896.480969][T21820] dump_stack_lvl+0x1c8/0x256 [ 1896.485876][T21820] dump_stack+0x1a/0x1c [ 1896.490239][T21820] kmsan_internal_chain_origin+0x78/0x120 02:39:24 executing program 2: setreuid(0xee01, 0x0) r0 = getuid() setreuid(0xee01, r0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000980)={'sit0\x00', &(0x7f0000000900)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @private}}}}) [ 1896.496161][T21820] ? kmsan_get_metadata+0x33/0x220 [ 1896.501457][T21820] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1896.507501][T21820] ? udpv6_recvmsg+0x20fc/0x24c0 [ 1896.512685][T21820] ? kmsan_get_metadata+0x33/0x220 [ 1896.517984][T21820] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1896.523995][T21820] ? __get_compat_msghdr+0x5b/0x750 [ 1896.529420][T21820] ? kmsan_get_metadata+0x33/0x220 [ 1896.534719][T21820] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1896.540734][T21820] ? should_fail+0x3f/0x810 [ 1896.545426][T21820] ? __stack_depot_save+0x21/0x4b0 [ 1896.550729][T21820] ? kmsan_get_metadata+0x33/0x220 [ 1896.556044][T21820] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1896.562583][T21820] ? kmsan_get_metadata+0x33/0x220 [ 1896.567961][T21820] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1896.573970][T21820] __msan_chain_origin+0xbd/0x140 [ 1896.579186][T21820] __get_compat_msghdr+0x514/0x750 [ 1896.584551][T21820] get_compat_msghdr+0x8c/0x1c0 [ 1896.589616][T21820] ? ___sys_recvmsg+0xa9/0x870 [ 1896.594543][T21820] ? do_recvmmsg+0x63a/0x10a0 [ 1896.599395][T21820] ___sys_recvmsg+0x19d/0x870 [ 1896.604285][T21820] ? kmsan_get_metadata+0x33/0x220 [ 1896.609586][T21820] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1896.615604][T21820] do_recvmmsg+0x63a/0x10a0 [ 1896.620298][T21820] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 1896.626743][T21820] ? __sys_recvmmsg+0x52/0x450 [ 1896.631670][T21820] ? __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1896.638279][T21820] __sys_recvmmsg+0x113/0x450 [ 1896.643125][T21820] ? kmsan_get_metadata+0x33/0x220 [ 1896.648437][T21820] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1896.654884][T21820] __do_fast_syscall_32+0x95/0xf0 [ 1896.660071][T21820] do_fast_syscall_32+0x33/0x70 [ 1896.665071][T21820] do_SYSENTER_32+0x1b/0x20 [ 1896.669713][T21820] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1896.676253][T21820] RIP: 0023:0xf7fce549 [ 1896.680435][T21820] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1896.700217][T21820] RSP: 002b:00000000f7fc95cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1896.708788][T21820] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 1896.716889][T21820] RDX: 000000000000038c RSI: 0000000000000000 RDI: 0000000000000000 [ 1896.724987][T21820] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1896.733083][T21820] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1896.741173][T21820] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1896.749286][T21820] [ 1896.760060][T21820] Uninit was stored to memory at: [ 1896.766293][T21820] __get_compat_msghdr+0x514/0x750 [ 1896.771635][T21820] get_compat_msghdr+0x8c/0x1c0 [ 1896.776833][T21820] ___sys_recvmsg+0x19d/0x870 [ 1896.781668][T21820] do_recvmmsg+0x63a/0x10a0 [ 1896.786451][T21820] __sys_recvmmsg+0x113/0x450 [ 1896.791293][T21820] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1896.797855][T21820] __do_fast_syscall_32+0x95/0xf0 [ 1896.803156][T21820] do_fast_syscall_32+0x33/0x70 [ 1896.808171][T21820] do_SYSENTER_32+0x1b/0x20 [ 1896.812971][T21820] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1896.819558][T21820] [ 1896.821964][T21820] Uninit was stored to memory at: [ 1896.827357][T21820] __get_compat_msghdr+0x514/0x750 [ 1896.832786][T21820] get_compat_msghdr+0x8c/0x1c0 [ 1896.837847][T21820] ___sys_recvmsg+0x19d/0x870 [ 1896.842816][T21820] do_recvmmsg+0x63a/0x10a0 02:39:24 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0xcbc75d680b708405}, [@NFTA_TABLE_NAME={0x5, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x9c}}, 0x0) [ 1896.847489][T21820] __sys_recvmmsg+0x113/0x450 [ 1896.852458][T21820] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1896.858884][T21820] __do_fast_syscall_32+0x95/0xf0 [ 1896.864215][T21820] do_fast_syscall_32+0x33/0x70 [ 1896.869233][T21820] do_SYSENTER_32+0x1b/0x20 [ 1896.874037][T21820] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1896.880608][T21820] [ 1896.883151][T21820] Uninit was stored to memory at: [ 1896.888407][T21820] __get_compat_msghdr+0x514/0x750 [ 1896.893856][T21820] get_compat_msghdr+0x8c/0x1c0 [ 1896.898919][T21820] ___sys_recvmsg+0x19d/0x870 [ 1896.903890][T21820] do_recvmmsg+0x63a/0x10a0 [ 1896.908562][T21820] __sys_recvmmsg+0x113/0x450 [ 1896.913536][T21820] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1896.919971][T21820] __do_fast_syscall_32+0x95/0xf0 [ 1896.925307][T21820] do_fast_syscall_32+0x33/0x70 [ 1896.930318][T21820] do_SYSENTER_32+0x1b/0x20 [ 1896.935119][T21820] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1896.941680][T21820] [ 1896.944201][T21820] Uninit was stored to memory at: [ 1896.949459][T21820] __get_compat_msghdr+0x514/0x750 [ 1896.954918][T21820] get_compat_msghdr+0x8c/0x1c0 [ 1896.959994][T21820] ___sys_recvmsg+0x19d/0x870 [ 1896.964978][T21820] do_recvmmsg+0x63a/0x10a0 [ 1896.969658][T21820] __sys_recvmmsg+0x113/0x450 [ 1896.974676][T21820] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1896.981116][T21820] __do_fast_syscall_32+0x95/0xf0 [ 1896.986509][T21820] do_fast_syscall_32+0x33/0x70 [ 1896.991525][T21820] do_SYSENTER_32+0x1b/0x20 [ 1896.996397][T21820] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1897.003078][T21820] [ 1897.005489][T21820] Uninit was stored to memory at: [ 1897.010740][T21820] __get_compat_msghdr+0x514/0x750 [ 1897.016259][T21820] get_compat_msghdr+0x8c/0x1c0 [ 1897.021332][T21820] ___sys_recvmsg+0x19d/0x870 [ 1897.026371][T21820] do_recvmmsg+0x63a/0x10a0 [ 1897.031036][T21820] __sys_recvmmsg+0x113/0x450 [ 1897.036111][T21820] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1897.042643][T21820] __do_fast_syscall_32+0x95/0xf0 02:39:25 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r3}]}}}]}, 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_SPORT={0x6}]}}}]}, 0x3c}}, 0x0) [ 1897.047826][T21820] do_fast_syscall_32+0x33/0x70 [ 1897.053031][T21820] do_SYSENTER_32+0x1b/0x20 [ 1897.057701][T21820] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1897.064489][T21820] [ 1897.066916][T21820] Uninit was stored to memory at: [ 1897.072173][T21820] __get_compat_msghdr+0x514/0x750 [ 1897.077681][T21820] get_compat_msghdr+0x8c/0x1c0 [ 1897.082917][T21820] ___sys_recvmsg+0x19d/0x870 [ 1897.087767][T21820] do_recvmmsg+0x63a/0x10a0 [ 1897.092626][T21820] __sys_recvmmsg+0x113/0x450 [ 1897.097469][T21820] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1897.104101][T21820] __do_fast_syscall_32+0x95/0xf0 [ 1897.109299][T21820] do_fast_syscall_32+0x33/0x70 [ 1897.114537][T21820] do_SYSENTER_32+0x1b/0x20 [ 1897.119196][T21820] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1897.125890][T21820] [ 1897.128301][T21820] Uninit was stored to memory at: [ 1897.133639][T21820] __get_compat_msghdr+0x514/0x750 [ 1897.138953][T21820] get_compat_msghdr+0x8c/0x1c0 [ 1897.144146][T21820] ___sys_recvmsg+0x19d/0x870 [ 1897.148982][T21820] do_recvmmsg+0x63a/0x10a0 [ 1897.153782][T21820] __sys_recvmmsg+0x113/0x450 [ 1897.158623][T21820] __ia32_compat_sys_recvmmsg_time32+0xf1/0x180 [ 1897.165183][T21820] __do_fast_syscall_32+0x95/0xf0 [ 1897.170374][T21820] do_fast_syscall_32+0x33/0x70 [ 1897.175501][T21820] do_SYSENTER_32+0x1b/0x20 [ 1897.180144][T21820] entry_SYSENTER_compat_after_hwframe+0x53/0x62 [ 1897.186838][T21820] [ 1897.189253][T21820] Local variable msg_sys created at: [ 1897.194738][T21820] do_recvmmsg+0x5f/0x10a0 [ 1897.199303][T21820] __sys_recvmmsg+0x113/0x450 [ 1897.502469][T21834] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:25 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0xcbc75d680b708405}, [@NFTA_TABLE_NAME={0x5, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x9c}}, 0x0) 02:39:25 executing program 4: setreuid(0xee01, 0x0) r0 = getuid() setreuid(0xee01, r0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000980)={'sit0\x00', &(0x7f0000000900)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @private}}}}) 02:39:25 executing program 2: setreuid(0xee01, 0x0) r0 = getuid() setreuid(0xee01, r0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000980)={'sit0\x00', &(0x7f0000000900)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @private}}}}) [ 1898.098573][T21846] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1904.517651][ T6895] unregister_netdevice: waiting for wlan1 to become free. Usage count = 2 02:39:34 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) close(r0) 02:39:34 executing program 2: setreuid(0xee01, 0x0) r0 = getuid() setreuid(0xee01, r0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000980)={'sit0\x00', &(0x7f0000000900)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @private}}}}) 02:39:34 executing program 4: setreuid(0xee01, 0x0) r0 = getuid() setreuid(0xee01, r0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000980)={'sit0\x00', &(0x7f0000000900)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @private}}}}) 02:39:34 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f00000001c0)=0x328, 0x4) recvmmsg(r0, &(0x7f0000000200), 0x38c, 0x0, 0x0) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000040)=ANY=[], 0x8) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) getsockopt$sock_buf(r0, 0x1, 0x37, &(0x7f00000000c0)=""/141, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001cc0)=ANY=[], 0x28) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890c, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001ec0)) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{}, 0x0, 0x0, @unused=[0x0, 0x6, 0x70000000, 0xfff], @devid}) 02:39:34 executing program 0: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:34 executing program 5: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:34 executing program 4: setreuid(0xee01, 0x0) r0 = getuid() setreuid(0xee01, r0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000980)={'sit0\x00', &(0x7f0000000900)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @private}}}}) 02:39:34 executing program 2: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:35 executing program 4: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:35 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f00000001c0)=0x328, 0x4) recvmmsg(r0, &(0x7f0000000200), 0x38c, 0x0, 0x0) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000040)=ANY=[], 0x8) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) getsockopt$sock_buf(r0, 0x1, 0x37, &(0x7f00000000c0)=""/141, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001cc0)=ANY=[], 0x28) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890c, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001ec0)) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{}, 0x0, 0x0, @unused=[0x0, 0x6, 0x70000000, 0xfff], @devid}) 02:39:37 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f00000001c0)=0x328, 0x4) recvmmsg(r0, &(0x7f0000000200), 0x38c, 0x0, 0x0) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000040)=ANY=[], 0x8) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) getsockopt$sock_buf(r0, 0x1, 0x37, &(0x7f00000000c0)=""/141, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001cc0)=ANY=[], 0x28) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890c, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001ec0)) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{}, 0x0, 0x0, @unused=[0x0, 0x6, 0x70000000, 0xfff], @devid}) 02:39:38 executing program 3: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:53 executing program 5: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:53 executing program 0: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:53 executing program 2: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:53 executing program 4: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:53 executing program 3: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:53 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xf, 0x4, 0x4, 0x8000}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r0, 0xc0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) 02:39:59 executing program 4: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:39:59 executing program 2: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:40:00 executing program 0: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:40:00 executing program 5: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406a05310340000000000109022400010100000009040000010301000009210006010122010009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, &(0x7f0000000080)={0x0, 0x0, 0x2, {0x2}}, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x1, {[@local]}}, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000780)={0x24, &(0x7f0000000000)={0x0, 0x0, 0x18, {0x18, 0x0, "a418720210fed1ef23b45daf3edc5853edbf924253db"}}, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hidraw(&(0x7f0000000200), 0x0, 0x0) ioctl$HIDIOCGRAWNAME(r1, 0x80404806, &(0x7f0000000040)) 02:40:00 executing program 3: r0 = msgget(0x2, 0x220) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/242) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = msgget(0x3, 0x0) msgsnd(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgctl$MSG_STAT(r3, 0xb, &(0x7f0000000240)=""/170) unshare(0x6c060080) r4 = msgget(0x1, 0x405) msgrcv(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f520ba00"/229], 0xe5, 0x2, 0x3000) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10) r5 = msgget(0x3, 0x0) msgsnd(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000000000004ab30b00008853a319770a876536e9a97d59cb34441b6a5aab66cf0939e67aac18f0fd57b63e60995df40165b7637d9b15ed705345be51b3d193c291614a160d28c60ed02e7e063c7b02fd7e79ca00000000854d253619f40b89e4ceeec39173573809ec0d33354d4f7919e47d80462b3cf22a65b4aa27a44d445daa85cbf9c4c1c60ae3f92b6ae8b68371fdd67eab33f7df95e5d4857995b9bc77ce8a06e5990854e246565c62f5c4d5a946b1e28090cb7b576b7cc9c8bef1c047e085bc3bb0d1a10a"], 0xce, 0x800) msgget$private(0x0, 0x2) msgrcv(r5, &(0x7f0000000400)={0x0, ""/143}, 0x97, 0x3, 0x1000) msgctl$IPC_RMID(r3, 0x0) connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2711, @host}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200), 0x8) r6 = msgget$private(0x0, 0x1) msgrcv(r6, &(0x7f0000000640)={0x0, ""/251}, 0x103, 0x2, 0x0) 02:40:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x30000004}) epoll_wait(r2, &(0x7f00000000c0)=[{}, {}], 0x2, 0x7f) epoll_pwait(r2, &(0x7f0000000000)=[{}], 0x1, 0x6546e668, 0x0, 0x0) close(r0) 02:40:02 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x30000004}) epoll_wait(r2, &(0x7f00000000c0)=[{}, {}], 0x2, 0x7f) epoll_pwait(r2, &(0x7f0000000000)=[{}], 0x1, 0x6546e668, 0x0, 0x0) close(r0) 02:40:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x30000004}) epoll_wait(r2, &(0x7f00000000c0)=[{}, {}], 0x2, 0x7f) epoll_pwait(r2, &(0x7f0000000000)=[{}], 0x1, 0x6546e668, 0x0, 0x0) close(r0) 02:40:04 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x30000004}) epoll_wait(r2, &(0x7f00000000c0)=[{}, {}], 0x2, 0x7f) epoll_pwait(r2, &(0x7f0000000000)=[{}], 0x1, 0x6546e668, 0x0, 0x0) close(r0) 02:40:05 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x30000004}) epoll_wait(r2, &(0x7f00000000c0)=[{}, {}], 0x2, 0x7f) epoll_pwait(r2, &(0x7f0000000000)=[{}], 0x1, 0x6546e668, 0x0, 0x0) close(r0) [ 1938.384822][ T1196] ieee802154 phy0 wpan0: encryption failed: -22 [ 1938.391500][ T1196] ieee802154 phy1 wpan1: encryption failed: -22 02:40:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x30000004}) epoll_wait(r2, &(0x7f00000000c0)=[{}, {}], 0x2, 0x7f) epoll_pwait(r2, &(0x7f0000000000)=[{}], 0x1, 0x6546e668, 0x0, 0x0) close(r0) [ 1938.429782][ T1196] aoe: packet could not be sent on ipvlan0. consider increasing tx_queue_len [ 1938.439422][ T1196] aoe: packet could not be sent on ipvlan1. consider increasing tx_queue_len 02:40:17 executing program 1: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10000000140, 0x6cb, 0x81a7, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x1}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x1, {[@local]}}, 0x0}, 0x0) 02:40:17 executing program 0: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}}], 0x58}, 0x0) 02:40:17 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x30000004}) epoll_wait(r2, &(0x7f00000000c0)=[{}, {}], 0x2, 0x7f) epoll_pwait(r2, &(0x7f0000000000)=[{}], 0x1, 0x6546e668, 0x0, 0x0) close(r0) 02:40:17 executing program 3: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x6000, 0x1) quotactl(0x802010080000300, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) 02:40:17 executing program 2: io_setup(0x6, &(0x7f00000000c0)=0x0) r1 = socket$key(0xf, 0x3, 0x2) r2 = socket(0x6000000000010, 0x3, 0x0) io_submit(r0, 0x2, &(0x7f0000003080)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0xffffffffffffffff, 0x1a}]) 02:40:17 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@migrate={0xec, 0x21, 0xd39, 0x0, 0x0, {{@in=@dev, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@migrate={0x9c, 0x11, [{@in6=@mcast1, @in=@broadcast, @in6=@rand_addr=' \x01\x00', @in=@dev, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x2}, {@in6=@mcast1, @in=@broadcast, @in6=@remote, @in=@remote}]}]}, 0xec}}, 0x0) [ 1949.491104][T22327] atomic_op ffff888055fa2928 conn xmit_atomic 0000000000000000 02:40:17 executing program 2: io_setup(0x6, &(0x7f00000000c0)=0x0) r1 = socket$key(0xf, 0x3, 0x2) r2 = socket(0x6000000000010, 0x3, 0x0) io_submit(r0, 0x2, &(0x7f0000003080)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0xffffffffffffffff, 0x1a}]) 02:40:17 executing program 3: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x6000, 0x1) quotactl(0x802010080000300, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) 02:40:17 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@migrate={0xec, 0x21, 0xd39, 0x0, 0x0, {{@in=@dev, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@migrate={0x9c, 0x11, [{@in6=@mcast1, @in=@broadcast, @in6=@rand_addr=' \x01\x00', @in=@dev, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x2}, {@in6=@mcast1, @in=@broadcast, @in6=@remote, @in=@remote}]}]}, 0xec}}, 0x0) 02:40:17 executing program 0: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}}], 0x58}, 0x0) 02:40:18 executing program 5: r0 = socket$inet(0x2, 0x3, 0x9) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000080)=@security={'security\x00', 0xe, 0x4, 0x300, 0xffffffff, 0x0, 0xb0, 0x0, 0xffffffff, 0xffffffff, 0x26c, 0x26c, 0x26c, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0xb0}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "c0451ac26d31507c5e200006886a4ea1a20387de7ca5956c117942c0a189"}}}, {{@uncond, 0x0, 0x94, 0xd4, 0x0, {}, [@common=@icmp={{0x24}, {0x0, "d046"}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xc4, 0xe8, 0x0, {}, [@common=@addrtype={{0x2c}}, @common=@unspec=@pkttype={{0x28}}]}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x35c) 02:40:18 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@migrate={0xec, 0x21, 0xd39, 0x0, 0x0, {{@in=@dev, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@migrate={0x9c, 0x11, [{@in6=@mcast1, @in=@broadcast, @in6=@rand_addr=' \x01\x00', @in=@dev, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x2}, {@in6=@mcast1, @in=@broadcast, @in6=@remote, @in=@remote}]}]}, 0xec}}, 0x0) [ 1950.208343][T22342] atomic_op ffff8880491f7928 conn xmit_atomic 0000000000000000 [ 1950.458578][T22347] x_tables: duplicate underflow at hook 2 [ 1956.702789][T17625] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 1957.094221][T17625] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1957.105496][T17625] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1957.115672][T17625] usb 2-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.40 [ 1957.125050][T17625] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1957.212371][T17625] usb 2-1: config 0 descriptor?? 02:40:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000000)={0x11, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @remote}}}, 0x104) setsockopt$inet_group_source_req(r0, 0x0, 0x2f, &(0x7f0000000200)={0x11, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @multicast2}}}, 0x104) 02:40:27 executing program 2: io_setup(0x6, &(0x7f00000000c0)=0x0) r1 = socket$key(0xf, 0x3, 0x2) r2 = socket(0x6000000000010, 0x3, 0x0) io_submit(r0, 0x2, &(0x7f0000003080)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0xffffffffffffffff, 0x1a}]) 02:40:27 executing program 3: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x6000, 0x1) quotactl(0x802010080000300, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) 02:40:27 executing program 5: r0 = socket$inet(0x2, 0x3, 0x9) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000080)=@security={'security\x00', 0xe, 0x4, 0x300, 0xffffffff, 0x0, 0xb0, 0x0, 0xffffffff, 0xffffffff, 0x26c, 0x26c, 0x26c, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0xb0}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "c0451ac26d31507c5e200006886a4ea1a20387de7ca5956c117942c0a189"}}}, {{@uncond, 0x0, 0x94, 0xd4, 0x0, {}, [@common=@icmp={{0x24}, {0x0, "d046"}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xc4, 0xe8, 0x0, {}, [@common=@addrtype={{0x2c}}, @common=@unspec=@pkttype={{0x28}}]}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x35c) 02:40:27 executing program 0: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}}], 0x58}, 0x0) 02:40:27 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@migrate={0xec, 0x21, 0xd39, 0x0, 0x0, {{@in=@dev, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@migrate={0x9c, 0x11, [{@in6=@mcast1, @in=@broadcast, @in6=@rand_addr=' \x01\x00', @in=@dev, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x2}, {@in6=@mcast1, @in=@broadcast, @in6=@remote, @in=@remote}]}]}, 0xec}}, 0x0) [ 1959.533198][T17625] usbhid 2-1:0.0: can't add hid device: -71 [ 1959.539785][T17625] usbhid: probe of 2-1:0.0 failed with error -71 [ 1959.614774][T22438] x_tables: duplicate underflow at hook 2 [ 1959.621772][T17625] usb 2-1: USB disconnect, device number 10 [ 1959.653638][T22442] atomic_op ffff888049380d28 conn xmit_atomic 0000000000000000 02:40:27 executing program 5: r0 = socket$inet(0x2, 0x3, 0x9) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000080)=@security={'security\x00', 0xe, 0x4, 0x300, 0xffffffff, 0x0, 0xb0, 0x0, 0xffffffff, 0xffffffff, 0x26c, 0x26c, 0x26c, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0xb0}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "c0451ac26d31507c5e200006886a4ea1a20387de7ca5956c117942c0a189"}}}, {{@uncond, 0x0, 0x94, 0xd4, 0x0, {}, [@common=@icmp={{0x24}, {0x0, "d046"}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xc4, 0xe8, 0x0, {}, [@common=@addrtype={{0x2c}}, @common=@unspec=@pkttype={{0x28}}]}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x35c) 02:40:27 executing program 2: io_setup(0x6, &(0x7f00000000c0)=0x0) r1 = socket$key(0xf, 0x3, 0x2) r2 = socket(0x6000000000010, 0x3, 0x0) io_submit(r0, 0x2, &(0x7f0000003080)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0xffffffffffffffff, 0x1a}]) 02:40:27 executing program 3: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x6000, 0x1) quotactl(0x802010080000300, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) 02:40:28 executing program 0: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}}], 0x58}, 0x0) 02:40:28 executing program 4: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001680)={0xffffffffffffffff, 0x0, 0x1000, 0x45, &(0x7f0000000540)="73e013d8766f0da6ac13b74cd0550091ea94032d8533cdba6c011663b60670dff96659f17636adee4c6b96cab1b1f2d6ce9aac417eb173515c30376b730683372d03503182865f06358cd7daf84e7d74a2be7564bea7baad7a945a8d42a89b842ad22bdc7936195c5cbd109af4ab315e1034266dc7180bf7f6f06f8ce3f62d2abbd8190fabab9b5b8061a2f40e1e12058970bd3cd537d9b323cb672572df946cfc3b10b086813a77aa792b14eb8b36b86e0b859577a8ad4c78f846cf409f21a76120c827665588e63c1f81727b603fe2321932cfe5b998844701b61e50af847b66e01b9552c5f5e35720cf1f56949dd7686931ed18351f0a33648f4d99b43772285e8a5c5bba699476a39aefca24d6a05aabfd89d5e346d549cbdc5c4750129557e2babc1d40f1691f195810626d7fc5135fa2ab0bfc592058a01ed472ade97999a368fbc613a77c07e42a9e923d51b5962df1bfd03d240434ce771712f8a79e8d8a0682485f13b43b7b520530696e077a182ada0171fd2b1537c0d0afd8ab693f241967bd8f10eab83426bf51eda66aa4fa68356e09224178d8e0f6271e529cf6c64740a4c227be94761e50aaa58acfd80513c06b6787d8ea21c864f81e54adf419edc033e9d43d06541897f142b449f9bb7f01b502e70396867b13a9f08e333a37542479ff11e34b9dafe32e72e9c3ad8e7509310a5c3270726538059607c89fe52203e28ef9a85ed159003ea6a574846d7b7b3a5e93f3e664028cac2b8e665817623c574d5ec9db8c195138314628b35e2cb8141a888464daff705ac654150512b45a5ac19167c72bac183e35ca7c7bc177c074f5925afad03277f6e447c495aa05672fdee3d018eb1b476c138a913391b78bb6151a80b552df080ba048676dd40aa010af604a97ac017281a1af7a03eb65971930e06d1bef9f9ac6d525d46ef42cebbbce1058cd4fb2d844a492f55b6b2b06e85e70a252ef0461f94629b4a104e28cf685c3e395fbbcbd0f297c65e21b86b5d83ee0cb2e75e0fc8d1e6d6f2213cb2bac505e6765387a8a32bcf518a3f7732a5c52b334aeb2c222c2c2dfe6febd3efb8a6c8106ac9b8751c33c4e76d4247b9aac90da71a0a5a19aa05f4e06944c95e1d1c344cf1368d77dedeb0dc17f8ae648f6f0d2a5cb91ab6a00bdadac08cff37e7e0afddfa534fa5504f79ebc7f3700cd8f7accc4cc577845cd76a8f2da051dd37bde8a09fe94c0fc9bcd85a1709333da4b75b32d9cf44762987ea8e174ee4dd4cca77e39990e6341758b655cc7107f159c6ad0b8eab58174206a1b481d6ce72baac1ade852458d32d7188abc015fb4fd28dfd345274467c5d1ec43207f61ed7365fc13ab1ea4f434ca674da4cccbdfe4fef4b1d91b56cb6b96bb93bc89fb824345e82998ff543532ea3389126a8b483a34cf91d63f452fa2a98559ebdfeb3817ed841048abcd026dc74c91b8ec127eaa6312446c2874ff7f6f17ea4390c2e4ae8380cde1c5b93c92dd54a947c2144d4ae4b8c6da568f7b816e7c1f48f8d4af604807d31d437b74d9dcea805a3a7ed82588db3c6e520b6cffeb0cc03da2a23ae35b88222a962658b7ec73eb2c60568157310ed2716e00216c282a33ddb9d3d08b28a93e8fb9b5467f93dea75c40a0a761ee542ce314987ebd08c9a16b6e7b6ad9d72dd297e397cdc0a9ebe79609952c5c213c1ba7b984bd84171edd206606c6e3db0cb0eb30428cd3d85b7e77b136eca3897f7cc9fefdad00d513cebb79d66cef935e3e48861dc84d0d453596a8ef929c74255644889feefb080f07f7079776040845275e26f21e74473b7ab4570af121765d276337af2efbb3f10133bcce9f752f27f5d967e4320fa9ec7dcc5e1678bced634bfb56a6b5cab14ac4cb5a8e3ffa9a421f2b13d119ae3d6494c23f6cff0bb3fb3b82d0069d379bbcd17f17787963910ae1e909da5c303b3a8295611d3de67336fac3cf37c0f8163a7a8078f538521a75dee5da457e0e5836ebb268a01cc77bfb4f0a20651f473c408aaf2c331f266bec34d2170eee83b5a68620a26f48f954a3f29eef5bdc9b3651ddc19c2668a83aac461a3c7a8159519cbf4eb49ae112598f394cdf78a42452813df266fe0bb84b07b816d7613f228b3b6f96cbf8ec085a641629fd0791e9b7288d53028f1b3d5d210ea88a16d2c61393cb0956bb949fe4db8a4ea38db7ef608b5bfa15447e561e890945082ce4f8620196cdff9bb39d69e001112f3350c8ca3ca806c7e15abda516fc4b508bd9a0fe3b5d2f56a3c874c92c195f714273c234964f73ae7883ec90c343e64fd27364842c74be919623dd75d5760a5e095acb48267d135845ccc1664117bf7d0cca9d4dc0813c94c6401c0be14f357455c6ec8b777ee487170064ce4f199285953efc32bd9bc52e0559a701a85b87dd840ed98f76e428c3dd52a48276ce88c44712c80e217e3e181d7e99b70d1eb41a5de6aa848579792184250abc971ef30225f83803f9de7d930d60fa0d77eaccaf561f48ec2ca7de1135d2c3362dfbfac0cbc73bd49ebe97e92feb3c7a78c8c82d489be9e4f1b3320f1d9f6fab94c6bb903060904ade020d3002e807d69b520743b52cba0b31bc0fa46b8b46fba829872ef8805d0d00d350f55a7dcee3fb5b85eb3f87e1af063264c6cda8d0b9f08a3f518fb6bbfeae4ba67e9f9afa49b7277b967ece2755855f318d310b52046baedeee901904b7c5f2db2ad002b925b23d6e6633d67ce8118bdccad3c1db5f2a0d62068e0403501f39be508623b35f0ad2e99822ccd9b8033cb23ea768eab2e29265613ab44a13120c454600c3c6da7c3a9ebf853f290288a2f6345070990e95f2f8f9996c3ee07037e2193d4ca1050ba23f58226d35788ea90ab1b333cce7424902db9dd9d5ef734d494d592e266628ccea559c67fe8db1605abe51d726e9c0930542aea1ec86a43f68ccf130f8fee4e1a6333555b31287d1680c3cbb340f8eb12a6883d8b7f57bc788089074e6aa12d1268fc0e138859b54d6df1097daeff1a3e69bbd059b747b0f89205a6c8cac443f2ecd087f16465aa961ebfdf6b88452fd2fa77b763129eb535fcc40cf7533067cde113e58e3415fcbbabc848da7d021fd8efa40d3d4b74541e28093478a07788a7ea57a51389aa093e837d472b377a3f122bc0c8650062dc2ce496185ddc029ecf06ebc06fc709025648b12c22a07f23cb7aa8a228de984c536bd746d7b7a5dca674ec085f7b55e54bff91aa21af11e9e27d4961e9ff21353d70f0a5b347542ca2786e976694bd39c11279ffdb19d35b19132686575200bf078783cea8e330774ad6228582671001d60edf2fcec901dd7e3cb2b6d58acf00564766c36c8abfa5b608187ccc4e49c59d9bdda53ab13a60c92f156fbb6d744323d06cb4d1153b8b9d02e36a7ea8c28ad1fa7bfc9172172ffcf5e2d99c9f44867da63d405cc53d75941e4d3358262e6fbf7ca5887cb1d5c8daad6919c66e314b0c114395370a22ca6e9cd812283dae9a907b02864017b92b8db0e5c354fe7e6471288d1cfbc6b9e1e87a08a34dcd5665e4fff54b48a496f07db8188c0bdc1626b4f348dcce7dd4461a2ea81060a9e7561900a7e4fcca687c0d1f553c4d617ef1ca5451dcd0225c3083749a16fd7a32ec6917f78f50d1707a72b623a338a7b5719e312ea65d82dd7d37116719268fec20224c9e9d5f92426006e46cf673996a9e2379e399402f7325c2f053961e6e655fbb618aa391e0bf5fd37fe5b5cbb3831e6a632ec01bad3e091622f58558968389ef08eddf136d2e6befc7fd0232d8ecb907910d7b7c8fc02183305b4e1ab51c5b173161e08155b0502c2c4bc8b2afe2a6e03883f3f32ddef831c6ab8ca210137eb8fd1ac144362461242a6d31d97feea73c9611cb41046bbc185e38d727ca9904733107e8a530e68cec60217bb5dc829c52b90cec9e790c54d191ada6b011d8c1d28d4c2359d08dad25be3bd55bd50df58e224520957453006654b468b5e77abd7537ab7d145a516e6c444d0f1760465fd0ff30456b53604f816e76837a31ba1bca4f6d4156dcb698e7efb38fe7cedc4f9bf9836645057ef8d4e2eccc61d97eb68db5141538521965931c524d853f9392d0bc073dfaf60d51d832075c4a88ed4430d46309d9ef08471c3cb94ce759558b1172d796c253e47942024d8f6952dac2c7d6c0dc347e5d3e6e45f720c8d9c562a28e04de7b40fb766834a90816fc757032bdedcea53d8ea817473666ea1653474f15b1fbe67fc1c1641794ebda9bfab091a892b34d683458b20b37c5767c5106aab07154bdd2a68aab299379a1e43c42090831799e7441d7024abb6404f15ce4e32612732d7c9afc4a0dd054030a7fae7080a885484eafe0b14c181967344bebd602549733ce4c49e864f78adc7dc62b5fc64a78e9f243ee07a9ea826f80687f1f132c2bbf2b22d0c79ff01439df14f55033de8030bd817c083a1f2a3dd0cb490aef81f43794929cda3d235fb7c82c0cbac84b680f6b708017fbe53ff4000a7b755f8ac09ca76c3f687355dfdcd37977c7a000373914b3eb5dbef8c118d3f10e3cbb7000fbb7a4203ec1dc058f2e3980d42d2196bf3aa0cee64dea74cb9a1adfe3618df97bd33694cb0cdc8efd6d9042503ce4c55914eba1895119c7b4c7550251af140f430d89b7990d49428a92d768481ca102ba6e32c2a6e6f24629849b1c7a8cfc34977d6c73adbdd75d84287005d1fdf766b951ddcf26a74fb9c3f1b1ac34824bf989a3fab83efa234fd40038cf2cddeaf9c82a5b28aa09e0bd575f0a28d46cb2e8f1e647157fb5409a9438523afc5b36760c4cd8589ef3755bf937d493179554640493cde7d0bca2d511a88e4080a65ca64e88f30ed1173c4ab00e17fd0bfb1da6bb7fbaf1ee9e8f5f71ae2bc4cad290d19d5340541f1bf34d9ea92305715b16554ca80d98de4a7b6a9a978a8eb340c0a863051d473c810f613522c10a4ceb6b1c8ccc8c8900fdaa34fdb8ee4bb4466b67e8742a42c17459c3e852f8a1b527d3b7294d8e2db3d6d0832a9f8a2ce9127b588d904bf80d802e022c400589e64ceb1c43a5e4ab075fff09429ef4cdda585b9162261583cae414c163e76fcf2b93f9ddd67b1341d6bb832a55cea24354d7459951bdfcacb376cf99cc2516e37fae32a8dc7ea4f6423d8382919391132115d6515d33cd59602b29559bf11d35611ede63f2974912566f47886668d64513c01aacb2a4748f33f8c60a096d946442e53d90648ad2db63c89218c8862977c35673f798ff5db2abc910eedfea2d3ad7e70e500cc02407e40f303d1ca3ae73495feb5702ce2405c2fd64b94b65e0856e4534f83d0591f7746fe0c729613f8bd288436a87fd4ca484f63d9e450834639b4f17081f44a382b62754269761cab051b56f0ccbdd38dbdcac97f9572b9db6e85923670031c07ab9e995ad2065d0d9b717e3aa56f474dae8e1c4caa35d7ee82f6851c77498bae080a773123f0439cffc106952e2b22c9ca2f08347e1aad103e268e688a6eb7595a9fcb95a3ca38d5ef010a0ed170f315bed4483bd073cb01ba01d4a7ddec9b76b073778ad7e0c06ff33587587b5d0666fb9a6191b7a18151ad76fb9a440bd5cb38957489a0a422cb1423ddf05bacfa37ce55475f967c2af0dd4763f65ede014cd67ec63b527321519861e6d0a9cd518b2fb596b2964f146b618adb3effad0a604c265d28661c9b6613bcaeb83813004730eb0aaa0c5415e3b76e02efeea32ff3b430445bf4c60ccff463", &(0x7f0000001540)=""/69, 0x0, 0x0, 0x73, 0x3e, &(0x7f00000015c0)="c0b681aaba4c966172658173280d1aa5107a901866c2d78fd0bb95adadff1701db512247066e37d85c88326c27391a9333e9ac03a3baeeb8c64ea6b5b6527b5fee7cfc7829070efd0638373bde77bd7ba165dc16428e2d38315d7fee5aa322d73abdb3cf492fbaa38abec4dc65c0bfa9a73fba", &(0x7f0000001640)="44d824f1bf8ec94edcb22932d264c02c9123d2b4cc07eea1c5b79e22cf91b623d6a102a48f114bf21259c5f74e6ab746fc5f5ba78d7179d08e5c013bad78", 0x1, 0x4}, 0x34) [ 1960.326975][T22454] x_tables: duplicate underflow at hook 2 02:40:28 executing program 4: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001680)={0xffffffffffffffff, 0x0, 0x1000, 0x45, &(0x7f0000000540)="73e013d8766f0da6ac13b74cd0550091ea94032d8533cdba6c011663b60670dff96659f17636adee4c6b96cab1b1f2d6ce9aac417eb173515c30376b730683372d03503182865f06358cd7daf84e7d74a2be7564bea7baad7a945a8d42a89b842ad22bdc7936195c5cbd109af4ab315e1034266dc7180bf7f6f06f8ce3f62d2abbd8190fabab9b5b8061a2f40e1e12058970bd3cd537d9b323cb672572df946cfc3b10b086813a77aa792b14eb8b36b86e0b859577a8ad4c78f846cf409f21a76120c827665588e63c1f81727b603fe2321932cfe5b998844701b61e50af847b66e01b9552c5f5e35720cf1f56949dd7686931ed18351f0a33648f4d99b43772285e8a5c5bba699476a39aefca24d6a05aabfd89d5e346d549cbdc5c4750129557e2babc1d40f1691f195810626d7fc5135fa2ab0bfc592058a01ed472ade97999a368fbc613a77c07e42a9e923d51b5962df1bfd03d240434ce771712f8a79e8d8a0682485f13b43b7b520530696e077a182ada0171fd2b1537c0d0afd8ab693f241967bd8f10eab83426bf51eda66aa4fa68356e09224178d8e0f6271e529cf6c64740a4c227be94761e50aaa58acfd80513c06b6787d8ea21c864f81e54adf419edc033e9d43d06541897f142b449f9bb7f01b502e70396867b13a9f08e333a37542479ff11e34b9dafe32e72e9c3ad8e7509310a5c3270726538059607c89fe52203e28ef9a85ed159003ea6a574846d7b7b3a5e93f3e664028cac2b8e665817623c574d5ec9db8c195138314628b35e2cb8141a888464daff705ac654150512b45a5ac19167c72bac183e35ca7c7bc177c074f5925afad03277f6e447c495aa05672fdee3d018eb1b476c138a913391b78bb6151a80b552df080ba048676dd40aa010af604a97ac017281a1af7a03eb65971930e06d1bef9f9ac6d525d46ef42cebbbce1058cd4fb2d844a492f55b6b2b06e85e70a252ef0461f94629b4a104e28cf685c3e395fbbcbd0f297c65e21b86b5d83ee0cb2e75e0fc8d1e6d6f2213cb2bac505e6765387a8a32bcf518a3f7732a5c52b334aeb2c222c2c2dfe6febd3efb8a6c8106ac9b8751c33c4e76d4247b9aac90da71a0a5a19aa05f4e06944c95e1d1c344cf1368d77dedeb0dc17f8ae648f6f0d2a5cb91ab6a00bdadac08cff37e7e0afddfa534fa5504f79ebc7f3700cd8f7accc4cc577845cd76a8f2da051dd37bde8a09fe94c0fc9bcd85a1709333da4b75b32d9cf44762987ea8e174ee4dd4cca77e39990e6341758b655cc7107f159c6ad0b8eab58174206a1b481d6ce72baac1ade852458d32d7188abc015fb4fd28dfd345274467c5d1ec43207f61ed7365fc13ab1ea4f434ca674da4cccbdfe4fef4b1d91b56cb6b96bb93bc89fb824345e82998ff543532ea3389126a8b483a34cf91d63f452fa2a98559ebdfeb3817ed841048abcd026dc74c91b8ec127eaa6312446c2874ff7f6f17ea4390c2e4ae8380cde1c5b93c92dd54a947c2144d4ae4b8c6da568f7b816e7c1f48f8d4af604807d31d437b74d9dcea805a3a7ed82588db3c6e520b6cffeb0cc03da2a23ae35b88222a962658b7ec73eb2c60568157310ed2716e00216c282a33ddb9d3d08b28a93e8fb9b5467f93dea75c40a0a761ee542ce314987ebd08c9a16b6e7b6ad9d72dd297e397cdc0a9ebe79609952c5c213c1ba7b984bd84171edd206606c6e3db0cb0eb30428cd3d85b7e77b136eca3897f7cc9fefdad00d513cebb79d66cef935e3e48861dc84d0d453596a8ef929c74255644889feefb080f07f7079776040845275e26f21e74473b7ab4570af121765d276337af2efbb3f10133bcce9f752f27f5d967e4320fa9ec7dcc5e1678bced634bfb56a6b5cab14ac4cb5a8e3ffa9a421f2b13d119ae3d6494c23f6cff0bb3fb3b82d0069d379bbcd17f17787963910ae1e909da5c303b3a8295611d3de67336fac3cf37c0f8163a7a8078f538521a75dee5da457e0e5836ebb268a01cc77bfb4f0a20651f473c408aaf2c331f266bec34d2170eee83b5a68620a26f48f954a3f29eef5bdc9b3651ddc19c2668a83aac461a3c7a8159519cbf4eb49ae112598f394cdf78a42452813df266fe0bb84b07b816d7613f228b3b6f96cbf8ec085a641629fd0791e9b7288d53028f1b3d5d210ea88a16d2c61393cb0956bb949fe4db8a4ea38db7ef608b5bfa15447e561e890945082ce4f8620196cdff9bb39d69e001112f3350c8ca3ca806c7e15abda516fc4b508bd9a0fe3b5d2f56a3c874c92c195f714273c234964f73ae7883ec90c343e64fd27364842c74be919623dd75d5760a5e095acb48267d135845ccc1664117bf7d0cca9d4dc0813c94c6401c0be14f357455c6ec8b777ee487170064ce4f199285953efc32bd9bc52e0559a701a85b87dd840ed98f76e428c3dd52a48276ce88c44712c80e217e3e181d7e99b70d1eb41a5de6aa848579792184250abc971ef30225f83803f9de7d930d60fa0d77eaccaf561f48ec2ca7de1135d2c3362dfbfac0cbc73bd49ebe97e92feb3c7a78c8c82d489be9e4f1b3320f1d9f6fab94c6bb903060904ade020d3002e807d69b520743b52cba0b31bc0fa46b8b46fba829872ef8805d0d00d350f55a7dcee3fb5b85eb3f87e1af063264c6cda8d0b9f08a3f518fb6bbfeae4ba67e9f9afa49b7277b967ece2755855f318d310b52046baedeee901904b7c5f2db2ad002b925b23d6e6633d67ce8118bdccad3c1db5f2a0d62068e0403501f39be508623b35f0ad2e99822ccd9b8033cb23ea768eab2e29265613ab44a13120c454600c3c6da7c3a9ebf853f290288a2f6345070990e95f2f8f9996c3ee07037e2193d4ca1050ba23f58226d35788ea90ab1b333cce7424902db9dd9d5ef734d494d592e266628ccea559c67fe8db1605abe51d726e9c0930542aea1ec86a43f68ccf130f8fee4e1a6333555b31287d1680c3cbb340f8eb12a6883d8b7f57bc788089074e6aa12d1268fc0e138859b54d6df1097daeff1a3e69bbd059b747b0f89205a6c8cac443f2ecd087f16465aa961ebfdf6b88452fd2fa77b763129eb535fcc40cf7533067cde113e58e3415fcbbabc848da7d021fd8efa40d3d4b74541e28093478a07788a7ea57a51389aa093e837d472b377a3f122bc0c8650062dc2ce496185ddc029ecf06ebc06fc709025648b12c22a07f23cb7aa8a228de984c536bd746d7b7a5dca674ec085f7b55e54bff91aa21af11e9e27d4961e9ff21353d70f0a5b347542ca2786e976694bd39c11279ffdb19d35b19132686575200bf078783cea8e330774ad6228582671001d60edf2fcec901dd7e3cb2b6d58acf00564766c36c8abfa5b608187ccc4e49c59d9bdda53ab13a60c92f156fbb6d744323d06cb4d1153b8b9d02e36a7ea8c28ad1fa7bfc9172172ffcf5e2d99c9f44867da63d405cc53d75941e4d3358262e6fbf7ca5887cb1d5c8daad6919c66e314b0c114395370a22ca6e9cd812283dae9a907b02864017b92b8db0e5c354fe7e6471288d1cfbc6b9e1e87a08a34dcd5665e4fff54b48a496f07db8188c0bdc1626b4f348dcce7dd4461a2ea81060a9e7561900a7e4fcca687c0d1f553c4d617ef1ca5451dcd0225c3083749a16fd7a32ec6917f78f50d1707a72b623a338a7b5719e312ea65d82dd7d37116719268fec20224c9e9d5f92426006e46cf673996a9e2379e399402f7325c2f053961e6e655fbb618aa391e0bf5fd37fe5b5cbb3831e6a632ec01bad3e091622f58558968389ef08eddf136d2e6befc7fd0232d8ecb907910d7b7c8fc02183305b4e1ab51c5b173161e08155b0502c2c4bc8b2afe2a6e03883f3f32ddef831c6ab8ca210137eb8fd1ac144362461242a6d31d97feea73c9611cb41046bbc185e38d727ca9904733107e8a530e68cec60217bb5dc829c52b90cec9e790c54d191ada6b011d8c1d28d4c2359d08dad25be3bd55bd50df58e224520957453006654b468b5e77abd7537ab7d145a516e6c444d0f1760465fd0ff30456b53604f816e76837a31ba1bca4f6d4156dcb698e7efb38fe7cedc4f9bf9836645057ef8d4e2eccc61d97eb68db5141538521965931c524d853f9392d0bc073dfaf60d51d832075c4a88ed4430d46309d9ef08471c3cb94ce759558b1172d796c253e47942024d8f6952dac2c7d6c0dc347e5d3e6e45f720c8d9c562a28e04de7b40fb766834a90816fc757032bdedcea53d8ea817473666ea1653474f15b1fbe67fc1c1641794ebda9bfab091a892b34d683458b20b37c5767c5106aab07154bdd2a68aab299379a1e43c42090831799e7441d7024abb6404f15ce4e32612732d7c9afc4a0dd054030a7fae7080a885484eafe0b14c181967344bebd602549733ce4c49e864f78adc7dc62b5fc64a78e9f243ee07a9ea826f80687f1f132c2bbf2b22d0c79ff01439df14f55033de8030bd817c083a1f2a3dd0cb490aef81f43794929cda3d235fb7c82c0cbac84b680f6b708017fbe53ff4000a7b755f8ac09ca76c3f687355dfdcd37977c7a000373914b3eb5dbef8c118d3f10e3cbb7000fbb7a4203ec1dc058f2e3980d42d2196bf3aa0cee64dea74cb9a1adfe3618df97bd33694cb0cdc8efd6d9042503ce4c55914eba1895119c7b4c7550251af140f430d89b7990d49428a92d768481ca102ba6e32c2a6e6f24629849b1c7a8cfc34977d6c73adbdd75d84287005d1fdf766b951ddcf26a74fb9c3f1b1ac34824bf989a3fab83efa234fd40038cf2cddeaf9c82a5b28aa09e0bd575f0a28d46cb2e8f1e647157fb5409a9438523afc5b36760c4cd8589ef3755bf937d493179554640493cde7d0bca2d511a88e4080a65ca64e88f30ed1173c4ab00e17fd0bfb1da6bb7fbaf1ee9e8f5f71ae2bc4cad290d19d5340541f1bf34d9ea92305715b16554ca80d98de4a7b6a9a978a8eb340c0a863051d473c810f613522c10a4ceb6b1c8ccc8c8900fdaa34fdb8ee4bb4466b67e8742a42c17459c3e852f8a1b527d3b7294d8e2db3d6d0832a9f8a2ce9127b588d904bf80d802e022c400589e64ceb1c43a5e4ab075fff09429ef4cdda585b9162261583cae414c163e76fcf2b93f9ddd67b1341d6bb832a55cea24354d7459951bdfcacb376cf99cc2516e37fae32a8dc7ea4f6423d8382919391132115d6515d33cd59602b29559bf11d35611ede63f2974912566f47886668d64513c01aacb2a4748f33f8c60a096d946442e53d90648ad2db63c89218c8862977c35673f798ff5db2abc910eedfea2d3ad7e70e500cc02407e40f303d1ca3ae73495feb5702ce2405c2fd64b94b65e0856e4534f83d0591f7746fe0c729613f8bd288436a87fd4ca484f63d9e450834639b4f17081f44a382b62754269761cab051b56f0ccbdd38dbdcac97f9572b9db6e85923670031c07ab9e995ad2065d0d9b717e3aa56f474dae8e1c4caa35d7ee82f6851c77498bae080a773123f0439cffc106952e2b22c9ca2f08347e1aad103e268e688a6eb7595a9fcb95a3ca38d5ef010a0ed170f315bed4483bd073cb01ba01d4a7ddec9b76b073778ad7e0c06ff33587587b5d0666fb9a6191b7a18151ad76fb9a440bd5cb38957489a0a422cb1423ddf05bacfa37ce55475f967c2af0dd4763f65ede014cd67ec63b527321519861e6d0a9cd518b2fb596b2964f146b618adb3effad0a604c265d28661c9b6613bcaeb83813004730eb0aaa0c5415e3b76e02efeea32ff3b430445bf4c60ccff463", &(0x7f0000001540)=""/69, 0x0, 0x0, 0x73, 0x3e, &(0x7f00000015c0)="c0b681aaba4c966172658173280d1aa5107a901866c2d78fd0bb95adadff1701db512247066e37d85c88326c27391a9333e9ac03a3baeeb8c64ea6b5b6527b5fee7cfc7829070efd0638373bde77bd7ba165dc16428e2d38315d7fee5aa322d73abdb3cf492fbaa38abec4dc65c0bfa9a73fba", &(0x7f0000001640)="44d824f1bf8ec94edcb22932d264c02c9123d2b4cc07eea1c5b79e22cf91b623d6a102a48f114bf21259c5f74e6ab746fc5f5ba78d7179d08e5c013bad78", 0x1, 0x4}, 0x34) [ 1960.427352][T22456] atomic_op ffff8880577b1128 conn xmit_atomic 0000000000000000 02:40:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000000)={0x11, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @remote}}}, 0x104) setsockopt$inet_group_source_req(r0, 0x0, 0x2f, &(0x7f0000000200)={0x11, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @multicast2}}}, 0x104) 02:40:34 executing program 5: r0 = socket$inet(0x2, 0x3, 0x9) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000080)=@security={'security\x00', 0xe, 0x4, 0x300, 0xffffffff, 0x0, 0xb0, 0x0, 0xffffffff, 0xffffffff, 0x26c, 0x26c, 0x26c, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0xb0}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "c0451ac26d31507c5e200006886a4ea1a20387de7ca5956c117942c0a189"}}}, {{@uncond, 0x0, 0x94, 0xd4, 0x0, {}, [@common=@icmp={{0x24}, {0x0, "d046"}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xc4, 0xe8, 0x0, {}, [@common=@addrtype={{0x2c}}, @common=@unspec=@pkttype={{0x28}}]}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x35c) 02:40:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x4c}}, 0x0) 02:40:34 executing program 2: openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={r1}, &(0x7f00000000c0)=0x8) r3 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000100)={r2}, 0x8) 02:40:34 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000ff000000000000000005e595"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='ext4_free_blocks\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000600)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='ext4_free_blocks\x00', r2}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) 02:40:34 executing program 4: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001680)={0xffffffffffffffff, 0x0, 0x1000, 0x45, &(0x7f0000000540)="73e013d8766f0da6ac13b74cd0550091ea94032d8533cdba6c011663b60670dff96659f17636adee4c6b96cab1b1f2d6ce9aac417eb173515c30376b730683372d03503182865f06358cd7daf84e7d74a2be7564bea7baad7a945a8d42a89b842ad22bdc7936195c5cbd109af4ab315e1034266dc7180bf7f6f06f8ce3f62d2abbd8190fabab9b5b8061a2f40e1e12058970bd3cd537d9b323cb672572df946cfc3b10b086813a77aa792b14eb8b36b86e0b859577a8ad4c78f846cf409f21a76120c827665588e63c1f81727b603fe2321932cfe5b998844701b61e50af847b66e01b9552c5f5e35720cf1f56949dd7686931ed18351f0a33648f4d99b43772285e8a5c5bba699476a39aefca24d6a05aabfd89d5e346d549cbdc5c4750129557e2babc1d40f1691f195810626d7fc5135fa2ab0bfc592058a01ed472ade97999a368fbc613a77c07e42a9e923d51b5962df1bfd03d240434ce771712f8a79e8d8a0682485f13b43b7b520530696e077a182ada0171fd2b1537c0d0afd8ab693f241967bd8f10eab83426bf51eda66aa4fa68356e09224178d8e0f6271e529cf6c64740a4c227be94761e50aaa58acfd80513c06b6787d8ea21c864f81e54adf419edc033e9d43d06541897f142b449f9bb7f01b502e70396867b13a9f08e333a37542479ff11e34b9dafe32e72e9c3ad8e7509310a5c3270726538059607c89fe52203e28ef9a85ed159003ea6a574846d7b7b3a5e93f3e664028cac2b8e665817623c574d5ec9db8c195138314628b35e2cb8141a888464daff705ac654150512b45a5ac19167c72bac183e35ca7c7bc177c074f5925afad03277f6e447c495aa05672fdee3d018eb1b476c138a913391b78bb6151a80b552df080ba048676dd40aa010af604a97ac017281a1af7a03eb65971930e06d1bef9f9ac6d525d46ef42cebbbce1058cd4fb2d844a492f55b6b2b06e85e70a252ef0461f94629b4a104e28cf685c3e395fbbcbd0f297c65e21b86b5d83ee0cb2e75e0fc8d1e6d6f2213cb2bac505e6765387a8a32bcf518a3f7732a5c52b334aeb2c222c2c2dfe6febd3efb8a6c8106ac9b8751c33c4e76d4247b9aac90da71a0a5a19aa05f4e06944c95e1d1c344cf1368d77dedeb0dc17f8ae648f6f0d2a5cb91ab6a00bdadac08cff37e7e0afddfa534fa5504f79ebc7f3700cd8f7accc4cc577845cd76a8f2da051dd37bde8a09fe94c0fc9bcd85a1709333da4b75b32d9cf44762987ea8e174ee4dd4cca77e39990e6341758b655cc7107f159c6ad0b8eab58174206a1b481d6ce72baac1ade852458d32d7188abc015fb4fd28dfd345274467c5d1ec43207f61ed7365fc13ab1ea4f434ca674da4cccbdfe4fef4b1d91b56cb6b96bb93bc89fb824345e82998ff543532ea3389126a8b483a34cf91d63f452fa2a98559ebdfeb3817ed841048abcd026dc74c91b8ec127eaa6312446c2874ff7f6f17ea4390c2e4ae8380cde1c5b93c92dd54a947c2144d4ae4b8c6da568f7b816e7c1f48f8d4af604807d31d437b74d9dcea805a3a7ed82588db3c6e520b6cffeb0cc03da2a23ae35b88222a962658b7ec73eb2c60568157310ed2716e00216c282a33ddb9d3d08b28a93e8fb9b5467f93dea75c40a0a761ee542ce314987ebd08c9a16b6e7b6ad9d72dd297e397cdc0a9ebe79609952c5c213c1ba7b984bd84171edd206606c6e3db0cb0eb30428cd3d85b7e77b136eca3897f7cc9fefdad00d513cebb79d66cef935e3e48861dc84d0d453596a8ef929c74255644889feefb080f07f7079776040845275e26f21e74473b7ab4570af121765d276337af2efbb3f10133bcce9f752f27f5d967e4320fa9ec7dcc5e1678bced634bfb56a6b5cab14ac4cb5a8e3ffa9a421f2b13d119ae3d6494c23f6cff0bb3fb3b82d0069d379bbcd17f17787963910ae1e909da5c303b3a8295611d3de67336fac3cf37c0f8163a7a8078f538521a75dee5da457e0e5836ebb268a01cc77bfb4f0a20651f473c408aaf2c331f266bec34d2170eee83b5a68620a26f48f954a3f29eef5bdc9b3651ddc19c2668a83aac461a3c7a8159519cbf4eb49ae112598f394cdf78a42452813df266fe0bb84b07b816d7613f228b3b6f96cbf8ec085a641629fd0791e9b7288d53028f1b3d5d210ea88a16d2c61393cb0956bb949fe4db8a4ea38db7ef608b5bfa15447e561e890945082ce4f8620196cdff9bb39d69e001112f3350c8ca3ca806c7e15abda516fc4b508bd9a0fe3b5d2f56a3c874c92c195f714273c234964f73ae7883ec90c343e64fd27364842c74be919623dd75d5760a5e095acb48267d135845ccc1664117bf7d0cca9d4dc0813c94c6401c0be14f357455c6ec8b777ee487170064ce4f199285953efc32bd9bc52e0559a701a85b87dd840ed98f76e428c3dd52a48276ce88c44712c80e217e3e181d7e99b70d1eb41a5de6aa848579792184250abc971ef30225f83803f9de7d930d60fa0d77eaccaf561f48ec2ca7de1135d2c3362dfbfac0cbc73bd49ebe97e92feb3c7a78c8c82d489be9e4f1b3320f1d9f6fab94c6bb903060904ade020d3002e807d69b520743b52cba0b31bc0fa46b8b46fba829872ef8805d0d00d350f55a7dcee3fb5b85eb3f87e1af063264c6cda8d0b9f08a3f518fb6bbfeae4ba67e9f9afa49b7277b967ece2755855f318d310b52046baedeee901904b7c5f2db2ad002b925b23d6e6633d67ce8118bdccad3c1db5f2a0d62068e0403501f39be508623b35f0ad2e99822ccd9b8033cb23ea768eab2e29265613ab44a13120c454600c3c6da7c3a9ebf853f290288a2f6345070990e95f2f8f9996c3ee07037e2193d4ca1050ba23f58226d35788ea90ab1b333cce7424902db9dd9d5ef734d494d592e266628ccea559c67fe8db1605abe51d726e9c0930542aea1ec86a43f68ccf130f8fee4e1a6333555b31287d1680c3cbb340f8eb12a6883d8b7f57bc788089074e6aa12d1268fc0e138859b54d6df1097daeff1a3e69bbd059b747b0f89205a6c8cac443f2ecd087f16465aa961ebfdf6b88452fd2fa77b763129eb535fcc40cf7533067cde113e58e3415fcbbabc848da7d021fd8efa40d3d4b74541e28093478a07788a7ea57a51389aa093e837d472b377a3f122bc0c8650062dc2ce496185ddc029ecf06ebc06fc709025648b12c22a07f23cb7aa8a228de984c536bd746d7b7a5dca674ec085f7b55e54bff91aa21af11e9e27d4961e9ff21353d70f0a5b347542ca2786e976694bd39c11279ffdb19d35b19132686575200bf078783cea8e330774ad6228582671001d60edf2fcec901dd7e3cb2b6d58acf00564766c36c8abfa5b608187ccc4e49c59d9bdda53ab13a60c92f156fbb6d744323d06cb4d1153b8b9d02e36a7ea8c28ad1fa7bfc9172172ffcf5e2d99c9f44867da63d405cc53d75941e4d3358262e6fbf7ca5887cb1d5c8daad6919c66e314b0c114395370a22ca6e9cd812283dae9a907b02864017b92b8db0e5c354fe7e6471288d1cfbc6b9e1e87a08a34dcd5665e4fff54b48a496f07db8188c0bdc1626b4f348dcce7dd4461a2ea81060a9e7561900a7e4fcca687c0d1f553c4d617ef1ca5451dcd0225c3083749a16fd7a32ec6917f78f50d1707a72b623a338a7b5719e312ea65d82dd7d37116719268fec20224c9e9d5f92426006e46cf673996a9e2379e399402f7325c2f053961e6e655fbb618aa391e0bf5fd37fe5b5cbb3831e6a632ec01bad3e091622f58558968389ef08eddf136d2e6befc7fd0232d8ecb907910d7b7c8fc02183305b4e1ab51c5b173161e08155b0502c2c4bc8b2afe2a6e03883f3f32ddef831c6ab8ca210137eb8fd1ac144362461242a6d31d97feea73c9611cb41046bbc185e38d727ca9904733107e8a530e68cec60217bb5dc829c52b90cec9e790c54d191ada6b011d8c1d28d4c2359d08dad25be3bd55bd50df58e224520957453006654b468b5e77abd7537ab7d145a516e6c444d0f1760465fd0ff30456b53604f816e76837a31ba1bca4f6d4156dcb698e7efb38fe7cedc4f9bf9836645057ef8d4e2eccc61d97eb68db5141538521965931c524d853f9392d0bc073dfaf60d51d832075c4a88ed4430d46309d9ef08471c3cb94ce759558b1172d796c253e47942024d8f6952dac2c7d6c0dc347e5d3e6e45f720c8d9c562a28e04de7b40fb766834a90816fc757032bdedcea53d8ea817473666ea1653474f15b1fbe67fc1c1641794ebda9bfab091a892b34d683458b20b37c5767c5106aab07154bdd2a68aab299379a1e43c42090831799e7441d7024abb6404f15ce4e32612732d7c9afc4a0dd054030a7fae7080a885484eafe0b14c181967344bebd602549733ce4c49e864f78adc7dc62b5fc64a78e9f243ee07a9ea826f80687f1f132c2bbf2b22d0c79ff01439df14f55033de8030bd817c083a1f2a3dd0cb490aef81f43794929cda3d235fb7c82c0cbac84b680f6b708017fbe53ff4000a7b755f8ac09ca76c3f687355dfdcd37977c7a000373914b3eb5dbef8c118d3f10e3cbb7000fbb7a4203ec1dc058f2e3980d42d2196bf3aa0cee64dea74cb9a1adfe3618df97bd33694cb0cdc8efd6d9042503ce4c55914eba1895119c7b4c7550251af140f430d89b7990d49428a92d768481ca102ba6e32c2a6e6f24629849b1c7a8cfc34977d6c73adbdd75d84287005d1fdf766b951ddcf26a74fb9c3f1b1ac34824bf989a3fab83efa234fd40038cf2cddeaf9c82a5b28aa09e0bd575f0a28d46cb2e8f1e647157fb5409a9438523afc5b36760c4cd8589ef3755bf937d493179554640493cde7d0bca2d511a88e4080a65ca64e88f30ed1173c4ab00e17fd0bfb1da6bb7fbaf1ee9e8f5f71ae2bc4cad290d19d5340541f1bf34d9ea92305715b16554ca80d98de4a7b6a9a978a8eb340c0a863051d473c810f613522c10a4ceb6b1c8ccc8c8900fdaa34fdb8ee4bb4466b67e8742a42c17459c3e852f8a1b527d3b7294d8e2db3d6d0832a9f8a2ce9127b588d904bf80d802e022c400589e64ceb1c43a5e4ab075fff09429ef4cdda585b9162261583cae414c163e76fcf2b93f9ddd67b1341d6bb832a55cea24354d7459951bdfcacb376cf99cc2516e37fae32a8dc7ea4f6423d8382919391132115d6515d33cd59602b29559bf11d35611ede63f2974912566f47886668d64513c01aacb2a4748f33f8c60a096d946442e53d90648ad2db63c89218c8862977c35673f798ff5db2abc910eedfea2d3ad7e70e500cc02407e40f303d1ca3ae73495feb5702ce2405c2fd64b94b65e0856e4534f83d0591f7746fe0c729613f8bd288436a87fd4ca484f63d9e450834639b4f17081f44a382b62754269761cab051b56f0ccbdd38dbdcac97f9572b9db6e85923670031c07ab9e995ad2065d0d9b717e3aa56f474dae8e1c4caa35d7ee82f6851c77498bae080a773123f0439cffc106952e2b22c9ca2f08347e1aad103e268e688a6eb7595a9fcb95a3ca38d5ef010a0ed170f315bed4483bd073cb01ba01d4a7ddec9b76b073778ad7e0c06ff33587587b5d0666fb9a6191b7a18151ad76fb9a440bd5cb38957489a0a422cb1423ddf05bacfa37ce55475f967c2af0dd4763f65ede014cd67ec63b527321519861e6d0a9cd518b2fb596b2964f146b618adb3effad0a604c265d28661c9b6613bcaeb83813004730eb0aaa0c5415e3b76e02efeea32ff3b430445bf4c60ccff463", &(0x7f0000001540)=""/69, 0x0, 0x0, 0x73, 0x3e, &(0x7f00000015c0)="c0b681aaba4c966172658173280d1aa5107a901866c2d78fd0bb95adadff1701db512247066e37d85c88326c27391a9333e9ac03a3baeeb8c64ea6b5b6527b5fee7cfc7829070efd0638373bde77bd7ba165dc16428e2d38315d7fee5aa322d73abdb3cf492fbaa38abec4dc65c0bfa9a73fba", &(0x7f0000001640)="44d824f1bf8ec94edcb22932d264c02c9123d2b4cc07eea1c5b79e22cf91b623d6a102a48f114bf21259c5f74e6ab746fc5f5ba78d7179d08e5c013bad78", 0x1, 0x4}, 0x34) [ 1966.735693][ C1] ===================================================== [ 1966.743138][ C1] BUG: KMSAN: uninit-value in virtqueue_add+0x1d8a/0x6220 [ 1966.750454][ C1] virtqueue_add+0x1d8a/0x6220 [ 1966.755511][ C1] virtqueue_add_outbuf+0x91/0xc0 [ 1966.760734][ C1] start_xmit+0x13fe/0x2200 [ 1966.765555][ C1] xmit_one+0x14e/0x5f0 [ 1966.769884][ C1] dev_hard_start_xmit+0xe5/0x370 [ 1966.775132][ C1] sch_direct_xmit+0x3f1/0xdb0 [ 1966.780119][ C1] __dev_xmit_skb+0xbe9/0x19e0 [ 1966.785129][ C1] __dev_queue_xmit+0x12cb/0x31f0 [ 1966.790323][ C1] neigh_resolve_output+0x976/0xa00 [ 1966.795758][ C1] ip_finish_output2+0x1918/0x1b30 [ 1966.801053][ C1] __ip_finish_output+0x266/0x720 [ 1966.806304][ C1] ip_finish_output+0x3d1/0x400 [ 1966.811314][ C1] ip_output+0x258/0x510 [ 1966.815770][ C1] ip_local_out+0xe5/0x140 [ 1966.820351][ C1] iptunnel_xmit+0x744/0xcd0 [ 1966.825209][ C1] ip_tunnel_xmit+0x3267/0x3610 [ 1966.830234][ C1] erspan_xmit+0x13d8/0x1f00 [ 1966.835085][ C1] xmit_one+0x14e/0x5f0 [ 1966.839394][ C1] dev_hard_start_xmit+0xe5/0x370 [ 1966.844639][ C1] sch_direct_xmit+0x3f1/0xdb0 [ 1966.849571][ C1] __dev_xmit_skb+0xbe9/0x19e0 [ 1966.854562][ C1] __dev_queue_xmit+0x12cb/0x31f0 [ 1966.859764][ C1] neigh_resolve_output+0x976/0xa00 [ 1966.865192][ C1] ip_finish_output2+0x1918/0x1b30 [ 1966.870475][ C1] __ip_finish_output+0x266/0x720 [ 1966.875728][ C1] ip_finish_output+0x3d1/0x400 [ 1966.880744][ C1] ip_output+0x258/0x510 [ 1966.885194][ C1] ip_local_out+0xe5/0x140 [ 1966.889763][ C1] igmp_ifc_timer_expire+0x15c8/0x1f50 [ 1966.895478][ C1] call_timer_fn+0x43/0x480 [ 1966.900196][ C1] expire_timers+0x272/0x610 [ 1966.905007][ C1] __run_timers+0x5bc/0x8c0 [ 1966.909670][ C1] run_timer_softirq+0x64/0xe0 [ 1966.914659][ C1] __do_softirq+0x1cc/0x7fb [ 1966.919361][ C1] invoke_softirq+0x8f/0x100 [ 1966.924202][ C1] irq_exit_rcu+0x5a/0x110 [ 1966.928779][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1966.934656][ C1] asm_sysvec_apic_timer_interrupt+0x20/0x30 [ 1966.940860][ C1] kmsan_get_metadata+0x6/0x220 [ 1966.945937][ C1] kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1966.951755][ C1] __msan_metadata_ptr_for_load_4+0x20/0x30 [ 1966.957954][ C1] batadv_nc_worker+0xb89/0x2150 [ 1966.963182][ C1] process_one_work+0xb27/0x13e0 [ 1966.968360][ C1] worker_thread+0x1076/0x1d60 [ 1966.973396][ C1] kthread+0x31b/0x430 [ 1966.977624][ C1] ret_from_fork+0x1f/0x30 [ 1966.982340][ C1] [ 1966.984751][ C1] Uninit was stored to memory at: [ 1966.990066][ C1] pskb_expand_head+0x2c2/0x1a00 [ 1966.995339][ C1] ip_tunnel_xmit+0x2ff4/0x3610 [ 1967.000367][ C1] erspan_xmit+0x13d8/0x1f00 [ 1967.005316][ C1] xmit_one+0x14e/0x5f0 [ 1967.009636][ C1] dev_hard_start_xmit+0xe5/0x370 [ 1967.014953][ C1] sch_direct_xmit+0x3f1/0xdb0 [ 1967.019916][ C1] __dev_xmit_skb+0xbe9/0x19e0 [ 1967.025002][ C1] __dev_queue_xmit+0x12cb/0x31f0 [ 1967.030199][ C1] neigh_resolve_output+0x976/0xa00 [ 1967.035700][ C1] ip_finish_output2+0x1918/0x1b30 [ 1967.040990][ C1] __ip_finish_output+0x266/0x720 [ 1967.046300][ C1] ip_finish_output+0x3d1/0x400 [ 1967.051313][ C1] ip_output+0x258/0x510 [ 1967.055807][ C1] ip_local_out+0xe5/0x140 [ 1967.060374][ C1] igmp_ifc_timer_expire+0x15c8/0x1f50 [ 1967.066126][ C1] call_timer_fn+0x43/0x480 [ 1967.070872][ C1] expire_timers+0x272/0x610 [ 1967.075695][ C1] __run_timers+0x5bc/0x8c0 [ 1967.080368][ C1] run_timer_softirq+0x64/0xe0 [ 1967.085354][ C1] __do_softirq+0x1cc/0x7fb [ 1967.090081][ C1] [ 1967.092534][ C1] Uninit was created at: [ 1967.097011][ C1] __kmalloc_node_track_caller+0x86c/0x1230 [ 1967.103159][ C1] __alloc_skb+0x34a/0xd70 [ 1967.107765][ C1] igmpv3_newpack+0x19d/0x1440 [ 1967.112757][ C1] add_grec+0x149b/0x2380 [ 1967.117254][ C1] igmp_ifc_timer_expire+0x1d0/0x1f50 [ 1967.122867][ C1] call_timer_fn+0x43/0x480 [ 1967.127546][ C1] expire_timers+0x272/0x610 [ 1967.132364][ C1] __run_timers+0x5bc/0x8c0 [ 1967.137032][ C1] run_timer_softirq+0x64/0xe0 [ 1967.141959][ C1] __do_softirq+0x1cc/0x7fb [ 1967.146706][ C1] [ 1967.149106][ C1] Bytes 38-41 of 108 are uninitialized [ 1967.154722][ C1] Memory access of size 108 starts at ffff88802ee130c0 [ 1967.161689][ C1] [ 1967.164142][ C1] CPU: 1 PID: 17562 Comm: kworker/u4:0 Not tainted 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1967.174721][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1967.184988][ C1] Workqueue: bat_events batadv_nc_worker [ 1967.190843][ C1] ===================================================== [ 1967.197931][ C1] Disabling lock debugging due to kernel taint [ 1967.204247][ C1] Kernel panic - not syncing: kmsan.panic set ... [ 1967.210781][ C1] CPU: 1 PID: 17562 Comm: kworker/u4:0 Tainted: G B 5.19.0-rc4-syzkaller-31333-g97117d69c353 #0 [ 1967.222685][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1967.232883][ C1] Workqueue: bat_events batadv_nc_worker [ 1967.238742][ C1] Call Trace: [ 1967.242120][ C1] [ 1967.245061][ C1] dump_stack_lvl+0x1c8/0x256 [ 1967.249955][ C1] dump_stack+0x1a/0x1c [ 1967.254307][ C1] panic+0x4d3/0xc69 [ 1967.258383][ C1] ? kmsan_get_metadata+0x10/0x220 [ 1967.263689][ C1] ? add_taint+0x104/0x1a0 [ 1967.268301][ C1] kmsan_report+0x2cc/0x2d0 [ 1967.273002][ C1] ? kmsan_internal_check_memory+0x1aa/0x530 [ 1967.279167][ C1] ? kmsan_handle_dma+0xa8/0xc0 [ 1967.284199][ C1] ? virtqueue_add+0x1d8a/0x6220 [ 1967.289300][ C1] ? virtqueue_add_outbuf+0x91/0xc0 [ 1967.294668][ C1] ? start_xmit+0x13fe/0x2200 [ 1967.299512][ C1] ? xmit_one+0x14e/0x5f0 [ 1967.304007][ C1] ? dev_hard_start_xmit+0xe5/0x370 [ 1967.309381][ C1] ? sch_direct_xmit+0x3f1/0xdb0 [ 1967.314491][ C1] ? __dev_xmit_skb+0xbe9/0x19e0 [ 1967.319612][ C1] ? __dev_queue_xmit+0x12cb/0x31f0 [ 1967.324986][ C1] ? neigh_resolve_output+0x976/0xa00 [ 1967.330540][ C1] ? ip_finish_output2+0x1918/0x1b30 [ 1967.336006][ C1] ? __ip_finish_output+0x266/0x720 [ 1967.341377][ C1] ? ip_finish_output+0x3d1/0x400 [ 1967.346565][ C1] ? ip_output+0x258/0x510 [ 1967.351144][ C1] ? ip_local_out+0xe5/0x140 [ 1967.355903][ C1] ? iptunnel_xmit+0x744/0xcd0 [ 1967.360826][ C1] ? ip_tunnel_xmit+0x3267/0x3610 [ 1967.366025][ C1] ? erspan_xmit+0x13d8/0x1f00 [ 1967.370953][ C1] ? xmit_one+0x14e/0x5f0 [ 1967.375442][ C1] ? dev_hard_start_xmit+0xe5/0x370 [ 1967.380817][ C1] ? sch_direct_xmit+0x3f1/0xdb0 [ 1967.385922][ C1] ? __dev_xmit_skb+0xbe9/0x19e0 [ 1967.391033][ C1] ? __dev_queue_xmit+0x12cb/0x31f0 [ 1967.396410][ C1] ? neigh_resolve_output+0x976/0xa00 [ 1967.401977][ C1] ? ip_finish_output2+0x1918/0x1b30 [ 1967.407436][ C1] ? __ip_finish_output+0x266/0x720 [ 1967.412806][ C1] ? ip_finish_output+0x3d1/0x400 [ 1967.418012][ C1] ? ip_output+0x258/0x510 [ 1967.422577][ C1] ? ip_local_out+0xe5/0x140 [ 1967.427325][ C1] ? igmp_ifc_timer_expire+0x15c8/0x1f50 [ 1967.433143][ C1] ? call_timer_fn+0x43/0x480 [ 1967.437993][ C1] ? expire_timers+0x272/0x610 [ 1967.442916][ C1] ? __run_timers+0x5bc/0x8c0 [ 1967.447767][ C1] ? run_timer_softirq+0x64/0xe0 [ 1967.452862][ C1] ? __do_softirq+0x1cc/0x7fb [ 1967.457734][ C1] ? invoke_softirq+0x8f/0x100 [ 1967.462651][ C1] ? irq_exit_rcu+0x5a/0x110 [ 1967.467410][ C1] ? sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1967.473402][ C1] ? asm_sysvec_apic_timer_interrupt+0x20/0x30 [ 1967.479749][ C1] ? kmsan_get_metadata+0x6/0x220 [ 1967.484926][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.490906][ C1] ? __msan_metadata_ptr_for_load_4+0x20/0x30 [ 1967.497142][ C1] ? batadv_nc_worker+0xb89/0x2150 [ 1967.502410][ C1] ? process_one_work+0xb27/0x13e0 [ 1967.507685][ C1] ? worker_thread+0x1076/0x1d60 [ 1967.512780][ C1] ? kthread+0x31b/0x430 [ 1967.517325][ C1] ? ret_from_fork+0x1f/0x30 [ 1967.522074][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.528068][ C1] ? __msan_metadata_ptr_for_load_4+0x20/0x30 [ 1967.534317][ C1] ? batadv_nc_worker+0xb89/0x2150 [ 1967.539606][ C1] ? kmsan_get_metadata+0x33/0x220 [ 1967.544884][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.550859][ C1] ? kmem_cache_free+0x2de/0xa40 [ 1967.555979][ C1] kmsan_internal_check_memory+0x1aa/0x530 [ 1967.561959][ C1] ? kmsan_get_metadata+0x33/0x220 [ 1967.567236][ C1] kmsan_handle_dma+0xa8/0xc0 [ 1967.572067][ C1] virtqueue_add+0x1d8a/0x6220 [ 1967.576970][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.582949][ C1] ? kmsan_get_metadata+0x33/0x220 [ 1967.588236][ C1] ? kmsan_get_metadata+0x33/0x220 [ 1967.593527][ C1] ? virtqueue_add_outbuf+0x4f/0xc0 [ 1967.598942][ C1] virtqueue_add_outbuf+0x91/0xc0 [ 1967.604137][ C1] start_xmit+0x13fe/0x2200 [ 1967.608835][ C1] ? virtnet_close+0x280/0x280 [ 1967.613750][ C1] xmit_one+0x14e/0x5f0 [ 1967.618051][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.624031][ C1] dev_hard_start_xmit+0xe5/0x370 [ 1967.629212][ C1] ? kmsan_get_metadata+0x33/0x220 [ 1967.634477][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.640461][ C1] sch_direct_xmit+0x3f1/0xdb0 [ 1967.645388][ C1] ? kmsan_get_metadata+0x4d/0x220 [ 1967.650666][ C1] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1967.656948][ C1] __dev_xmit_skb+0xbe9/0x19e0 [ 1967.661889][ C1] ? noqueue_init+0x50/0x50 [ 1967.666544][ C1] __dev_queue_xmit+0x12cb/0x31f0 [ 1967.671757][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.677737][ C1] neigh_resolve_output+0x976/0xa00 [ 1967.683106][ C1] ? llc_sysctl_exit+0x120/0x120 [ 1967.688194][ C1] ? neigh_event_ns+0x280/0x280 [ 1967.693190][ C1] ip_finish_output2+0x1918/0x1b30 [ 1967.698490][ C1] __ip_finish_output+0x266/0x720 [ 1967.703672][ C1] ? kmsan_get_metadata+0x33/0x220 [ 1967.708952][ C1] ip_finish_output+0x3d1/0x400 [ 1967.713950][ C1] ? __rcu_read_unlock+0x76/0xd0 [ 1967.719064][ C1] ip_output+0x258/0x510 [ 1967.723454][ C1] ? ip_mc_finish_output+0x700/0x700 [ 1967.728897][ C1] ? ip_finish_output+0x400/0x400 [ 1967.734066][ C1] ip_local_out+0xe5/0x140 [ 1967.738627][ C1] iptunnel_xmit+0x744/0xcd0 [ 1967.743404][ C1] ip_tunnel_xmit+0x3267/0x3610 [ 1967.748430][ C1] ? ip_tunnel_xmit+0x2411/0x3610 [ 1967.753662][ C1] erspan_xmit+0x13d8/0x1f00 [ 1967.758428][ C1] ? erspan_tunnel_init+0x340/0x340 [ 1967.763782][ C1] xmit_one+0x14e/0x5f0 [ 1967.768077][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.774059][ C1] dev_hard_start_xmit+0xe5/0x370 [ 1967.779240][ C1] ? kmsan_get_metadata+0x33/0x220 [ 1967.784516][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.790498][ C1] sch_direct_xmit+0x3f1/0xdb0 [ 1967.795415][ C1] ? kmsan_get_metadata+0x4d/0x220 [ 1967.800692][ C1] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1967.806930][ C1] __dev_xmit_skb+0xbe9/0x19e0 [ 1967.811870][ C1] ? noqueue_init+0x50/0x50 [ 1967.816528][ C1] __dev_queue_xmit+0x12cb/0x31f0 [ 1967.821740][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.827719][ C1] neigh_resolve_output+0x976/0xa00 [ 1967.833085][ C1] ? llc_sysctl_exit+0x120/0x120 [ 1967.838171][ C1] ? neigh_event_ns+0x280/0x280 [ 1967.843169][ C1] ip_finish_output2+0x1918/0x1b30 [ 1967.848462][ C1] __ip_finish_output+0x266/0x720 [ 1967.853641][ C1] ? kmsan_get_metadata+0x33/0x220 [ 1967.858917][ C1] ip_finish_output+0x3d1/0x400 [ 1967.863915][ C1] ? __rcu_read_unlock+0x76/0xd0 [ 1967.869015][ C1] ip_output+0x258/0x510 [ 1967.873410][ C1] ? ip_mc_finish_output+0x700/0x700 [ 1967.878849][ C1] ? ip_finish_output+0x400/0x400 [ 1967.884016][ C1] ip_local_out+0xe5/0x140 [ 1967.888578][ C1] igmp_ifc_timer_expire+0x15c8/0x1f50 [ 1967.894227][ C1] ? igmp_gq_timer_expire+0xe0/0xe0 [ 1967.899576][ C1] ? igmp_gq_timer_expire+0xe0/0xe0 [ 1967.904932][ C1] call_timer_fn+0x43/0x480 [ 1967.909631][ C1] ? igmp_gq_timer_expire+0xe0/0xe0 [ 1967.914987][ C1] expire_timers+0x272/0x610 [ 1967.919769][ C1] __run_timers+0x5bc/0x8c0 [ 1967.924437][ C1] ? kmsan_get_metadata+0x33/0x220 [ 1967.929710][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.935688][ C1] ? migrate_timer_list+0x5d0/0x5d0 [ 1967.941037][ C1] run_timer_softirq+0x64/0xe0 [ 1967.945951][ C1] __do_softirq+0x1cc/0x7fb [ 1967.950639][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1967.956629][ C1] invoke_softirq+0x8f/0x100 [ 1967.961386][ C1] irq_exit_rcu+0x5a/0x110 [ 1967.965952][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1967.971747][ C1] [ 1967.974759][ C1] [ 1967.977771][ C1] asm_sysvec_apic_timer_interrupt+0x20/0x30 [ 1967.983939][ C1] RIP: 0010:kmsan_get_metadata+0x6/0x220 [ 1967.989732][ C1] Code: 41 5e 41 5f 5d c3 0f 0b c6 05 ea a5 66 0d 00 83 3d e6 a5 66 0d 00 74 96 0f 0b 0f 0b 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 56 <53> 41 89 f6 48 89 fb 48 83 e3 fc 85 f6 48 0f 44 df 40 f6 c7 03 48 [ 1968.009517][ C1] RSP: 0018:ffff888041a8fb68 EFLAGS: 00000282 [ 1968.015712][ C1] RAX: ffff88804deae210 RBX: ffff88804deae210 RCX: 0000000000185966 [ 1968.023814][ C1] RDX: 000000004deae210 RSI: 0000000000000001 RDI: ffff88804e6ae210 [ 1968.031904][ C1] RBP: ffff888041a8fb70 R08: ffffffff8d7cb301 R09: ffff88804e843250 [ 1968.040005][ C1] R10: ffff888041a8f988 R11: 0000000000000000 R12: ffff888128a30b40 [ 1968.048104][ C1] R13: ffff888128a30b40 R14: 0000000000000000 R15: ffff88804e6ae210 [ 1968.056207][ C1] ? batadv_nc_worker+0x11/0x2150 [ 1968.061404][ C1] kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1968.067215][ C1] __msan_metadata_ptr_for_load_4+0x20/0x30 [ 1968.073272][ C1] batadv_nc_worker+0xb89/0x2150 [ 1968.078377][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1968.084371][ C1] ? kmsan_get_metadata+0x33/0x220 [ 1968.089641][ C1] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 1968.095611][ C1] ? batadv_nc_mesh_init+0x520/0x520 [ 1968.101055][ C1] ? batadv_nc_mesh_init+0x520/0x520 [ 1968.106502][ C1] process_one_work+0xb27/0x13e0 [ 1968.111632][ C1] worker_thread+0x1076/0x1d60 [ 1968.116592][ C1] kthread+0x31b/0x430 [ 1968.120795][ C1] ? worker_clr_flags+0x2b0/0x2b0 [ 1968.125990][ C1] ? kthread_blkcg+0x120/0x120 [ 1968.130895][ C1] ret_from_fork+0x1f/0x30 [ 1968.135487][ C1] [ 1968.138773][ C1] Kernel Offset: disabled [ 1968.143176][ C1] Rebooting in 86400 seconds..