ss_probe+0x31c/0xc00 [ 971.533009] tcp_write_timer_handler+0x691/0xe80 [ 971.533009] tcp_write_timer+0x139/0x250 [ 971.533009] call_timer_fn+0x356/0x7c0 [ 971.533009] __run_timers+0xe95/0x1300 [ 971.533009] run_timer_softirq+0x55/0xa0 [ 971.533009] __do_softirq+0x721/0xc7f [ 971.533009] [ 971.533009] Uninit was stored to memory at: [ 971.533009] kmsan_internal_chain_origin+0x136/0x240 [ 971.533009] __msan_chain_origin+0x6d/0xb0 [ 971.533009] __save_stack_trace+0x8be/0xc60 [ 971.533009] save_stack_trace+0xc6/0x110 [ 971.533009] kmsan_internal_chain_origin+0x136/0x240 [ 971.533009] kmsan_memcpy_origins+0x13d/0x190 [ 971.533009] __msan_memcpy+0x6f/0x80 [ 971.533009] pskb_expand_head+0x436/0x1d20 [ 971.533009] __pskb_pull_tail+0x1c6/0x2270 [ 971.533009] skb_checksum_help+0x345/0xd80 [ 971.533009] validate_xmit_skb+0x115c/0x1780 [ 971.533009] __dev_queue_xmit+0x2343/0x3e00 [ 971.533009] dev_queue_xmit+0x4b/0x60 [ 971.533009] ip_finish_output2+0x136d/0x1560 [ 971.533009] ip_finish_output+0xd93/0x10f0 [ 971.533009] ip_output+0x55c/0x630 [ 971.533009] ip_local_out+0x164/0x1d0 [ 971.533009] iptunnel_xmit+0x812/0xd30 [ 971.533009] ip_tunnel_xmit+0x3943/0x3d90 [ 971.533009] sit_tunnel_xmit+0xbf8/0x3d40 [ 971.533009] dev_hard_start_xmit+0x6dc/0xde0 [ 971.533009] __dev_queue_xmit+0x2d9e/0x3e00 [ 971.533009] dev_queue_xmit+0x4b/0x60 [ 971.533009] neigh_direct_output+0x42/0x50 [ 971.533009] ip_finish_output2+0x141a/0x1560 [ 971.533009] ip_finish_output+0xd93/0x10f0 [ 971.533009] ip_output+0x55c/0x630 [ 971.533009] __ip_queue_xmit+0x1bb5/0x2170 [ 971.533009] ip_queue_xmit+0xcc/0xf0 [ 971.533009] __tcp_transmit_skb+0x425c/0x5e00 [ 971.533009] tcp_write_xmit+0x389a/0xacc0 [ 971.533009] tcp_send_loss_probe+0x31c/0xc00 [ 971.533009] tcp_write_timer_handler+0x691/0xe80 [ 971.533009] tcp_write_timer+0x139/0x250 [ 971.533009] call_timer_fn+0x356/0x7c0 [ 971.533009] __run_timers+0xe95/0x1300 [ 971.533009] run_timer_softirq+0x55/0xa0 [ 971.533009] __do_softirq+0x721/0xc7f [ 971.533009] [ 971.533009] Uninit was stored to memory at: [ 971.533009] kmsan_internal_chain_origin+0x136/0x240 [ 971.533009] __msan_chain_origin+0x6d/0xb0 [ 971.533009] __save_stack_trace+0x8be/0xc60 [ 971.533009] save_stack_trace+0xc6/0x110 [ 971.533009] kmsan_internal_chain_origin+0x136/0x240 [ 971.533009] kmsan_memcpy_origins+0x13d/0x190 [ 971.533009] __msan_memcpy+0x6f/0x80 [ 971.533009] pskb_expand_head+0x436/0x1d20 [ 971.533009] __pskb_pull_tail+0x1c6/0x2270 [ 971.533009] skb_checksum_help+0x345/0xd80 [ 971.533009] validate_xmit_skb+0x115c/0x1780 [ 971.533009] __dev_queue_xmit+0x2343/0x3e00 [ 971.533009] dev_queue_xmit+0x4b/0x60 [ 971.533009] ip_finish_output2+0x136d/0x1560 [ 971.533009] ip_finish_output+0xd93/0x10f0 [ 971.533009] ip_output+0x55c/0x630 [ 971.533009] ip_local_out+0x164/0x1d0 [ 971.533009] iptunnel_xmit+0x812/0xd30 [ 971.533009] ip_tunnel_xmit+0x3943/0x3d90 [ 971.533009] sit_tunnel_xmit+0xbf8/0x3d40 [ 971.533009] dev_hard_start_xmit+0x6dc/0xde0 [ 971.533009] __dev_queue_xmit+0x2d9e/0x3e00 [ 971.533009] dev_queue_xmit+0x4b/0x60 [ 971.533009] neigh_direct_output+0x42/0x50 [ 971.533009] ip_finish_output2+0x141a/0x1560 [ 971.533009] ip_finish_output+0xd93/0x10f0 [ 971.533009] ip_output+0x55c/0x630 [ 971.533009] __ip_queue_xmit+0x1bb5/0x2170 [ 971.533009] ip_queue_xmit+0xcc/0xf0 [ 971.533009] __tcp_transmit_skb+0x425c/0x5e00 [ 971.533009] tcp_write_xmit+0x389a/0xacc0 [ 971.533009] tcp_send_loss_probe+0x31c/0xc00 [ 971.533009] tcp_write_timer_handler+0x691/0xe80 [ 971.533009] tcp_write_timer+0x139/0x250 [ 971.533009] call_timer_fn+0x356/0x7c0 [ 971.533009] __run_timers+0xe95/0x1300 [ 971.533009] run_timer_softirq+0x55/0xa0 [ 971.533009] __do_softirq+0x721/0xc7f [ 971.533009] [ 971.533009] Uninit was stored to memory at: [ 971.533009] kmsan_internal_chain_origin+0x136/0x240 [ 971.533009] __msan_chain_origin+0x6d/0xb0 [ 971.533009] __save_stack_trace+0x8be/0xc60 [ 971.533009] save_stack_trace+0xc6/0x110 [ 971.533009] kmsan_internal_chain_origin+0x136/0x240 [ 971.533009] kmsan_memcpy_origins+0x13d/0x190 [ 971.533009] __msan_memcpy+0x6f/0x80 [ 971.533009] pskb_expand_head+0x436/0x1d20 [ 971.533009] __pskb_pull_tail+0x1c6/0x2270 [ 971.533009] skb_checksum_help+0x345/0xd80 [ 971.533009] validate_xmit_skb+0x115c/0x1780 [ 971.533009] __dev_queue_xmit+0x2343/0x3e00 [ 971.533009] dev_queue_xmit+0x4b/0x60 [ 971.533009] ip_finish_output2+0x136d/0x1560 [ 971.533009] ip_finish_output+0xd93/0x10f0 [ 971.533009] ip_output+0x55c/0x630 [ 971.533009] ip_local_out+0x164/0x1d0 [ 971.533009] iptunnel_xmit+0x812/0xd30 [ 971.533009] ip_tunnel_xmit+0x3943/0x3d90 [ 971.533009] sit_tunnel_xmit+0xbf8/0x3d40 [ 971.533009] dev_hard_start_xmit+0x6dc/0xde0 [ 971.533009] __dev_queue_xmit+0x2d9e/0x3e00 [ 971.533009] dev_queue_xmit+0x4b/0x60 [ 971.533009] neigh_direct_output+0x42/0x50 [ 971.533009] ip_finish_output2+0x141a/0x1560 [ 971.533009] ip_finish_output+0xd93/0x10f0 [ 971.533009] ip_output+0x55c/0x630 [ 971.533009] __ip_queue_xmit+0x1bb5/0x2170 [ 971.533009] ip_queue_xmit+0xcc/0xf0 [ 971.533009] __tcp_transmit_skb+0x425c/0x5e00 [ 971.533009] tcp_write_xmit+0x389a/0xacc0 [ 971.533009] tcp_send_loss_probe+0x31c/0xc00 [ 971.533009] tcp_write_timer_handler+0x691/0xe80 [ 971.533009] tcp_write_timer+0x139/0x250 [ 971.533009] call_timer_fn+0x356/0x7c0 [ 971.533009] __run_timers+0xe95/0x1300 [ 971.533009] run_timer_softirq+0x55/0xa0 [ 971.533009] __do_softirq+0x721/0xc7f [ 971.533009] [ 971.533009] Uninit was stored to memory at: [ 971.533009] kmsan_internal_chain_origin+0x136/0x240 [ 971.533009] __msan_chain_origin+0x6d/0xb0 [ 971.533009] __save_stack_trace+0x8be/0xc60 [ 971.533009] save_stack_trace+0xc6/0x110 [ 971.533009] kmsan_internal_chain_origin+0x136/0x240 [ 971.533009] kmsan_memcpy_origins+0x13d/0x190 [ 971.533009] __msan_memcpy+0x6f/0x80 [ 971.533009] pskb_expand_head+0x436/0x1d20 [ 971.533009] __pskb_pull_tail+0x1c6/0x2270 [ 971.533009] skb_checksum_help+0x345/0xd80 [ 971.533009] validate_xmit_skb+0x115c/0x1780 [ 971.533009] __dev_queue_xmit+0x2343/0x3e00 [ 971.533009] dev_queue_xmit+0x4b/0x60 [ 971.533009] ip_finish_output2+0x136d/0x1560 [ 971.533009] ip_finish_output+0xd93/0x10f0 [ 971.533009] ip_output+0x55c/0x630 [ 971.533009] ip_local_out+0x164/0x1d0 [ 971.533009] iptunnel_xmit+0x812/0xd30 [ 971.533009] ip_tunnel_xmit+0x3943/0x3d90 [ 971.533009] sit_tunnel_xmit+0xbf8/0x3d40 [ 971.533009] dev_hard_start_xmit+0x6dc/0xde0 [ 971.533009] __dev_queue_xmit+0x2d9e/0x3e00 [ 971.533009] dev_queue_xmit+0x4b/0x60 [ 971.533009] neigh_direct_output+0x42/0x50 [ 971.533009] ip_finish_output2+0x141a/0x1560 [ 971.533009] ip_finish_output+0xd93/0x10f0 [ 971.533009] ip_output+0x55c/0x630 [ 971.533009] __ip_queue_xmit+0x1bb5/0x2170 [ 971.533009] ip_queue_xmit+0xcc/0xf0 [ 971.533009] __tcp_transmit_skb+0x425c/0x5e00 [ 971.533009] tcp_write_xmit+0x389a/0xacc0 [ 971.533009] tcp_send_loss_probe+0x31c/0xc00 [ 971.533009] tcp_write_timer_handler+0x691/0xe80 [ 971.533009] tcp_write_timer+0x139/0x250 [ 971.533009] call_timer_fn+0x356/0x7c0 [ 971.533009] __run_timers+0xe95/0x1300 [ 971.533009] run_timer_softirq+0x55/0xa0 [ 971.533009] __do_softirq+0x721/0xc7f [ 971.533009] [ 971.533009] Uninit was stored to memory at: [ 971.533009] kmsan_internal_chain_origin+0x136/0x240 [ 971.533009] __msan_chain_origin+0x6d/0xb0 [ 971.533009] __save_stack_trace+0x8be/0xc60 [ 971.533009] save_stack_trace+0xc6/0x110 [ 971.533009] kmsan_internal_chain_origin+0x136/0x240 [ 971.533009] kmsan_memcpy_origins+0x13d/0x190 [ 971.533009] __msan_memcpy+0x6f/0x80 [ 971.533009] pskb_expand_head+0x436/0x1d20 [ 971.533009] __pskb_pull_tail+0x1c6/0x2270 [ 971.533009] skb_checksum_help+0x345/0xd80 [ 971.533009] validate_xmit_skb+0x115c/0x1780 [ 971.533009] __dev_queue_xmit+0x2343/0x3e00 [ 971.533009] dev_queue_xmit+0x4b/0x60 [ 971.533009] ip_finish_output2+0x136d/0x1560 [ 971.533009] ip_finish_output+0xd93/0x10f0 [ 971.533009] ip_output+0x55c/0x630 [ 971.533009] ip_local_out+0x164/0x1d0 [ 971.533009] iptunnel_xmit+0x812/0xd30 [ 971.533009] ip_tunnel_xmit+0x3943/0x3d90 [ 971.533009] sit_tunnel_xmit+0xbf8/0x3d40 [ 971.533009] dev_hard_start_xmit+0x6dc/0xde0 [ 971.533009] __dev_queue_xmit+0x2d9e/0x3e00 [ 971.533009] dev_queue_xmit+0x4b/0x60 [ 971.533009] neigh_direct_output+0x42/0x50 [ 971.533009] ip_finish_output2+0x141a/0x1560 [ 971.533009] ip_finish_output+0xd93/0x10f0 [ 971.533009] ip_output+0x55c/0x630 [ 971.533009] __ip_queue_xmit+0x1bb5/0x2170 [ 971.533009] ip_queue_xmit+0xcc/0xf0 [ 971.533009] __tcp_transmit_skb+0x425c/0x5e00 [ 971.533009] tcp_write_xmit+0x389a/0xacc0 [ 971.533009] tcp_send_loss_probe+0x31c/0xc00 [ 971.533009] tcp_write_timer_handler+0x691/0xe80 [ 971.533009] tcp_write_timer+0x139/0x250 06:18:02 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x78, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) recvmsg(r0, &(0x7f00000000c0)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000000)=[{&(0x7f0000003ac0)=""/4096, 0xfdbf}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000480)='reno\x00', 0x5) 06:18:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000013000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, &(0x7f0000000080)="66bad104edc4a27918353b00000066410f3880b648b4ff46c4e17c5a580266b822008ee826410f005900c441b62ae1640f01f8b9800000c00f3235008000000f30c4424d985b32", 0x47}], 0x1, 0x0, &(0x7f0000000240), 0x0) 06:18:04 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0x0) [ 971.533009] call_timer_fn+0x356/0x7c0 [ 971.533009] __run_timers+0xe95/0x1300 [ 971.533009] run_timer_softirq+0x55/0xa0 [ 971.533009] __do_softirq+0x721/0xc7f [ 971.533009] [ 971.533009] Local variable description: ----data@perf_swevent_hrtimer [ 971.533009] Variable was created at: [ 971.533009] perf_swevent_hrtimer+0x57/0x750 [ 971.533009] __hrtimer_run_queues+0xd49/0x14b0 [ 973.209602] syz-executor0 (28636) used greatest stack depth: 52056 bytes left 06:18:04 executing program 2: ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000140)) r0 = gettid() clone(0x7ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) clone(0x2102001fec, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) exit_group(0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) rt_sigtimedwait(&(0x7f0000000040), &(0x7f0000000080), &(0x7f0000000200)={0x0, r1+30000000}, 0x8) ptrace(0x10, r0) 06:18:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000140)=""/4096, 0x1000) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) r1 = syz_open_pts(r0, 0x6) poll(&(0x7f0000000080)=[{r1}], 0x1, 0x200) ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000001280)) r2 = dup3(r1, r0, 0x0) write$P9_RMKDIR(r2, &(0x7f0000000040)={0x14}, 0x14) 06:18:04 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x759a}], 0x30}], 0x4924945, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x7ffff000}, {&(0x7f00000000c0)=""/120, 0x78}, {&(0x7f0000000300)=""/230, 0xe6}], 0x3}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:04 executing program 4: clock_gettime(0xfffffffffffffffb, &(0x7f0000000200)) [ 973.800994] not chained 320000 origins [ 973.801874] CPU: 1 PID: 28662 Comm: syz-executor1 Not tainted 4.20.0-rc3+ #89 [ 973.801874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 973.801874] Call Trace: [ 973.801874] dump_stack+0x32d/0x480 [ 973.825858] kmsan_internal_chain_origin+0x222/0x240 [ 973.825858] ? save_stack_trace+0xc6/0x110 [ 973.825858] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 973.825858] ? kmsan_internal_chain_origin+0x90/0x240 [ 973.825858] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 973.825858] ? is_bpf_text_address+0x49e/0x4d0 [ 973.825858] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 973.825858] ? in_task_stack+0x12c/0x210 [ 973.825858] __msan_chain_origin+0x6d/0xb0 [ 973.825858] ? __release_sock+0x32d/0x750 [ 973.825858] __save_stack_trace+0x8be/0xc60 [ 973.825858] ? __release_sock+0x32d/0x750 [ 973.825858] save_stack_trace+0xc6/0x110 [ 973.825858] kmsan_internal_chain_origin+0x136/0x240 [ 973.825858] ? __se_sys_sendto+0x107/0x130 [ 973.825858] ? kmsan_internal_chain_origin+0x136/0x240 [ 973.825858] ? kmsan_memcpy_origins+0x13d/0x190 [ 973.825858] ? __msan_memcpy+0x6f/0x80 [ 973.825858] ? pskb_expand_head+0x436/0x1d20 [ 973.825858] ? tcp_fragment+0x378/0x21d0 [ 973.825858] ? tcp_sacktag_walk+0xe88/0x29d0 [ 973.825858] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 973.825858] ? tcp_ack+0x2888/0xa010 [ 973.825858] ? tcp_rcv_established+0xf7e/0x2940 [ 973.825858] ? tcp_v4_do_rcv+0x686/0xd80 [ 973.825858] ? __release_sock+0x32d/0x750 [ 973.825858] ? release_sock+0x99/0x2a0 [ 973.825858] ? sk_stream_wait_memory+0x9cc/0x1430 [ 973.825858] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 973.825858] ? tcp_sendmsg+0xb2/0x100 [ 973.825858] ? inet_sendmsg+0x4e9/0x800 [ 973.825858] ? __sys_sendto+0x940/0xb80 [ 973.825858] ? __se_sys_sendto+0x107/0x130 [ 973.825858] ? __x64_sys_sendto+0x6e/0x90 [ 973.825858] ? do_syscall_64+0xcf/0x110 [ 973.825858] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 973.825858] ? memcg_kmem_put_cache+0x73/0x460 [ 973.825858] ? __msan_get_context_state+0x9/0x20 [ 973.825858] ? INIT_INT+0xc/0x30 [ 973.825858] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 974.005127] kmsan_memcpy_origins+0x13d/0x190 [ 974.005127] __msan_memcpy+0x6f/0x80 [ 974.005127] pskb_expand_head+0x436/0x1d20 [ 974.005127] tcp_fragment+0x378/0x21d0 [ 974.005127] tcp_sacktag_walk+0xe88/0x29d0 [ 974.005127] tcp_sacktag_write_queue+0x2805/0x4630 [ 974.005127] ? __update_load_avg_cfs_rq+0x105/0x10b0 [ 974.005127] tcp_ack+0x2888/0xa010 [ 974.005127] ? tcp_parse_options+0xbe/0x1cf0 [ 974.005127] ? tcp_validate_incoming+0x50b/0x29d0 [ 974.005127] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 974.005127] ? tcp_parse_options+0x1c55/0x1cf0 [ 974.005127] tcp_rcv_established+0xf7e/0x2940 [ 974.005127] ? __msan_get_context_state+0x9/0x20 [ 974.005127] tcp_v4_do_rcv+0x686/0xd80 [ 974.005127] ? inet_sk_rx_dst_set+0x200/0x200 [ 974.005127] __release_sock+0x32d/0x750 [ 974.005127] release_sock+0x99/0x2a0 [ 974.005127] sk_stream_wait_memory+0x9cc/0x1430 [ 974.005127] ? wait_woken+0x5b0/0x5b0 [ 974.005127] tcp_sendmsg_locked+0x1bca/0x6c30 [ 974.005127] ? kmsan_internal_unpoison_shadow+0x10/0xd0 [ 974.005127] tcp_sendmsg+0xb2/0x100 [ 974.005127] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 974.005127] inet_sendmsg+0x4e9/0x800 [ 974.005127] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 974.005127] ? security_socket_sendmsg+0x1bd/0x200 [ 974.005127] ? inet_getname+0x490/0x490 [ 974.005127] __sys_sendto+0x940/0xb80 [ 974.136300] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 974.136300] ? prepare_exit_to_usermode+0x182/0x4c0 [ 974.136300] __se_sys_sendto+0x107/0x130 [ 974.136300] __x64_sys_sendto+0x6e/0x90 [ 974.136300] do_syscall_64+0xcf/0x110 [ 974.136300] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 974.136300] RIP: 0033:0x457569 [ 974.136300] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 974.136300] RSP: 002b:00007fcc19083c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 974.136300] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 974.136300] RDX: fffffffffffffe6e RSI: 0000000020a88f88 RDI: 0000000000000003 [ 974.136300] RBP: 000000000072bfa0 R08: 0000000020e68000 R09: 0000000000000010 [ 974.136300] R10: 0000000020000000 R11: 0000000000000246 R12: 00007fcc190846d4 [ 974.136300] R13: 00000000004c406f R14: 00000000004d68f8 R15: 00000000ffffffff [ 974.136300] Uninit was stored to memory at: [ 974.136300] kmsan_internal_chain_origin+0x136/0x240 [ 974.136300] __msan_chain_origin+0x6d/0xb0 [ 974.136300] __save_stack_trace+0x8be/0xc60 06:18:05 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000300)=ANY=[], &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) read(r1, &(0x7f0000000600)=""/207, 0xcf) 06:18:05 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getrandom(&(0x7f0000001200)=""/4096, 0x1000, 0x4) [ 974.136300] save_stack_trace+0xc6/0x110 [ 974.136300] kmsan_internal_chain_origin+0x136/0x240 [ 974.136300] kmsan_memcpy_origins+0x13d/0x190 [ 974.136300] __msan_memcpy+0x6f/0x80 [ 974.136300] pskb_expand_head+0x436/0x1d20 [ 974.136300] tcp_fragment+0x378/0x21d0 [ 974.136300] tcp_sacktag_walk+0xe88/0x29d0 [ 974.136300] tcp_sacktag_write_queue+0x2805/0x4630 [ 974.136300] tcp_ack+0x2888/0xa010 [ 974.287866] tcp_rcv_established+0xf7e/0x2940 [ 974.289550] tcp_v4_do_rcv+0x686/0xd80 [ 974.289550] __release_sock+0x32d/0x750 [ 974.289550] release_sock+0x99/0x2a0 [ 974.289550] sk_stream_wait_memory+0x9cc/0x1430 [ 974.289550] tcp_sendmsg_locked+0x1bca/0x6c30 [ 974.289550] tcp_sendmsg+0xb2/0x100 [ 974.289550] inet_sendmsg+0x4e9/0x800 [ 974.289550] __sys_sendto+0x940/0xb80 [ 974.323981] __se_sys_sendto+0x107/0x130 [ 974.327610] __x64_sys_sendto+0x6e/0x90 [ 974.327610] do_syscall_64+0xcf/0x110 [ 974.327610] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 974.327610] [ 974.327610] Uninit was stored to memory at: [ 974.327610] kmsan_internal_chain_origin+0x136/0x240 06:18:05 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0x0) [ 974.327610] __msan_chain_origin+0x6d/0xb0 [ 974.327610] __save_stack_trace+0x8be/0xc60 [ 974.327610] save_stack_trace+0xc6/0x110 [ 974.327610] kmsan_internal_chain_origin+0x136/0x240 [ 974.327610] kmsan_memcpy_origins+0x13d/0x190 [ 974.327610] __msan_memcpy+0x6f/0x80 [ 974.327610] pskb_expand_head+0x436/0x1d20 [ 974.327610] tcp_fragment+0x378/0x21d0 [ 974.327610] tcp_sacktag_walk+0xe88/0x29d0 [ 974.327610] tcp_sacktag_write_queue+0x2805/0x4630 [ 974.327610] tcp_ack+0x2888/0xa010 [ 974.327610] tcp_rcv_established+0xf7e/0x2940 [ 974.327610] tcp_v4_do_rcv+0x686/0xd80 [ 974.327610] __release_sock+0x32d/0x750 [ 974.327610] release_sock+0x99/0x2a0 [ 974.327610] sk_stream_wait_memory+0x9cc/0x1430 [ 974.327610] tcp_sendmsg_locked+0x1bca/0x6c30 [ 974.327610] tcp_sendmsg+0xb2/0x100 [ 974.327610] inet_sendmsg+0x4e9/0x800 [ 974.430771] __sys_sendto+0x940/0xb80 [ 974.435918] __se_sys_sendto+0x107/0x130 [ 974.435918] __x64_sys_sendto+0x6e/0x90 [ 974.435918] do_syscall_64+0xcf/0x110 [ 974.435918] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 974.435918] [ 974.435918] Uninit was stored to memory at: [ 974.435918] kmsan_internal_chain_origin+0x136/0x240 [ 974.435918] __msan_chain_origin+0x6d/0xb0 [ 974.435918] __save_stack_trace+0x8be/0xc60 [ 974.435918] save_stack_trace+0xc6/0x110 [ 974.435918] kmsan_internal_chain_origin+0x136/0x240 [ 974.435918] kmsan_memcpy_origins+0x13d/0x190 [ 974.435918] __msan_memcpy+0x6f/0x80 [ 974.435918] pskb_expand_head+0x436/0x1d20 [ 974.435918] tcp_fragment+0x378/0x21d0 [ 974.435918] tcp_sacktag_walk+0xe88/0x29d0 [ 974.435918] tcp_sacktag_write_queue+0x2805/0x4630 [ 974.435918] tcp_ack+0x2888/0xa010 [ 974.435918] tcp_rcv_established+0xf7e/0x2940 [ 974.435918] tcp_v4_do_rcv+0x686/0xd80 [ 974.435918] __release_sock+0x32d/0x750 [ 974.435918] release_sock+0x99/0x2a0 [ 974.435918] sk_stream_wait_memory+0x9cc/0x1430 [ 974.435918] tcp_sendmsg_locked+0x1bca/0x6c30 [ 974.435918] tcp_sendmsg+0xb2/0x100 [ 974.435918] inet_sendmsg+0x4e9/0x800 [ 974.435918] __sys_sendto+0x940/0xb80 [ 974.435918] __se_sys_sendto+0x107/0x130 [ 974.435918] __x64_sys_sendto+0x6e/0x90 [ 974.435918] do_syscall_64+0xcf/0x110 [ 974.435918] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 974.435918] [ 974.435918] Uninit was stored to memory at: [ 974.435918] kmsan_internal_chain_origin+0x136/0x240 [ 974.435918] __msan_chain_origin+0x6d/0xb0 [ 974.435918] __save_stack_trace+0x8be/0xc60 [ 974.435918] save_stack_trace+0xc6/0x110 [ 974.435918] kmsan_internal_chain_origin+0x136/0x240 [ 974.435918] kmsan_memcpy_origins+0x13d/0x190 [ 974.435918] __msan_memcpy+0x6f/0x80 [ 974.435918] pskb_expand_head+0x436/0x1d20 [ 974.435918] tcp_fragment+0x378/0x21d0 [ 974.435918] tcp_sacktag_walk+0xe88/0x29d0 [ 974.435918] tcp_sacktag_write_queue+0x2805/0x4630 [ 974.435918] tcp_ack+0x2888/0xa010 [ 974.435918] tcp_rcv_established+0xf7e/0x2940 [ 974.435918] tcp_v4_do_rcv+0x686/0xd80 [ 974.435918] __release_sock+0x32d/0x750 [ 974.435918] release_sock+0x99/0x2a0 [ 974.435918] sk_stream_wait_memory+0x9cc/0x1430 [ 974.435918] tcp_sendmsg_locked+0x1bca/0x6c30 [ 974.435918] tcp_sendmsg+0xb2/0x100 [ 974.435918] inet_sendmsg+0x4e9/0x800 [ 974.435918] __sys_sendto+0x940/0xb80 [ 974.435918] __se_sys_sendto+0x107/0x130 [ 974.435918] __x64_sys_sendto+0x6e/0x90 [ 974.435918] do_syscall_64+0xcf/0x110 [ 974.435918] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 974.435918] [ 974.435918] Uninit was stored to memory at: [ 974.435918] kmsan_internal_chain_origin+0x136/0x240 [ 974.435918] __msan_chain_origin+0x6d/0xb0 [ 974.435918] __save_stack_trace+0x8be/0xc60 [ 974.435918] save_stack_trace+0xc6/0x110 [ 974.435918] kmsan_internal_chain_origin+0x136/0x240 [ 974.435918] kmsan_memcpy_origins+0x13d/0x190 [ 974.435918] __msan_memcpy+0x6f/0x80 [ 974.435918] pskb_expand_head+0x436/0x1d20 [ 974.435918] tcp_fragment+0x378/0x21d0 [ 974.435918] tcp_sacktag_walk+0xe88/0x29d0 [ 974.435918] tcp_sacktag_write_queue+0x2805/0x4630 [ 974.435918] tcp_ack+0x2888/0xa010 [ 974.435918] tcp_rcv_established+0xf7e/0x2940 [ 974.435918] tcp_v4_do_rcv+0x686/0xd80 [ 974.435918] __release_sock+0x32d/0x750 [ 974.435918] release_sock+0x99/0x2a0 06:18:05 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0x0) [ 974.435918] sk_stream_wait_memory+0x9cc/0x1430 [ 974.435918] tcp_sendmsg_locked+0x1bca/0x6c30 [ 974.435918] tcp_sendmsg+0xb2/0x100 [ 974.435918] inet_sendmsg+0x4e9/0x800 [ 974.435918] __sys_sendto+0x940/0xb80 [ 974.435918] __se_sys_sendto+0x107/0x130 [ 974.435918] __x64_sys_sendto+0x6e/0x90 [ 974.435918] do_syscall_64+0xcf/0x110 [ 974.435918] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 974.435918] [ 974.435918] Uninit was stored to memory at: [ 974.435918] kmsan_internal_chain_origin+0x136/0x240 [ 974.435918] __msan_chain_origin+0x6d/0xb0 [ 974.435918] __save_stack_trace+0x8be/0xc60 [ 974.435918] save_stack_trace+0xc6/0x110 [ 974.435918] kmsan_internal_chain_origin+0x136/0x240 [ 974.435918] kmsan_memcpy_origins+0x13d/0x190 [ 974.435918] __msan_memcpy+0x6f/0x80 [ 974.435918] pskb_expand_head+0x436/0x1d20 [ 974.435918] tcp_fragment+0x378/0x21d0 [ 974.435918] tcp_sacktag_walk+0xe88/0x29d0 [ 974.435918] tcp_sacktag_write_queue+0x2805/0x4630 [ 974.435918] tcp_ack+0x2888/0xa010 [ 974.435918] tcp_rcv_established+0xf7e/0x2940 [ 974.435918] tcp_v4_do_rcv+0x686/0xd80 [ 974.435918] __release_sock+0x32d/0x750 [ 974.435918] release_sock+0x99/0x2a0 [ 974.435918] sk_stream_wait_memory+0x9cc/0x1430 [ 974.435918] tcp_sendmsg_locked+0x1bca/0x6c30 [ 974.435918] tcp_sendmsg+0xb2/0x100 [ 974.435918] inet_sendmsg+0x4e9/0x800 [ 974.435918] __sys_sendto+0x940/0xb80 [ 974.435918] __se_sys_sendto+0x107/0x130 [ 974.435918] __x64_sys_sendto+0x6e/0x90 [ 974.435918] do_syscall_64+0xcf/0x110 [ 974.435918] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 974.435918] [ 974.435918] Uninit was stored to memory at: [ 974.435918] kmsan_internal_chain_origin+0x136/0x240 [ 974.435918] __msan_chain_origin+0x6d/0xb0 [ 974.435918] __save_stack_trace+0x8be/0xc60 [ 974.435918] save_stack_trace+0xc6/0x110 [ 974.435918] kmsan_internal_chain_origin+0x136/0x240 [ 974.435918] kmsan_memcpy_origins+0x13d/0x190 [ 974.435918] __msan_memcpy+0x6f/0x80 [ 974.435918] pskb_expand_head+0x436/0x1d20 [ 974.435918] tcp_fragment+0x378/0x21d0 [ 974.435918] tcp_sacktag_walk+0xe88/0x29d0 [ 974.435918] tcp_sacktag_write_queue+0x2805/0x4630 [ 974.435918] tcp_ack+0x2888/0xa010 [ 974.435918] tcp_rcv_established+0xf7e/0x2940 [ 974.435918] tcp_v4_do_rcv+0x686/0xd80 [ 974.435918] __release_sock+0x32d/0x750 [ 974.435918] release_sock+0x99/0x2a0 [ 974.435918] sk_stream_wait_memory+0x9cc/0x1430 [ 974.435918] tcp_sendmsg_locked+0x1bca/0x6c30 [ 974.435918] tcp_sendmsg+0xb2/0x100 [ 974.435918] inet_sendmsg+0x4e9/0x800 [ 974.435918] __sys_sendto+0x940/0xb80 [ 974.435918] __se_sys_sendto+0x107/0x130 [ 974.435918] __x64_sys_sendto+0x6e/0x90 06:18:06 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000300)=ANY=[], &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) ftruncate(r1, 0x0) [ 974.435918] do_syscall_64+0xcf/0x110 [ 974.435918] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 974.435918] [ 974.435918] Local variable description: ----_tcph@tcp_packet [ 974.435918] Variable was created at: [ 974.435918] tcp_packet+0xe1/0x73c0 [ 974.435918] nf_conntrack_in+0x9f0/0x1edd [ 975.131872] not chained 330000 origins [ 975.135802] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc3+ #89 [ 975.141767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 975.141767] Call Trace: [ 975.141767] dump_stack+0x32d/0x480 [ 975.141767] kmsan_internal_chain_origin+0x222/0x240 [ 975.161931] ? kmsan_set_origin+0x7f/0x100 [ 975.165780] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 975.165780] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 975.165780] ? kmsan_internal_chain_origin+0x90/0x240 [ 975.165780] ? inet_rtm_getroute+0x40b0/0x4150 [ 975.165780] ? __entry_text_end+0x7/0x7 [ 975.165780] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 975.196993] ? in_task_stack+0x12c/0x210 [ 975.196993] __msan_chain_origin+0x6d/0xb0 [ 975.196993] ? net_rx_action+0x98f/0x1d50 [ 975.196993] __save_stack_trace+0x8be/0xc60 [ 975.196993] ? net_rx_action+0x98f/0x1d50 [ 975.196993] save_stack_trace+0xc6/0x110 [ 975.196993] kmsan_internal_chain_origin+0x136/0x240 [ 975.196993] ? run_ksoftirqd+0x37/0x60 [ 975.231903] ? kmsan_internal_chain_origin+0x136/0x240 [ 975.231903] ? kmsan_memcpy_origins+0x13d/0x190 [ 975.231903] ? __msan_memcpy+0x6f/0x80 [ 975.231903] ? pskb_expand_head+0x436/0x1d20 [ 975.231903] ? skb_shift+0xce2/0x2d10 [ 975.231903] ? tcp_sacktag_walk+0x2156/0x29d0 [ 975.231903] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 975.231903] ? tcp_ack+0x2888/0xa010 [ 975.231903] ? tcp_rcv_established+0xf7e/0x2940 [ 975.231903] ? tcp_v4_do_rcv+0x686/0xd80 [ 975.231903] ? tcp_v4_rcv+0x5a13/0x6520 [ 975.231903] ? ip_local_deliver_finish+0x8d8/0xff0 [ 975.231903] ? ip_local_deliver+0x44b/0x510 [ 975.231903] ? ip_rcv+0x6b6/0x740 [ 975.231903] ? process_backlog+0x82b/0x11e0 [ 975.231903] ? net_rx_action+0x98f/0x1d50 [ 975.231903] ? __do_softirq+0x721/0xc7f [ 975.231903] ? run_ksoftirqd+0x37/0x60 [ 975.231903] ? smpboot_thread_fn+0x69c/0xb30 [ 975.231903] ? kthread+0x5e7/0x620 [ 975.231903] ? ret_from_fork+0x35/0x40 [ 975.231903] ? memcg_kmem_put_cache+0x73/0x460 [ 975.231903] ? __kmalloc_node_track_caller+0x1010/0x14e0 [ 975.231903] ? __msan_get_context_state+0x9/0x20 [ 975.231903] ? INIT_INT+0xc/0x30 [ 975.231903] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 975.231903] kmsan_memcpy_origins+0x13d/0x190 [ 975.231903] __msan_memcpy+0x6f/0x80 [ 975.231903] pskb_expand_head+0x436/0x1d20 [ 975.231903] skb_shift+0xce2/0x2d10 [ 975.231903] tcp_sacktag_walk+0x2156/0x29d0 [ 975.231903] tcp_sacktag_write_queue+0x2805/0x4630 [ 975.231903] tcp_ack+0x2888/0xa010 [ 975.231903] ? tcp_parse_options+0xbe/0x1cf0 [ 975.231903] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 975.231903] ? tcp_parse_options+0x1c55/0x1cf0 [ 975.231903] tcp_rcv_established+0xf7e/0x2940 [ 975.231903] ? __msan_get_context_state+0x9/0x20 [ 975.231903] tcp_v4_do_rcv+0x686/0xd80 [ 975.231903] tcp_v4_rcv+0x5a13/0x6520 [ 975.231903] ? tcp_filter+0x260/0x260 [ 975.231903] ip_local_deliver_finish+0x8d8/0xff0 [ 975.231903] ? nf_hook_slow+0x36f/0x3d0 [ 975.231903] ip_local_deliver+0x44b/0x510 [ 975.231903] ? ip_local_deliver+0x510/0x510 [ 975.231903] ? ip_call_ra_chain+0x7a0/0x7a0 [ 975.431908] ip_rcv+0x6b6/0x740 [ 975.431908] ? ip_rcv_core+0x1370/0x1370 [ 975.431908] process_backlog+0x82b/0x11e0 [ 975.443001] ? ip_local_deliver_finish+0xff0/0xff0 [ 975.443001] ? rps_trigger_softirq+0x2e0/0x2e0 [ 975.451912] net_rx_action+0x98f/0x1d50 [ 975.451912] ? net_tx_action+0xf20/0xf20 [ 975.451912] __do_softirq+0x721/0xc7f [ 975.451912] ? ksoftirqd_should_run+0x50/0x50 [ 975.451912] run_ksoftirqd+0x37/0x60 [ 975.451912] smpboot_thread_fn+0x69c/0xb30 [ 975.451912] kthread+0x5e7/0x620 [ 975.451912] ? cpu_report_death+0x4a0/0x4a0 [ 975.451912] ? INIT_BOOL+0x30/0x30 [ 975.451912] ret_from_fork+0x35/0x40 [ 975.451912] Uninit was stored to memory at: [ 975.451912] kmsan_internal_chain_origin+0x136/0x240 [ 975.451912] __msan_chain_origin+0x6d/0xb0 [ 975.506503] __save_stack_trace+0x8be/0xc60 [ 975.506503] save_stack_trace+0xc6/0x110 [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] kmsan_memcpy_origins+0x13d/0x190 [ 975.506503] __msan_memcpy+0x6f/0x80 [ 975.506503] pskb_expand_head+0x436/0x1d20 [ 975.506503] skb_shift+0xce2/0x2d10 [ 975.506503] tcp_sacktag_walk+0x2156/0x29d0 [ 975.506503] tcp_sacktag_write_queue+0x2805/0x4630 [ 975.506503] tcp_ack+0x2888/0xa010 [ 975.506503] tcp_rcv_established+0xf7e/0x2940 [ 975.506503] tcp_v4_do_rcv+0x686/0xd80 [ 975.506503] tcp_v4_rcv+0x5a13/0x6520 [ 975.506503] ip_local_deliver_finish+0x8d8/0xff0 [ 975.506503] ip_local_deliver+0x44b/0x510 [ 975.506503] ip_rcv+0x6b6/0x740 [ 975.506503] process_backlog+0x82b/0x11e0 [ 975.506503] net_rx_action+0x98f/0x1d50 [ 975.506503] __do_softirq+0x721/0xc7f [ 975.506503] [ 975.506503] Uninit was stored to memory at: [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] __msan_chain_origin+0x6d/0xb0 [ 975.506503] __save_stack_trace+0x8be/0xc60 [ 975.506503] save_stack_trace+0xc6/0x110 [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] kmsan_memcpy_origins+0x13d/0x190 [ 975.506503] __msan_memcpy+0x6f/0x80 [ 975.506503] pskb_expand_head+0x436/0x1d20 [ 975.506503] skb_shift+0xce2/0x2d10 [ 975.506503] tcp_sacktag_walk+0x2156/0x29d0 [ 975.506503] tcp_sacktag_write_queue+0x2805/0x4630 [ 975.506503] tcp_ack+0x2888/0xa010 [ 975.506503] tcp_rcv_established+0xf7e/0x2940 [ 975.506503] tcp_v4_do_rcv+0x686/0xd80 [ 975.506503] tcp_v4_rcv+0x5a13/0x6520 [ 975.506503] ip_local_deliver_finish+0x8d8/0xff0 [ 975.506503] ip_local_deliver+0x44b/0x510 [ 975.506503] ip_rcv+0x6b6/0x740 [ 975.506503] process_backlog+0x82b/0x11e0 [ 975.506503] net_rx_action+0x98f/0x1d50 [ 975.506503] __do_softirq+0x721/0xc7f [ 975.506503] [ 975.506503] Uninit was stored to memory at: [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] __msan_chain_origin+0x6d/0xb0 [ 975.506503] __save_stack_trace+0x8be/0xc60 [ 975.506503] save_stack_trace+0xc6/0x110 [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] kmsan_memcpy_origins+0x13d/0x190 [ 975.506503] __msan_memcpy+0x6f/0x80 [ 975.506503] pskb_expand_head+0x436/0x1d20 [ 975.506503] skb_shift+0xce2/0x2d10 [ 975.506503] tcp_sacktag_walk+0x2156/0x29d0 [ 975.506503] tcp_sacktag_write_queue+0x2805/0x4630 [ 975.506503] tcp_ack+0x2888/0xa010 [ 975.506503] tcp_rcv_established+0xf7e/0x2940 [ 975.506503] tcp_v4_do_rcv+0x686/0xd80 [ 975.506503] tcp_v4_rcv+0x5a13/0x6520 [ 975.506503] ip_local_deliver_finish+0x8d8/0xff0 [ 975.506503] ip_local_deliver+0x44b/0x510 [ 975.506503] ip_rcv+0x6b6/0x740 [ 975.506503] process_backlog+0x82b/0x11e0 [ 975.506503] net_rx_action+0x98f/0x1d50 [ 975.506503] __do_softirq+0x721/0xc7f [ 975.506503] [ 975.506503] Uninit was stored to memory at: [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] __msan_chain_origin+0x6d/0xb0 [ 975.506503] __save_stack_trace+0x8be/0xc60 [ 975.506503] save_stack_trace+0xc6/0x110 [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] kmsan_memcpy_origins+0x13d/0x190 [ 975.506503] __msan_memcpy+0x6f/0x80 [ 975.506503] pskb_expand_head+0x436/0x1d20 [ 975.506503] skb_shift+0xce2/0x2d10 [ 975.506503] tcp_sacktag_walk+0x2156/0x29d0 [ 975.506503] tcp_sacktag_write_queue+0x2805/0x4630 [ 975.506503] tcp_ack+0x2888/0xa010 [ 975.506503] tcp_rcv_established+0xf7e/0x2940 [ 975.506503] tcp_v4_do_rcv+0x686/0xd80 [ 975.506503] tcp_v4_rcv+0x5a13/0x6520 [ 975.506503] ip_local_deliver_finish+0x8d8/0xff0 [ 975.506503] ip_local_deliver+0x44b/0x510 [ 975.506503] ip_rcv+0x6b6/0x740 [ 975.506503] process_backlog+0x82b/0x11e0 [ 975.506503] net_rx_action+0x98f/0x1d50 [ 975.506503] __do_softirq+0x721/0xc7f [ 975.506503] [ 975.506503] Uninit was stored to memory at: [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] __msan_chain_origin+0x6d/0xb0 [ 975.506503] __save_stack_trace+0x8be/0xc60 [ 975.506503] save_stack_trace+0xc6/0x110 [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] kmsan_memcpy_origins+0x13d/0x190 [ 975.506503] __msan_memcpy+0x6f/0x80 [ 975.506503] pskb_expand_head+0x436/0x1d20 [ 975.506503] skb_shift+0xce2/0x2d10 [ 975.506503] tcp_sacktag_walk+0x2156/0x29d0 [ 975.506503] tcp_sacktag_write_queue+0x2805/0x4630 [ 975.506503] tcp_ack+0x2888/0xa010 [ 975.506503] tcp_rcv_established+0xf7e/0x2940 [ 975.506503] tcp_v4_do_rcv+0x686/0xd80 [ 975.506503] tcp_v4_rcv+0x5a13/0x6520 [ 975.506503] ip_local_deliver_finish+0x8d8/0xff0 [ 975.506503] ip_local_deliver+0x44b/0x510 [ 975.506503] ip_rcv+0x6b6/0x740 [ 975.506503] process_backlog+0x82b/0x11e0 [ 975.506503] net_rx_action+0x98f/0x1d50 [ 975.506503] __do_softirq+0x721/0xc7f [ 975.506503] [ 975.506503] Uninit was stored to memory at: [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] __msan_chain_origin+0x6d/0xb0 [ 975.506503] __save_stack_trace+0x8be/0xc60 [ 975.506503] save_stack_trace+0xc6/0x110 [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] kmsan_memcpy_origins+0x13d/0x190 [ 975.506503] __msan_memcpy+0x6f/0x80 [ 975.506503] pskb_expand_head+0x436/0x1d20 [ 975.506503] skb_shift+0xce2/0x2d10 [ 975.506503] tcp_sacktag_walk+0x2156/0x29d0 [ 975.506503] tcp_sacktag_write_queue+0x2805/0x4630 [ 975.506503] tcp_ack+0x2888/0xa010 [ 975.506503] tcp_rcv_established+0xf7e/0x2940 [ 975.506503] tcp_v4_do_rcv+0x686/0xd80 [ 975.506503] tcp_v4_rcv+0x5a13/0x6520 [ 975.506503] ip_local_deliver_finish+0x8d8/0xff0 [ 975.506503] ip_local_deliver+0x44b/0x510 [ 975.506503] ip_rcv+0x6b6/0x740 [ 975.506503] process_backlog+0x82b/0x11e0 [ 975.506503] net_rx_action+0x98f/0x1d50 [ 975.506503] __do_softirq+0x721/0xc7f [ 975.506503] [ 975.506503] Uninit was stored to memory at: [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] __msan_chain_origin+0x6d/0xb0 [ 975.506503] __save_stack_trace+0x8be/0xc60 [ 975.506503] save_stack_trace+0xc6/0x110 [ 975.506503] kmsan_internal_chain_origin+0x136/0x240 [ 975.506503] kmsan_memcpy_origins+0x13d/0x190 [ 975.506503] __msan_memcpy+0x6f/0x80 [ 975.506503] pskb_expand_head+0x436/0x1d20 [ 975.506503] skb_shift+0xce2/0x2d10 [ 975.506503] tcp_sacktag_walk+0x2156/0x29d0 [ 975.506503] tcp_sacktag_write_queue+0x2805/0x4630 [ 975.506503] tcp_ack+0x2888/0xa010 [ 975.506503] tcp_rcv_established+0xf7e/0x2940 [ 975.506503] tcp_v4_do_rcv+0x686/0xd80 [ 975.506503] tcp_v4_rcv+0x5a13/0x6520 [ 975.506503] ip_local_deliver_finish+0x8d8/0xff0 [ 975.506503] ip_local_deliver+0x44b/0x510 [ 975.506503] ip_rcv+0x6b6/0x740 [ 975.506503] process_backlog+0x82b/0x11e0 [ 975.506503] net_rx_action+0x98f/0x1d50 [ 975.506503] __do_softirq+0x721/0xc7f [ 975.506503] [ 975.506503] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 975.506503] Variable was created at: [ 975.506503] ipv4_conntrack_local+0x75/0x470 [ 975.506503] nf_hook_slow+0x15c/0x3d0 [ 976.540669] not chained 340000 origins [ 976.541805] CPU: 1 PID: 28693 Comm: syz-executor1 Not tainted 4.20.0-rc3+ #89 [ 976.541805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 976.541805] Call Trace: [ 976.541805] [ 976.541805] dump_stack+0x32d/0x480 [ 976.541805] kmsan_internal_chain_origin+0x222/0x240 [ 976.541805] ? __msan_instrument_asm_store+0x9a/0x110 [ 976.541805] ? ktime_get+0x2e6/0x420 [ 976.541805] ? native_apic_mem_write+0x52/0xa0 [ 976.541805] ? flat_init_apic_ldr+0x180/0x180 [ 976.590975] ? lapic_next_event+0x6f/0xa0 [ 976.590975] ? clockevents_program_event+0x467/0x6d0 [ 976.590975] ? INIT_INT+0x30/0x30 [ 976.590975] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 976.590975] ? __module_address+0x6a/0x5f0 [ 976.590975] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 976.590975] ? is_bpf_text_address+0x49e/0x4d0 [ 976.590975] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 976.590975] __msan_chain_origin+0x6d/0xb0 [ 976.590975] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 976.635537] __save_stack_trace+0x8be/0xc60 [ 976.641844] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 976.648381] save_stack_trace+0xc6/0x110 [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] ? irq_exit+0x305/0x340 [ 976.648381] ? bpf_prog_select_runtime+0x941/0x9e0 [ 976.648381] ? kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] ? kmsan_memcpy_origins+0x13d/0x190 [ 976.648381] ? __msan_memcpy+0x6f/0x80 [ 976.648381] ? pskb_expand_head+0x436/0x1d20 [ 976.648381] ? skb_shift+0xce2/0x2d10 [ 976.648381] ? tcp_sacktag_walk+0x2156/0x29d0 [ 976.648381] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 976.648381] ? tcp_ack+0x2888/0xa010 [ 976.648381] ? tcp_rcv_established+0xf7e/0x2940 [ 976.648381] ? tcp_v4_do_rcv+0x686/0xd80 [ 976.648381] ? tcp_v4_rcv+0x5a13/0x6520 [ 976.648381] ? ip_local_deliver_finish+0x8d8/0xff0 [ 976.648381] ? ip_local_deliver+0x44b/0x510 [ 976.648381] ? ip_rcv+0x6b6/0x740 [ 976.648381] ? process_backlog+0x82b/0x11e0 [ 976.648381] ? net_rx_action+0x98f/0x1d50 [ 976.648381] ? __do_softirq+0x721/0xc7f [ 976.648381] ? irq_exit+0x305/0x340 [ 976.648381] ? exiting_irq+0xe/0x10 [ 976.648381] ? smp_apic_timer_interrupt+0x64/0x90 [ 976.648381] ? apic_timer_interrupt+0xf/0x20 [ 976.648381] ? finish_lock_switch+0x2b/0x40 [ 976.648381] ? finish_task_switch+0x17e/0x410 [ 976.648381] ? __schedule+0x8a8/0xa60 [ 976.648381] ? __cond_resched_lock+0x9f/0x170 [ 976.648381] ? __purge_vmap_area_lazy+0x550/0x690 [ 976.648381] ? vm_unmap_aliases+0x616/0x6c0 [ 976.648381] ? change_page_attr_set_clr+0x666/0x1d90 [ 976.648381] ? set_memory_ro+0xdd/0x130 [ 976.648381] ? bpf_int_jit_compile+0x755c/0x8300 [ 976.648381] ? bpf_prog_select_runtime+0x941/0x9e0 [ 976.648381] ? bpf_prepare_filter+0x1913/0x1d70 [ 976.648381] ? __get_filter+0x61a/0x7d0 [ 976.648381] ? sk_attach_filter+0x72/0x2e0 [ 976.648381] ? sock_setsockopt+0x3e43/0x5230 [ 976.648381] ? __sys_setsockopt+0x336/0x540 [ 976.648381] ? __se_sys_setsockopt+0xdd/0x100 [ 976.648381] ? __x64_sys_setsockopt+0x62/0x80 [ 976.648381] ? do_syscall_64+0xcf/0x110 [ 976.648381] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 976.648381] ? __msan_get_context_state+0x9/0x20 [ 976.648381] ? INIT_INT+0xc/0x30 [ 976.648381] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 976.648381] kmsan_memcpy_origins+0x13d/0x190 [ 976.648381] __msan_memcpy+0x6f/0x80 [ 976.648381] pskb_expand_head+0x436/0x1d20 [ 976.648381] skb_shift+0xce2/0x2d10 [ 976.648381] tcp_sacktag_walk+0x2156/0x29d0 [ 976.648381] tcp_sacktag_write_queue+0x2805/0x4630 [ 976.648381] tcp_ack+0x2888/0xa010 [ 976.648381] ? tcp_parse_options+0xbe/0x1cf0 [ 976.648381] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 976.648381] ? tcp_parse_options+0x1c55/0x1cf0 [ 976.648381] tcp_rcv_established+0xf7e/0x2940 [ 976.648381] ? __msan_get_context_state+0x9/0x20 [ 976.648381] tcp_v4_do_rcv+0x686/0xd80 [ 976.648381] tcp_v4_rcv+0x5a13/0x6520 [ 976.648381] ? tcp_filter+0x260/0x260 [ 976.648381] ip_local_deliver_finish+0x8d8/0xff0 [ 976.648381] ? nf_hook_slow+0x36f/0x3d0 [ 976.648381] ip_local_deliver+0x44b/0x510 [ 976.648381] ? ip_local_deliver+0x510/0x510 [ 976.648381] ? ip_call_ra_chain+0x7a0/0x7a0 [ 976.648381] ip_rcv+0x6b6/0x740 [ 976.648381] ? ip_rcv_core+0x1370/0x1370 [ 976.648381] process_backlog+0x82b/0x11e0 [ 976.648381] ? ip_local_deliver_finish+0xff0/0xff0 [ 976.648381] ? rps_trigger_softirq+0x2e0/0x2e0 [ 976.648381] net_rx_action+0x98f/0x1d50 [ 976.648381] ? net_tx_action+0xf20/0xf20 [ 976.648381] __do_softirq+0x721/0xc7f [ 976.648381] irq_exit+0x305/0x340 [ 976.648381] exiting_irq+0xe/0x10 [ 976.648381] smp_apic_timer_interrupt+0x64/0x90 [ 976.648381] apic_timer_interrupt+0xf/0x20 [ 976.648381] [ 976.648381] RIP: 0010:finish_lock_switch+0x2b/0x40 [ 976.648381] Code: 48 89 e5 53 48 89 fb e8 d3 f4 9b 00 8b b8 88 0c 00 00 48 8b 00 48 85 c0 75 12 48 89 df e8 3d ea 9b 00 c6 00 00 c6 03 00 fb 5b <5d> c3 e8 ee f3 9b 00 eb e7 66 90 66 2e 0f 1f 84 00 00 00 00 00 55 [ 976.648381] RSP: 0018:ffff888101b0f368 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 976.648381] RAX: ffff8881dc3b8b80 RBX: ffff8881add15a00 RCX: ffff8881dc3b8b80 [ 976.648381] RDX: ffff8881dc3b9b80 RSI: 0000160000000000 RDI: aaaaaaaaaaaab000 [ 976.648381] RBP: ffff888101b0f368 R08: ffff888000000000 R09: 0000000000000002 [ 976.648381] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88810fb6bc00 [ 976.648381] R13: ffff88821fdb8510 R14: ffff88810fb6c588 R15: ffff88821fdb7b80 [ 976.648381] finish_task_switch+0x17e/0x410 [ 976.648381] __schedule+0x8a8/0xa60 [ 976.648381] __cond_resched_lock+0x9f/0x170 [ 976.648381] __purge_vmap_area_lazy+0x550/0x690 [ 976.648381] vm_unmap_aliases+0x616/0x6c0 [ 976.648381] change_page_attr_set_clr+0x666/0x1d90 [ 976.648381] ? __btrfs_end_transaction+0xa1e/0x1e60 [ 976.648381] set_memory_ro+0xdd/0x130 [ 976.648381] bpf_int_jit_compile+0x755c/0x8300 [ 976.648381] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 976.648381] ? vmalloc_to_page+0x585/0x6c0 [ 976.648381] ? kmsan_get_shadow_origin_ptr+0x142/0x410 [ 976.648381] bpf_prog_select_runtime+0x941/0x9e0 [ 976.648381] bpf_prepare_filter+0x1913/0x1d70 [ 976.648381] __get_filter+0x61a/0x7d0 [ 976.648381] sk_attach_filter+0x72/0x2e0 [ 976.648381] sock_setsockopt+0x3e43/0x5230 [ 976.648381] __sys_setsockopt+0x336/0x540 [ 976.648381] __se_sys_setsockopt+0xdd/0x100 [ 976.648381] __x64_sys_setsockopt+0x62/0x80 [ 976.648381] do_syscall_64+0xcf/0x110 [ 976.648381] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 976.648381] RIP: 0033:0x457569 [ 976.648381] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 976.648381] RSP: 002b:00007fcc19041c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 976.648381] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457569 [ 976.648381] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000005 [ 976.648381] RBP: 000000000072c0e0 R08: 0000000000000010 R09: 0000000000000000 [ 976.648381] R10: 0000000020b86000 R11: 0000000000000246 R12: 00007fcc190426d4 [ 976.648381] R13: 00000000004c42bb R14: 00000000004d6dc0 R15: 00000000ffffffff [ 976.648381] Uninit was stored to memory at: [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] __msan_chain_origin+0x6d/0xb0 [ 976.648381] __save_stack_trace+0x8be/0xc60 [ 976.648381] save_stack_trace+0xc6/0x110 [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] kmsan_memcpy_origins+0x13d/0x190 [ 976.648381] __msan_memcpy+0x6f/0x80 [ 976.648381] pskb_expand_head+0x436/0x1d20 [ 976.648381] skb_shift+0xce2/0x2d10 [ 976.648381] tcp_sacktag_walk+0x2156/0x29d0 [ 976.648381] tcp_sacktag_write_queue+0x2805/0x4630 [ 976.648381] tcp_ack+0x2888/0xa010 [ 976.648381] tcp_rcv_established+0xf7e/0x2940 [ 976.648381] tcp_v4_do_rcv+0x686/0xd80 [ 976.648381] tcp_v4_rcv+0x5a13/0x6520 [ 976.648381] ip_local_deliver_finish+0x8d8/0xff0 [ 976.648381] ip_local_deliver+0x44b/0x510 [ 976.648381] ip_rcv+0x6b6/0x740 [ 976.648381] process_backlog+0x82b/0x11e0 [ 976.648381] net_rx_action+0x98f/0x1d50 [ 976.648381] __do_softirq+0x721/0xc7f [ 976.648381] [ 976.648381] Uninit was stored to memory at: [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] __msan_chain_origin+0x6d/0xb0 [ 976.648381] __save_stack_trace+0x8be/0xc60 [ 976.648381] save_stack_trace+0xc6/0x110 [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] kmsan_memcpy_origins+0x13d/0x190 [ 976.648381] __msan_memcpy+0x6f/0x80 [ 976.648381] pskb_expand_head+0x436/0x1d20 [ 976.648381] skb_shift+0xce2/0x2d10 [ 976.648381] tcp_sacktag_walk+0x2156/0x29d0 [ 976.648381] tcp_sacktag_write_queue+0x2805/0x4630 [ 976.648381] tcp_ack+0x2888/0xa010 [ 976.648381] tcp_rcv_established+0xf7e/0x2940 [ 976.648381] tcp_v4_do_rcv+0x686/0xd80 [ 976.648381] tcp_v4_rcv+0x5a13/0x6520 [ 976.648381] ip_local_deliver_finish+0x8d8/0xff0 [ 976.648381] ip_local_deliver+0x44b/0x510 [ 976.648381] ip_rcv+0x6b6/0x740 [ 976.648381] process_backlog+0x82b/0x11e0 [ 976.648381] net_rx_action+0x98f/0x1d50 [ 976.648381] __do_softirq+0x721/0xc7f [ 976.648381] [ 976.648381] Uninit was stored to memory at: [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] __msan_chain_origin+0x6d/0xb0 [ 976.648381] __save_stack_trace+0x8be/0xc60 [ 976.648381] save_stack_trace+0xc6/0x110 [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] kmsan_memcpy_origins+0x13d/0x190 [ 976.648381] __msan_memcpy+0x6f/0x80 [ 976.648381] pskb_expand_head+0x436/0x1d20 [ 976.648381] skb_shift+0xce2/0x2d10 [ 976.648381] tcp_sacktag_walk+0x2156/0x29d0 [ 976.648381] tcp_sacktag_write_queue+0x2805/0x4630 [ 976.648381] tcp_ack+0x2888/0xa010 [ 976.648381] tcp_rcv_established+0xf7e/0x2940 [ 976.648381] tcp_v4_do_rcv+0x686/0xd80 [ 976.648381] tcp_v4_rcv+0x5a13/0x6520 [ 976.648381] ip_local_deliver_finish+0x8d8/0xff0 [ 976.648381] ip_local_deliver+0x44b/0x510 [ 976.648381] ip_rcv+0x6b6/0x740 [ 976.648381] process_backlog+0x82b/0x11e0 [ 976.648381] net_rx_action+0x98f/0x1d50 [ 976.648381] __do_softirq+0x721/0xc7f [ 976.648381] [ 976.648381] Uninit was stored to memory at: [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] __msan_chain_origin+0x6d/0xb0 [ 976.648381] __save_stack_trace+0x8be/0xc60 [ 976.648381] save_stack_trace+0xc6/0x110 [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] kmsan_memcpy_origins+0x13d/0x190 [ 976.648381] __msan_memcpy+0x6f/0x80 [ 976.648381] pskb_expand_head+0x436/0x1d20 [ 976.648381] skb_shift+0xce2/0x2d10 [ 976.648381] tcp_sacktag_walk+0x2156/0x29d0 [ 976.648381] tcp_sacktag_write_queue+0x2805/0x4630 [ 976.648381] tcp_ack+0x2888/0xa010 [ 976.648381] tcp_rcv_established+0xf7e/0x2940 [ 976.648381] tcp_v4_do_rcv+0x686/0xd80 [ 976.648381] tcp_v4_rcv+0x5a13/0x6520 [ 976.648381] ip_local_deliver_finish+0x8d8/0xff0 [ 976.648381] ip_local_deliver+0x44b/0x510 [ 976.648381] ip_rcv+0x6b6/0x740 [ 976.648381] process_backlog+0x82b/0x11e0 [ 976.648381] net_rx_action+0x98f/0x1d50 [ 976.648381] __do_softirq+0x721/0xc7f [ 976.648381] [ 976.648381] Uninit was stored to memory at: [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] __msan_chain_origin+0x6d/0xb0 [ 976.648381] __save_stack_trace+0x8be/0xc60 [ 976.648381] save_stack_trace+0xc6/0x110 [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] kmsan_memcpy_origins+0x13d/0x190 [ 976.648381] __msan_memcpy+0x6f/0x80 [ 976.648381] pskb_expand_head+0x436/0x1d20 [ 976.648381] skb_shift+0xce2/0x2d10 [ 976.648381] tcp_sacktag_walk+0x2156/0x29d0 [ 976.648381] tcp_sacktag_write_queue+0x2805/0x4630 [ 976.648381] tcp_ack+0x2888/0xa010 [ 976.648381] tcp_rcv_established+0xf7e/0x2940 [ 976.648381] tcp_v4_do_rcv+0x686/0xd80 [ 976.648381] tcp_v4_rcv+0x5a13/0x6520 [ 976.648381] ip_local_deliver_finish+0x8d8/0xff0 [ 976.648381] ip_local_deliver+0x44b/0x510 [ 976.648381] ip_rcv+0x6b6/0x740 [ 976.648381] process_backlog+0x82b/0x11e0 [ 976.648381] net_rx_action+0x98f/0x1d50 [ 976.648381] __do_softirq+0x721/0xc7f [ 976.648381] [ 976.648381] Uninit was stored to memory at: [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] __msan_chain_origin+0x6d/0xb0 [ 976.648381] __save_stack_trace+0x8be/0xc60 [ 976.648381] save_stack_trace+0xc6/0x110 [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] kmsan_memcpy_origins+0x13d/0x190 [ 976.648381] __msan_memcpy+0x6f/0x80 [ 976.648381] pskb_expand_head+0x436/0x1d20 [ 976.648381] skb_shift+0xce2/0x2d10 [ 976.648381] tcp_sacktag_walk+0x2156/0x29d0 [ 976.648381] tcp_sacktag_write_queue+0x2805/0x4630 [ 976.648381] tcp_ack+0x2888/0xa010 [ 976.648381] tcp_rcv_established+0xf7e/0x2940 [ 976.648381] tcp_v4_do_rcv+0x686/0xd80 [ 976.648381] tcp_v4_rcv+0x5a13/0x6520 [ 976.648381] ip_local_deliver_finish+0x8d8/0xff0 [ 976.648381] ip_local_deliver+0x44b/0x510 [ 976.648381] ip_rcv+0x6b6/0x740 [ 976.648381] process_backlog+0x82b/0x11e0 [ 976.648381] net_rx_action+0x98f/0x1d50 [ 976.648381] __do_softirq+0x721/0xc7f [ 976.648381] [ 976.648381] Uninit was stored to memory at: [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] __msan_chain_origin+0x6d/0xb0 [ 976.648381] __save_stack_trace+0x8be/0xc60 [ 976.648381] save_stack_trace+0xc6/0x110 [ 976.648381] kmsan_internal_chain_origin+0x136/0x240 [ 976.648381] kmsan_memcpy_origins+0x13d/0x190 [ 976.648381] __msan_memcpy+0x6f/0x80 [ 976.648381] pskb_expand_head+0x436/0x1d20 [ 976.648381] skb_shift+0xce2/0x2d10 [ 976.648381] tcp_sacktag_walk+0x2156/0x29d0 [ 976.648381] tcp_sacktag_write_queue+0x2805/0x4630 [ 976.648381] tcp_ack+0x2888/0xa010 [ 976.648381] tcp_rcv_established+0xf7e/0x2940 [ 976.648381] tcp_v4_do_rcv+0x686/0xd80 [ 976.648381] tcp_v4_rcv+0x5a13/0x6520 [ 976.648381] ip_local_deliver_finish+0x8d8/0xff0 [ 976.648381] ip_local_deliver+0x44b/0x510 [ 976.648381] ip_rcv+0x6b6/0x740 [ 976.648381] process_backlog+0x82b/0x11e0 [ 976.648381] net_rx_action+0x98f/0x1d50 [ 976.648381] __do_softirq+0x721/0xc7f [ 976.648381] [ 976.648381] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 976.648381] Variable was created at: [ 976.648381] ipv4_conntrack_local+0x75/0x470 [ 976.648381] nf_hook_slow+0x15c/0x3d0 06:18:09 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x78, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) recvmsg(r0, &(0x7f00000000c0)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000000)=[{&(0x7f0000003ac0)=""/4096, 0xfdbf}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000480)='reno\x00', 0x5) 06:18:09 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) 06:18:09 executing program 0: 06:18:09 executing program 2: 06:18:09 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040), 0x0, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x7ffff000}, {&(0x7f00000000c0)=""/120, 0x78}, {&(0x7f0000000300)=""/230, 0xe6}], 0x3}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:09 executing program 4: 06:18:09 executing program 4: 06:18:09 executing program 2: 06:18:09 executing program 0: [ 978.332251] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! 06:18:09 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:09 executing program 4: 06:18:09 executing program 2: [ 978.697230] not chained 350000 origins [ 978.701204] CPU: 1 PID: 28711 Comm: syz-executor1 Not tainted 4.20.0-rc3+ #89 [ 978.701852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 978.701852] Call Trace: [ 978.701852] dump_stack+0x32d/0x480 [ 978.701852] kmsan_internal_chain_origin+0x222/0x240 [ 978.701852] ? save_stack_trace+0xc6/0x110 [ 978.701852] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 978.701852] ? kmsan_internal_chain_origin+0x90/0x240 [ 978.701852] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 978.701852] ? is_bpf_text_address+0x49e/0x4d0 [ 978.701852] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 978.701852] ? in_task_stack+0x12c/0x210 [ 978.701852] __msan_chain_origin+0x6d/0xb0 [ 978.701852] ? pskb_expand_head+0x436/0x1d20 [ 978.701852] __save_stack_trace+0x8be/0xc60 [ 978.701852] ? pskb_expand_head+0x436/0x1d20 [ 978.701852] save_stack_trace+0xc6/0x110 [ 978.701852] kmsan_internal_chain_origin+0x136/0x240 [ 978.701852] ? __se_sys_sendto+0x107/0x130 [ 978.701852] ? kmsan_internal_chain_origin+0x136/0x240 [ 978.701852] ? kmsan_memcpy_origins+0x13d/0x190 [ 978.701852] ? __msan_memcpy+0x6f/0x80 [ 978.807166] ? pskb_expand_head+0x436/0x1d20 [ 978.807166] ? tcp_fragment+0x378/0x21d0 [ 978.813491] ? tcp_sacktag_walk+0xe88/0x29d0 [ 978.813491] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 978.813491] ? tcp_ack+0x2888/0xa010 [ 978.813491] ? tcp_rcv_established+0xf7e/0x2940 [ 978.813491] ? tcp_v4_do_rcv+0x686/0xd80 [ 978.813491] ? __release_sock+0x32d/0x750 [ 978.813491] ? release_sock+0x99/0x2a0 [ 978.813491] ? sk_stream_wait_memory+0x9cc/0x1430 [ 978.813491] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 978.813491] ? tcp_sendmsg+0xb2/0x100 [ 978.813491] ? inet_sendmsg+0x4e9/0x800 [ 978.813491] ? __sys_sendto+0x940/0xb80 [ 978.813491] ? __se_sys_sendto+0x107/0x130 [ 978.813491] ? __x64_sys_sendto+0x6e/0x90 [ 978.813491] ? do_syscall_64+0xcf/0x110 [ 978.813491] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 978.813491] ? memcg_kmem_put_cache+0x73/0x460 [ 978.813491] ? __msan_get_context_state+0x9/0x20 [ 978.813491] ? INIT_INT+0xc/0x30 [ 978.813491] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 978.813491] kmsan_memcpy_origins+0x13d/0x190 [ 978.813491] __msan_memcpy+0x6f/0x80 [ 978.813491] pskb_expand_head+0x436/0x1d20 [ 978.813491] tcp_fragment+0x378/0x21d0 [ 978.813491] tcp_sacktag_walk+0xe88/0x29d0 [ 978.813491] tcp_sacktag_write_queue+0x2805/0x4630 [ 978.813491] ? __update_load_avg_cfs_rq+0x105/0x10b0 [ 978.813491] tcp_ack+0x2888/0xa010 [ 978.813491] ? tcp_parse_options+0xbe/0x1cf0 [ 978.813491] ? tcp_validate_incoming+0x50b/0x29d0 [ 978.813491] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 978.813491] ? tcp_parse_options+0x1c55/0x1cf0 [ 978.813491] tcp_rcv_established+0xf7e/0x2940 [ 978.813491] ? __msan_get_context_state+0x9/0x20 [ 978.813491] tcp_v4_do_rcv+0x686/0xd80 [ 978.813491] ? inet_sk_rx_dst_set+0x200/0x200 [ 978.813491] __release_sock+0x32d/0x750 [ 978.813491] release_sock+0x99/0x2a0 [ 978.813491] sk_stream_wait_memory+0x9cc/0x1430 [ 978.813491] ? wait_woken+0x5b0/0x5b0 [ 978.813491] tcp_sendmsg_locked+0x1bca/0x6c30 [ 978.813491] ? kmsan_internal_unpoison_shadow+0x10/0xd0 [ 978.813491] tcp_sendmsg+0xb2/0x100 [ 978.813491] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 978.813491] inet_sendmsg+0x4e9/0x800 [ 978.813491] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 978.813491] ? security_socket_sendmsg+0x1bd/0x200 [ 978.813491] ? inet_getname+0x490/0x490 [ 978.813491] __sys_sendto+0x940/0xb80 [ 978.813491] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 978.813491] ? prepare_exit_to_usermode+0x182/0x4c0 [ 978.813491] __se_sys_sendto+0x107/0x130 [ 978.813491] __x64_sys_sendto+0x6e/0x90 [ 978.813491] do_syscall_64+0xcf/0x110 [ 978.813491] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 978.813491] RIP: 0033:0x457569 [ 978.813491] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 978.813491] RSP: 002b:00007fcc190a4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 978.813491] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 978.813491] RDX: fffffffffffffe6e RSI: 0000000020a88f88 RDI: 0000000000000003 [ 978.813491] RBP: 000000000072bf00 R08: 0000000020e68000 R09: 0000000000000010 [ 978.813491] R10: 0000000020000000 R11: 0000000000000246 R12: 00007fcc190a56d4 [ 978.813491] R13: 00000000004c406f R14: 00000000004d68f8 R15: 00000000ffffffff [ 978.813491] Uninit was stored to memory at: [ 979.131454] kmsan_internal_chain_origin+0x136/0x240 [ 979.131454] __msan_chain_origin+0x6d/0xb0 [ 979.131454] __save_stack_trace+0x8be/0xc60 [ 979.131454] save_stack_trace+0xc6/0x110 [ 979.131454] kmsan_internal_chain_origin+0x136/0x240 [ 979.131454] kmsan_memcpy_origins+0x13d/0x190 [ 979.159389] __msan_memcpy+0x6f/0x80 [ 979.159389] pskb_expand_head+0x436/0x1d20 [ 979.159389] tcp_fragment+0x378/0x21d0 [ 979.159389] tcp_sacktag_walk+0xe88/0x29d0 [ 979.159389] tcp_sacktag_write_queue+0x2805/0x4630 [ 979.178298] tcp_ack+0x2888/0xa010 [ 979.178298] tcp_rcv_established+0xf7e/0x2940 [ 979.178298] tcp_v4_do_rcv+0x686/0xd80 [ 979.191492] __release_sock+0x32d/0x750 [ 979.191492] release_sock+0x99/0x2a0 [ 979.191492] sk_stream_wait_memory+0x9cc/0x1430 [ 979.191492] tcp_sendmsg_locked+0x1bca/0x6c30 [ 979.191492] tcp_sendmsg+0xb2/0x100 [ 979.191492] inet_sendmsg+0x4e9/0x800 [ 979.191492] __sys_sendto+0x940/0xb80 [ 979.191492] __se_sys_sendto+0x107/0x130 [ 979.191492] __x64_sys_sendto+0x6e/0x90 [ 979.191492] do_syscall_64+0xcf/0x110 [ 979.191492] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 979.191492] [ 979.191492] Uninit was stored to memory at: [ 979.191492] kmsan_internal_chain_origin+0x136/0x240 [ 979.191492] __msan_chain_origin+0x6d/0xb0 [ 979.191492] __save_stack_trace+0x8be/0xc60 [ 979.191492] save_stack_trace+0xc6/0x110 [ 979.191492] kmsan_internal_chain_origin+0x136/0x240 [ 979.191492] kmsan_memcpy_origins+0x13d/0x190 [ 979.191492] __msan_memcpy+0x6f/0x80 [ 979.191492] pskb_expand_head+0x436/0x1d20 [ 979.191492] tcp_fragment+0x378/0x21d0 [ 979.191492] tcp_sacktag_walk+0xe88/0x29d0 [ 979.191492] tcp_sacktag_write_queue+0x2805/0x4630 [ 979.191492] tcp_ack+0x2888/0xa010 [ 979.191492] tcp_rcv_established+0xf7e/0x2940 [ 979.191492] tcp_v4_do_rcv+0x686/0xd80 [ 979.191492] __release_sock+0x32d/0x750 [ 979.191492] release_sock+0x99/0x2a0 [ 979.191492] sk_stream_wait_memory+0x9cc/0x1430 [ 979.191492] tcp_sendmsg_locked+0x1bca/0x6c30 [ 979.191492] tcp_sendmsg+0xb2/0x100 [ 979.191492] inet_sendmsg+0x4e9/0x800 [ 979.191492] __sys_sendto+0x940/0xb80 [ 979.191492] __se_sys_sendto+0x107/0x130 [ 979.191492] __x64_sys_sendto+0x6e/0x90 [ 979.191492] do_syscall_64+0xcf/0x110 [ 979.191492] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 979.191492] [ 979.191492] Uninit was stored to memory at: [ 979.191492] kmsan_internal_chain_origin+0x136/0x240 [ 979.191492] __msan_chain_origin+0x6d/0xb0 [ 979.191492] __save_stack_trace+0x8be/0xc60 [ 979.191492] save_stack_trace+0xc6/0x110 [ 979.191492] kmsan_internal_chain_origin+0x136/0x240 [ 979.191492] kmsan_memcpy_origins+0x13d/0x190 [ 979.191492] __msan_memcpy+0x6f/0x80 [ 979.191492] pskb_expand_head+0x436/0x1d20 [ 979.191492] tcp_fragment+0x378/0x21d0 [ 979.191492] tcp_sacktag_walk+0xe88/0x29d0 [ 979.191492] tcp_sacktag_write_queue+0x2805/0x4630 [ 979.191492] tcp_ack+0x2888/0xa010 [ 979.191492] tcp_rcv_established+0xf7e/0x2940 [ 979.191492] tcp_v4_do_rcv+0x686/0xd80 [ 979.191492] __release_sock+0x32d/0x750 [ 979.191492] release_sock+0x99/0x2a0 [ 979.191492] sk_stream_wait_memory+0x9cc/0x1430 [ 979.427049] tcp_sendmsg_locked+0x1bca/0x6c30 [ 979.427049] tcp_sendmsg+0xb2/0x100 [ 979.427049] inet_sendmsg+0x4e9/0x800 [ 979.427049] __sys_sendto+0x940/0xb80 [ 979.427049] __se_sys_sendto+0x107/0x130 [ 979.427049] __x64_sys_sendto+0x6e/0x90 [ 979.427049] do_syscall_64+0xcf/0x110 [ 979.427049] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 979.457870] [ 979.457870] Uninit was stored to memory at: [ 979.457870] kmsan_internal_chain_origin+0x136/0x240 [ 979.457870] __msan_chain_origin+0x6d/0xb0 [ 979.457870] __save_stack_trace+0x8be/0xc60 [ 979.457870] save_stack_trace+0xc6/0x110 [ 979.457870] kmsan_internal_chain_origin+0x136/0x240 [ 979.490228] kmsan_memcpy_origins+0x13d/0x190 [ 979.491907] __msan_memcpy+0x6f/0x80 [ 979.491907] pskb_expand_head+0x436/0x1d20 [ 979.491907] tcp_fragment+0x378/0x21d0 [ 979.491907] tcp_sacktag_walk+0xe88/0x29d0 [ 979.491907] tcp_sacktag_write_queue+0x2805/0x4630 [ 979.491907] tcp_ack+0x2888/0xa010 [ 979.491907] tcp_rcv_established+0xf7e/0x2940 [ 979.491907] tcp_v4_do_rcv+0x686/0xd80 [ 979.491907] __release_sock+0x32d/0x750 [ 979.491907] release_sock+0x99/0x2a0 [ 979.491907] sk_stream_wait_memory+0x9cc/0x1430 [ 979.491907] tcp_sendmsg_locked+0x1bca/0x6c30 [ 979.491907] tcp_sendmsg+0xb2/0x100 [ 979.491907] inet_sendmsg+0x4e9/0x800 [ 979.491907] __sys_sendto+0x940/0xb80 [ 979.491907] __se_sys_sendto+0x107/0x130 [ 979.491907] __x64_sys_sendto+0x6e/0x90 [ 979.491907] do_syscall_64+0xcf/0x110 [ 979.491907] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 979.491907] [ 979.491907] Uninit was stored to memory at: [ 979.491907] kmsan_internal_chain_origin+0x136/0x240 [ 979.491907] __msan_chain_origin+0x6d/0xb0 [ 979.491907] __save_stack_trace+0x8be/0xc60 [ 979.491907] save_stack_trace+0xc6/0x110 [ 979.491907] kmsan_internal_chain_origin+0x136/0x240 [ 979.491907] kmsan_memcpy_origins+0x13d/0x190 [ 979.491907] __msan_memcpy+0x6f/0x80 [ 979.491907] pskb_expand_head+0x436/0x1d20 [ 979.491907] tcp_fragment+0x378/0x21d0 [ 979.491907] tcp_sacktag_walk+0xe88/0x29d0 [ 979.491907] tcp_sacktag_write_queue+0x2805/0x4630 [ 979.491907] tcp_ack+0x2888/0xa010 [ 979.491907] tcp_rcv_established+0xf7e/0x2940 [ 979.491907] tcp_v4_do_rcv+0x686/0xd80 [ 979.491907] __release_sock+0x32d/0x750 [ 979.491907] release_sock+0x99/0x2a0 [ 979.491907] sk_stream_wait_memory+0x9cc/0x1430 [ 979.491907] tcp_sendmsg_locked+0x1bca/0x6c30 [ 979.491907] tcp_sendmsg+0xb2/0x100 [ 979.491907] inet_sendmsg+0x4e9/0x800 [ 979.491907] __sys_sendto+0x940/0xb80 [ 979.491907] __se_sys_sendto+0x107/0x130 [ 979.491907] __x64_sys_sendto+0x6e/0x90 [ 979.491907] do_syscall_64+0xcf/0x110 [ 979.491907] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 979.491907] [ 979.491907] Uninit was stored to memory at: [ 979.491907] kmsan_internal_chain_origin+0x136/0x240 [ 979.491907] __msan_chain_origin+0x6d/0xb0 [ 979.491907] __save_stack_trace+0x8be/0xc60 [ 979.491907] save_stack_trace+0xc6/0x110 [ 979.491907] kmsan_internal_chain_origin+0x136/0x240 [ 979.491907] kmsan_memcpy_origins+0x13d/0x190 [ 979.491907] __msan_memcpy+0x6f/0x80 [ 979.491907] pskb_expand_head+0x436/0x1d20 [ 979.491907] tcp_fragment+0x378/0x21d0 [ 979.491907] tcp_sacktag_walk+0xe88/0x29d0 [ 979.491907] tcp_sacktag_write_queue+0x2805/0x4630 [ 979.491907] tcp_ack+0x2888/0xa010 [ 979.491907] tcp_rcv_established+0xf7e/0x2940 [ 979.491907] tcp_v4_do_rcv+0x686/0xd80 [ 979.491907] __release_sock+0x32d/0x750 [ 979.491907] release_sock+0x99/0x2a0 [ 979.491907] sk_stream_wait_memory+0x9cc/0x1430 [ 979.491907] tcp_sendmsg_locked+0x1bca/0x6c30 [ 979.491907] tcp_sendmsg+0xb2/0x100 [ 979.491907] inet_sendmsg+0x4e9/0x800 [ 979.491907] __sys_sendto+0x940/0xb80 [ 979.491907] __se_sys_sendto+0x107/0x130 [ 979.491907] __x64_sys_sendto+0x6e/0x90 [ 979.491907] do_syscall_64+0xcf/0x110 [ 979.491907] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 979.491907] [ 979.491907] Uninit was stored to memory at: [ 979.491907] kmsan_internal_chain_origin+0x136/0x240 [ 979.491907] __msan_chain_origin+0x6d/0xb0 [ 979.491907] __save_stack_trace+0x8be/0xc60 [ 979.491907] save_stack_trace+0xc6/0x110 [ 979.491907] kmsan_internal_chain_origin+0x136/0x240 [ 979.491907] kmsan_memcpy_origins+0x13d/0x190 [ 979.491907] __msan_memcpy+0x6f/0x80 [ 979.491907] pskb_expand_head+0x436/0x1d20 [ 979.491907] tcp_fragment+0x378/0x21d0 [ 979.491907] tcp_sacktag_walk+0xe88/0x29d0 [ 979.491907] tcp_sacktag_write_queue+0x2805/0x4630 [ 979.491907] tcp_ack+0x2888/0xa010 [ 979.491907] tcp_rcv_established+0xf7e/0x2940 [ 979.491907] tcp_v4_do_rcv+0x686/0xd80 [ 979.491907] __release_sock+0x32d/0x750 [ 979.491907] release_sock+0x99/0x2a0 [ 979.491907] sk_stream_wait_memory+0x9cc/0x1430 [ 979.491907] tcp_sendmsg_locked+0x1bca/0x6c30 [ 979.491907] tcp_sendmsg+0xb2/0x100 [ 979.491907] inet_sendmsg+0x4e9/0x800 [ 979.491907] __sys_sendto+0x940/0xb80 [ 979.491907] __se_sys_sendto+0x107/0x130 [ 979.491907] __x64_sys_sendto+0x6e/0x90 [ 979.491907] do_syscall_64+0xcf/0x110 [ 979.491907] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 979.491907] [ 979.491907] Local variable description: ----_tcph@tcp_packet [ 979.491907] Variable was created at: [ 979.491907] tcp_packet+0xe1/0x73c0 [ 979.491907] nf_conntrack_in+0x9f0/0x1edd [ 979.978835] not chained 360000 origins [ 979.981783] CPU: 1 PID: 28715 Comm: syz-executor1 Not tainted 4.20.0-rc3+ #89 [ 979.981783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 979.981783] Call Trace: [ 979.981783] [ 979.981783] dump_stack+0x32d/0x480 [ 979.981783] kmsan_internal_chain_origin+0x222/0x240 [ 979.981783] ? save_stack_trace+0xc6/0x110 [ 979.981783] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 979.981783] ? kmsan_internal_chain_origin+0x90/0x240 [ 979.981783] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 979.981783] ? in_task_stack+0x12c/0x210 [ 979.981783] ? get_stack_info+0x206/0x220 [ 979.981783] __msan_chain_origin+0x6d/0xb0 [ 979.981783] ? tcp_write_xmit+0x389a/0xacc0 [ 979.981783] __save_stack_trace+0x8be/0xc60 [ 979.981783] ? tcp_write_xmit+0x389a/0xacc0 [ 979.981783] save_stack_trace+0xc6/0x110 [ 979.981783] kmsan_internal_chain_origin+0x136/0x240 [ 979.981783] ? ip_finish_output+0xd93/0x10f0 [ 979.981783] ? inet_recvmsg+0x5b8/0x6c0 [ 979.981783] ? kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] ? kmsan_memcpy_origins+0x13d/0x190 [ 980.079178] ? __msan_memcpy+0x6f/0x80 [ 980.079178] ? pskb_expand_head+0x436/0x1d20 [ 980.079178] ? ___pskb_trim+0x3c9/0x1bf0 [ 980.079178] ? sk_filter_trim_cap+0x5ac/0xa60 [ 980.079178] ? tcp_v4_rcv+0x4a1b/0x6520 [ 980.079178] ? ip_local_deliver_finish+0x8d8/0xff0 [ 980.079178] ? ip_local_deliver+0x44b/0x510 [ 980.079178] ? ip_rcv+0x6b6/0x740 [ 980.079178] ? process_backlog+0x82b/0x11e0 [ 980.079178] ? net_rx_action+0x98f/0x1d50 [ 980.079178] ? __do_softirq+0x721/0xc7f [ 980.079178] ? do_softirq_own_stack+0x49/0x80 [ 980.079178] ? __local_bh_enable_ip+0x228/0x260 [ 980.079178] ? local_bh_enable+0x36/0x40 [ 980.079178] ? ip_finish_output2+0x1430/0x1560 [ 980.079178] ? ip_finish_output+0xd93/0x10f0 [ 980.079178] ? ip_output+0x55c/0x630 [ 980.079178] ? __ip_queue_xmit+0x1bb5/0x2170 [ 980.079178] ? ip_queue_xmit+0xcc/0xf0 [ 980.079178] ? __tcp_transmit_skb+0x425c/0x5e00 [ 980.079178] ? tcp_write_xmit+0x389a/0xacc0 [ 980.079178] ? __tcp_push_pending_frames+0x124/0x4e0 [ 980.079178] ? tcp_data_snd_check+0x1ec/0x1080 [ 980.079178] ? tcp_rcv_established+0x1bb2/0x2940 [ 980.079178] ? tcp_v4_do_rcv+0x686/0xd80 [ 980.079178] ? __release_sock+0x32d/0x750 [ 980.079178] ? sk_wait_data+0x2c3/0x920 [ 980.079178] ? tcp_recvmsg+0x1d10/0x4aa0 [ 980.079178] ? inet_recvmsg+0x5b8/0x6c0 [ 980.079178] ? sock_recvmsg+0x1d1/0x230 [ 980.079178] ? ___sys_recvmsg+0x444/0xae0 [ 980.079178] ? __se_sys_recvmsg+0x2fa/0x450 [ 980.079178] ? __x64_sys_recvmsg+0x4a/0x70 [ 980.079178] ? do_syscall_64+0xcf/0x110 [ 980.079178] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 980.079178] ? __msan_get_context_state+0x9/0x20 [ 980.079178] ? INIT_INT+0xc/0x30 [ 980.079178] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 980.079178] kmsan_memcpy_origins+0x13d/0x190 [ 980.079178] __msan_memcpy+0x6f/0x80 [ 980.079178] pskb_expand_head+0x436/0x1d20 [ 980.079178] ___pskb_trim+0x3c9/0x1bf0 [ 980.079178] sk_filter_trim_cap+0x5ac/0xa60 [ 980.079178] tcp_v4_rcv+0x4a1b/0x6520 [ 980.079178] ? tcp_filter+0x260/0x260 [ 980.079178] ip_local_deliver_finish+0x8d8/0xff0 [ 980.079178] ? nf_hook_slow+0x36f/0x3d0 [ 980.079178] ip_local_deliver+0x44b/0x510 [ 980.079178] ? ip_local_deliver+0x510/0x510 [ 980.079178] ? ip_call_ra_chain+0x7a0/0x7a0 [ 980.079178] ip_rcv+0x6b6/0x740 [ 980.079178] ? ip_rcv_core+0x1370/0x1370 [ 980.079178] process_backlog+0x82b/0x11e0 [ 980.079178] ? ip_local_deliver_finish+0xff0/0xff0 [ 980.079178] ? rps_trigger_softirq+0x2e0/0x2e0 [ 980.079178] net_rx_action+0x98f/0x1d50 [ 980.079178] ? net_tx_action+0xf20/0xf20 [ 980.079178] __do_softirq+0x721/0xc7f [ 980.079178] do_softirq_own_stack+0x49/0x80 [ 980.079178] [ 980.079178] __local_bh_enable_ip+0x228/0x260 [ 980.079178] local_bh_enable+0x36/0x40 [ 980.079178] ip_finish_output2+0x1430/0x1560 [ 980.079178] ip_finish_output+0xd93/0x10f0 [ 980.079178] ip_output+0x55c/0x630 [ 980.079178] ? ip_mc_finish_output+0x440/0x440 [ 980.079178] ? ip_finish_output+0x10f0/0x10f0 [ 980.079178] __ip_queue_xmit+0x1bb5/0x2170 [ 980.079178] ? kmsan_set_origin+0x7f/0x100 [ 980.079178] ip_queue_xmit+0xcc/0xf0 [ 980.079178] ? dst_hold_safe+0x5d0/0x5d0 [ 980.079178] __tcp_transmit_skb+0x425c/0x5e00 [ 980.079178] tcp_write_xmit+0x389a/0xacc0 [ 980.079178] __tcp_push_pending_frames+0x124/0x4e0 [ 980.079178] tcp_data_snd_check+0x1ec/0x1080 [ 980.079178] tcp_rcv_established+0x1bb2/0x2940 [ 980.079178] ? __msan_get_context_state+0x9/0x20 [ 980.079178] tcp_v4_do_rcv+0x686/0xd80 [ 980.079178] ? inet_sk_rx_dst_set+0x200/0x200 [ 980.079178] __release_sock+0x32d/0x750 [ 980.079178] sk_wait_data+0x2c3/0x920 [ 980.079178] ? tcp_send_ack+0x68/0x90 [ 980.079178] ? tcp_cleanup_rbuf+0x57b/0x8e0 [ 980.079178] ? wait_woken+0x5b0/0x5b0 [ 980.079178] tcp_recvmsg+0x1d10/0x4aa0 [ 980.079178] ? inet_recvmsg+0xaf/0x6c0 [ 980.079178] ? tcp_mmap+0x150/0x150 [ 980.079178] inet_recvmsg+0x5b8/0x6c0 [ 980.079178] sock_recvmsg+0x1d1/0x230 [ 980.079178] ? inet_sendpage+0x990/0x990 [ 980.079178] ___sys_recvmsg+0x444/0xae0 [ 980.079178] ? __fdget+0x329/0x440 [ 980.079178] __se_sys_recvmsg+0x2fa/0x450 [ 980.079178] __x64_sys_recvmsg+0x4a/0x70 [ 980.079178] do_syscall_64+0xcf/0x110 [ 980.079178] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 980.079178] RIP: 0033:0x457569 [ 980.079178] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 980.079178] RSP: 002b:00007fcc19083c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 980.079178] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 980.079178] RDX: 0000000000000100 RSI: 00000000200000c0 RDI: 0000000000000003 [ 980.079178] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 980.079178] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc190846d4 [ 980.079178] R13: 00000000004c399f R14: 00000000004d5f38 R15: 00000000ffffffff [ 980.079178] Uninit was stored to memory at: [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] __msan_chain_origin+0x6d/0xb0 [ 980.079178] __save_stack_trace+0x8be/0xc60 [ 980.079178] save_stack_trace+0xc6/0x110 [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] kmsan_memcpy_origins+0x13d/0x190 [ 980.079178] __msan_memcpy+0x6f/0x80 [ 980.079178] pskb_expand_head+0x436/0x1d20 [ 980.079178] ___pskb_trim+0x3c9/0x1bf0 [ 980.079178] sk_filter_trim_cap+0x5ac/0xa60 [ 980.079178] tcp_v4_rcv+0x4a1b/0x6520 [ 980.079178] ip_local_deliver_finish+0x8d8/0xff0 [ 980.079178] ip_local_deliver+0x44b/0x510 [ 980.079178] ip_rcv+0x6b6/0x740 [ 980.079178] process_backlog+0x82b/0x11e0 [ 980.079178] net_rx_action+0x98f/0x1d50 [ 980.079178] __do_softirq+0x721/0xc7f [ 980.079178] [ 980.079178] Uninit was stored to memory at: [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] __msan_chain_origin+0x6d/0xb0 [ 980.079178] __save_stack_trace+0x8be/0xc60 [ 980.079178] save_stack_trace+0xc6/0x110 [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] kmsan_memcpy_origins+0x13d/0x190 [ 980.079178] __msan_memcpy+0x6f/0x80 [ 980.079178] pskb_expand_head+0x436/0x1d20 [ 980.079178] ___pskb_trim+0x3c9/0x1bf0 [ 980.079178] sk_filter_trim_cap+0x5ac/0xa60 [ 980.079178] tcp_v4_rcv+0x4a1b/0x6520 [ 980.079178] ip_local_deliver_finish+0x8d8/0xff0 [ 980.079178] ip_local_deliver+0x44b/0x510 [ 980.079178] ip_rcv+0x6b6/0x740 [ 980.079178] process_backlog+0x82b/0x11e0 [ 980.079178] net_rx_action+0x98f/0x1d50 [ 980.079178] __do_softirq+0x721/0xc7f [ 980.079178] [ 980.079178] Uninit was stored to memory at: [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] __msan_chain_origin+0x6d/0xb0 [ 980.079178] __save_stack_trace+0x8be/0xc60 [ 980.079178] save_stack_trace+0xc6/0x110 [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] kmsan_memcpy_origins+0x13d/0x190 [ 980.079178] __msan_memcpy+0x6f/0x80 [ 980.079178] pskb_expand_head+0x436/0x1d20 [ 980.079178] ___pskb_trim+0x3c9/0x1bf0 [ 980.079178] sk_filter_trim_cap+0x5ac/0xa60 [ 980.079178] tcp_v4_rcv+0x4a1b/0x6520 [ 980.079178] ip_local_deliver_finish+0x8d8/0xff0 [ 980.079178] ip_local_deliver+0x44b/0x510 [ 980.079178] ip_rcv+0x6b6/0x740 [ 980.079178] process_backlog+0x82b/0x11e0 [ 980.079178] net_rx_action+0x98f/0x1d50 [ 980.079178] __do_softirq+0x721/0xc7f [ 980.079178] [ 980.079178] Uninit was stored to memory at: [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] __msan_chain_origin+0x6d/0xb0 [ 980.079178] __save_stack_trace+0x8be/0xc60 [ 980.079178] save_stack_trace+0xc6/0x110 [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] kmsan_memcpy_origins+0x13d/0x190 [ 980.079178] __msan_memcpy+0x6f/0x80 [ 980.079178] pskb_expand_head+0x436/0x1d20 [ 980.079178] ___pskb_trim+0x3c9/0x1bf0 [ 980.079178] sk_filter_trim_cap+0x5ac/0xa60 [ 980.079178] tcp_v4_rcv+0x4a1b/0x6520 [ 980.079178] ip_local_deliver_finish+0x8d8/0xff0 [ 980.079178] ip_local_deliver+0x44b/0x510 [ 980.079178] ip_rcv+0x6b6/0x740 [ 980.079178] process_backlog+0x82b/0x11e0 [ 980.079178] net_rx_action+0x98f/0x1d50 [ 980.079178] __do_softirq+0x721/0xc7f [ 980.079178] [ 980.079178] Uninit was stored to memory at: [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] __msan_chain_origin+0x6d/0xb0 [ 980.079178] __save_stack_trace+0x8be/0xc60 [ 980.079178] save_stack_trace+0xc6/0x110 [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] kmsan_memcpy_origins+0x13d/0x190 [ 980.079178] __msan_memcpy+0x6f/0x80 [ 980.079178] pskb_expand_head+0x436/0x1d20 [ 980.079178] ___pskb_trim+0x3c9/0x1bf0 [ 980.079178] sk_filter_trim_cap+0x5ac/0xa60 [ 980.079178] tcp_v4_rcv+0x4a1b/0x6520 [ 980.079178] ip_local_deliver_finish+0x8d8/0xff0 [ 980.079178] ip_local_deliver+0x44b/0x510 [ 980.079178] ip_rcv+0x6b6/0x740 [ 980.079178] process_backlog+0x82b/0x11e0 [ 980.079178] net_rx_action+0x98f/0x1d50 [ 980.079178] __do_softirq+0x721/0xc7f [ 980.079178] [ 980.079178] Uninit was stored to memory at: [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] __msan_chain_origin+0x6d/0xb0 [ 980.079178] __save_stack_trace+0x8be/0xc60 [ 980.079178] save_stack_trace+0xc6/0x110 [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] kmsan_memcpy_origins+0x13d/0x190 [ 980.079178] __msan_memcpy+0x6f/0x80 [ 980.079178] pskb_expand_head+0x436/0x1d20 [ 980.079178] ___pskb_trim+0x3c9/0x1bf0 [ 980.079178] sk_filter_trim_cap+0x5ac/0xa60 [ 980.079178] tcp_v4_rcv+0x4a1b/0x6520 [ 980.079178] ip_local_deliver_finish+0x8d8/0xff0 [ 980.079178] ip_local_deliver+0x44b/0x510 [ 980.079178] ip_rcv+0x6b6/0x740 [ 980.079178] process_backlog+0x82b/0x11e0 [ 980.079178] net_rx_action+0x98f/0x1d50 [ 980.079178] __do_softirq+0x721/0xc7f [ 980.079178] [ 980.079178] Uninit was stored to memory at: [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] __msan_chain_origin+0x6d/0xb0 [ 980.079178] __save_stack_trace+0x8be/0xc60 [ 980.079178] save_stack_trace+0xc6/0x110 [ 980.079178] kmsan_internal_chain_origin+0x136/0x240 [ 980.079178] kmsan_memcpy_origins+0x13d/0x190 [ 980.079178] __msan_memcpy+0x6f/0x80 [ 980.079178] pskb_expand_head+0x436/0x1d20 [ 980.079178] ___pskb_trim+0x3c9/0x1bf0 [ 980.079178] sk_filter_trim_cap+0x5ac/0xa60 [ 980.079178] tcp_v4_rcv+0x4a1b/0x6520 [ 980.079178] ip_local_deliver_finish+0x8d8/0xff0 [ 980.079178] ip_local_deliver+0x44b/0x510 [ 980.079178] ip_rcv+0x6b6/0x740 [ 980.079178] process_backlog+0x82b/0x11e0 [ 980.079178] net_rx_action+0x98f/0x1d50 [ 980.079178] __do_softirq+0x721/0xc7f [ 980.079178] [ 980.079178] Local variable description: ----cputime.i@run_posix_cpu_timers [ 980.079178] Variable was created at: [ 980.079178] run_posix_cpu_timers+0x7c/0x4720 [ 980.079178] update_process_times+0x1b0/0x1e0 06:18:12 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x78, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) recvmsg(r0, &(0x7f00000000c0)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000000)=[{&(0x7f0000003ac0)=""/4096, 0xfdbf}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000480)='reno\x00', 0x5) 06:18:12 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x7ffff000}, {&(0x7f00000000c0)=""/120, 0x78}, {&(0x7f0000000300)=""/230, 0xe6}], 0x3}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:12 executing program 2: 06:18:12 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:12 executing program 4: 06:18:12 executing program 0: 06:18:12 executing program 2: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000180)=ANY=[], &(0x7f00000000c0)='./file0\x00', &(0x7f0000000380)="7379736673002a864f4bc00bce1bdb20637213b1e894d120715f9dc1125b042c7226eb0136d9624ea1d23374a660fe5ac173722fd367ad22e8553025a2e8be0bc5514379af7213d32b8d5d06dc8fbf2c849ed9cdefc74b03dfa9cb5a90b28b4b24d7862c3d66fca53167d5424235435a3dbb76bc7d3c42fc2e9c696114a6f888f0da85277683cfc1c4d2bf71c255a3134d64cc3fed8e97798deb8631cbf7682c9fa2ed031465aa191df922f764297cba22a8499d177f49fba940f55bbc8b723fd374f1fed78c8aeec6811d9b5879487387d56594a14c2588274de84fa27610302b3fb54172a8c910a07e7c76ea465aa68402", 0x0, &(0x7f0000000240)="7379736673002a864f4bc00bce1bdb20637213b1e894d120715f9dc1125b042c7226eb0136d9624ea1d23374a660fe5ac173722fd367ad22e8553025a2e8be0bc5514379af7213d32b8d5d06dc8fbf2c849ed9cdefc74b03dfa9cb5a90b28b4b24d7862c3d66fca53167d5424235435a3dbb76bc7d3c42fc2e9c696114a6f888f0da85277683cfc1c4d2bf71c255a3134d64cc3fed8e97798deb8631cbf7682c9fa2ed031465aa191df922f764297cba22a8499d177f49fba940f55bbc8b723fd374f1fed78c8aeec6811d9b5879487387d56594a14c2588274de84fa27610302b3fb54172a8c910a07e7c76ea465aa68402") lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)=@known='trusted.overlay.origin\x00', &(0x7f00000001c0)=""/22, 0x16) 06:18:12 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000040)=0x18, 0x4) 06:18:12 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:12 executing program 0: perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r0 = gettid() wait4(0x0, &(0x7f00000003c0), 0x80000000, &(0x7f0000000340)) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1b) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3, 0x10}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 981.853132] not chained 370000 origins [ 981.857066] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc3+ #89 [ 981.861783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 981.861783] Call Trace: [ 981.861783] dump_stack+0x32d/0x480 [ 981.861783] ? save_stack_trace+0xc6/0x110 [ 981.861783] kmsan_internal_chain_origin+0x222/0x240 [ 981.861783] ? kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] ? __msan_chain_origin+0x6d/0xb0 [ 981.861783] ? __save_stack_trace+0x8be/0xc60 [ 981.861783] ? save_stack_trace+0xc6/0x110 [ 981.861783] ? kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] ? kmsan_memcpy_origins+0x13d/0x190 [ 981.861783] ? __msan_memcpy+0x6f/0x80 [ 981.861783] ? pskb_expand_head+0x436/0x1d20 [ 981.861783] ? skb_shift+0xce2/0x2d10 [ 981.861783] ? tcp_sacktag_walk+0x2156/0x29d0 [ 981.861783] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 981.861783] ? tcp_ack+0x2888/0xa010 [ 981.861783] ? tcp_rcv_established+0xf7e/0x2940 [ 981.861783] ? tcp_v4_do_rcv+0x686/0xd80 [ 981.861783] ? tcp_v4_rcv+0x5a13/0x6520 [ 981.861783] ? ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] ? ip_local_deliver+0x44b/0x510 [ 981.861783] ? ip_rcv+0x6b6/0x740 [ 981.861783] ? process_backlog+0x82b/0x11e0 [ 981.861783] ? net_rx_action+0x98f/0x1d50 [ 981.861783] ? __do_softirq+0x721/0xc7f [ 981.861783] ? run_ksoftirqd+0x37/0x60 [ 981.861783] ? smpboot_thread_fn+0x69c/0xb30 [ 981.861783] ? kthread+0x5e7/0x620 [ 981.861783] ? ret_from_fork+0x35/0x40 [ 981.861783] ? kmsan_internal_chain_origin+0x90/0x240 [ 981.861783] ? task_kmsan_context_state+0x51/0x90 [ 981.861783] ? __msan_get_context_state+0x9/0x20 [ 981.861783] ? __kernel_text_address+0x19/0x350 [ 981.861783] ? ret_from_fork+0x35/0x40 [ 981.861783] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 981.861783] ? in_task_stack+0x12c/0x210 [ 981.861783] __msan_chain_origin+0x6d/0xb0 [ 981.861783] ? ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] __save_stack_trace+0x8be/0xc60 [ 981.861783] ? ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] save_stack_trace+0xc6/0x110 [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] ? run_ksoftirqd+0x37/0x60 [ 981.861783] ? kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] ? kmsan_memcpy_origins+0x13d/0x190 [ 981.861783] ? __msan_memcpy+0x6f/0x80 [ 981.861783] ? pskb_expand_head+0x436/0x1d20 [ 981.861783] ? skb_shift+0xce2/0x2d10 [ 981.861783] ? tcp_sacktag_walk+0x2156/0x29d0 [ 981.861783] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 981.861783] ? tcp_ack+0x2888/0xa010 [ 981.861783] ? tcp_rcv_established+0xf7e/0x2940 [ 981.861783] ? tcp_v4_do_rcv+0x686/0xd80 [ 981.861783] ? tcp_v4_rcv+0x5a13/0x6520 [ 981.861783] ? ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] ? ip_local_deliver+0x44b/0x510 [ 981.861783] ? ip_rcv+0x6b6/0x740 [ 981.861783] ? process_backlog+0x82b/0x11e0 [ 981.861783] ? net_rx_action+0x98f/0x1d50 [ 981.861783] ? __do_softirq+0x721/0xc7f [ 981.861783] ? run_ksoftirqd+0x37/0x60 [ 981.861783] ? smpboot_thread_fn+0x69c/0xb30 [ 981.861783] ? kthread+0x5e7/0x620 [ 981.861783] ? ret_from_fork+0x35/0x40 [ 981.861783] ? memcg_kmem_put_cache+0x73/0x460 [ 981.861783] ? __kmalloc_node_track_caller+0x1010/0x14e0 [ 981.861783] ? __msan_get_context_state+0x9/0x20 [ 981.861783] ? INIT_INT+0xc/0x30 [ 981.861783] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 981.861783] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 981.861783] kmsan_memcpy_origins+0x13d/0x190 [ 981.861783] __msan_memcpy+0x6f/0x80 [ 981.861783] pskb_expand_head+0x436/0x1d20 [ 981.861783] skb_shift+0xce2/0x2d10 [ 981.861783] tcp_sacktag_walk+0x2156/0x29d0 [ 981.861783] tcp_sacktag_write_queue+0x2805/0x4630 [ 981.861783] tcp_ack+0x2888/0xa010 [ 981.861783] ? tcp_parse_options+0xbe/0x1cf0 [ 981.861783] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 981.861783] ? tcp_parse_options+0x1c55/0x1cf0 [ 981.861783] tcp_rcv_established+0xf7e/0x2940 [ 981.861783] ? __msan_get_context_state+0x9/0x20 [ 981.861783] tcp_v4_do_rcv+0x686/0xd80 [ 981.861783] tcp_v4_rcv+0x5a13/0x6520 [ 981.861783] ? tcp_filter+0x260/0x260 [ 981.861783] ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] ? nf_hook_slow+0x36f/0x3d0 [ 981.861783] ip_local_deliver+0x44b/0x510 [ 981.861783] ? ip_local_deliver+0x510/0x510 [ 981.861783] ? ip_call_ra_chain+0x7a0/0x7a0 [ 981.861783] ip_rcv+0x6b6/0x740 [ 981.861783] ? ip_rcv_core+0x1370/0x1370 [ 981.861783] process_backlog+0x82b/0x11e0 [ 981.861783] ? ip_local_deliver_finish+0xff0/0xff0 [ 981.861783] ? rps_trigger_softirq+0x2e0/0x2e0 [ 981.861783] net_rx_action+0x98f/0x1d50 [ 981.861783] ? net_tx_action+0xf20/0xf20 [ 981.861783] __do_softirq+0x721/0xc7f [ 981.861783] ? ksoftirqd_should_run+0x50/0x50 [ 981.861783] run_ksoftirqd+0x37/0x60 [ 981.861783] smpboot_thread_fn+0x69c/0xb30 [ 981.861783] kthread+0x5e7/0x620 [ 981.861783] ? cpu_report_death+0x4a0/0x4a0 [ 981.861783] ? INIT_BOOL+0x30/0x30 [ 981.861783] ret_from_fork+0x35/0x40 [ 981.861783] Uninit was stored to memory at: [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] __msan_chain_origin+0x6d/0xb0 [ 981.861783] __save_stack_trace+0x8be/0xc60 [ 981.861783] save_stack_trace+0xc6/0x110 [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] kmsan_memcpy_origins+0x13d/0x190 [ 981.861783] __msan_memcpy+0x6f/0x80 [ 981.861783] pskb_expand_head+0x436/0x1d20 [ 981.861783] skb_shift+0xce2/0x2d10 [ 981.861783] tcp_sacktag_walk+0x2156/0x29d0 [ 981.861783] tcp_sacktag_write_queue+0x2805/0x4630 [ 981.861783] tcp_ack+0x2888/0xa010 [ 981.861783] tcp_rcv_established+0xf7e/0x2940 [ 981.861783] tcp_v4_do_rcv+0x686/0xd80 [ 981.861783] tcp_v4_rcv+0x5a13/0x6520 [ 981.861783] ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] ip_local_deliver+0x44b/0x510 [ 981.861783] ip_rcv+0x6b6/0x740 [ 981.861783] process_backlog+0x82b/0x11e0 [ 981.861783] net_rx_action+0x98f/0x1d50 [ 981.861783] __do_softirq+0x721/0xc7f [ 981.861783] [ 981.861783] Uninit was stored to memory at: [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] __msan_chain_origin+0x6d/0xb0 [ 981.861783] __save_stack_trace+0x8be/0xc60 [ 981.861783] save_stack_trace+0xc6/0x110 [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] kmsan_memcpy_origins+0x13d/0x190 [ 981.861783] __msan_memcpy+0x6f/0x80 [ 981.861783] pskb_expand_head+0x436/0x1d20 [ 981.861783] skb_shift+0xce2/0x2d10 [ 981.861783] tcp_sacktag_walk+0x2156/0x29d0 [ 981.861783] tcp_sacktag_write_queue+0x2805/0x4630 [ 981.861783] tcp_ack+0x2888/0xa010 [ 981.861783] tcp_rcv_established+0xf7e/0x2940 [ 981.861783] tcp_v4_do_rcv+0x686/0xd80 [ 981.861783] tcp_v4_rcv+0x5a13/0x6520 [ 981.861783] ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] ip_local_deliver+0x44b/0x510 [ 981.861783] ip_rcv+0x6b6/0x740 [ 981.861783] process_backlog+0x82b/0x11e0 [ 981.861783] net_rx_action+0x98f/0x1d50 [ 981.861783] __do_softirq+0x721/0xc7f [ 981.861783] [ 981.861783] Uninit was stored to memory at: [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] __msan_chain_origin+0x6d/0xb0 [ 981.861783] __save_stack_trace+0x8be/0xc60 [ 981.861783] save_stack_trace+0xc6/0x110 [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] kmsan_memcpy_origins+0x13d/0x190 [ 981.861783] __msan_memcpy+0x6f/0x80 [ 981.861783] pskb_expand_head+0x436/0x1d20 [ 981.861783] skb_shift+0xce2/0x2d10 [ 981.861783] tcp_sacktag_walk+0x2156/0x29d0 [ 981.861783] tcp_sacktag_write_queue+0x2805/0x4630 [ 981.861783] tcp_ack+0x2888/0xa010 [ 981.861783] tcp_rcv_established+0xf7e/0x2940 [ 981.861783] tcp_v4_do_rcv+0x686/0xd80 [ 981.861783] tcp_v4_rcv+0x5a13/0x6520 [ 981.861783] ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] ip_local_deliver+0x44b/0x510 [ 981.861783] ip_rcv+0x6b6/0x740 [ 981.861783] process_backlog+0x82b/0x11e0 [ 981.861783] net_rx_action+0x98f/0x1d50 [ 981.861783] __do_softirq+0x721/0xc7f [ 981.861783] [ 981.861783] Uninit was stored to memory at: [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] __msan_chain_origin+0x6d/0xb0 [ 981.861783] __save_stack_trace+0x8be/0xc60 [ 981.861783] save_stack_trace+0xc6/0x110 [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] kmsan_memcpy_origins+0x13d/0x190 [ 981.861783] __msan_memcpy+0x6f/0x80 [ 981.861783] pskb_expand_head+0x436/0x1d20 [ 981.861783] skb_shift+0xce2/0x2d10 [ 981.861783] tcp_sacktag_walk+0x2156/0x29d0 [ 981.861783] tcp_sacktag_write_queue+0x2805/0x4630 [ 981.861783] tcp_ack+0x2888/0xa010 [ 981.861783] tcp_rcv_established+0xf7e/0x2940 [ 981.861783] tcp_v4_do_rcv+0x686/0xd80 [ 981.861783] tcp_v4_rcv+0x5a13/0x6520 [ 981.861783] ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] ip_local_deliver+0x44b/0x510 [ 981.861783] ip_rcv+0x6b6/0x740 [ 981.861783] process_backlog+0x82b/0x11e0 [ 981.861783] net_rx_action+0x98f/0x1d50 [ 981.861783] __do_softirq+0x721/0xc7f [ 981.861783] [ 981.861783] Uninit was stored to memory at: [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] __msan_chain_origin+0x6d/0xb0 [ 981.861783] __save_stack_trace+0x8be/0xc60 [ 981.861783] save_stack_trace+0xc6/0x110 [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] kmsan_memcpy_origins+0x13d/0x190 [ 981.861783] __msan_memcpy+0x6f/0x80 [ 981.861783] pskb_expand_head+0x436/0x1d20 [ 981.861783] skb_shift+0xce2/0x2d10 [ 981.861783] tcp_sacktag_walk+0x2156/0x29d0 [ 981.861783] tcp_sacktag_write_queue+0x2805/0x4630 [ 981.861783] tcp_ack+0x2888/0xa010 [ 981.861783] tcp_rcv_established+0xf7e/0x2940 [ 981.861783] tcp_v4_do_rcv+0x686/0xd80 [ 981.861783] tcp_v4_rcv+0x5a13/0x6520 [ 981.861783] ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] ip_local_deliver+0x44b/0x510 [ 981.861783] ip_rcv+0x6b6/0x740 [ 981.861783] process_backlog+0x82b/0x11e0 [ 981.861783] net_rx_action+0x98f/0x1d50 [ 981.861783] __do_softirq+0x721/0xc7f [ 981.861783] [ 981.861783] Uninit was stored to memory at: [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] __msan_chain_origin+0x6d/0xb0 [ 981.861783] __save_stack_trace+0x8be/0xc60 [ 981.861783] save_stack_trace+0xc6/0x110 [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] kmsan_memcpy_origins+0x13d/0x190 [ 981.861783] __msan_memcpy+0x6f/0x80 [ 981.861783] pskb_expand_head+0x436/0x1d20 [ 981.861783] skb_shift+0xce2/0x2d10 [ 981.861783] tcp_sacktag_walk+0x2156/0x29d0 [ 981.861783] tcp_sacktag_write_queue+0x2805/0x4630 [ 981.861783] tcp_ack+0x2888/0xa010 [ 981.861783] tcp_rcv_established+0xf7e/0x2940 [ 981.861783] tcp_v4_do_rcv+0x686/0xd80 [ 981.861783] tcp_v4_rcv+0x5a13/0x6520 [ 981.861783] ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] ip_local_deliver+0x44b/0x510 [ 981.861783] ip_rcv+0x6b6/0x740 [ 981.861783] process_backlog+0x82b/0x11e0 [ 981.861783] net_rx_action+0x98f/0x1d50 [ 981.861783] __do_softirq+0x721/0xc7f [ 981.861783] [ 981.861783] Uninit was stored to memory at: [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] __msan_chain_origin+0x6d/0xb0 [ 981.861783] __save_stack_trace+0x8be/0xc60 [ 981.861783] save_stack_trace+0xc6/0x110 [ 981.861783] kmsan_internal_chain_origin+0x136/0x240 [ 981.861783] kmsan_memcpy_origins+0x13d/0x190 [ 981.861783] __msan_memcpy+0x6f/0x80 [ 981.861783] pskb_expand_head+0x436/0x1d20 [ 981.861783] skb_shift+0xce2/0x2d10 [ 981.861783] tcp_sacktag_walk+0x2156/0x29d0 [ 981.861783] tcp_sacktag_write_queue+0x2805/0x4630 [ 981.861783] tcp_ack+0x2888/0xa010 [ 981.861783] tcp_rcv_established+0xf7e/0x2940 [ 981.861783] tcp_v4_do_rcv+0x686/0xd80 [ 981.861783] tcp_v4_rcv+0x5a13/0x6520 [ 981.861783] ip_local_deliver_finish+0x8d8/0xff0 [ 981.861783] ip_local_deliver+0x44b/0x510 [ 981.861783] ip_rcv+0x6b6/0x740 [ 981.861783] process_backlog+0x82b/0x11e0 [ 981.861783] net_rx_action+0x98f/0x1d50 [ 981.861783] __do_softirq+0x721/0xc7f [ 981.861783] [ 981.861783] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 981.861783] Variable was created at: [ 981.861783] ipv4_conntrack_local+0x75/0x470 [ 981.861783] nf_hook_slow+0x15c/0x3d0 06:18:14 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) dup2(r0, r1) 06:18:14 executing program 4: symlink(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00') readlink(&(0x7f0000000200)='./file0\x00', &(0x7f0000005040)=""/4096, 0x1000) 06:18:14 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) lsetxattr$security_smack_transmute(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000400)='TRUE', 0x4, 0x1) getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) exit(0x7fffffffbffffffd) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) connect$inet(r0, &(0x7f0000606ff0)={0x2, 0x4e20, @local}, 0x10) 06:18:14 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18}], 0x30}], 0x4924945, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x7ffff000}, {&(0x7f00000000c0)=""/120, 0x78}, {&(0x7f0000000300)=""/230, 0xe6}], 0x3}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:14 executing program 2: 06:18:14 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:14 executing program 0: 06:18:14 executing program 4: 06:18:14 executing program 2: 06:18:15 executing program 0: 06:18:15 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:15 executing program 4: 06:18:15 executing program 2: 06:18:15 executing program 0: 06:18:16 executing program 1: 06:18:16 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@assoc={0x18, 0x117, 0x4, 0x759a}], 0x18}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x7ffff000}, {&(0x7f00000000c0)=""/120, 0x78}, {&(0x7f0000000300)=""/230, 0xe6}], 0x3}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:16 executing program 4: 06:18:16 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:16 executing program 0: 06:18:16 executing program 2: 06:18:16 executing program 1: 06:18:16 executing program 4: 06:18:16 executing program 1: 06:18:16 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:16 executing program 4: 06:18:16 executing program 0: 06:18:17 executing program 2: 06:18:17 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18}, @assoc={0x18, 0x117, 0x4, 0x759a}], 0x30}], 0x4924945, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x7ffff000}, {&(0x7f00000000c0)=""/120, 0x78}, {&(0x7f0000000300)=""/230, 0xe6}], 0x3}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:17 executing program 1: 06:18:17 executing program 4: 06:18:17 executing program 3: socket$inet_udp(0x2, 0x2, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:17 executing program 2: 06:18:17 executing program 0: 06:18:17 executing program 0: 06:18:17 executing program 4: 06:18:17 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x8) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000200)={0xffffffff, 0x0, 0x0, 0x1}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:17 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:18 executing program 3: socket$inet_udp(0x2, 0x2, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:18 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0x1, 0x2, 0x7d, 0x20000000000001, 0x0, 0x0}, 0x2c) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x5, &(0x7f0000000280)=@framed={{}, [@map={0x18, 0x8, 0x1, 0x0, r1}]}, &(0x7f0000000180)='syzkaller\x00', 0xe2, 0x1000, &(0x7f0000000700)=""/4096}, 0x48) dup3(r2, r1, 0x0) 06:18:18 executing program 2: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000002640)='/dev/uhid\x00', 0x802, 0x0) writev(r0, &(0x7f00000017c0)=[{&(0x7f0000001400)='?', 0x1}], 0x1) 06:18:18 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x759a}], 0x30}], 0x4924945, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x7ffff000}, {&(0x7f00000000c0)=""/120, 0x78}, {&(0x7f0000000300)=""/230, 0xe6}], 0x3}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:18 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:18 executing program 3: socket$inet_udp(0x2, 0x2, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:18 executing program 4: socket$nl_generic(0x10, 0x3, 0x10) 06:18:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0x1, 0x2, 0x7d, 0x20000000000001, 0x0, 0x0}, 0x2c) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x5, &(0x7f0000000280)=@framed={{}, [@map={0x18, 0x8, 0x1, 0x0, r1}]}, &(0x7f0000000180)='syzkaller\x00', 0xe2, 0x1000, &(0x7f0000000700)=""/4096}, 0x48) dup3(r2, r1, 0x0) 06:18:19 executing program 2: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/uts\x00') read(r0, &(0x7f00000002c0)=""/4096, 0x1000) 06:18:19 executing program 4: 06:18:19 executing program 3: setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:19 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x759a}], 0x30}], 0x4924945, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(0xffffffffffffffff, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x7ffff000}, {&(0x7f00000000c0)=""/120, 0x78}, {&(0x7f0000000300)=""/230, 0xe6}], 0x3}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:19 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:19 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:19 executing program 3: setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:19 executing program 2: io_setup(0x5, &(0x7f0000000100)=0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000400)={"0000000000000000000000000200", 0x20000005001}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000140), 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="030000000000000008001b0000000000"], 0x1}}, 0x0) io_submit(r0, 0x1, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r1, &(0x7f0000000080)}]) 06:18:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0x1, 0x2, 0x7d, 0x20000000000001, 0x0, 0x0}, 0x2c) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x5, &(0x7f0000000280)=@framed={{}, [@map={0x18, 0x8, 0x1, 0x0, r1}]}, &(0x7f0000000180)='syzkaller\x00', 0xe2, 0x1000, &(0x7f0000000700)=""/4096}, 0x48) dup3(r2, r1, 0x0) 06:18:19 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:20 executing program 3: setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:20 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:20 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0x1, 0x2, 0x7d, 0x20000000000001, 0x0, 0x0}, 0x2c) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x5, &(0x7f0000000280)=@framed={{}, [@map={0x18, 0x8, 0x1, 0x0, r1}]}, &(0x7f0000000180)='syzkaller\x00', 0xe2, 0x1000, &(0x7f0000000700)=""/4096}, 0x48) dup3(r2, r1, 0x0) 06:18:20 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x759a}], 0x30}], 0x4924945, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00), 0x0, 0x0, &(0x7f0000008bc0)) 06:18:20 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300030c000000000008000000002002000900000000000000000000000000030006000000000002000020e0000000000000000000b90002000100000000000001000b00000000030005000000000002000000e000000100ec41deb5155c8d"], 0x60}}, 0x0) 06:18:20 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:21 executing program 3: socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) dup3(r1, r0, 0x0) 06:18:21 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000340)='veth1\x00', 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000013, &(0x7f0000000180), 0x4) sendmmsg(r0, &(0x7f0000004e80)=[{{&(0x7f0000000700)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000000a00), 0x0, &(0x7f0000000a40)}, 0x7f}], 0x1, 0x1) 06:18:21 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:21 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0x10, 0x800000000002, 0x0) sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="2e000000120081aee4050cecff0e00fa078b5bdb4cb904e473730e55cff26d1b0e003300000000005e510befccd7", 0x2e}], 0x1, &(0x7f0000000200)}, 0x0) 06:18:21 executing program 3: socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 990.509704] netlink: 'syz-executor2': attribute type 51 has an invalid length. [ 990.517872] netlink: 'syz-executor2': attribute type 51 has an invalid length. 06:18:21 executing program 4: socket$inet6(0xa, 0x803, 0x3) r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:21 executing program 2: 06:18:21 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x759a}], 0x30}], 0x4924945, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00), 0x0, 0x0, &(0x7f0000008bc0)) 06:18:21 executing program 0: 06:18:22 executing program 3: socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:22 executing program 2: 06:18:22 executing program 4: socket$inet6(0xa, 0x803, 0x3) r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000140)) 06:18:22 executing program 0: 06:18:22 executing program 2: 06:18:22 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x0, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:22 executing program 0: 06:18:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000140)) 06:18:22 executing program 4: socket$inet6(0xa, 0x803, 0x3) r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:23 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x759a}], 0x30}], 0x4924945, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00), 0x0, 0x0, &(0x7f0000008bc0)) 06:18:23 executing program 2: 06:18:23 executing program 0: 06:18:23 executing program 4: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:23 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x0, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:23 executing program 2: 06:18:23 executing program 4: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:23 executing program 0: 06:18:23 executing program 2: 06:18:23 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x0, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:24 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(r1, r0, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:18:24 executing program 4: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) [ 993.052397] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! 06:18:24 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x759a}], 0x30}], 0x4924945, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x30}, {&(0x7f00000000c0)=""/120, 0x78}], 0x2}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:24 executing program 0: 06:18:24 executing program 2: 06:18:24 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380), 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:24 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:24 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(r1, r0, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:18:24 executing program 2: 06:18:24 executing program 0: 06:18:24 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380), 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:25 executing program 0: 06:18:25 executing program 2: 06:18:25 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:25 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x759a}], 0x30}], 0x4924945, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x30}, {&(0x7f0000000300)=""/230, 0xe6}], 0x2}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:25 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380), 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:25 executing program 0: 06:18:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(r1, r0, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:18:25 executing program 2: 06:18:25 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:25 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:25 executing program 2: 06:18:25 executing program 0: 06:18:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(r1, r0, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:18:26 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:26 executing program 2: 06:18:26 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x759a}], 0x30}], 0x4924945, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/120, 0x78}, {&(0x7f0000000300)=""/230, 0xe6}], 0x2}}], 0x1, 0x0, &(0x7f0000008bc0)) 06:18:26 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:26 executing program 0: 06:18:26 executing program 2: 06:18:26 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:26 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4) 06:18:27 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 06:18:27 executing program 2: perf_event_open$cgroup(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x4000004010}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f007e574d000330809022cfde26555dc9ecfe1974406edad38364782d63b6612854b9e49dbdcaef718197e37e870a308b1e2c798fa788a46d3025ef933e51828ab675064e2adbe9126423b4a73d68fbe99c6db2f160d49cb6cce76c27289a4f9d097354aaa5860d2383df87526baa184d90bb7729366c17bc33d765e9bc2f882a13f30300000000000000971f795d12f529fa31d2c0a775242289bce062d10d24ded5406918a66b2c75c43fe1ff458ae5cd9fec63039ba5a7b66a60ede5ccdabc7ee77660ef23587f533ec328ccdff02226021384b0c235f114ed9ade92767aecc356acdeb610df4203009f240357f7350000000000000000252f48b95bfbbb3a865535298bdc36d71db635f41c57771db77aeaff883feb3dc3a924bd5f796e396ad3af37945058839e812270bc40901fa654e7cc3292a82fc80c374dc07142a1c2e9d3caefe910ebd3b948a3bfebef5fa8d82473c7fbf3ec", 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0xc020660b, &(0x7f00000001c0)=0xfbfffffaff0) 06:18:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(0xffffffffffffffff, r0, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:18:27 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0) 06:18:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000080)) 06:18:27 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:27 executing program 2: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clock_getres(0x3, &(0x7f0000000040)) 06:18:27 executing program 5: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000200)) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='wchan\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0) 06:18:28 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0) 06:18:28 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(0xffffffffffffffff, r0, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:18:28 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x2, &(0x7f0000346fc8)=ANY=[@ANYBLOB="18000000000000000095000000000000"], &(0x7f0000000240)='GPL\x00', 0x2, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) 06:18:28 executing program 4: socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:28 executing program 2: r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000740)={&(0x7f00000001c0), 0xc, &(0x7f0000000700)={&(0x7f0000002400)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x1}}, 0x0) 06:18:28 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0) 06:18:28 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 06:18:28 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) 06:18:28 executing program 4: socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:28 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000000c0)=0x401, 0x4) sendto$inet6(r0, &(0x7f0000000240)="0303000007005b0000000000fff55b4202938207d9fb3780398d5375000000007929309ee616d5c01843e06590080053c0e385472da7222a2bb401000000c3b50035110f118d0000f55dc62600009b000000faffffffba00000000000000004bad2a66c9c1cfdf56fc88046a", 0x6c, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x7, @mcast2}, 0x1c) 06:18:28 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) dup3(r0, r2, 0x80000) setsockopt$inet_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000000)={0x2599}, 0x4) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 06:18:29 executing program 5: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) write(r0, &(0x7f0000000180)="130000001000ffdde200f49ff60f050000230a00", 0x14) getpgid(0xffffffffffffffff) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) 06:18:29 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffefffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000140)) r2 = accept(r0, &(0x7f0000000180)=@vsock={0x28, 0x0, 0x0, @reserved}, &(0x7f0000000100)=0x80) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000200)=@assoc_value, 0x8) 06:18:29 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:29 executing program 4: socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:29 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffefffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) recvmmsg(r1, &(0x7f0000001000)=[{{&(0x7f0000000180)=@l2, 0x80, &(0x7f0000000440), 0x0, &(0x7f0000000480)=""/238, 0xee}}], 0x1, 0x0, 0x0) r2 = socket$inet6(0xa, 0x803, 0x3) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") 06:18:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000d65000)={&(0x7f0000de2ff4), 0xc, &(0x7f00007a8000)={&(0x7f0000d7efec)={0x14, 0x3, 0x2, 0x3}, 0x14}}, 0x0) [ 998.492944] sctp: [Deprecated]: syz-executor0 (pid 29231) Use of struct sctp_assoc_value in delayed_ack socket option. [ 998.492944] Use struct sctp_sack_info instead [ 998.595313] sctp: [Deprecated]: syz-executor0 (pid 29231) Use of struct sctp_assoc_value in delayed_ack socket option. [ 998.595313] Use struct sctp_sack_info instead 06:18:29 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f00000001c0), 0x0, 0x200408d4, &(0x7f0000000380)={0xa, 0x0, 0x0, @loopback}, 0x1c) poll(&(0x7f0000000180)=[{r0}], 0x1, 0x0) 06:18:29 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:29 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) 06:18:30 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffefffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000140)) r2 = accept(r0, &(0x7f0000000180)=@vsock={0x28, 0x0, 0x0, @reserved}, &(0x7f0000000100)=0x80) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000200)=@assoc_value, 0x8) 06:18:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:30 executing program 5: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'ip6tnl0\x00', 0x0}) bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) sendmmsg(r0, &(0x7f0000002440)=[{{&(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth0_to_bond\x00'}}, 0x80, &(0x7f0000000a40), 0x0, &(0x7f0000000ac0)}}], 0x1, 0x40) 06:18:30 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:30 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x78, 0x4) ioctl$sock_netdev_private(r1, 0x89f7, &(0x7f0000000240)="75e711a969a96e62dc74057b5ef58655df5f44331e92394b9d345131ae0025560aa3717221a1371c42acedd0bbe51ba33147e5298cb46d624288fdf1ba86f57d88fe7bbb35f3c7ba54ed554f1204d42406c1b8d0ccfb462bcd08ce7d91a8dce919b520ef4023bf49465931b679eabfc132676e54205be1a11d71dcf976b6aa9ad411916d309c261e2da3acdb16577a42eaa8be9373ff159a711052a337f7228bb77a99c28c336b18a5fe0bcfeee52a1fdf6367de8aafba2910f8f5997d76f29f2e1833f6d3291aa2644386b02893472f2d19e45f7d7088b2cfabdaab0cc861ce858d3f84fb3816e07c4411fc46d57858933266d80f421474f577abcbc2bd29") bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) fadvise64(r1, 0x0, 0x1, 0x7) recvmsg(r0, &(0x7f00000000c0)={&(0x7f0000000340)=@nfc, 0x2, &(0x7f0000000000)=[{&(0x7f0000003ac0)=""/4096, 0xfdbf}], 0x1, &(0x7f0000000200)=""/20, 0xfffffffffffffec4}, 0x100) shutdown(r0, 0x1) setsockopt$inet_tcp_int(r0, 0x6, 0x1f, &(0x7f0000000080)=0x2, 0x4) setsockopt$inet_buf(r1, 0x0, 0x29, &(0x7f0000000180)="4a98ff2b243df24d47c2e28be15a01b698654d08bf86a3bccdb76642ca27d97be63fd2ebef6c4492f37f0846cf8c63a667157daa7e783ccca2b7e6a8e38523dd2e5adffd27eaffe4ec394025f5ca63dee4b1ea6b44896fa6fe00", 0x5a) [ 999.436743] sctp: [Deprecated]: syz-executor0 (pid 29259) Use of struct sctp_assoc_value in delayed_ack socket option. [ 999.436743] Use struct sctp_sack_info instead 06:18:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:30 executing program 2: pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) splice(r1, &(0x7f0000000040)=0x8000, r0, 0x0, 0x2, 0x0) 06:18:30 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) poll(&(0x7f0000000000)=[{r0}], 0x1, 0xcc7a) 06:18:30 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:30 executing program 5: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'ip6tnl0\x00', 0x0}) bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) sendmmsg(r0, &(0x7f0000002440)=[{{&(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth0_to_bond\x00'}}, 0x80, &(0x7f0000000a40), 0x0, &(0x7f0000000ac0)}}], 0x1, 0x40) [ 999.967777] not chained 380000 origins [ 999.971702] CPU: 0 PID: 29269 Comm: syz-executor3 Not tainted 4.20.0-rc3+ #89 [ 999.971778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 999.971778] Call Trace: [ 999.971778] [ 999.971778] dump_stack+0x32d/0x480 [ 999.971778] kmsan_internal_chain_origin+0x222/0x240 [ 999.971778] ? hrtimer_interrupt+0x1047/0x13b0 [ 999.971778] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1000.008784] ? __module_address+0x6a/0x5f0 [ 1000.008784] ? is_bpf_text_address+0x3e5/0x4d0 [ 1000.008784] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1000.008784] ? is_bpf_text_address+0x49e/0x4d0 [ 1000.008784] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1000.008784] ? __module_address+0x6a/0x5f0 [ 1000.008784] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1000.008784] ? is_bpf_text_address+0x49e/0x4d0 [ 1000.049368] ? INIT_INT+0xc/0x30 [ 1000.049368] __msan_chain_origin+0x6d/0xb0 [ 1000.055067] __save_stack_trace+0xaff/0xc60 [ 1000.055067] save_stack_trace+0xc6/0x110 [ 1000.055067] kmsan_internal_chain_origin+0x136/0x240 [ 1000.055067] ? ip_finish_output+0xd93/0x10f0 [ 1000.055067] ? inet_recvmsg+0x5b8/0x6c0 [ 1000.055067] ? kmsan_internal_chain_origin+0x136/0x240 [ 1000.055067] ? kmsan_memcpy_origins+0x13d/0x190 [ 1000.055067] ? __msan_memcpy+0x6f/0x80 [ 1000.055067] ? pskb_expand_head+0x436/0x1d20 [ 1000.055067] ? ___pskb_trim+0x3c9/0x1bf0 [ 1000.055067] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1000.055067] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1000.055067] ? ip_local_deliver_finish+0x8d8/0xff0 06:18:31 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) [ 1000.055067] ? ip_local_deliver+0x44b/0x510 [ 1000.055067] ? ip_rcv+0x6b6/0x740 [ 1000.055067] ? process_backlog+0x82b/0x11e0 [ 1000.055067] ? net_rx_action+0x98f/0x1d50 [ 1000.131371] ? __do_softirq+0x721/0xc7f [ 1000.131371] ? do_softirq_own_stack+0x49/0x80 [ 1000.131371] ? __local_bh_enable_ip+0x228/0x260 [ 1000.145485] ? local_bh_enable+0x36/0x40 [ 1000.145485] ? ip_finish_output2+0x1430/0x1560 [ 1000.145485] ? ip_finish_output+0xd93/0x10f0 [ 1000.145485] ? ip_output+0x55c/0x630 [ 1000.162137] ? __ip_queue_xmit+0x1bb5/0x2170 [ 1000.163667] ? ip_queue_xmit+0xcc/0xf0 [ 1000.163667] ? __tcp_transmit_skb+0x425c/0x5e00 [ 1000.163667] ? tcp_write_xmit+0x389a/0xacc0 [ 1000.163667] ? __tcp_push_pending_frames+0x124/0x4e0 [ 1000.163667] ? tcp_data_snd_check+0x1ec/0x1080 [ 1000.163667] ? tcp_rcv_established+0x1bb2/0x2940 [ 1000.163667] ? tcp_v4_do_rcv+0x686/0xd80 [ 1000.163667] ? __release_sock+0x32d/0x750 [ 1000.163667] ? sk_wait_data+0x2c3/0x920 [ 1000.163667] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1000.163667] ? inet_recvmsg+0x5b8/0x6c0 [ 1000.163667] ? sock_recvmsg+0x1d1/0x230 [ 1000.163667] ? ___sys_recvmsg+0x444/0xae0 [ 1000.163667] ? __se_sys_recvmsg+0x2fa/0x450 [ 1000.163667] ? __x64_sys_recvmsg+0x4a/0x70 [ 1000.163667] ? do_syscall_64+0xcf/0x110 [ 1000.163667] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1000.163667] ? __msan_get_context_state+0x9/0x20 [ 1000.163667] ? INIT_INT+0xc/0x30 [ 1000.163667] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1000.163667] kmsan_memcpy_origins+0x13d/0x190 [ 1000.163667] __msan_memcpy+0x6f/0x80 [ 1000.163667] pskb_expand_head+0x436/0x1d20 [ 1000.163667] ___pskb_trim+0x3c9/0x1bf0 [ 1000.163667] sk_filter_trim_cap+0x5ac/0xa60 [ 1000.163667] tcp_v4_rcv+0x4a1b/0x6520 [ 1000.163667] ? tcp_filter+0x260/0x260 [ 1000.163667] ip_local_deliver_finish+0x8d8/0xff0 [ 1000.163667] ? nf_hook_slow+0x36f/0x3d0 [ 1000.163667] ip_local_deliver+0x44b/0x510 [ 1000.293695] ? ip_local_deliver+0x510/0x510 [ 1000.293695] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1000.293695] ip_rcv+0x6b6/0x740 [ 1000.293695] ? ip_rcv_core+0x1370/0x1370 [ 1000.293695] process_backlog+0x82b/0x11e0 [ 1000.293695] ? ip_local_deliver_finish+0xff0/0xff0 [ 1000.293695] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1000.293695] net_rx_action+0x98f/0x1d50 [ 1000.293695] ? net_tx_action+0xf20/0xf20 [ 1000.293695] __do_softirq+0x721/0xc7f [ 1000.293695] do_softirq_own_stack+0x49/0x80 [ 1000.341648] [ 1000.341648] __local_bh_enable_ip+0x228/0x260 [ 1000.341648] local_bh_enable+0x36/0x40 [ 1000.341648] ip_finish_output2+0x1430/0x1560 [ 1000.341648] ip_finish_output+0xd93/0x10f0 [ 1000.360427] ip_output+0x55c/0x630 [ 1000.360427] ? ip_mc_finish_output+0x440/0x440 [ 1000.368018] ? ip_finish_output+0x10f0/0x10f0 [ 1000.368018] __ip_queue_xmit+0x1bb5/0x2170 [ 1000.368018] ? kmsan_set_origin+0x7f/0x100 [ 1000.368018] ip_queue_xmit+0xcc/0xf0 [ 1000.368018] ? dst_hold_safe+0x5d0/0x5d0 [ 1000.368018] __tcp_transmit_skb+0x425c/0x5e00 [ 1000.368018] tcp_write_xmit+0x389a/0xacc0 [ 1000.368018] __tcp_push_pending_frames+0x124/0x4e0 [ 1000.368018] tcp_data_snd_check+0x1ec/0x1080 [ 1000.368018] tcp_rcv_established+0x1bb2/0x2940 [ 1000.368018] ? __msan_get_context_state+0x9/0x20 [ 1000.368018] tcp_v4_do_rcv+0x686/0xd80 [ 1000.368018] ? inet_sk_rx_dst_set+0x200/0x200 [ 1000.368018] __release_sock+0x32d/0x750 [ 1000.368018] sk_wait_data+0x2c3/0x920 [ 1000.368018] ? tcp_send_ack+0x68/0x90 [ 1000.368018] ? tcp_cleanup_rbuf+0x57b/0x8e0 [ 1000.368018] ? wait_woken+0x5b0/0x5b0 [ 1000.368018] tcp_recvmsg+0x1d10/0x4aa0 [ 1000.368018] ? inet_recvmsg+0xaf/0x6c0 [ 1000.455208] ? tcp_mmap+0x150/0x150 [ 1000.457157] inet_recvmsg+0x5b8/0x6c0 [ 1000.457157] sock_recvmsg+0x1d1/0x230 [ 1000.457157] ? inet_sendpage+0x990/0x990 [ 1000.457157] ___sys_recvmsg+0x444/0xae0 [ 1000.457157] ? __fdget+0x329/0x440 [ 1000.457157] __se_sys_recvmsg+0x2fa/0x450 [ 1000.457157] __x64_sys_recvmsg+0x4a/0x70 [ 1000.457157] do_syscall_64+0xcf/0x110 [ 1000.457157] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1000.457157] RIP: 0033:0x457569 [ 1000.457157] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:18:31 executing program 2: openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) [ 1000.511413] RSP: 002b:00007ff67e527c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1000.511413] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1000.511413] RDX: 0000000000000100 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1000.511413] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1000.511413] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff67e5286d4 [ 1000.511413] R13: 00000000004c399f R14: 00000000004d5f38 R15: 00000000ffffffff [ 1000.511413] Uninit was stored to memory at: [ 1000.511413] kmsan_internal_chain_origin+0x136/0x240 [ 1000.511413] __msan_chain_origin+0x6d/0xb0 [ 1000.511413] __save_stack_trace+0x8be/0xc60 [ 1000.580755] save_stack_trace+0xc6/0x110 [ 1000.580755] kmsan_internal_chain_origin+0x136/0x240 [ 1000.580755] kmsan_memcpy_origins+0x13d/0x190 [ 1000.580755] __msan_memcpy+0x6f/0x80 [ 1000.580755] pskb_expand_head+0x436/0x1d20 [ 1000.580755] ___pskb_trim+0x3c9/0x1bf0 [ 1000.580755] sk_filter_trim_cap+0x5ac/0xa60 [ 1000.609729] tcp_v4_rcv+0x4a1b/0x6520 [ 1000.609729] ip_local_deliver_finish+0x8d8/0xff0 [ 1000.609729] ip_local_deliver+0x44b/0x510 [ 1000.609729] ip_rcv+0x6b6/0x740 [ 1000.609729] process_backlog+0x82b/0x11e0 [ 1000.609729] net_rx_action+0x98f/0x1d50 [ 1000.609729] __do_softirq+0x721/0xc7f [ 1000.609729] [ 1000.609729] Uninit was stored to memory at: [ 1000.609729] kmsan_internal_chain_origin+0x136/0x240 [ 1000.609729] __msan_chain_origin+0x6d/0xb0 [ 1000.609729] __save_stack_trace+0x8be/0xc60 [ 1000.609729] save_stack_trace+0xc6/0x110 [ 1000.609729] kmsan_internal_chain_origin+0x136/0x240 [ 1000.609729] kmsan_memcpy_origins+0x13d/0x190 [ 1000.609729] __msan_memcpy+0x6f/0x80 [ 1000.609729] pskb_expand_head+0x436/0x1d20 [ 1000.609729] ___pskb_trim+0x3c9/0x1bf0 [ 1000.609729] sk_filter_trim_cap+0x5ac/0xa60 [ 1000.609729] tcp_v4_rcv+0x4a1b/0x6520 [ 1000.609729] ip_local_deliver_finish+0x8d8/0xff0 [ 1000.609729] ip_local_deliver+0x44b/0x510 [ 1000.609729] ip_rcv+0x6b6/0x740 [ 1000.609729] process_backlog+0x82b/0x11e0 [ 1000.609729] net_rx_action+0x98f/0x1d50 [ 1000.609729] __do_softirq+0x721/0xc7f [ 1000.609729] [ 1000.609729] Uninit was stored to memory at: [ 1000.609729] kmsan_internal_chain_origin+0x136/0x240 [ 1000.609729] __msan_chain_origin+0x6d/0xb0 [ 1000.732075] __save_stack_trace+0x8be/0xc60 [ 1000.732443] save_stack_trace+0xc6/0x110 [ 1000.732443] kmsan_internal_chain_origin+0x136/0x240 [ 1000.732443] kmsan_memcpy_origins+0x13d/0x190 [ 1000.732443] __msan_memcpy+0x6f/0x80 [ 1000.732443] pskb_expand_head+0x436/0x1d20 [ 1000.732443] ___pskb_trim+0x3c9/0x1bf0 [ 1000.732443] sk_filter_trim_cap+0x5ac/0xa60 [ 1000.732443] tcp_v4_rcv+0x4a1b/0x6520 [ 1000.732443] ip_local_deliver_finish+0x8d8/0xff0 [ 1000.732443] ip_local_deliver+0x44b/0x510 [ 1000.732443] ip_rcv+0x6b6/0x740 [ 1000.732443] process_backlog+0x82b/0x11e0 [ 1000.732443] net_rx_action+0x98f/0x1d50 [ 1000.732443] __do_softirq+0x721/0xc7f [ 1000.732443] [ 1000.732443] Uninit was stored to memory at: [ 1000.732443] kmsan_internal_chain_origin+0x136/0x240 [ 1000.802026] __msan_chain_origin+0x6d/0xb0 [ 1000.802026] __save_stack_trace+0x8be/0xc60 [ 1000.802026] save_stack_trace+0xc6/0x110 [ 1000.802026] kmsan_internal_chain_origin+0x136/0x240 [ 1000.802026] kmsan_memcpy_origins+0x13d/0x190 [ 1000.802026] __msan_memcpy+0x6f/0x80 [ 1000.802026] pskb_expand_head+0x436/0x1d20 [ 1000.802026] ___pskb_trim+0x3c9/0x1bf0 [ 1000.839594] sk_filter_trim_cap+0x5ac/0xa60 [ 1000.839594] tcp_v4_rcv+0x4a1b/0x6520 [ 1000.839594] ip_local_deliver_finish+0x8d8/0xff0 [ 1000.839594] ip_local_deliver+0x44b/0x510 [ 1000.839594] ip_rcv+0x6b6/0x740 [ 1000.839594] process_backlog+0x82b/0x11e0 [ 1000.839594] net_rx_action+0x98f/0x1d50 [ 1000.839594] __do_softirq+0x721/0xc7f [ 1000.839594] [ 1000.839594] Uninit was stored to memory at: [ 1000.839594] kmsan_internal_chain_origin+0x136/0x240 [ 1000.839594] __msan_chain_origin+0x6d/0xb0 [ 1000.839594] __save_stack_trace+0x8be/0xc60 [ 1000.839594] save_stack_trace+0xc6/0x110 [ 1000.839594] kmsan_internal_chain_origin+0x136/0x240 [ 1000.839594] kmsan_memcpy_origins+0x13d/0x190 [ 1000.839594] __msan_memcpy+0x6f/0x80 [ 1000.839594] pskb_expand_head+0x436/0x1d20 [ 1000.839594] ___pskb_trim+0x3c9/0x1bf0 [ 1000.839594] sk_filter_trim_cap+0x5ac/0xa60 [ 1000.839594] tcp_v4_rcv+0x4a1b/0x6520 [ 1000.839594] ip_local_deliver_finish+0x8d8/0xff0 [ 1000.839594] ip_local_deliver+0x44b/0x510 [ 1000.839594] ip_rcv+0x6b6/0x740 [ 1000.839594] process_backlog+0x82b/0x11e0 [ 1000.839594] net_rx_action+0x98f/0x1d50 [ 1000.839594] __do_softirq+0x721/0xc7f [ 1000.839594] [ 1000.839594] Uninit was stored to memory at: [ 1000.839594] kmsan_internal_chain_origin+0x136/0x240 [ 1000.839594] __msan_chain_origin+0x6d/0xb0 [ 1000.839594] __save_stack_trace+0x8be/0xc60 [ 1000.839594] save_stack_trace+0xc6/0x110 [ 1000.839594] kmsan_internal_chain_origin+0x136/0x240 [ 1000.839594] kmsan_memcpy_origins+0x13d/0x190 [ 1000.839594] __msan_memcpy+0x6f/0x80 [ 1000.839594] pskb_expand_head+0x436/0x1d20 [ 1000.839594] ___pskb_trim+0x3c9/0x1bf0 [ 1000.839594] sk_filter_trim_cap+0x5ac/0xa60 [ 1000.839594] tcp_v4_rcv+0x4a1b/0x6520 [ 1000.839594] ip_local_deliver_finish+0x8d8/0xff0 [ 1000.839594] ip_local_deliver+0x44b/0x510 [ 1000.839594] ip_rcv+0x6b6/0x740 [ 1000.839594] process_backlog+0x82b/0x11e0 [ 1000.839594] net_rx_action+0x98f/0x1d50 [ 1000.839594] __do_softirq+0x721/0xc7f [ 1000.839594] [ 1000.839594] Uninit was stored to memory at: [ 1000.839594] kmsan_internal_chain_origin+0x136/0x240 [ 1000.839594] __msan_chain_origin+0x6d/0xb0 [ 1000.839594] __save_stack_trace+0x8be/0xc60 [ 1000.839594] save_stack_trace+0xc6/0x110 [ 1000.839594] kmsan_internal_chain_origin+0x136/0x240 [ 1000.839594] kmsan_memcpy_origins+0x13d/0x190 [ 1000.839594] __msan_memcpy+0x6f/0x80 [ 1000.839594] pskb_expand_head+0x436/0x1d20 [ 1000.839594] ___pskb_trim+0x3c9/0x1bf0 [ 1000.839594] sk_filter_trim_cap+0x5ac/0xa60 [ 1000.839594] tcp_v4_rcv+0x4a1b/0x6520 [ 1000.839594] ip_local_deliver_finish+0x8d8/0xff0 [ 1000.839594] ip_local_deliver+0x44b/0x510 [ 1000.839594] ip_rcv+0x6b6/0x740 [ 1000.839594] process_backlog+0x82b/0x11e0 [ 1000.839594] net_rx_action+0x98f/0x1d50 [ 1000.839594] __do_softirq+0x721/0xc7f [ 1000.839594] [ 1000.839594] Local variable description: ----__ai_o2.i.i.i.i@kmem_cache_free [ 1000.839594] Variable was created at: [ 1000.839594] kmem_cache_free+0x143/0x3370 06:18:32 executing program 2: r0 = getpgrp(0x0) r1 = gettid() rt_sigprocmask(0x0, &(0x7f00000000c0)={0xfffffffffffffffe}, 0x0, 0x8) rt_tgsigqueueinfo(r0, r1, 0x33, &(0x7f0000000040)) 06:18:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) [ 1000.839594] __kfree_skb+0x2cc/0x310 06:18:32 executing program 0: r0 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:32 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)) r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) [ 1001.538386] not chained 390000 origins [ 1001.541792] CPU: 1 PID: 29269 Comm: syz-executor3 Not tainted 4.20.0-rc3+ #89 [ 1001.541792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1001.541792] Call Trace: [ 1001.541792] [ 1001.541792] dump_stack+0x32d/0x480 [ 1001.541792] kmsan_internal_chain_origin+0x222/0x240 [ 1001.541792] ? _raw_spin_lock_irqsave+0x320/0x490 [ 1001.573074] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1001.573074] ? depot_save_stack+0x398/0x4b0 [ 1001.573074] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1001.573074] ? kmsan_internal_chain_origin+0x90/0x240 [ 1001.573074] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1001.573074] ? in_task_stack+0x12c/0x210 [ 1001.573074] ? get_stack_info+0x206/0x220 [ 1001.573074] __msan_chain_origin+0x6d/0xb0 [ 1001.573074] ? __x64_sys_recvmsg+0x4a/0x70 [ 1001.573074] __save_stack_trace+0x8be/0xc60 [ 1001.573074] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1001.573074] ? __x64_sys_recvmsg+0x4a/0x70 [ 1001.573074] save_stack_trace+0xc6/0x110 [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] ? do_softirq_own_stack+0x49/0x80 [ 1001.573074] ? kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] ? kmsan_memcpy_origins+0x13d/0x190 [ 1001.573074] ? __msan_memcpy+0x6f/0x80 [ 1001.573074] ? pskb_expand_head+0x436/0x1d20 [ 1001.573074] ? skb_shift+0xce2/0x2d10 [ 1001.573074] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1001.573074] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1001.573074] ? tcp_ack+0x2888/0xa010 [ 1001.573074] ? tcp_rcv_established+0xf7e/0x2940 [ 1001.573074] ? tcp_v4_do_rcv+0x686/0xd80 [ 1001.573074] ? tcp_v4_rcv+0x5a13/0x6520 [ 1001.573074] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1001.573074] ? ip_local_deliver+0x44b/0x510 [ 1001.573074] ? ip_rcv+0x6b6/0x740 [ 1001.573074] ? process_backlog+0x82b/0x11e0 [ 1001.573074] ? net_rx_action+0x98f/0x1d50 [ 1001.573074] ? __do_softirq+0x721/0xc7f [ 1001.573074] ? do_softirq_own_stack+0x49/0x80 [ 1001.573074] ? __local_bh_enable_ip+0x228/0x260 [ 1001.573074] ? _raw_spin_unlock_bh+0x4b/0x60 [ 1001.573074] ? sk_wait_data+0x4b9/0x920 [ 1001.573074] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1001.573074] ? inet_recvmsg+0x5b8/0x6c0 [ 1001.573074] ? sock_recvmsg+0x1d1/0x230 [ 1001.573074] ? ___sys_recvmsg+0x444/0xae0 [ 1001.573074] ? __se_sys_recvmsg+0x2fa/0x450 [ 1001.573074] ? __x64_sys_recvmsg+0x4a/0x70 [ 1001.573074] ? do_syscall_64+0xcf/0x110 [ 1001.573074] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1001.573074] ? __msan_get_context_state+0x9/0x20 [ 1001.573074] ? INIT_INT+0xc/0x30 [ 1001.573074] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1001.573074] kmsan_memcpy_origins+0x13d/0x190 [ 1001.573074] __msan_memcpy+0x6f/0x80 [ 1001.573074] pskb_expand_head+0x436/0x1d20 [ 1001.573074] skb_shift+0xce2/0x2d10 [ 1001.573074] tcp_sacktag_walk+0x2156/0x29d0 [ 1001.573074] tcp_sacktag_write_queue+0x2805/0x4630 [ 1001.573074] tcp_ack+0x2888/0xa010 [ 1001.573074] ? tcp_parse_options+0xbe/0x1cf0 [ 1001.573074] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1001.573074] ? tcp_parse_options+0x1c55/0x1cf0 [ 1001.573074] tcp_rcv_established+0xf7e/0x2940 [ 1001.573074] ? __msan_get_context_state+0x9/0x20 [ 1001.573074] tcp_v4_do_rcv+0x686/0xd80 [ 1001.573074] tcp_v4_rcv+0x5a13/0x6520 [ 1001.573074] ? tcp_filter+0x260/0x260 [ 1001.573074] ip_local_deliver_finish+0x8d8/0xff0 [ 1001.573074] ? nf_hook_slow+0x36f/0x3d0 [ 1001.573074] ip_local_deliver+0x44b/0x510 [ 1001.573074] ? ip_local_deliver+0x510/0x510 [ 1001.573074] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1001.573074] ip_rcv+0x6b6/0x740 [ 1001.573074] ? ip_rcv_core+0x1370/0x1370 [ 1001.573074] process_backlog+0x82b/0x11e0 [ 1001.573074] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1001.573074] ? ip_local_deliver_finish+0xff0/0xff0 [ 1001.573074] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1001.573074] net_rx_action+0x98f/0x1d50 [ 1001.573074] ? net_tx_action+0xf20/0xf20 [ 1001.573074] __do_softirq+0x721/0xc7f [ 1001.573074] do_softirq_own_stack+0x49/0x80 [ 1001.573074] [ 1001.573074] __local_bh_enable_ip+0x228/0x260 [ 1001.573074] _raw_spin_unlock_bh+0x4b/0x60 [ 1001.573074] sk_wait_data+0x4b9/0x920 [ 1001.573074] ? tcp_send_ack+0x68/0x90 [ 1001.573074] ? tcp_cleanup_rbuf+0x57b/0x8e0 [ 1001.573074] ? wait_woken+0x5b0/0x5b0 [ 1001.573074] tcp_recvmsg+0x1d10/0x4aa0 [ 1001.573074] ? inet_recvmsg+0xaf/0x6c0 [ 1001.573074] ? tcp_mmap+0x150/0x150 [ 1001.573074] inet_recvmsg+0x5b8/0x6c0 [ 1001.573074] sock_recvmsg+0x1d1/0x230 [ 1001.573074] ? inet_sendpage+0x990/0x990 [ 1001.573074] ___sys_recvmsg+0x444/0xae0 [ 1001.573074] ? __fdget+0x329/0x440 [ 1001.573074] __se_sys_recvmsg+0x2fa/0x450 [ 1001.573074] __x64_sys_recvmsg+0x4a/0x70 [ 1001.573074] do_syscall_64+0xcf/0x110 [ 1001.573074] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1001.573074] RIP: 0033:0x457569 [ 1001.573074] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1001.573074] RSP: 002b:00007ff67e527c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1001.573074] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1001.573074] RDX: 0000000000000100 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1001.573074] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1001.573074] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff67e5286d4 [ 1001.573074] R13: 00000000004c399f R14: 00000000004d5f38 R15: 00000000ffffffff [ 1001.573074] Uninit was stored to memory at: [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] __msan_chain_origin+0x6d/0xb0 [ 1001.573074] __save_stack_trace+0x8be/0xc60 [ 1001.573074] save_stack_trace+0xc6/0x110 [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] kmsan_memcpy_origins+0x13d/0x190 [ 1001.573074] __msan_memcpy+0x6f/0x80 [ 1001.573074] pskb_expand_head+0x436/0x1d20 [ 1001.573074] skb_shift+0xce2/0x2d10 [ 1001.573074] tcp_sacktag_walk+0x2156/0x29d0 [ 1001.573074] tcp_sacktag_write_queue+0x2805/0x4630 [ 1001.573074] tcp_ack+0x2888/0xa010 [ 1001.573074] tcp_rcv_established+0xf7e/0x2940 [ 1001.573074] tcp_v4_do_rcv+0x686/0xd80 [ 1001.573074] tcp_v4_rcv+0x5a13/0x6520 [ 1001.573074] ip_local_deliver_finish+0x8d8/0xff0 [ 1001.573074] ip_local_deliver+0x44b/0x510 [ 1001.573074] ip_rcv+0x6b6/0x740 [ 1001.573074] process_backlog+0x82b/0x11e0 [ 1001.573074] net_rx_action+0x98f/0x1d50 [ 1001.573074] __do_softirq+0x721/0xc7f [ 1001.573074] [ 1001.573074] Uninit was stored to memory at: [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] __msan_chain_origin+0x6d/0xb0 [ 1001.573074] __save_stack_trace+0x8be/0xc60 [ 1001.573074] save_stack_trace+0xc6/0x110 [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] kmsan_memcpy_origins+0x13d/0x190 [ 1001.573074] __msan_memcpy+0x6f/0x80 [ 1001.573074] pskb_expand_head+0x436/0x1d20 [ 1001.573074] skb_shift+0xce2/0x2d10 [ 1001.573074] tcp_sacktag_walk+0x2156/0x29d0 [ 1001.573074] tcp_sacktag_write_queue+0x2805/0x4630 [ 1001.573074] tcp_ack+0x2888/0xa010 [ 1001.573074] tcp_rcv_established+0xf7e/0x2940 [ 1001.573074] tcp_v4_do_rcv+0x686/0xd80 [ 1001.573074] tcp_v4_rcv+0x5a13/0x6520 [ 1001.573074] ip_local_deliver_finish+0x8d8/0xff0 [ 1001.573074] ip_local_deliver+0x44b/0x510 [ 1001.573074] ip_rcv+0x6b6/0x740 [ 1001.573074] process_backlog+0x82b/0x11e0 [ 1001.573074] net_rx_action+0x98f/0x1d50 [ 1001.573074] __do_softirq+0x721/0xc7f [ 1001.573074] [ 1001.573074] Uninit was stored to memory at: [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] __msan_chain_origin+0x6d/0xb0 [ 1001.573074] __save_stack_trace+0x8be/0xc60 [ 1001.573074] save_stack_trace+0xc6/0x110 [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] kmsan_memcpy_origins+0x13d/0x190 [ 1001.573074] __msan_memcpy+0x6f/0x80 [ 1001.573074] pskb_expand_head+0x436/0x1d20 [ 1001.573074] skb_shift+0xce2/0x2d10 [ 1001.573074] tcp_sacktag_walk+0x2156/0x29d0 [ 1001.573074] tcp_sacktag_write_queue+0x2805/0x4630 [ 1001.573074] tcp_ack+0x2888/0xa010 [ 1001.573074] tcp_rcv_established+0xf7e/0x2940 [ 1001.573074] tcp_v4_do_rcv+0x686/0xd80 [ 1001.573074] tcp_v4_rcv+0x5a13/0x6520 [ 1001.573074] ip_local_deliver_finish+0x8d8/0xff0 [ 1001.573074] ip_local_deliver+0x44b/0x510 [ 1001.573074] ip_rcv+0x6b6/0x740 [ 1001.573074] process_backlog+0x82b/0x11e0 [ 1001.573074] net_rx_action+0x98f/0x1d50 [ 1001.573074] __do_softirq+0x721/0xc7f [ 1001.573074] [ 1001.573074] Uninit was stored to memory at: [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] __msan_chain_origin+0x6d/0xb0 [ 1001.573074] __save_stack_trace+0x8be/0xc60 [ 1001.573074] save_stack_trace+0xc6/0x110 [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] kmsan_memcpy_origins+0x13d/0x190 [ 1001.573074] __msan_memcpy+0x6f/0x80 [ 1001.573074] pskb_expand_head+0x436/0x1d20 [ 1001.573074] skb_shift+0xce2/0x2d10 [ 1001.573074] tcp_sacktag_walk+0x2156/0x29d0 [ 1001.573074] tcp_sacktag_write_queue+0x2805/0x4630 [ 1001.573074] tcp_ack+0x2888/0xa010 [ 1001.573074] tcp_rcv_established+0xf7e/0x2940 [ 1001.573074] tcp_v4_do_rcv+0x686/0xd80 [ 1001.573074] tcp_v4_rcv+0x5a13/0x6520 [ 1001.573074] ip_local_deliver_finish+0x8d8/0xff0 [ 1001.573074] ip_local_deliver+0x44b/0x510 [ 1001.573074] ip_rcv+0x6b6/0x740 [ 1001.573074] process_backlog+0x82b/0x11e0 [ 1001.573074] net_rx_action+0x98f/0x1d50 [ 1001.573074] __do_softirq+0x721/0xc7f [ 1001.573074] [ 1001.573074] Uninit was stored to memory at: [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] __msan_chain_origin+0x6d/0xb0 [ 1001.573074] __save_stack_trace+0x8be/0xc60 [ 1001.573074] save_stack_trace+0xc6/0x110 [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] kmsan_memcpy_origins+0x13d/0x190 [ 1001.573074] __msan_memcpy+0x6f/0x80 [ 1001.573074] pskb_expand_head+0x436/0x1d20 [ 1001.573074] skb_shift+0xce2/0x2d10 [ 1001.573074] tcp_sacktag_walk+0x2156/0x29d0 [ 1001.573074] tcp_sacktag_write_queue+0x2805/0x4630 [ 1001.573074] tcp_ack+0x2888/0xa010 [ 1001.573074] tcp_rcv_established+0xf7e/0x2940 [ 1001.573074] tcp_v4_do_rcv+0x686/0xd80 [ 1001.573074] tcp_v4_rcv+0x5a13/0x6520 [ 1001.573074] ip_local_deliver_finish+0x8d8/0xff0 [ 1001.573074] ip_local_deliver+0x44b/0x510 [ 1001.573074] ip_rcv+0x6b6/0x740 [ 1001.573074] process_backlog+0x82b/0x11e0 [ 1001.573074] net_rx_action+0x98f/0x1d50 [ 1001.573074] __do_softirq+0x721/0xc7f [ 1001.573074] [ 1001.573074] Uninit was stored to memory at: [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] __msan_chain_origin+0x6d/0xb0 [ 1001.573074] __save_stack_trace+0x8be/0xc60 [ 1001.573074] save_stack_trace+0xc6/0x110 [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] kmsan_memcpy_origins+0x13d/0x190 [ 1001.573074] __msan_memcpy+0x6f/0x80 [ 1001.573074] pskb_expand_head+0x436/0x1d20 [ 1001.573074] skb_shift+0xce2/0x2d10 [ 1001.573074] tcp_sacktag_walk+0x2156/0x29d0 [ 1001.573074] tcp_sacktag_write_queue+0x2805/0x4630 [ 1001.573074] tcp_ack+0x2888/0xa010 [ 1001.573074] tcp_rcv_established+0xf7e/0x2940 [ 1001.573074] tcp_v4_do_rcv+0x686/0xd80 [ 1001.573074] tcp_v4_rcv+0x5a13/0x6520 [ 1001.573074] ip_local_deliver_finish+0x8d8/0xff0 [ 1001.573074] ip_local_deliver+0x44b/0x510 [ 1001.573074] ip_rcv+0x6b6/0x740 [ 1001.573074] process_backlog+0x82b/0x11e0 [ 1001.573074] net_rx_action+0x98f/0x1d50 [ 1001.573074] __do_softirq+0x721/0xc7f [ 1001.573074] [ 1001.573074] Uninit was stored to memory at: [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] __msan_chain_origin+0x6d/0xb0 [ 1001.573074] __save_stack_trace+0x8be/0xc60 [ 1001.573074] save_stack_trace+0xc6/0x110 [ 1001.573074] kmsan_internal_chain_origin+0x136/0x240 [ 1001.573074] kmsan_memcpy_origins+0x13d/0x190 [ 1001.573074] __msan_memcpy+0x6f/0x80 [ 1001.573074] pskb_expand_head+0x436/0x1d20 [ 1001.573074] skb_shift+0xce2/0x2d10 [ 1001.573074] tcp_sacktag_walk+0x2156/0x29d0 [ 1001.573074] tcp_sacktag_write_queue+0x2805/0x4630 [ 1001.573074] tcp_ack+0x2888/0xa010 [ 1001.573074] tcp_rcv_established+0xf7e/0x2940 [ 1001.573074] tcp_v4_do_rcv+0x686/0xd80 [ 1001.573074] tcp_v4_rcv+0x5a13/0x6520 [ 1001.573074] ip_local_deliver_finish+0x8d8/0xff0 [ 1001.573074] ip_local_deliver+0x44b/0x510 [ 1001.573074] ip_rcv+0x6b6/0x740 [ 1001.573074] process_backlog+0x82b/0x11e0 [ 1001.573074] net_rx_action+0x98f/0x1d50 [ 1001.573074] __do_softirq+0x721/0xc7f [ 1001.573074] [ 1001.573074] Local variable description: ----_icmph.i318@ip_vs_out [ 1001.573074] Variable was created at: [ 1001.573074] ip_vs_out+0x120/0x4570 [ 1001.573074] ip_vs_local_reply4+0xec/0x130 [ 1002.766742] not chained 400000 origins [ 1002.770670] CPU: 1 PID: 29269 Comm: syz-executor3 Not tainted 4.20.0-rc3+ #89 [ 1002.771805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1002.771805] Call Trace: [ 1002.771805] [ 1002.771805] dump_stack+0x32d/0x480 [ 1002.771805] kmsan_internal_chain_origin+0x222/0x240 [ 1002.771805] ? kmsan_set_origin+0x7f/0x100 [ 1002.771805] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1002.771805] ? __module_address+0x6a/0x5f0 [ 1002.771805] ? is_bpf_text_address+0x3e5/0x4d0 [ 1002.771805] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1002.771805] ? is_bpf_text_address+0x49e/0x4d0 [ 1002.771805] ? kmsan_internal_chain_origin+0x90/0x240 [ 1002.771805] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1002.771805] ? is_bpf_text_address+0x49e/0x4d0 [ 1002.771805] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1002.771805] __msan_chain_origin+0x6d/0xb0 [ 1002.771805] ? tcp_v4_rcv+0x5a13/0x6520 [ 1002.771805] __save_stack_trace+0x8be/0xc60 [ 1002.771805] ? tcp_v4_rcv+0x5a13/0x6520 [ 1002.771805] save_stack_trace+0xc6/0x110 [ 1002.771805] kmsan_internal_chain_origin+0x136/0x240 [ 1002.771805] ? do_softirq_own_stack+0x49/0x80 [ 1002.771805] ? kmsan_internal_chain_origin+0x136/0x240 [ 1002.771805] ? kmsan_memcpy_origins+0x13d/0x190 [ 1002.771805] ? __msan_memcpy+0x6f/0x80 [ 1002.771805] ? pskb_expand_head+0x436/0x1d20 [ 1002.771805] ? skb_shift+0xce2/0x2d10 [ 1002.771805] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1002.771805] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1002.771805] ? tcp_ack+0x2888/0xa010 [ 1002.771805] ? tcp_rcv_established+0xf7e/0x2940 [ 1002.771805] ? tcp_v4_do_rcv+0x686/0xd80 [ 1002.771805] ? tcp_v4_rcv+0x5a13/0x6520 [ 1002.771805] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1002.771805] ? ip_local_deliver+0x44b/0x510 [ 1002.935636] ? ip_rcv+0x6b6/0x740 [ 1002.935636] ? process_backlog+0x82b/0x11e0 [ 1002.935636] ? net_rx_action+0x98f/0x1d50 [ 1002.935636] ? __do_softirq+0x721/0xc7f [ 1002.935636] ? do_softirq_own_stack+0x49/0x80 [ 1002.935636] ? __local_bh_enable_ip+0x228/0x260 [ 1002.935636] ? _raw_spin_unlock_bh+0x4b/0x60 [ 1002.935636] ? sk_wait_data+0x4b9/0x920 [ 1002.935636] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1002.935636] ? inet_recvmsg+0x5b8/0x6c0 [ 1002.935636] ? sock_recvmsg+0x1d1/0x230 [ 1002.935636] ? ___sys_recvmsg+0x444/0xae0 [ 1002.935636] ? __se_sys_recvmsg+0x2fa/0x450 [ 1002.935636] ? __x64_sys_recvmsg+0x4a/0x70 [ 1002.935636] ? do_syscall_64+0xcf/0x110 [ 1002.935636] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1002.935636] ? __msan_get_context_state+0x9/0x20 [ 1002.935636] ? INIT_INT+0xc/0x30 [ 1002.935636] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1002.935636] kmsan_memcpy_origins+0x13d/0x190 [ 1002.935636] __msan_memcpy+0x6f/0x80 [ 1002.935636] pskb_expand_head+0x436/0x1d20 [ 1002.935636] skb_shift+0xce2/0x2d10 [ 1002.935636] tcp_sacktag_walk+0x2156/0x29d0 [ 1002.935636] tcp_sacktag_write_queue+0x2805/0x4630 [ 1002.935636] tcp_ack+0x2888/0xa010 [ 1002.935636] ? tcp_parse_options+0xbe/0x1cf0 [ 1002.935636] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1002.935636] ? tcp_parse_options+0x1c55/0x1cf0 [ 1002.935636] tcp_rcv_established+0xf7e/0x2940 [ 1002.935636] ? __msan_get_context_state+0x9/0x20 [ 1002.935636] tcp_v4_do_rcv+0x686/0xd80 [ 1002.935636] tcp_v4_rcv+0x5a13/0x6520 [ 1002.935636] ? tcp_filter+0x260/0x260 [ 1002.935636] ip_local_deliver_finish+0x8d8/0xff0 [ 1002.935636] ? nf_hook_slow+0x36f/0x3d0 [ 1002.935636] ip_local_deliver+0x44b/0x510 [ 1002.935636] ? ip_local_deliver+0x510/0x510 [ 1002.935636] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1002.935636] ip_rcv+0x6b6/0x740 [ 1002.935636] ? ip_rcv_core+0x1370/0x1370 [ 1002.935636] process_backlog+0x82b/0x11e0 [ 1002.935636] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1002.935636] ? ip_local_deliver_finish+0xff0/0xff0 [ 1002.935636] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1002.935636] net_rx_action+0x98f/0x1d50 [ 1002.935636] ? net_tx_action+0xf20/0xf20 [ 1002.935636] __do_softirq+0x721/0xc7f [ 1002.935636] do_softirq_own_stack+0x49/0x80 [ 1002.935636] [ 1002.935636] __local_bh_enable_ip+0x228/0x260 [ 1002.935636] _raw_spin_unlock_bh+0x4b/0x60 [ 1002.935636] sk_wait_data+0x4b9/0x920 [ 1002.935636] ? tcp_send_ack+0x68/0x90 [ 1002.935636] ? tcp_cleanup_rbuf+0x57b/0x8e0 [ 1002.935636] ? wait_woken+0x5b0/0x5b0 [ 1002.935636] tcp_recvmsg+0x1d10/0x4aa0 [ 1002.935636] ? inet_recvmsg+0xaf/0x6c0 [ 1002.935636] ? tcp_mmap+0x150/0x150 [ 1002.935636] inet_recvmsg+0x5b8/0x6c0 [ 1002.935636] sock_recvmsg+0x1d1/0x230 [ 1002.935636] ? inet_sendpage+0x990/0x990 [ 1002.935636] ___sys_recvmsg+0x444/0xae0 [ 1002.935636] ? __fdget+0x329/0x440 [ 1002.935636] __se_sys_recvmsg+0x2fa/0x450 [ 1002.935636] __x64_sys_recvmsg+0x4a/0x70 [ 1002.935636] do_syscall_64+0xcf/0x110 [ 1002.935636] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1002.935636] RIP: 0033:0x457569 [ 1002.935636] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1002.935636] RSP: 002b:00007ff67e527c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1002.935636] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1002.935636] RDX: 0000000000000100 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1002.935636] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1002.935636] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff67e5286d4 [ 1002.935636] R13: 00000000004c399f R14: 00000000004d5f38 R15: 00000000ffffffff [ 1002.935636] Uninit was stored to memory at: [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] __msan_chain_origin+0x6d/0xb0 [ 1002.935636] __save_stack_trace+0x8be/0xc60 [ 1002.935636] save_stack_trace+0xc6/0x110 [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] kmsan_memcpy_origins+0x13d/0x190 [ 1002.935636] __msan_memcpy+0x6f/0x80 [ 1002.935636] pskb_expand_head+0x436/0x1d20 [ 1002.935636] skb_shift+0xce2/0x2d10 [ 1002.935636] tcp_sacktag_walk+0x2156/0x29d0 [ 1002.935636] tcp_sacktag_write_queue+0x2805/0x4630 [ 1002.935636] tcp_ack+0x2888/0xa010 [ 1002.935636] tcp_rcv_established+0xf7e/0x2940 [ 1002.935636] tcp_v4_do_rcv+0x686/0xd80 [ 1002.935636] tcp_v4_rcv+0x5a13/0x6520 [ 1002.935636] ip_local_deliver_finish+0x8d8/0xff0 [ 1002.935636] ip_local_deliver+0x44b/0x510 [ 1002.935636] ip_rcv+0x6b6/0x740 [ 1002.935636] process_backlog+0x82b/0x11e0 [ 1002.935636] net_rx_action+0x98f/0x1d50 [ 1002.935636] __do_softirq+0x721/0xc7f [ 1002.935636] [ 1002.935636] Uninit was stored to memory at: [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] __msan_chain_origin+0x6d/0xb0 [ 1002.935636] __save_stack_trace+0x8be/0xc60 [ 1002.935636] save_stack_trace+0xc6/0x110 [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] kmsan_memcpy_origins+0x13d/0x190 [ 1002.935636] __msan_memcpy+0x6f/0x80 [ 1002.935636] pskb_expand_head+0x436/0x1d20 [ 1002.935636] skb_shift+0xce2/0x2d10 [ 1002.935636] tcp_sacktag_walk+0x2156/0x29d0 [ 1002.935636] tcp_sacktag_write_queue+0x2805/0x4630 [ 1002.935636] tcp_ack+0x2888/0xa010 [ 1002.935636] tcp_rcv_established+0xf7e/0x2940 [ 1002.935636] tcp_v4_do_rcv+0x686/0xd80 [ 1002.935636] tcp_v4_rcv+0x5a13/0x6520 [ 1002.935636] ip_local_deliver_finish+0x8d8/0xff0 [ 1002.935636] ip_local_deliver+0x44b/0x510 [ 1002.935636] ip_rcv+0x6b6/0x740 [ 1002.935636] process_backlog+0x82b/0x11e0 [ 1002.935636] net_rx_action+0x98f/0x1d50 [ 1002.935636] __do_softirq+0x721/0xc7f [ 1002.935636] [ 1002.935636] Uninit was stored to memory at: [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] __msan_chain_origin+0x6d/0xb0 [ 1002.935636] __save_stack_trace+0x8be/0xc60 [ 1002.935636] save_stack_trace+0xc6/0x110 [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] kmsan_memcpy_origins+0x13d/0x190 [ 1002.935636] __msan_memcpy+0x6f/0x80 [ 1002.935636] pskb_expand_head+0x436/0x1d20 [ 1002.935636] skb_shift+0xce2/0x2d10 [ 1002.935636] tcp_sacktag_walk+0x2156/0x29d0 [ 1002.935636] tcp_sacktag_write_queue+0x2805/0x4630 [ 1002.935636] tcp_ack+0x2888/0xa010 [ 1002.935636] tcp_rcv_established+0xf7e/0x2940 [ 1002.935636] tcp_v4_do_rcv+0x686/0xd80 [ 1002.935636] tcp_v4_rcv+0x5a13/0x6520 [ 1002.935636] ip_local_deliver_finish+0x8d8/0xff0 [ 1002.935636] ip_local_deliver+0x44b/0x510 [ 1002.935636] ip_rcv+0x6b6/0x740 [ 1002.935636] process_backlog+0x82b/0x11e0 [ 1002.935636] net_rx_action+0x98f/0x1d50 [ 1002.935636] __do_softirq+0x721/0xc7f [ 1002.935636] [ 1002.935636] Uninit was stored to memory at: [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] __msan_chain_origin+0x6d/0xb0 [ 1002.935636] __save_stack_trace+0x8be/0xc60 [ 1002.935636] save_stack_trace+0xc6/0x110 [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] kmsan_memcpy_origins+0x13d/0x190 [ 1002.935636] __msan_memcpy+0x6f/0x80 [ 1002.935636] pskb_expand_head+0x436/0x1d20 [ 1002.935636] skb_shift+0xce2/0x2d10 [ 1002.935636] tcp_sacktag_walk+0x2156/0x29d0 [ 1002.935636] tcp_sacktag_write_queue+0x2805/0x4630 [ 1002.935636] tcp_ack+0x2888/0xa010 [ 1002.935636] tcp_rcv_established+0xf7e/0x2940 [ 1002.935636] tcp_v4_do_rcv+0x686/0xd80 [ 1002.935636] tcp_v4_rcv+0x5a13/0x6520 [ 1002.935636] ip_local_deliver_finish+0x8d8/0xff0 [ 1002.935636] ip_local_deliver+0x44b/0x510 [ 1002.935636] ip_rcv+0x6b6/0x740 [ 1002.935636] process_backlog+0x82b/0x11e0 [ 1002.935636] net_rx_action+0x98f/0x1d50 [ 1002.935636] __do_softirq+0x721/0xc7f [ 1002.935636] [ 1002.935636] Uninit was stored to memory at: [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] __msan_chain_origin+0x6d/0xb0 [ 1002.935636] __save_stack_trace+0x8be/0xc60 [ 1002.935636] save_stack_trace+0xc6/0x110 [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] kmsan_memcpy_origins+0x13d/0x190 [ 1002.935636] __msan_memcpy+0x6f/0x80 [ 1002.935636] pskb_expand_head+0x436/0x1d20 [ 1002.935636] skb_shift+0xce2/0x2d10 [ 1002.935636] tcp_sacktag_walk+0x2156/0x29d0 [ 1002.935636] tcp_sacktag_write_queue+0x2805/0x4630 [ 1002.935636] tcp_ack+0x2888/0xa010 [ 1002.935636] tcp_rcv_established+0xf7e/0x2940 [ 1002.935636] tcp_v4_do_rcv+0x686/0xd80 [ 1002.935636] tcp_v4_rcv+0x5a13/0x6520 [ 1002.935636] ip_local_deliver_finish+0x8d8/0xff0 [ 1002.935636] ip_local_deliver+0x44b/0x510 [ 1002.935636] ip_rcv+0x6b6/0x740 [ 1002.935636] process_backlog+0x82b/0x11e0 [ 1002.935636] net_rx_action+0x98f/0x1d50 [ 1002.935636] __do_softirq+0x721/0xc7f [ 1002.935636] [ 1002.935636] Uninit was stored to memory at: [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] __msan_chain_origin+0x6d/0xb0 [ 1002.935636] __save_stack_trace+0x8be/0xc60 [ 1002.935636] save_stack_trace+0xc6/0x110 [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] kmsan_memcpy_origins+0x13d/0x190 [ 1002.935636] __msan_memcpy+0x6f/0x80 [ 1002.935636] pskb_expand_head+0x436/0x1d20 [ 1002.935636] skb_shift+0xce2/0x2d10 [ 1002.935636] tcp_sacktag_walk+0x2156/0x29d0 [ 1002.935636] tcp_sacktag_write_queue+0x2805/0x4630 [ 1002.935636] tcp_ack+0x2888/0xa010 [ 1002.935636] tcp_rcv_established+0xf7e/0x2940 [ 1002.935636] tcp_v4_do_rcv+0x686/0xd80 [ 1002.935636] tcp_v4_rcv+0x5a13/0x6520 [ 1002.935636] ip_local_deliver_finish+0x8d8/0xff0 [ 1002.935636] ip_local_deliver+0x44b/0x510 [ 1002.935636] ip_rcv+0x6b6/0x740 [ 1002.935636] process_backlog+0x82b/0x11e0 [ 1002.935636] net_rx_action+0x98f/0x1d50 [ 1002.935636] __do_softirq+0x721/0xc7f [ 1002.935636] [ 1002.935636] Uninit was stored to memory at: [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] __msan_chain_origin+0x6d/0xb0 [ 1002.935636] __save_stack_trace+0x8be/0xc60 [ 1002.935636] save_stack_trace+0xc6/0x110 [ 1002.935636] kmsan_internal_chain_origin+0x136/0x240 [ 1002.935636] kmsan_memcpy_origins+0x13d/0x190 [ 1002.935636] __msan_memcpy+0x6f/0x80 [ 1002.935636] pskb_expand_head+0x436/0x1d20 [ 1002.935636] skb_shift+0xce2/0x2d10 [ 1002.935636] tcp_sacktag_walk+0x2156/0x29d0 [ 1002.935636] tcp_sacktag_write_queue+0x2805/0x4630 [ 1002.935636] tcp_ack+0x2888/0xa010 [ 1002.935636] tcp_rcv_established+0xf7e/0x2940 [ 1002.935636] tcp_v4_do_rcv+0x686/0xd80 [ 1002.935636] tcp_v4_rcv+0x5a13/0x6520 [ 1002.935636] ip_local_deliver_finish+0x8d8/0xff0 [ 1002.935636] ip_local_deliver+0x44b/0x510 [ 1002.935636] ip_rcv+0x6b6/0x740 [ 1002.935636] process_backlog+0x82b/0x11e0 [ 1002.935636] net_rx_action+0x98f/0x1d50 [ 1002.935636] __do_softirq+0x721/0xc7f [ 1002.935636] [ 1002.935636] Local variable description: ----_icmph.i318@ip_vs_out [ 1002.935636] Variable was created at: [ 1002.935636] ip_vs_out+0x120/0x4570 [ 1002.935636] ip_vs_local_reply4+0xec/0x130 [ 1004.095392] not chained 410000 origins [ 1004.099334] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc3+ #89 [ 1004.102856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1004.102856] Call Trace: [ 1004.102856] dump_stack+0x32d/0x480 [ 1004.121425] kmsan_internal_chain_origin+0x222/0x240 [ 1004.121425] ? _raw_spin_lock_irqsave+0x320/0x490 [ 1004.121425] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1004.121425] ? depot_save_stack+0x398/0x4b0 [ 1004.121425] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1004.121425] ? kmsan_internal_chain_origin+0x90/0x240 [ 1004.121425] ? kmsan_internal_chain_origin+0x136/0x240 [ 1004.121425] ? __msan_chain_origin+0x6d/0xb0 [ 1004.121425] ? save_stack_trace+0xfa/0x110 [ 1004.121425] ? kmsan_internal_chain_origin+0x136/0x240 [ 1004.121425] ? kmsan_memcpy_origins+0x13d/0x190 [ 1004.121425] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1004.121425] ? in_task_stack+0x12c/0x210 [ 1004.183072] __msan_chain_origin+0x6d/0xb0 [ 1004.183072] ? kthread+0x5e7/0x620 [ 1004.183072] __save_stack_trace+0x8be/0xc60 [ 1004.193660] ? kthread+0x5e7/0x620 [ 1004.193660] save_stack_trace+0xc6/0x110 [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] ? kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] ? kmsan_memcpy_origins+0x13d/0x190 [ 1004.204771] ? __msan_memcpy+0x6f/0x80 [ 1004.204771] ? pskb_expand_head+0x436/0x1d20 [ 1004.204771] ? __tcp_retransmit_skb+0xdf6/0x46c0 [ 1004.204771] ? tcp_send_loss_probe+0x8fb/0xc00 [ 1004.204771] ? tcp_write_timer_handler+0x691/0xe80 [ 1004.204771] ? tcp_write_timer+0x139/0x250 [ 1004.204771] ? call_timer_fn+0x356/0x7c0 [ 1004.204771] ? __run_timers+0xe95/0x1300 [ 1004.204771] ? run_timer_softirq+0x55/0xa0 [ 1004.204771] ? __do_softirq+0x721/0xc7f [ 1004.204771] ? run_ksoftirqd+0x37/0x60 [ 1004.204771] ? smpboot_thread_fn+0x69c/0xb30 [ 1004.204771] ? kthread+0x5e7/0x620 [ 1004.204771] ? ret_from_fork+0x35/0x40 [ 1004.204771] ? memcg_kmem_put_cache+0x73/0x460 [ 1004.204771] ? __msan_get_context_state+0x9/0x20 [ 1004.204771] ? INIT_INT+0xc/0x30 [ 1004.204771] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1004.204771] ? ipv4_dst_check+0x1aa/0x2a0 [ 1004.204771] kmsan_memcpy_origins+0x13d/0x190 [ 1004.204771] __msan_memcpy+0x6f/0x80 [ 1004.204771] pskb_expand_head+0x436/0x1d20 [ 1004.204771] ? ipv4_mtu+0x47d/0x530 [ 1004.204771] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1004.204771] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1004.204771] ? ipv4_mtu+0x47d/0x530 [ 1004.204771] tcp_send_loss_probe+0x8fb/0xc00 [ 1004.204771] tcp_write_timer_handler+0x691/0xe80 [ 1004.204771] tcp_write_timer+0x139/0x250 [ 1004.204771] call_timer_fn+0x356/0x7c0 [ 1004.204771] ? tcp_init_xmit_timers+0x130/0x130 [ 1004.204771] __run_timers+0xe95/0x1300 [ 1004.204771] ? tcp_init_xmit_timers+0x130/0x130 [ 1004.204771] ? irqtime_account_irq+0x73/0x3c0 [ 1004.204771] run_timer_softirq+0x55/0xa0 [ 1004.204771] ? timers_dead_cpu+0xb70/0xb70 [ 1004.204771] __do_softirq+0x721/0xc7f [ 1004.204771] ? ksoftirqd_should_run+0x50/0x50 [ 1004.204771] run_ksoftirqd+0x37/0x60 [ 1004.204771] smpboot_thread_fn+0x69c/0xb30 [ 1004.204771] kthread+0x5e7/0x620 [ 1004.204771] ? cpu_report_death+0x4a0/0x4a0 [ 1004.204771] ? INIT_BOOL+0x30/0x30 [ 1004.204771] ret_from_fork+0x35/0x40 [ 1004.204771] Uninit was stored to memory at: [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] __msan_chain_origin+0x6d/0xb0 [ 1004.204771] __save_stack_trace+0x8be/0xc60 [ 1004.204771] save_stack_trace+0xc6/0x110 [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] kmsan_memcpy_origins+0x13d/0x190 [ 1004.204771] __msan_memcpy+0x6f/0x80 [ 1004.204771] pskb_expand_head+0x436/0x1d20 [ 1004.204771] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1004.204771] tcp_send_loss_probe+0x8fb/0xc00 [ 1004.204771] tcp_write_timer_handler+0x691/0xe80 [ 1004.204771] tcp_write_timer+0x139/0x250 [ 1004.204771] call_timer_fn+0x356/0x7c0 [ 1004.204771] __run_timers+0xe95/0x1300 [ 1004.204771] run_timer_softirq+0x55/0xa0 [ 1004.204771] __do_softirq+0x721/0xc7f [ 1004.204771] [ 1004.204771] Uninit was stored to memory at: [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] __msan_chain_origin+0x6d/0xb0 [ 1004.204771] __save_stack_trace+0x8be/0xc60 [ 1004.204771] save_stack_trace+0xc6/0x110 [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] kmsan_memcpy_origins+0x13d/0x190 [ 1004.204771] __msan_memcpy+0x6f/0x80 [ 1004.204771] pskb_expand_head+0x436/0x1d20 [ 1004.204771] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1004.204771] tcp_send_loss_probe+0x8fb/0xc00 [ 1004.204771] tcp_write_timer_handler+0x691/0xe80 [ 1004.204771] tcp_write_timer+0x139/0x250 [ 1004.204771] call_timer_fn+0x356/0x7c0 [ 1004.204771] __run_timers+0xe95/0x1300 [ 1004.204771] run_timer_softirq+0x55/0xa0 [ 1004.204771] __do_softirq+0x721/0xc7f [ 1004.204771] [ 1004.204771] Uninit was stored to memory at: [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] __msan_chain_origin+0x6d/0xb0 [ 1004.204771] __save_stack_trace+0x8be/0xc60 [ 1004.204771] save_stack_trace+0xc6/0x110 [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] kmsan_memcpy_origins+0x13d/0x190 [ 1004.204771] __msan_memcpy+0x6f/0x80 [ 1004.204771] pskb_expand_head+0x436/0x1d20 [ 1004.204771] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1004.204771] tcp_send_loss_probe+0x8fb/0xc00 [ 1004.204771] tcp_write_timer_handler+0x691/0xe80 [ 1004.204771] tcp_write_timer+0x139/0x250 [ 1004.204771] call_timer_fn+0x356/0x7c0 [ 1004.204771] __run_timers+0xe95/0x1300 [ 1004.204771] run_timer_softirq+0x55/0xa0 [ 1004.204771] __do_softirq+0x721/0xc7f [ 1004.204771] [ 1004.204771] Uninit was stored to memory at: [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] __msan_chain_origin+0x6d/0xb0 [ 1004.204771] __save_stack_trace+0x8be/0xc60 [ 1004.204771] save_stack_trace+0xc6/0x110 [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] kmsan_memcpy_origins+0x13d/0x190 [ 1004.204771] __msan_memcpy+0x6f/0x80 [ 1004.204771] pskb_expand_head+0x436/0x1d20 [ 1004.204771] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1004.204771] tcp_send_loss_probe+0x8fb/0xc00 [ 1004.204771] tcp_write_timer_handler+0x691/0xe80 [ 1004.204771] tcp_write_timer+0x139/0x250 [ 1004.204771] call_timer_fn+0x356/0x7c0 [ 1004.204771] __run_timers+0xe95/0x1300 [ 1004.204771] run_timer_softirq+0x55/0xa0 [ 1004.204771] __do_softirq+0x721/0xc7f [ 1004.204771] [ 1004.204771] Uninit was stored to memory at: [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] __msan_chain_origin+0x6d/0xb0 [ 1004.204771] __save_stack_trace+0x8be/0xc60 [ 1004.204771] save_stack_trace+0xc6/0x110 [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] kmsan_memcpy_origins+0x13d/0x190 [ 1004.204771] __msan_memcpy+0x6f/0x80 [ 1004.204771] pskb_expand_head+0x436/0x1d20 [ 1004.204771] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1004.204771] tcp_send_loss_probe+0x8fb/0xc00 [ 1004.204771] tcp_write_timer_handler+0x691/0xe80 [ 1004.204771] tcp_write_timer+0x139/0x250 [ 1004.204771] call_timer_fn+0x356/0x7c0 [ 1004.204771] __run_timers+0xe95/0x1300 [ 1004.204771] run_timer_softirq+0x55/0xa0 [ 1004.204771] __do_softirq+0x721/0xc7f [ 1004.204771] [ 1004.204771] Uninit was stored to memory at: [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] __msan_chain_origin+0x6d/0xb0 [ 1004.204771] __save_stack_trace+0x8be/0xc60 [ 1004.204771] save_stack_trace+0xc6/0x110 [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] kmsan_memcpy_origins+0x13d/0x190 [ 1004.204771] __msan_memcpy+0x6f/0x80 [ 1004.204771] pskb_expand_head+0x436/0x1d20 [ 1004.204771] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1004.204771] tcp_send_loss_probe+0x8fb/0xc00 [ 1004.204771] tcp_write_timer_handler+0x691/0xe80 [ 1004.204771] tcp_write_timer+0x139/0x250 [ 1004.204771] call_timer_fn+0x356/0x7c0 [ 1004.204771] __run_timers+0xe95/0x1300 [ 1004.204771] run_timer_softirq+0x55/0xa0 [ 1004.204771] __do_softirq+0x721/0xc7f [ 1004.204771] [ 1004.204771] Uninit was stored to memory at: [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] __msan_chain_origin+0x6d/0xb0 [ 1004.204771] __save_stack_trace+0x8be/0xc60 [ 1004.204771] save_stack_trace+0xc6/0x110 [ 1004.204771] kmsan_internal_chain_origin+0x136/0x240 [ 1004.204771] kmsan_memcpy_origins+0x13d/0x190 [ 1004.204771] __msan_memcpy+0x6f/0x80 [ 1004.204771] pskb_expand_head+0x436/0x1d20 [ 1004.204771] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1004.204771] tcp_send_loss_probe+0x8fb/0xc00 [ 1004.204771] tcp_write_timer_handler+0x691/0xe80 [ 1004.204771] tcp_write_timer+0x139/0x250 [ 1004.204771] call_timer_fn+0x356/0x7c0 [ 1004.204771] __run_timers+0xe95/0x1300 [ 1004.204771] run_timer_softirq+0x55/0xa0 [ 1004.204771] __do_softirq+0x721/0xc7f [ 1004.204771] [ 1004.204771] Local variable description: ----rflow@netif_rx_internal [ 1004.204771] Variable was created at: [ 1004.204771] netif_rx_internal+0xd2/0x9a0 [ 1004.204771] netif_rx+0x2f7/0x320 06:18:36 executing program 3: 06:18:36 executing program 2: 06:18:36 executing program 5: 06:18:36 executing program 0: 06:18:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:36 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)) r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:36 executing program 2: 06:18:36 executing program 5: 06:18:36 executing program 0: 06:18:36 executing program 3: 06:18:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:36 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)) r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:37 executing program 0: 06:18:37 executing program 2: 06:18:37 executing program 5: 06:18:37 executing program 3: 06:18:37 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:37 executing program 2: 06:18:37 executing program 0: 06:18:37 executing program 5: 06:18:37 executing program 3: 06:18:37 executing program 2: 06:18:37 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:37 executing program 5: 06:18:37 executing program 0: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f0000000200)=ANY=[], &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, &(0x7f000000a000)) r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="0480929fcde1279d0eebaab0f0a3fa351ffe11f094a215feeee989c52e25a413472ea8400c3846de8da6d13a2c62b04274a3c4e36c862d4176e5d5f81f3fa607d424"], 0x42) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r2, &(0x7f0000000140), 0x7fff) 06:18:38 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f0000000200)=ANY=[], &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, &(0x7f000000a000)) r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1}) r2 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r2) r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="0480929fcde1279d0eebaab0f0a3fa351ffe11f094a215feeee989c52e25a413472ea8400c3846de8da6d13a2c62b042"], 0x30) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000140), 0x7fff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 06:18:38 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:38 executing program 2: perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x400, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000000c0)=0x80, 0x4) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000952000/0x1000)=nil, 0x1000}, &(0x7f0000000080)=0x10) 06:18:38 executing program 5: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r1, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e) readv(r0, &(0x7f0000001980)=[{&(0x7f0000000400)=""/27, 0x1b}], 0x1) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 06:18:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:38 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:38 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="540100001100010027bd7000ffdbdf2500000000000000000000000000000000000004d40a00ff00c80012006d6f727573313238302d67656e65726963000000000000000000000000000000000000000000000000000000000000000003000000000000ca23785692ee2599cc3a17ac9cc302a16514e2158cba67ab7708f8e458626c18bb0c5e3c31d48af58aa32b635a7661d704e6a2545b00e379529a1bfb2c2d5a6581f6047043f8b5c60e1f0f2d5fe0cbd29c582330a36ef5a0314524da67f52275300f760c0cc30137628afccb23fc5c1c16fefb467c58bcd8c20000008c000f0000040002000000000800190000000000080004007d77000028001a0000000000000000000000000000000000fe8000000000000000000000000000aa0a0002090c000101000000000000ffff14000e007f000001000000000000000000000000fcf7a615f6264d50968b242e43af681915fe4f61176a128cbec59980f72bd7d634038c2d34c3c4f39176accb03e64865bc4d78beccdd2e0c457a88e4b41104f080d76abae67aebb13d94486e95f202000000ff25b3337cb0729879000000000000000000000000000000003441c3eca89a852d0e295cdf9a6a9886119c1ef8d13c51b6afc1ffe57afd149cf5198dfe2af0b5fd709e715eddb52a4b56260edd863866e6faf5ca930f96104977e42ea228711a88657fb43e0f7273947ad63be3d1bc78c1977bb1f92ea5e5cb79a2019e219290e993371ba5767787f31f31a1e08334b0c256aac2c2c6c9f80ead55d4a01fff10c2ee668fe9107691180e99b171a8765248047f59ade97135704dee07bfb189614b172acb765140a14e0b"], 0x1}, 0x1, 0x0, 0x0, 0x800}, 0x10) 06:18:38 executing program 0: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f0000000200)=ANY=[], &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, &(0x7f000000a000)) r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="0480929fcde1279d0eebaab0f0a3fa351ffe11f094a215feeee989c52e25a413472ea8400c3846de8da6d13a2c62b04274a3c4e36c862d4176e5d5f81f3fa607d424"], 0x42) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r2, &(0x7f0000000140), 0x7fff) 06:18:38 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:39 executing program 3: setitimer(0x1, &(0x7f0000000000)={{}, {0x0, 0x7530}}, 0x0) getitimer(0x1, &(0x7f0000000180)) 06:18:39 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000001680)='cgroup.subtree_control\x00', 0x2, 0x0) close(r0) socket$kcm(0x2, 0x3, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8914, &(0x7f0000000780)="6e7230010060a19ef9d2c673d9a1571cb9e1369bcd61ef7e49793ae18712eceb1daa769497800b7fbbd35b170c10751d39aeb660d863e49b8c4f3b3dad48902b5b2d6cfd0abd372c63bcf5d70df3fd4d2e8d443c88bc0e5637dd82fc3435bed4de5d693c9a781c863e05d8a6f8689a5be29216061f3ff53f8b6b396678e7ba155ef9152d7e43b1eccb2331eb8eb1ed5586dcf8b3b0b999361a44ff2c22c2abbef42dd24eabe6723346a6e46c0499a21442d8d00dcb57f013ff7595edd0ff076930de3675d34117a44eb0e4f832936da44e57e43a3e36bd48d2a85bf4fd4a804e83f2f3cf378a435af5e287d4e27337b4ada11b26219832ec6b2b38446b3b95fe3771e9f42ca30fb21e12f0a3d8bc2d85454af9fcc0232d8fd909448b01f46c593d31ea1c926465e35a4199079c3ca41128b17cb01fbf5b522be0fd02022ada37fecc14b6c8c8831883b85a1106f2f867020d529f17a350f20dd3bf51a98cfda70c2e3638a483fd3f87940bb478b07c4c110394c0093d17955089f2ca97bbe075124c9b1ff6500d536a95d96f03d48596e008bf0a028b539cec796cec9bf585eb80fe3e0d26") openat$cgroup_int(0xffffffffffffffff, &(0x7f00000018c0)='cpuset.cpu_exclusive\x00', 0x2, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x28, &(0x7f0000000240)}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000340)=@in={0x2, 0x4e24, @loopback}, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000016c0), 0x0, 0x20000000}, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000300)={"6e72300100", 0x1132}) unlink(&(0x7f0000000000)='./file0\x00') perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpu.stat\x00', 0x0, 0x0) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000100)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001800)={&(0x7f0000001700)=@un=@abs={0x0, 0x0, 0x4e22}, 0x80, &(0x7f0000000140), 0x0, &(0x7f0000001a40)}, 0x4000000) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001940)={&(0x7f0000001840)=@sco={0x1f, {0x6, 0x100, 0x0, 0x7, 0x0, 0xddc}}, 0x80, &(0x7f0000001900), 0x0, &(0x7f0000001fc0), 0x0, 0x20008000}, 0x20000000) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001600)='./cgroup.net/syz0\x00', 0x200002, 0x0) socketpair$packet(0x11, 0x0, 0x300, &(0x7f0000000400)) close(0xffffffffffffffff) close(r1) 06:18:39 executing program 3: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xffdbc2ca) link(&(0x7f0000000100)='./file0\x00', &(0x7f0000000300)='./file1/file0\x00') clone(0x210007fa, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) rmdir(&(0x7f0000000000)='./file1\x00') creat(&(0x7f00000000c0)='./file1/file0\x00', 0x0) 06:18:39 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:39 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) write$tun(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000000000000000450000580000000000009078ac141400ff4736c732d6f700df00000000000800000086dd080088be0000007c8aef33000100000000000000080022eb0000ca4f5cd03c7ff88a7dcb4106fe0000200000000200000000008100000000000000655800000000"], 0x1) dup2(r1, r2) dup3(r2, r0, 0x0) 06:18:39 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) r4 = getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) fcntl$setown(r2, 0x8, r4) fcntl$setsig(r2, 0xa, 0x12) dup2(r2, r3) tkill(r1, 0x16) open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0) 06:18:39 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000001680)='cgroup.subtree_control\x00', 0x2, 0x0) close(r0) socket$kcm(0x2, 0x3, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8914, &(0x7f0000000780)="6e7230010060a19ef9d2c673d9a1571cb9e1369bcd61ef7e49793ae18712eceb1daa769497800b7fbbd35b170c10751d39aeb660d863e49b8c4f3b3dad48902b5b2d6cfd0abd372c63bcf5d70df3fd4d2e8d443c88bc0e5637dd82fc3435bed4de5d693c9a781c863e05d8a6f8689a5be29216061f3ff53f8b6b396678e7ba155ef9152d7e43b1eccb2331eb8eb1ed5586dcf8b3b0b999361a44ff2c22c2abbef42dd24eabe6723346a6e46c0499a21442d8d00dcb57f013ff7595edd0ff076930de3675d34117a44eb0e4f832936da44e57e43a3e36bd48d2a85bf4fd4a804e83f2f3cf378a435af5e287d4e27337b4ada11b26219832ec6b2b38446b3b95fe3771e9f42ca30fb21e12f0a3d8bc2d85454af9fcc0232d8fd909448b01f46c593d31ea1c926465e35a4199079c3ca41128b17cb01fbf5b522be0fd02022ada37fecc14b6c8c8831883b85a1106f2f867020d529f17a350f20dd3bf51a98cfda70c2e3638a483fd3f87940bb478b07c4c110394c0093d17955089f2ca97bbe075124c9b1ff6500d536a95d96f03d48596e008bf0a028b539cec796cec9bf585eb80fe3e0d26") openat$cgroup_int(0xffffffffffffffff, &(0x7f00000018c0)='cpuset.cpu_exclusive\x00', 0x2, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x28, &(0x7f0000000240)}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000340)=@in={0x2, 0x4e24, @loopback}, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000016c0), 0x0, 0x20000000}, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000300)={"6e72300100", 0x1132}) unlink(&(0x7f0000000000)='./file0\x00') perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpu.stat\x00', 0x0, 0x0) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000100)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001800)={&(0x7f0000001700)=@un=@abs={0x0, 0x0, 0x4e22}, 0x80, &(0x7f0000000140), 0x0, &(0x7f0000001a40)}, 0x4000000) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001940)={&(0x7f0000001840)=@sco={0x1f, {0x6, 0x100, 0x0, 0x7, 0x0, 0xddc}}, 0x80, &(0x7f0000001900), 0x0, &(0x7f0000001fc0), 0x0, 0x20008000}, 0x20000000) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001600)='./cgroup.net/syz0\x00', 0x200002, 0x0) socketpair$packet(0x11, 0x0, 0x300, &(0x7f0000000400)) close(0xffffffffffffffff) close(r1) 06:18:39 executing program 1: ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f00000002c0)=0x61) read(0xffffffffffffffff, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) r0 = syz_open_pts(0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:18:40 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:40 executing program 2: r0 = socket(0x40000000002, 0x3, 0x2) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x10031, 0xffffffffffffffff, 0x0) sendto$inet(r0, &(0x7f0000001280)="cf", 0x1, 0x0, &(0x7f0000002c40)={0x2, 0x0, @dev}, 0x10) 06:18:40 executing program 1: ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f00000002c0)=0x61) read(0xffffffffffffffff, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) r0 = syz_open_pts(0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:18:40 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) pipe(&(0x7f0000000000)) unshare(0x40000000) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={'lo\x00', {0x2, 0x0, @rand_addr}}) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000080)={'lo\x00', {0x2, 0x0, @multicast1}}) 06:18:40 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f0000000080)={0x10}) [ 1009.579020] IPVS: ftp: loaded support on port[0] = 21 06:18:40 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg(r0, &(0x7f000000e480)=[{{&(0x7f00000002c0)=@in={0x2, 0x4e22, @multicast2}, 0x80, &(0x7f0000001840), 0x0, &(0x7f00000018c0)=[{0x10, 0x10c}], 0x10}}], 0x1, 0x0) 06:18:40 executing program 1: ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f00000002c0)=0x61) read(0xffffffffffffffff, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) r0 = syz_open_pts(0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:18:40 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) [ 1009.849740] IPVS: ftp: loaded support on port[0] = 21 06:18:42 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) r4 = getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) fcntl$setown(r2, 0x8, r4) fcntl$setsig(r2, 0xa, 0x12) dup2(r2, r3) tkill(r1, 0x16) open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0) 06:18:42 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0) 06:18:42 executing program 3: perf_event_open$cgroup(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x4000004010}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f007e574d000330809022cfde26555dc9ecfe1974406edad38364782d63b6612854b9e49dbdcaef718197e37e870a308b1e2c798fa788a46d3025ef933e51828ab675064e2adbe9126423b4a73d68fbe99c6db2f160d49cb6cce76c27289a4f9d097354aaa5860d2383df87526baa184d90bb7729366c17bc33d765e9bc2f882a13f30300000000000000971f795d12f529fa31d2c0a775242289bce062d10d24ded5406918a66b2c75c43fe1ff458ae5cd9fec63039ba5a7b66a60ede5ccdabc7ee77660ef23587f533ec328ccdff02226021384b0c235f114ed9ade92767aecc356acdeb610df4203009f240357f7350000000000000000252f48b95bfbbb3a865535298bdc36d71db635f41c57771db77aeaff883feb3dc3a924bd5f796e396ad3af37945058839e812270bc40901fa654e7cc3292a82fc80c374dc07142a1c2e9d3caefe910ebd3b948a3bfebef5fa8d82473c7fbf3ec", 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0xc020660b, &(0x7f00000001c0)=0x24499204) 06:18:42 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:42 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:42 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_subtree(r0, &(0x7f00000000c0)='cgroup.subtree_control\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000280)={[{0x2b, 'pids'}]}, 0x6) write$cgroup_subtree(r1, &(0x7f0000000100)={[{0x2d, 'pids'}]}, 0x6) 06:18:43 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x0, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:43 executing program 3: perf_event_open$cgroup(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x4000004010}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f007e574d000330809022cfde26555dc9ecfe1974406edad38364782d63b6612854b9e49dbdcaef718197e37e870a308b1e2c798fa788a46d3025ef933e51828ab675064e2adbe9126423b4a73d68fbe99c6db2f160d49cb6cce76c27289a4f9d097354aaa5860d2383df87526baa184d90bb7729366c17bc33d765e9bc2f882a13f30300000000000000971f795d12f529fa31d2c0a775242289bce062d10d24ded5406918a66b2c75c43fe1ff458ae5cd9fec63039ba5a7b66a60ede5ccdabc7ee77660ef23587f533ec328ccdff02226021384b0c235f114ed9ade92767aecc356acdeb610df4203009f240357f7350000000000000000252f48b95bfbbb3a865535298bdc36d71db635f41c57771db77aeaff883feb3dc3a924bd5f796e396ad3af37945058839e812270bc40901fa654e7cc3292a82fc80c374dc07142a1c2e9d3caefe910ebd3b948a3bfebef5fa8d82473c7fbf3ec", 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc020660b, &(0x7f00000001c0)) 06:18:43 executing program 2: r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000340)='threaded\x00', 0xffffffc5) removexattr(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)=@random={'security.', '[eth0vmnet1eth1\x00'}) 06:18:43 executing program 5: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x400000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0xfffffffffffffffe, 0x11, r1, 0x0) openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f00000001c0), 0xfffffef3) read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3) 06:18:43 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) r4 = getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) fcntl$setown(r2, 0x8, r4) fcntl$setsig(r2, 0xa, 0x12) dup2(r2, r3) tkill(r1, 0x16) open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0) 06:18:43 executing program 3: r0 = inotify_init() poll(&(0x7f0000000300)=[{r0}], 0x1, 0x0) 06:18:43 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:44 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000080)={0x0, {0x0, 0x0, 0x4}}) 06:18:44 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x0, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) 06:18:44 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) r4 = getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) fcntl$setown(r2, 0x8, r4) fcntl$setsig(r2, 0xa, 0x12) dup2(r2, r3) tkill(r1, 0x16) open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0) 06:18:44 executing program 5: r0 = socket$inet(0x2, 0x3, 0x1) getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f00000000c0)=""/76, &(0x7f0000000040)=0x4c) 06:18:44 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f0000001700)={0x10, 0x0, {}, {0x0, 0x0, 0x0, {}, {}, @ramp}}) 06:18:45 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r1, &(0x7f00000002c0)='D', 0x1, 0x0, &(0x7f0000000240)={0x2, 0x0, @dev}, 0x10) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) 06:18:45 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:45 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001300ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:45 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") getsockname(r0, &(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, &(0x7f0000000100)=0x80) vmsplice(r1, &(0x7f00000004c0)=[{&(0x7f0000000000)="a3", 0x1}], 0x1, 0x0) [ 1014.343407] netlink: 'syz-executor3': attribute type 29 has an invalid length. 06:18:45 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) r4 = getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) fcntl$setown(r2, 0x8, r4) fcntl$setsig(r2, 0xa, 0x12) dup2(r2, r3) tkill(r1, 0x16) 06:18:45 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:45 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:45 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000000080)=ANY=[@ANYBLOB="b700000000000100bfa30000000000000703000028feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000015d400300000000006506000001ed000071184300000000006c640000000000006a0a00fe00000000850000002e000000b7000000000000009500000000000000"], &(0x7f00000001c0)="00f1290d2abb7a4c8e379eaab379b9fa21ad21b4d494a086cf1223b4d36e2485066bb2f9d522fe8620087fe88acf899bba525df57b4a8415f929f3c8d560e6e69e4902ce1f49a877c323baf5e9ea3ec7ab322ca08474ce045466c5fe60279be24d4825930238cb0fdb16e26c80e6cdce570153532d6f6058f6a4c17cbec4f0ac317a70c989ef2ea491b4f328"}, 0x48) 06:18:46 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:46 executing program 4: 06:18:46 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:46 executing program 4: 06:18:46 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:47 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(0xffffffffffffffff, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:47 executing program 3: 06:18:47 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) r4 = getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) fcntl$setown(r2, 0x8, r4) fcntl$setsig(r2, 0xa, 0x12) dup2(r2, r3) 06:18:47 executing program 4: 06:18:47 executing program 2: socket$inet6(0xa, 0x803, 0x4) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:47 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:47 executing program 4: 06:18:47 executing program 3: 06:18:47 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(0xffffffffffffffff, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:47 executing program 2: socket$inet6(0xa, 0x803, 0x4) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:47 executing program 4: 06:18:48 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:48 executing program 3: 06:18:48 executing program 4: 06:18:48 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) r4 = getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) fcntl$setown(r2, 0x8, r4) fcntl$setsig(r2, 0xa, 0x12) dup2(r2, r3) 06:18:48 executing program 2: socket$inet6(0xa, 0x803, 0x4) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:48 executing program 3: 06:18:48 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(0xffffffffffffffff, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:48 executing program 4: 06:18:48 executing program 3: 06:18:49 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:49 executing program 5: socket$inet6(0xa, 0x803, 0x3) r0 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:49 executing program 4: 06:18:49 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:49 executing program 3: 06:18:49 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) r3 = getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) fcntl$setown(r2, 0x8, r3) fcntl$setsig(r2, 0xa, 0x12) 06:18:49 executing program 4: 06:18:49 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:49 executing program 5: socket$inet6(0xa, 0x803, 0x3) r0 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:49 executing program 3: 06:18:49 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:50 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:50 executing program 4: 06:18:50 executing program 3: 06:18:50 executing program 5: socket$inet6(0xa, 0x803, 0x3) r0 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:50 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:50 executing program 4: 06:18:50 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) r3 = getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) fcntl$setown(r2, 0x8, r3) 06:18:50 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:50 executing program 3: 06:18:50 executing program 4: 06:18:50 executing program 5: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r0 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:51 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:51 executing program 3: 06:18:51 executing program 4: 06:18:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:51 executing program 5: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r0 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:51 executing program 4: 06:18:51 executing program 3: 06:18:51 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) r3 = getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) fcntl$setown(r2, 0x8, r3) 06:18:51 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:51 executing program 4: 06:18:52 executing program 3: 06:18:52 executing program 5: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r0 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:52 executing program 4: [ 1021.212403] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! 06:18:52 executing program 3: 06:18:52 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:52 executing program 4: 06:18:52 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:52 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000469ffc), 0x4) syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @broadcast, [], {@ipv4={0x800, {{0x8, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @local, {[@timestamp={0x44, 0xc, 0x5, 0x21, 0x0, [{}, {}]}]}}, @igmp={0x0, 0x0, 0x0, @multicast1}}}}}, &(0x7f0000000040)) 06:18:53 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) getpid() execve(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000940), &(0x7f0000000200)) 06:18:53 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000680)={&(0x7f0000000000), 0xc, &(0x7f0000000640)={&(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000000280012000c000100697036677265000018000200140003000f000000000000000000000000000001"], 0x1}}, 0x0) 06:18:53 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:53 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth0_to_bridge\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000000c0)={r1, 0x1, 0x6, @broadcast}, 0x10) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000040)={r1, 0x1, 0x6, @remote}, 0x10) 06:18:53 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:53 executing program 4: mmap(&(0x7f0000000000/0xa73000)=nil, 0xa73000, 0x2, 0x32, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) r1 = gettid() rt_sigprocmask(0x0, &(0x7f00000000c0)={0xfffffffffffffffe}, 0x0, 0x8) rt_tgsigqueueinfo(r0, r1, 0x33, &(0x7f0000000040)={0x0, 0x0, 0x1fffc}) rt_sigtimedwait(&(0x7f0000a70000)={0x7fffffffffffff66}, &(0x7f0000a72ff0), &(0x7f0000000100)={0x77359400}, 0x8) [ 1022.637340] device veth0_to_bridge entered promiscuous mode [ 1022.722350] device veth0_to_bridge left promiscuous mode 06:18:53 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:54 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) 06:18:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:18:54 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:54 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) getpid() 06:18:54 executing program 2: socket$inet6(0xa, 0x803, 0x4) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) [ 1023.763250] not chained 420000 origins [ 1023.767183] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc3+ #89 [ 1023.772005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1023.777748] Call Trace: [ 1023.777748] dump_stack+0x32d/0x480 [ 1023.777748] kmsan_internal_chain_origin+0x222/0x240 [ 1023.777748] ? _raw_spin_lock_irqsave+0x320/0x490 [ 1023.777748] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1023.777748] ? depot_save_stack+0x398/0x4b0 [ 1023.777748] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1023.777748] ? kmsan_internal_chain_origin+0x90/0x240 [ 1023.777748] ? kmsan_internal_chain_origin+0x136/0x240 [ 1023.777748] ? __msan_chain_origin+0x6d/0xb0 [ 1023.777748] ? save_stack_trace+0xfa/0x110 [ 1023.777748] ? kmsan_internal_chain_origin+0x136/0x240 [ 1023.777748] ? kmsan_memcpy_origins+0x13d/0x190 [ 1023.777748] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1023.777748] ? in_task_stack+0x12c/0x210 [ 1023.777748] __msan_chain_origin+0x6d/0xb0 [ 1023.777748] ? process_backlog+0x82b/0x11e0 [ 1023.777748] __save_stack_trace+0x8be/0xc60 [ 1023.777748] ? process_backlog+0x82b/0x11e0 [ 1023.777748] save_stack_trace+0xc6/0x110 [ 1023.777748] kmsan_internal_chain_origin+0x136/0x240 [ 1023.777748] ? run_ksoftirqd+0x37/0x60 [ 1023.777748] ? kmsan_internal_chain_origin+0x136/0x240 [ 1023.886001] ? kmsan_memcpy_origins+0x13d/0x190 [ 1023.893370] ? __msan_memcpy+0x6f/0x80 [ 1023.893370] ? pskb_expand_head+0x436/0x1d20 [ 1023.893370] ? skb_shift+0xce2/0x2d10 [ 1023.893370] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1023.893370] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1023.893370] ? tcp_ack+0x2888/0xa010 [ 1023.918234] ? tcp_rcv_established+0xf7e/0x2940 [ 1023.918234] ? tcp_v4_do_rcv+0x686/0xd80 [ 1023.918234] ? tcp_v4_rcv+0x5a13/0x6520 [ 1023.918234] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1023.918234] ? ip_local_deliver+0x44b/0x510 [ 1023.918234] ? ip_rcv+0x6b6/0x740 [ 1023.918234] ? process_backlog+0x82b/0x11e0 [ 1023.918234] ? net_rx_action+0x98f/0x1d50 [ 1023.918234] ? __do_softirq+0x721/0xc7f [ 1023.918234] ? run_ksoftirqd+0x37/0x60 [ 1023.918234] ? smpboot_thread_fn+0x69c/0xb30 [ 1023.918234] ? kthread+0x5e7/0x620 [ 1023.918234] ? ret_from_fork+0x35/0x40 [ 1023.918234] ? memcg_kmem_put_cache+0x73/0x460 [ 1023.918234] ? __kmalloc_node_track_caller+0x1010/0x14e0 [ 1023.918234] ? __msan_get_context_state+0x9/0x20 [ 1023.918234] ? INIT_INT+0xc/0x30 [ 1023.918234] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1023.918234] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1023.918234] kmsan_memcpy_origins+0x13d/0x190 [ 1023.918234] __msan_memcpy+0x6f/0x80 06:18:54 executing program 2: socket$inet6(0xa, 0x803, 0x4) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:54 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) [ 1023.918234] pskb_expand_head+0x436/0x1d20 [ 1023.918234] skb_shift+0xce2/0x2d10 [ 1023.918234] tcp_sacktag_walk+0x2156/0x29d0 [ 1023.918234] tcp_sacktag_write_queue+0x2805/0x4630 [ 1023.918234] tcp_ack+0x2888/0xa010 [ 1023.918234] ? tcp_parse_options+0xbe/0x1cf0 [ 1023.918234] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1024.041972] ? tcp_parse_options+0x1c55/0x1cf0 [ 1024.041972] tcp_rcv_established+0xf7e/0x2940 [ 1024.041972] ? __msan_get_context_state+0x9/0x20 [ 1024.051961] tcp_v4_do_rcv+0x686/0xd80 [ 1024.051961] tcp_v4_rcv+0x5a13/0x6520 [ 1024.051961] ? tcp_filter+0x260/0x260 [ 1024.051961] ip_local_deliver_finish+0x8d8/0xff0 [ 1024.051961] ? nf_hook_slow+0x36f/0x3d0 [ 1024.051961] ip_local_deliver+0x44b/0x510 [ 1024.078808] ? ip_local_deliver+0x510/0x510 [ 1024.084808] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1024.084808] ip_rcv+0x6b6/0x740 [ 1024.084808] ? ip_rcv_core+0x1370/0x1370 [ 1024.084808] process_backlog+0x82b/0x11e0 [ 1024.084808] ? ip_local_deliver_finish+0xff0/0xff0 [ 1024.084808] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1024.084808] net_rx_action+0x98f/0x1d50 [ 1024.112185] ? net_tx_action+0xf20/0xf20 [ 1024.112185] __do_softirq+0x721/0xc7f [ 1024.112185] ? ksoftirqd_should_run+0x50/0x50 [ 1024.112185] run_ksoftirqd+0x37/0x60 [ 1024.112185] smpboot_thread_fn+0x69c/0xb30 [ 1024.112185] kthread+0x5e7/0x620 [ 1024.112185] ? cpu_report_death+0x4a0/0x4a0 [ 1024.112185] ? INIT_BOOL+0x30/0x30 [ 1024.112185] ret_from_fork+0x35/0x40 [ 1024.112185] Uninit was stored to memory at: [ 1024.112185] kmsan_internal_chain_origin+0x136/0x240 [ 1024.112185] __msan_chain_origin+0x6d/0xb0 06:18:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1024.112185] __save_stack_trace+0x8be/0xc60 [ 1024.112185] save_stack_trace+0xc6/0x110 [ 1024.112185] kmsan_internal_chain_origin+0x136/0x240 [ 1024.112185] kmsan_memcpy_origins+0x13d/0x190 [ 1024.112185] __msan_memcpy+0x6f/0x80 [ 1024.182197] pskb_expand_head+0x436/0x1d20 [ 1024.182197] skb_shift+0xce2/0x2d10 [ 1024.182197] tcp_sacktag_walk+0x2156/0x29d0 [ 1024.182197] tcp_sacktag_write_queue+0x2805/0x4630 [ 1024.182197] tcp_ack+0x2888/0xa010 [ 1024.182197] tcp_rcv_established+0xf7e/0x2940 [ 1024.211045] tcp_v4_do_rcv+0x686/0xd80 [ 1024.211045] tcp_v4_rcv+0x5a13/0x6520 [ 1024.218407] ip_local_deliver_finish+0x8d8/0xff0 [ 1024.218407] ip_local_deliver+0x44b/0x510 [ 1024.218407] ip_rcv+0x6b6/0x740 [ 1024.218407] process_backlog+0x82b/0x11e0 [ 1024.218407] net_rx_action+0x98f/0x1d50 [ 1024.218407] __do_softirq+0x721/0xc7f [ 1024.218407] [ 1024.218407] Uninit was stored to memory at: [ 1024.218407] kmsan_internal_chain_origin+0x136/0x240 [ 1024.251939] __msan_chain_origin+0x6d/0xb0 [ 1024.251939] __save_stack_trace+0x8be/0xc60 [ 1024.251939] save_stack_trace+0xc6/0x110 [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] kmsan_memcpy_origins+0x13d/0x190 [ 1024.263243] __msan_memcpy+0x6f/0x80 [ 1024.263243] pskb_expand_head+0x436/0x1d20 [ 1024.263243] skb_shift+0xce2/0x2d10 [ 1024.263243] tcp_sacktag_walk+0x2156/0x29d0 [ 1024.263243] tcp_sacktag_write_queue+0x2805/0x4630 [ 1024.263243] tcp_ack+0x2888/0xa010 [ 1024.263243] tcp_rcv_established+0xf7e/0x2940 [ 1024.263243] tcp_v4_do_rcv+0x686/0xd80 [ 1024.263243] tcp_v4_rcv+0x5a13/0x6520 [ 1024.263243] ip_local_deliver_finish+0x8d8/0xff0 [ 1024.263243] ip_local_deliver+0x44b/0x510 [ 1024.263243] ip_rcv+0x6b6/0x740 [ 1024.263243] process_backlog+0x82b/0x11e0 [ 1024.263243] net_rx_action+0x98f/0x1d50 [ 1024.263243] __do_softirq+0x721/0xc7f [ 1024.263243] [ 1024.263243] Uninit was stored to memory at: [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] __msan_chain_origin+0x6d/0xb0 [ 1024.263243] __save_stack_trace+0x8be/0xc60 [ 1024.263243] save_stack_trace+0xc6/0x110 [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] kmsan_memcpy_origins+0x13d/0x190 [ 1024.263243] __msan_memcpy+0x6f/0x80 [ 1024.263243] pskb_expand_head+0x436/0x1d20 [ 1024.263243] skb_shift+0xce2/0x2d10 [ 1024.263243] tcp_sacktag_walk+0x2156/0x29d0 [ 1024.263243] tcp_sacktag_write_queue+0x2805/0x4630 [ 1024.263243] tcp_ack+0x2888/0xa010 [ 1024.263243] tcp_rcv_established+0xf7e/0x2940 [ 1024.263243] tcp_v4_do_rcv+0x686/0xd80 [ 1024.263243] tcp_v4_rcv+0x5a13/0x6520 [ 1024.263243] ip_local_deliver_finish+0x8d8/0xff0 [ 1024.263243] ip_local_deliver+0x44b/0x510 [ 1024.263243] ip_rcv+0x6b6/0x740 [ 1024.263243] process_backlog+0x82b/0x11e0 [ 1024.263243] net_rx_action+0x98f/0x1d50 [ 1024.263243] __do_softirq+0x721/0xc7f [ 1024.263243] [ 1024.263243] Uninit was stored to memory at: [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] __msan_chain_origin+0x6d/0xb0 [ 1024.263243] __save_stack_trace+0x8be/0xc60 [ 1024.263243] save_stack_trace+0xc6/0x110 [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] kmsan_memcpy_origins+0x13d/0x190 [ 1024.263243] __msan_memcpy+0x6f/0x80 [ 1024.263243] pskb_expand_head+0x436/0x1d20 [ 1024.263243] skb_shift+0xce2/0x2d10 [ 1024.263243] tcp_sacktag_walk+0x2156/0x29d0 [ 1024.263243] tcp_sacktag_write_queue+0x2805/0x4630 [ 1024.263243] tcp_ack+0x2888/0xa010 [ 1024.263243] tcp_rcv_established+0xf7e/0x2940 [ 1024.263243] tcp_v4_do_rcv+0x686/0xd80 [ 1024.263243] tcp_v4_rcv+0x5a13/0x6520 [ 1024.263243] ip_local_deliver_finish+0x8d8/0xff0 [ 1024.263243] ip_local_deliver+0x44b/0x510 [ 1024.263243] ip_rcv+0x6b6/0x740 [ 1024.263243] process_backlog+0x82b/0x11e0 [ 1024.263243] net_rx_action+0x98f/0x1d50 [ 1024.263243] __do_softirq+0x721/0xc7f [ 1024.263243] [ 1024.263243] Uninit was stored to memory at: [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] __msan_chain_origin+0x6d/0xb0 [ 1024.263243] __save_stack_trace+0x8be/0xc60 [ 1024.263243] save_stack_trace+0xc6/0x110 [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] kmsan_memcpy_origins+0x13d/0x190 [ 1024.263243] __msan_memcpy+0x6f/0x80 [ 1024.263243] pskb_expand_head+0x436/0x1d20 [ 1024.263243] skb_shift+0xce2/0x2d10 [ 1024.263243] tcp_sacktag_walk+0x2156/0x29d0 [ 1024.263243] tcp_sacktag_write_queue+0x2805/0x4630 [ 1024.263243] tcp_ack+0x2888/0xa010 [ 1024.263243] tcp_rcv_established+0xf7e/0x2940 [ 1024.263243] tcp_v4_do_rcv+0x686/0xd80 [ 1024.263243] tcp_v4_rcv+0x5a13/0x6520 [ 1024.263243] ip_local_deliver_finish+0x8d8/0xff0 [ 1024.263243] ip_local_deliver+0x44b/0x510 [ 1024.263243] ip_rcv+0x6b6/0x740 [ 1024.263243] process_backlog+0x82b/0x11e0 [ 1024.263243] net_rx_action+0x98f/0x1d50 [ 1024.263243] __do_softirq+0x721/0xc7f [ 1024.263243] [ 1024.263243] Uninit was stored to memory at: [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] __msan_chain_origin+0x6d/0xb0 [ 1024.263243] __save_stack_trace+0x8be/0xc60 [ 1024.263243] save_stack_trace+0xc6/0x110 [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] kmsan_memcpy_origins+0x13d/0x190 [ 1024.263243] __msan_memcpy+0x6f/0x80 [ 1024.263243] pskb_expand_head+0x436/0x1d20 [ 1024.263243] skb_shift+0xce2/0x2d10 [ 1024.263243] tcp_sacktag_walk+0x2156/0x29d0 [ 1024.263243] tcp_sacktag_write_queue+0x2805/0x4630 [ 1024.263243] tcp_ack+0x2888/0xa010 [ 1024.263243] tcp_rcv_established+0xf7e/0x2940 [ 1024.263243] tcp_v4_do_rcv+0x686/0xd80 [ 1024.263243] tcp_v4_rcv+0x5a13/0x6520 [ 1024.263243] ip_local_deliver_finish+0x8d8/0xff0 [ 1024.263243] ip_local_deliver+0x44b/0x510 [ 1024.263243] ip_rcv+0x6b6/0x740 [ 1024.263243] process_backlog+0x82b/0x11e0 [ 1024.263243] net_rx_action+0x98f/0x1d50 [ 1024.263243] __do_softirq+0x721/0xc7f [ 1024.263243] [ 1024.263243] Uninit was stored to memory at: [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] __msan_chain_origin+0x6d/0xb0 [ 1024.263243] __save_stack_trace+0x8be/0xc60 [ 1024.263243] save_stack_trace+0xc6/0x110 [ 1024.263243] kmsan_internal_chain_origin+0x136/0x240 [ 1024.263243] kmsan_memcpy_origins+0x13d/0x190 [ 1024.263243] __msan_memcpy+0x6f/0x80 [ 1024.263243] pskb_expand_head+0x436/0x1d20 [ 1024.263243] skb_shift+0xce2/0x2d10 [ 1024.263243] tcp_sacktag_walk+0x2156/0x29d0 [ 1024.263243] tcp_sacktag_write_queue+0x2805/0x4630 [ 1024.263243] tcp_ack+0x2888/0xa010 [ 1024.263243] tcp_rcv_established+0xf7e/0x2940 [ 1024.263243] tcp_v4_do_rcv+0x686/0xd80 [ 1024.263243] tcp_v4_rcv+0x5a13/0x6520 [ 1024.263243] ip_local_deliver_finish+0x8d8/0xff0 [ 1024.263243] ip_local_deliver+0x44b/0x510 [ 1024.263243] ip_rcv+0x6b6/0x740 [ 1024.263243] process_backlog+0x82b/0x11e0 [ 1024.263243] net_rx_action+0x98f/0x1d50 [ 1024.263243] __do_softirq+0x721/0xc7f [ 1024.263243] [ 1024.263243] Local variable description: ----state.i.i@ip6_finish_output2 [ 1024.263243] Variable was created at: [ 1024.263243] ip6_finish_output2+0x87/0x22d0 [ 1024.263243] ip6_finish_output+0xc13/0xca0 06:18:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(r1, r0, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:18:56 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) 06:18:56 executing program 2: socket$inet6(0xa, 0x803, 0x4) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:56 executing program 5: socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r0 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:56 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) 06:18:56 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:18:56 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r2 = dup3(r1, r0, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) [ 1025.839798] not chained 430000 origins [ 1025.841806] CPU: 0 PID: 29951 Comm: syz-executor4 Not tainted 4.20.0-rc3+ #89 [ 1025.841806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1025.841806] Call Trace: [ 1025.841806] dump_stack+0x32d/0x480 [ 1025.841806] kmsan_internal_chain_origin+0x222/0x240 [ 1025.841806] ? save_stack_trace+0xc6/0x110 [ 1025.841806] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1025.841806] ? kmsan_internal_chain_origin+0x90/0x240 [ 1025.841806] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1025.841806] ? is_bpf_text_address+0x49e/0x4d0 [ 1025.841806] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1025.841806] ? in_task_stack+0x12c/0x210 [ 1025.841806] __msan_chain_origin+0x6d/0xb0 [ 1025.841806] __save_stack_trace+0x833/0xc60 [ 1025.841806] ? save_stack_trace+0xc6/0x110 [ 1025.841806] save_stack_trace+0xc6/0x110 [ 1025.841806] kmsan_internal_chain_origin+0x136/0x240 [ 1025.841806] ? __se_sys_sendto+0x107/0x130 [ 1025.841806] ? kmsan_internal_chain_origin+0x136/0x240 [ 1025.933456] ? kmsan_memcpy_origins+0x13d/0x190 [ 1025.942007] ? __msan_memcpy+0x6f/0x80 [ 1025.942007] ? pskb_expand_head+0x436/0x1d20 [ 1025.942007] ? tcp_fragment+0x378/0x21d0 [ 1025.942007] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1025.942007] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1025.942007] ? tcp_ack+0x2888/0xa010 [ 1025.942007] ? tcp_rcv_established+0xf7e/0x2940 [ 1025.942007] ? tcp_v4_do_rcv+0x686/0xd80 [ 1025.942007] ? __release_sock+0x32d/0x750 [ 1025.942007] ? release_sock+0x99/0x2a0 [ 1025.983074] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1025.983074] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 1025.983074] ? tcp_sendmsg+0xb2/0x100 [ 1025.983074] ? inet_sendmsg+0x4e9/0x800 [ 1025.983074] ? __sys_sendto+0x940/0xb80 [ 1025.983074] ? __se_sys_sendto+0x107/0x130 [ 1025.983074] ? __x64_sys_sendto+0x6e/0x90 [ 1025.983074] ? do_syscall_64+0xcf/0x110 [ 1025.983074] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1025.983074] ? memcg_kmem_put_cache+0x73/0x460 [ 1025.983074] ? __msan_get_context_state+0x9/0x20 [ 1025.983074] ? INIT_INT+0xc/0x30 [ 1025.983074] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1025.983074] kmsan_memcpy_origins+0x13d/0x190 [ 1025.983074] __msan_memcpy+0x6f/0x80 [ 1026.049725] pskb_expand_head+0x436/0x1d20 [ 1026.049725] tcp_fragment+0x378/0x21d0 [ 1026.049725] ? kmsan_set_origin+0x7f/0x100 [ 1026.049725] tcp_sacktag_walk+0xe88/0x29d0 [ 1026.049725] tcp_sacktag_write_queue+0x2805/0x4630 [ 1026.049725] tcp_ack+0x2888/0xa010 [ 1026.049725] ? tcp_parse_options+0xbe/0x1cf0 [ 1026.049725] ? tcp_validate_incoming+0x50b/0x29d0 [ 1026.049725] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1026.049725] ? tcp_parse_options+0x1c55/0x1cf0 [ 1026.049725] tcp_rcv_established+0xf7e/0x2940 [ 1026.049725] ? __msan_get_context_state+0x9/0x20 [ 1026.049725] tcp_v4_do_rcv+0x686/0xd80 [ 1026.049725] ? inet_sk_rx_dst_set+0x200/0x200 [ 1026.049725] __release_sock+0x32d/0x750 [ 1026.049725] release_sock+0x99/0x2a0 [ 1026.049725] sk_stream_wait_memory+0x9cc/0x1430 [ 1026.049725] ? wait_woken+0x5b0/0x5b0 [ 1026.049725] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1026.132051] ? kmsan_internal_unpoison_shadow+0x10/0xd0 [ 1026.132051] tcp_sendmsg+0xb2/0x100 [ 1026.142014] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1026.142014] inet_sendmsg+0x4e9/0x800 [ 1026.142014] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1026.142014] ? security_socket_sendmsg+0x1bd/0x200 [ 1026.142014] ? inet_getname+0x490/0x490 [ 1026.142014] __sys_sendto+0x940/0xb80 [ 1026.142014] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 1026.142014] ? prepare_exit_to_usermode+0x182/0x4c0 [ 1026.142014] __se_sys_sendto+0x107/0x130 [ 1026.142014] __x64_sys_sendto+0x6e/0x90 [ 1026.142014] do_syscall_64+0xcf/0x110 [ 1026.142014] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1026.142014] RIP: 0033:0x457569 [ 1026.142014] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1026.142014] RSP: 002b:00007fa8e1dc6c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1026.142014] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 1026.142014] RDX: fffffffffffffe6e RSI: 0000000020a88f88 RDI: 0000000000000003 [ 1026.142014] RBP: 000000000072bfa0 R08: 0000000020e68000 R09: 0000000000000010 [ 1026.142014] R10: 0000000020000000 R11: 0000000000000246 R12: 00007fa8e1dc76d4 [ 1026.142014] R13: 00000000004c406f R14: 00000000004d68f8 R15: 00000000ffffffff [ 1026.142014] Uninit was stored to memory at: [ 1026.142014] kmsan_internal_chain_origin+0x136/0x240 [ 1026.142014] __msan_chain_origin+0x6d/0xb0 [ 1026.142014] save_stack_trace+0xfa/0x110 [ 1026.142014] kmsan_internal_chain_origin+0x136/0x240 [ 1026.142014] kmsan_memcpy_origins+0x13d/0x190 [ 1026.142014] __msan_memcpy+0x6f/0x80 [ 1026.142014] pskb_expand_head+0x436/0x1d20 [ 1026.142014] tcp_fragment+0x378/0x21d0 [ 1026.142014] tcp_sacktag_walk+0xe88/0x29d0 [ 1026.142014] tcp_sacktag_write_queue+0x2805/0x4630 [ 1026.142014] tcp_ack+0x2888/0xa010 [ 1026.142014] tcp_rcv_established+0xf7e/0x2940 [ 1026.142014] tcp_v4_do_rcv+0x686/0xd80 [ 1026.142014] __release_sock+0x32d/0x750 [ 1026.142014] release_sock+0x99/0x2a0 [ 1026.142014] sk_stream_wait_memory+0x9cc/0x1430 [ 1026.338263] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1026.341571] tcp_sendmsg+0xb2/0x100 [ 1026.341571] inet_sendmsg+0x4e9/0x800 [ 1026.341571] __sys_sendto+0x940/0xb80 [ 1026.351255] __se_sys_sendto+0x107/0x130 [ 1026.351255] __x64_sys_sendto+0x6e/0x90 [ 1026.351255] do_syscall_64+0xcf/0x110 [ 1026.351255] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1026.351255] [ 1026.351255] Uninit was stored to memory at: [ 1026.351255] kmsan_internal_chain_origin+0x136/0x240 [ 1026.351255] __msan_chain_origin+0x6d/0xb0 [ 1026.351255] __save_stack_trace+0x833/0xc60 [ 1026.351255] save_stack_trace+0xc6/0x110 [ 1026.351255] kmsan_internal_chain_origin+0x136/0x240 [ 1026.351255] kmsan_memcpy_origins+0x13d/0x190 [ 1026.351255] __msan_memcpy+0x6f/0x80 [ 1026.351255] pskb_expand_head+0x436/0x1d20 [ 1026.351255] tcp_fragment+0x378/0x21d0 [ 1026.351255] tcp_sacktag_walk+0xe88/0x29d0 [ 1026.351255] tcp_sacktag_write_queue+0x2805/0x4630 [ 1026.351255] tcp_ack+0x2888/0xa010 [ 1026.351255] tcp_rcv_established+0xf7e/0x2940 [ 1026.351255] tcp_v4_do_rcv+0x686/0xd80 [ 1026.351255] __release_sock+0x32d/0x750 [ 1026.351255] release_sock+0x99/0x2a0 [ 1026.351255] sk_stream_wait_memory+0x9cc/0x1430 [ 1026.351255] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1026.351255] tcp_sendmsg+0xb2/0x100 [ 1026.351255] inet_sendmsg+0x4e9/0x800 [ 1026.351255] __sys_sendto+0x940/0xb80 [ 1026.351255] __se_sys_sendto+0x107/0x130 [ 1026.351255] __x64_sys_sendto+0x6e/0x90 [ 1026.351255] do_syscall_64+0xcf/0x110 [ 1026.351255] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1026.351255] [ 1026.351255] Uninit was stored to memory at: [ 1026.351255] kmsan_internal_chain_origin+0x136/0x240 [ 1026.351255] __msan_chain_origin+0x6d/0xb0 [ 1026.351255] save_stack_trace+0xfa/0x110 [ 1026.351255] kmsan_internal_chain_origin+0x136/0x240 [ 1026.351255] kmsan_memcpy_origins+0x13d/0x190 [ 1026.351255] __msan_memcpy+0x6f/0x80 [ 1026.351255] pskb_expand_head+0x436/0x1d20 [ 1026.351255] tcp_fragment+0x378/0x21d0 [ 1026.351255] tcp_sacktag_walk+0xe88/0x29d0 [ 1026.351255] tcp_sacktag_write_queue+0x2805/0x4630 [ 1026.351255] tcp_ack+0x2888/0xa010 [ 1026.351255] tcp_rcv_established+0xf7e/0x2940 [ 1026.351255] tcp_v4_do_rcv+0x686/0xd80 [ 1026.351255] __release_sock+0x32d/0x750 [ 1026.546157] release_sock+0x99/0x2a0 [ 1026.546157] sk_stream_wait_memory+0x9cc/0x1430 [ 1026.546157] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1026.546157] tcp_sendmsg+0xb2/0x100 [ 1026.546157] inet_sendmsg+0x4e9/0x800 [ 1026.546157] __sys_sendto+0x940/0xb80 [ 1026.546157] __se_sys_sendto+0x107/0x130 [ 1026.546157] __x64_sys_sendto+0x6e/0x90 [ 1026.546157] do_syscall_64+0xcf/0x110 [ 1026.546157] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1026.546157] [ 1026.546157] Uninit was stored to memory at: [ 1026.546157] kmsan_internal_chain_origin+0x136/0x240 [ 1026.601916] __msan_chain_origin+0x6d/0xb0 [ 1026.601916] __save_stack_trace+0x833/0xc60 [ 1026.601916] save_stack_trace+0xc6/0x110 [ 1026.601916] kmsan_internal_chain_origin+0x136/0x240 [ 1026.601916] kmsan_memcpy_origins+0x13d/0x190 [ 1026.601916] __msan_memcpy+0x6f/0x80 [ 1026.601916] pskb_expand_head+0x436/0x1d20 [ 1026.601916] tcp_fragment+0x378/0x21d0 [ 1026.601916] tcp_sacktag_walk+0xe88/0x29d0 06:18:57 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:57 executing program 5: socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r0 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) [ 1026.601916] tcp_sacktag_write_queue+0x2805/0x4630 [ 1026.601916] tcp_ack+0x2888/0xa010 [ 1026.601916] tcp_rcv_established+0xf7e/0x2940 [ 1026.601916] tcp_v4_do_rcv+0x686/0xd80 [ 1026.601916] __release_sock+0x32d/0x750 [ 1026.601916] release_sock+0x99/0x2a0 [ 1026.601916] sk_stream_wait_memory+0x9cc/0x1430 [ 1026.601916] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1026.673352] tcp_sendmsg+0xb2/0x100 [ 1026.678383] inet_sendmsg+0x4e9/0x800 [ 1026.678383] __sys_sendto+0x940/0xb80 [ 1026.678383] __se_sys_sendto+0x107/0x130 [ 1026.678383] __x64_sys_sendto+0x6e/0x90 [ 1026.678383] do_syscall_64+0xcf/0x110 [ 1026.678383] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1026.699607] [ 1026.699607] Uninit was stored to memory at: [ 1026.699607] kmsan_internal_chain_origin+0x136/0x240 [ 1026.699607] __msan_chain_origin+0x6d/0xb0 [ 1026.699607] save_stack_trace+0xfa/0x110 [ 1026.699607] kmsan_internal_chain_origin+0x136/0x240 [ 1026.699607] kmsan_memcpy_origins+0x13d/0x190 [ 1026.699607] __msan_memcpy+0x6f/0x80 [ 1026.699607] pskb_expand_head+0x436/0x1d20 [ 1026.699607] tcp_fragment+0x378/0x21d0 [ 1026.699607] tcp_sacktag_walk+0xe88/0x29d0 [ 1026.699607] tcp_sacktag_write_queue+0x2805/0x4630 [ 1026.699607] tcp_ack+0x2888/0xa010 [ 1026.699607] tcp_rcv_established+0xf7e/0x2940 [ 1026.758239] tcp_v4_do_rcv+0x686/0xd80 [ 1026.758239] __release_sock+0x32d/0x750 [ 1026.767040] release_sock+0x99/0x2a0 [ 1026.767040] sk_stream_wait_memory+0x9cc/0x1430 [ 1026.767040] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1026.767040] tcp_sendmsg+0xb2/0x100 [ 1026.767040] inet_sendmsg+0x4e9/0x800 [ 1026.767040] __sys_sendto+0x940/0xb80 [ 1026.767040] __se_sys_sendto+0x107/0x130 [ 1026.767040] __x64_sys_sendto+0x6e/0x90 [ 1026.767040] do_syscall_64+0xcf/0x110 [ 1026.767040] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1026.767040] [ 1026.767040] Uninit was stored to memory at: [ 1026.767040] kmsan_internal_chain_origin+0x136/0x240 [ 1026.767040] __msan_chain_origin+0x6d/0xb0 [ 1026.767040] __save_stack_trace+0x833/0xc60 [ 1026.767040] save_stack_trace+0xc6/0x110 [ 1026.767040] kmsan_internal_chain_origin+0x136/0x240 [ 1026.767040] kmsan_memcpy_origins+0x13d/0x190 [ 1026.767040] __msan_memcpy+0x6f/0x80 [ 1026.767040] pskb_expand_head+0x436/0x1d20 [ 1026.767040] tcp_fragment+0x378/0x21d0 [ 1026.767040] tcp_sacktag_walk+0xe88/0x29d0 [ 1026.767040] tcp_sacktag_write_queue+0x2805/0x4630 [ 1026.767040] tcp_ack+0x2888/0xa010 [ 1026.767040] tcp_rcv_established+0xf7e/0x2940 [ 1026.871962] tcp_v4_do_rcv+0x686/0xd80 [ 1026.871962] __release_sock+0x32d/0x750 [ 1026.871962] release_sock+0x99/0x2a0 [ 1026.871962] sk_stream_wait_memory+0x9cc/0x1430 06:18:57 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) [ 1026.871962] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1026.871962] tcp_sendmsg+0xb2/0x100 [ 1026.871962] inet_sendmsg+0x4e9/0x800 [ 1026.871962] __sys_sendto+0x940/0xb80 [ 1026.905661] __se_sys_sendto+0x107/0x130 [ 1026.905661] __x64_sys_sendto+0x6e/0x90 [ 1026.905661] do_syscall_64+0xcf/0x110 [ 1026.905661] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1026.905661] [ 1026.905661] Uninit was stored to memory at: [ 1026.905661] kmsan_internal_chain_origin+0x136/0x240 [ 1026.905661] __msan_chain_origin+0x6d/0xb0 [ 1026.905661] save_stack_trace+0xfa/0x110 [ 1026.905661] kmsan_internal_chain_origin+0x136/0x240 [ 1026.905661] kmsan_memcpy_origins+0x13d/0x190 [ 1026.905661] __msan_memcpy+0x6f/0x80 [ 1026.905661] pskb_expand_head+0x436/0x1d20 [ 1026.905661] tcp_fragment+0x378/0x21d0 [ 1026.905661] tcp_sacktag_walk+0xe88/0x29d0 [ 1026.905661] tcp_sacktag_write_queue+0x2805/0x4630 [ 1026.905661] tcp_ack+0x2888/0xa010 [ 1026.905661] tcp_rcv_established+0xf7e/0x2940 [ 1026.905661] tcp_v4_do_rcv+0x686/0xd80 [ 1026.905661] __release_sock+0x32d/0x750 [ 1026.905661] release_sock+0x99/0x2a0 [ 1026.905661] sk_stream_wait_memory+0x9cc/0x1430 [ 1026.905661] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1026.905661] tcp_sendmsg+0xb2/0x100 [ 1026.905661] inet_sendmsg+0x4e9/0x800 [ 1026.905661] __sys_sendto+0x940/0xb80 [ 1026.905661] __se_sys_sendto+0x107/0x130 [ 1026.905661] __x64_sys_sendto+0x6e/0x90 [ 1026.905661] do_syscall_64+0xcf/0x110 [ 1026.905661] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1026.905661] [ 1026.905661] Local variable description: ----_tcph@tcp_packet [ 1026.905661] Variable was created at: [ 1026.905661] tcp_packet+0xe1/0x73c0 [ 1026.905661] nf_conntrack_in+0x9f0/0x1edd 06:18:58 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) 06:18:58 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:58 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) 06:18:58 executing program 5: socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r0 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:58 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:18:58 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:59 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:59 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x0, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:18:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:18:59 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) 06:18:59 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)) 06:18:59 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:18:59 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x0, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:18:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:18:59 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:00 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) [ 1028.963438] not chained 440000 origins [ 1028.967363] CPU: 0 PID: 30023 Comm: syz-executor4 Not tainted 4.20.0-rc3+ #89 [ 1028.972104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1028.972104] Call Trace: [ 1028.972104] dump_stack+0x32d/0x480 [ 1028.972104] kmsan_internal_chain_origin+0x222/0x240 [ 1028.972104] ? save_stack_trace+0xc6/0x110 [ 1028.972104] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1029.001895] ? kmsan_internal_chain_origin+0x90/0x240 [ 1029.001895] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1029.001895] ? is_bpf_text_address+0x49e/0x4d0 [ 1029.001895] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1029.001895] ? in_task_stack+0x12c/0x210 [ 1029.001895] __msan_chain_origin+0x6d/0xb0 [ 1029.001895] ? release_sock+0x99/0x2a0 [ 1029.001895] __save_stack_trace+0x8be/0xc60 [ 1029.001895] ? release_sock+0x99/0x2a0 [ 1029.001895] save_stack_trace+0xc6/0x110 [ 1029.001895] kmsan_internal_chain_origin+0x136/0x240 [ 1029.001895] ? __se_sys_sendto+0x107/0x130 [ 1029.001895] ? kmsan_internal_chain_origin+0x136/0x240 [ 1029.001895] ? kmsan_memcpy_origins+0x13d/0x190 [ 1029.001895] ? __msan_memcpy+0x6f/0x80 [ 1029.001895] ? pskb_expand_head+0x436/0x1d20 [ 1029.001895] ? tcp_fragment+0x378/0x21d0 [ 1029.001895] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1029.001895] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1029.001895] ? tcp_ack+0x2888/0xa010 [ 1029.001895] ? tcp_rcv_established+0xf7e/0x2940 [ 1029.001895] ? tcp_v4_do_rcv+0x686/0xd80 [ 1029.001895] ? __release_sock+0x32d/0x750 [ 1029.001895] ? release_sock+0x99/0x2a0 06:19:00 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x0, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) [ 1029.001895] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1029.001895] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 1029.001895] ? tcp_sendmsg+0xb2/0x100 [ 1029.001895] ? inet_sendmsg+0x4e9/0x800 [ 1029.001895] ? __sys_sendto+0x940/0xb80 [ 1029.001895] ? __se_sys_sendto+0x107/0x130 [ 1029.137237] ? __x64_sys_sendto+0x6e/0x90 [ 1029.137237] ? do_syscall_64+0xcf/0x110 [ 1029.137237] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1029.137237] ? memcg_kmem_put_cache+0x73/0x460 [ 1029.137237] ? __msan_get_context_state+0x9/0x20 [ 1029.137237] ? INIT_INT+0xc/0x30 [ 1029.137237] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1029.137237] kmsan_memcpy_origins+0x13d/0x190 [ 1029.137237] __msan_memcpy+0x6f/0x80 [ 1029.137237] pskb_expand_head+0x436/0x1d20 [ 1029.137237] tcp_fragment+0x378/0x21d0 [ 1029.137237] ? kmsan_set_origin+0x7f/0x100 [ 1029.137237] tcp_sacktag_walk+0xe88/0x29d0 [ 1029.137237] tcp_sacktag_write_queue+0x2805/0x4630 [ 1029.137237] ? __update_load_avg_cfs_rq+0x105/0x10b0 [ 1029.137237] tcp_ack+0x2888/0xa010 [ 1029.137237] ? tcp_parse_options+0xbe/0x1cf0 [ 1029.137237] ? tcp_validate_incoming+0x50b/0x29d0 [ 1029.137237] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1029.137237] ? tcp_parse_options+0x1c55/0x1cf0 [ 1029.137237] tcp_rcv_established+0xf7e/0x2940 [ 1029.137237] ? __msan_get_context_state+0x9/0x20 [ 1029.137237] tcp_v4_do_rcv+0x686/0xd80 [ 1029.137237] ? inet_sk_rx_dst_set+0x200/0x200 [ 1029.137237] __release_sock+0x32d/0x750 [ 1029.137237] release_sock+0x99/0x2a0 [ 1029.137237] sk_stream_wait_memory+0x9cc/0x1430 [ 1029.258092] ? wait_woken+0x5b0/0x5b0 [ 1029.258092] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1029.258092] ? kmsan_internal_unpoison_shadow+0x10/0xd0 [ 1029.258092] tcp_sendmsg+0xb2/0x100 [ 1029.258092] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1029.258092] inet_sendmsg+0x4e9/0x800 [ 1029.258092] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1029.258092] ? security_socket_sendmsg+0x1bd/0x200 [ 1029.258092] ? inet_getname+0x490/0x490 [ 1029.258092] __sys_sendto+0x940/0xb80 [ 1029.258092] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 1029.258092] ? prepare_exit_to_usermode+0x182/0x4c0 [ 1029.258092] __se_sys_sendto+0x107/0x130 [ 1029.258092] __x64_sys_sendto+0x6e/0x90 [ 1029.258092] do_syscall_64+0xcf/0x110 [ 1029.258092] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1029.258092] RIP: 0033:0x457569 [ 1029.334095] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1029.341131] RSP: 002b:00007fa8e1de7c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c 06:19:00 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) [ 1029.341131] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 1029.341131] RDX: fffffffffffffe6e RSI: 0000000020a88f88 RDI: 0000000000000003 [ 1029.341131] RBP: 000000000072bf00 R08: 0000000020e68000 R09: 0000000000000010 [ 1029.341131] R10: 0000000020000000 R11: 0000000000000246 R12: 00007fa8e1de86d4 [ 1029.341131] R13: 00000000004c406f R14: 00000000004d68f8 R15: 00000000ffffffff [ 1029.341131] Uninit was stored to memory at: [ 1029.401926] kmsan_internal_chain_origin+0x136/0x240 [ 1029.401926] __msan_chain_origin+0x6d/0xb0 [ 1029.409815] __save_stack_trace+0x8be/0xc60 [ 1029.409815] save_stack_trace+0xc6/0x110 [ 1029.409815] kmsan_internal_chain_origin+0x136/0x240 [ 1029.409815] kmsan_memcpy_origins+0x13d/0x190 [ 1029.409815] __msan_memcpy+0x6f/0x80 [ 1029.409815] pskb_expand_head+0x436/0x1d20 [ 1029.409815] tcp_fragment+0x378/0x21d0 [ 1029.409815] tcp_sacktag_walk+0xe88/0x29d0 [ 1029.409815] tcp_sacktag_write_queue+0x2805/0x4630 [ 1029.409815] tcp_ack+0x2888/0xa010 [ 1029.409815] tcp_rcv_established+0xf7e/0x2940 [ 1029.409815] tcp_v4_do_rcv+0x686/0xd80 [ 1029.409815] __release_sock+0x32d/0x750 [ 1029.465458] release_sock+0x99/0x2a0 [ 1029.465458] sk_stream_wait_memory+0x9cc/0x1430 [ 1029.471930] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1029.471930] tcp_sendmsg+0xb2/0x100 [ 1029.471930] inet_sendmsg+0x4e9/0x800 [ 1029.485918] __sys_sendto+0x940/0xb80 [ 1029.485918] __se_sys_sendto+0x107/0x130 [ 1029.485918] __x64_sys_sendto+0x6e/0x90 [ 1029.485918] do_syscall_64+0xcf/0x110 [ 1029.485918] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1029.485918] [ 1029.485918] Uninit was stored to memory at: [ 1029.485918] kmsan_internal_chain_origin+0x136/0x240 [ 1029.485918] __msan_chain_origin+0x6d/0xb0 [ 1029.485918] __save_stack_trace+0x8be/0xc60 [ 1029.485918] save_stack_trace+0xc6/0x110 [ 1029.485918] kmsan_internal_chain_origin+0x136/0x240 [ 1029.485918] kmsan_memcpy_origins+0x13d/0x190 [ 1029.485918] __msan_memcpy+0x6f/0x80 [ 1029.541946] pskb_expand_head+0x436/0x1d20 [ 1029.547507] tcp_fragment+0x378/0x21d0 [ 1029.547507] tcp_sacktag_walk+0xe88/0x29d0 [ 1029.547507] tcp_sacktag_write_queue+0x2805/0x4630 [ 1029.547507] tcp_ack+0x2888/0xa010 [ 1029.547507] tcp_rcv_established+0xf7e/0x2940 [ 1029.547507] tcp_v4_do_rcv+0x686/0xd80 [ 1029.547507] __release_sock+0x32d/0x750 [ 1029.547507] release_sock+0x99/0x2a0 [ 1029.547507] sk_stream_wait_memory+0x9cc/0x1430 [ 1029.547507] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1029.547507] tcp_sendmsg+0xb2/0x100 [ 1029.547507] inet_sendmsg+0x4e9/0x800 [ 1029.547507] __sys_sendto+0x940/0xb80 [ 1029.547507] __se_sys_sendto+0x107/0x130 [ 1029.547507] __x64_sys_sendto+0x6e/0x90 [ 1029.547507] do_syscall_64+0xcf/0x110 [ 1029.611958] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1029.611958] [ 1029.611958] Uninit was stored to memory at: [ 1029.611958] kmsan_internal_chain_origin+0x136/0x240 [ 1029.611958] __msan_chain_origin+0x6d/0xb0 [ 1029.611958] __save_stack_trace+0x8be/0xc60 [ 1029.639653] save_stack_trace+0xc6/0x110 [ 1029.641637] kmsan_internal_chain_origin+0x136/0x240 [ 1029.641637] kmsan_memcpy_origins+0x13d/0x190 [ 1029.641637] __msan_memcpy+0x6f/0x80 [ 1029.641637] pskb_expand_head+0x436/0x1d20 [ 1029.641637] tcp_fragment+0x378/0x21d0 [ 1029.641637] tcp_sacktag_walk+0xe88/0x29d0 [ 1029.641637] tcp_sacktag_write_queue+0x2805/0x4630 [ 1029.641637] tcp_ack+0x2888/0xa010 [ 1029.641637] tcp_rcv_established+0xf7e/0x2940 [ 1029.641637] tcp_v4_do_rcv+0x686/0xd80 [ 1029.641637] __release_sock+0x32d/0x750 [ 1029.641637] release_sock+0x99/0x2a0 [ 1029.691123] sk_stream_wait_memory+0x9cc/0x1430 [ 1029.691123] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1029.691123] tcp_sendmsg+0xb2/0x100 [ 1029.691123] inet_sendmsg+0x4e9/0x800 [ 1029.691123] __sys_sendto+0x940/0xb80 [ 1029.691123] __se_sys_sendto+0x107/0x130 [ 1029.691123] __x64_sys_sendto+0x6e/0x90 [ 1029.691123] do_syscall_64+0xcf/0x110 [ 1029.691123] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1029.691123] [ 1029.691123] Uninit was stored to memory at: [ 1029.738002] kmsan_internal_chain_origin+0x136/0x240 [ 1029.738002] __msan_chain_origin+0x6d/0xb0 [ 1029.738002] __save_stack_trace+0x8be/0xc60 [ 1029.738002] save_stack_trace+0xc6/0x110 [ 1029.738002] kmsan_internal_chain_origin+0x136/0x240 [ 1029.738002] kmsan_memcpy_origins+0x13d/0x190 [ 1029.738002] __msan_memcpy+0x6f/0x80 [ 1029.738002] pskb_expand_head+0x436/0x1d20 [ 1029.738002] tcp_fragment+0x378/0x21d0 [ 1029.738002] tcp_sacktag_walk+0xe88/0x29d0 [ 1029.738002] tcp_sacktag_write_queue+0x2805/0x4630 [ 1029.738002] tcp_ack+0x2888/0xa010 [ 1029.738002] tcp_rcv_established+0xf7e/0x2940 [ 1029.738002] tcp_v4_do_rcv+0x686/0xd80 [ 1029.738002] __release_sock+0x32d/0x750 [ 1029.738002] release_sock+0x99/0x2a0 [ 1029.738002] sk_stream_wait_memory+0x9cc/0x1430 [ 1029.738002] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1029.812124] tcp_sendmsg+0xb2/0x100 [ 1029.812124] inet_sendmsg+0x4e9/0x800 [ 1029.812124] __sys_sendto+0x940/0xb80 [ 1029.812124] __se_sys_sendto+0x107/0x130 [ 1029.812124] __x64_sys_sendto+0x6e/0x90 [ 1029.812124] do_syscall_64+0xcf/0x110 [ 1029.836261] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1029.836261] [ 1029.836261] Uninit was stored to memory at: [ 1029.836261] kmsan_internal_chain_origin+0x136/0x240 [ 1029.836261] __msan_chain_origin+0x6d/0xb0 [ 1029.836261] __save_stack_trace+0x8be/0xc60 [ 1029.862166] save_stack_trace+0xc6/0x110 [ 1029.862166] kmsan_internal_chain_origin+0x136/0x240 [ 1029.862166] kmsan_memcpy_origins+0x13d/0x190 [ 1029.862166] __msan_memcpy+0x6f/0x80 [ 1029.862166] pskb_expand_head+0x436/0x1d20 [ 1029.862166] tcp_fragment+0x378/0x21d0 [ 1029.862166] tcp_sacktag_walk+0xe88/0x29d0 [ 1029.862166] tcp_sacktag_write_queue+0x2805/0x4630 [ 1029.862166] tcp_ack+0x2888/0xa010 [ 1029.862166] tcp_rcv_established+0xf7e/0x2940 [ 1029.862166] tcp_v4_do_rcv+0x686/0xd80 [ 1029.862166] __release_sock+0x32d/0x750 [ 1029.862166] release_sock+0x99/0x2a0 [ 1029.862166] sk_stream_wait_memory+0x9cc/0x1430 [ 1029.862166] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1029.862166] tcp_sendmsg+0xb2/0x100 [ 1029.862166] inet_sendmsg+0x4e9/0x800 [ 1029.862166] __sys_sendto+0x940/0xb80 [ 1029.937561] __se_sys_sendto+0x107/0x130 [ 1029.937561] __x64_sys_sendto+0x6e/0x90 [ 1029.937561] do_syscall_64+0xcf/0x110 [ 1029.937561] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1029.937561] [ 1029.937561] Uninit was stored to memory at: [ 1029.937561] kmsan_internal_chain_origin+0x136/0x240 [ 1029.937561] __msan_chain_origin+0x6d/0xb0 [ 1029.937561] __save_stack_trace+0x8be/0xc60 [ 1029.937561] save_stack_trace+0xc6/0x110 [ 1029.937561] kmsan_internal_chain_origin+0x136/0x240 [ 1029.937561] kmsan_memcpy_origins+0x13d/0x190 [ 1029.937561] __msan_memcpy+0x6f/0x80 [ 1029.992490] pskb_expand_head+0x436/0x1d20 [ 1029.992490] tcp_fragment+0x378/0x21d0 [ 1029.992490] tcp_sacktag_walk+0xe88/0x29d0 [ 1029.992490] tcp_sacktag_write_queue+0x2805/0x4630 [ 1029.992490] tcp_ack+0x2888/0xa010 [ 1030.012157] tcp_rcv_established+0xf7e/0x2940 [ 1030.012157] tcp_v4_do_rcv+0x686/0xd80 [ 1030.012157] __release_sock+0x32d/0x750 [ 1030.012157] release_sock+0x99/0x2a0 [ 1030.012157] sk_stream_wait_memory+0x9cc/0x1430 [ 1030.012157] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1030.012157] tcp_sendmsg+0xb2/0x100 [ 1030.012157] inet_sendmsg+0x4e9/0x800 [ 1030.012157] __sys_sendto+0x940/0xb80 [ 1030.012157] __se_sys_sendto+0x107/0x130 [ 1030.012157] __x64_sys_sendto+0x6e/0x90 [ 1030.012157] do_syscall_64+0xcf/0x110 [ 1030.060467] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1030.060467] [ 1030.060467] Uninit was stored to memory at: [ 1030.060467] kmsan_internal_chain_origin+0x136/0x240 [ 1030.060467] __msan_chain_origin+0x6d/0xb0 [ 1030.060467] __save_stack_trace+0x8be/0xc60 [ 1030.060467] save_stack_trace+0xc6/0x110 [ 1030.060467] kmsan_internal_chain_origin+0x136/0x240 [ 1030.060467] kmsan_memcpy_origins+0x13d/0x190 [ 1030.060467] __msan_memcpy+0x6f/0x80 [ 1030.060467] pskb_expand_head+0x436/0x1d20 [ 1030.060467] tcp_fragment+0x378/0x21d0 [ 1030.060467] tcp_sacktag_walk+0xe88/0x29d0 [ 1030.060467] tcp_sacktag_write_queue+0x2805/0x4630 [ 1030.060467] tcp_ack+0x2888/0xa010 [ 1030.060467] tcp_rcv_established+0xf7e/0x2940 [ 1030.060467] tcp_v4_do_rcv+0x686/0xd80 [ 1030.060467] __release_sock+0x32d/0x750 [ 1030.139277] release_sock+0x99/0x2a0 [ 1030.139277] sk_stream_wait_memory+0x9cc/0x1430 [ 1030.139277] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1030.139277] tcp_sendmsg+0xb2/0x100 [ 1030.139277] inet_sendmsg+0x4e9/0x800 [ 1030.139277] __sys_sendto+0x940/0xb80 [ 1030.139277] __se_sys_sendto+0x107/0x130 06:19:01 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1030.139277] __x64_sys_sendto+0x6e/0x90 [ 1030.139277] do_syscall_64+0xcf/0x110 [ 1030.139277] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1030.139277] [ 1030.139277] Local variable description: ----_tcph@tcp_packet [ 1030.139277] Variable was created at: [ 1030.139277] tcp_packet+0xe1/0x73c0 [ 1030.139277] nf_conntrack_in+0x9f0/0x1edd 06:19:01 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) r1 = gettid() process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f0000000500)=""/167, 0x14f}], 0x1, &(0x7f0000000240)=[{&(0x7f00000005c0)=""/172, 0xac}], 0x23, 0x0) 06:19:01 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) [ 1030.236339] not chained 450000 origins [ 1030.240292] CPU: 0 PID: 30023 Comm: syz-executor4 Not tainted 4.20.0-rc3+ #89 [ 1030.241785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1030.241785] Call Trace: [ 1030.241785] dump_stack+0x32d/0x480 [ 1030.241785] kmsan_internal_chain_origin+0x222/0x240 [ 1030.241785] ? save_stack_trace+0xc6/0x110 [ 1030.241785] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1030.241785] ? kmsan_internal_chain_origin+0x90/0x240 [ 1030.282888] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1030.282888] ? is_bpf_text_address+0x49e/0x4d0 [ 1030.288677] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1030.288677] ? in_task_stack+0x12c/0x210 [ 1030.301979] __msan_chain_origin+0x6d/0xb0 [ 1030.301979] ? __sys_sendto+0x940/0xb80 [ 1030.301979] __save_stack_trace+0x8be/0xc60 [ 1030.301979] ? __sys_sendto+0x940/0xb80 [ 1030.301979] save_stack_trace+0xc6/0x110 [ 1030.301979] kmsan_internal_chain_origin+0x136/0x240 [ 1030.301979] ? __se_sys_sendto+0x107/0x130 [ 1030.301979] ? kmsan_internal_chain_origin+0x136/0x240 [ 1030.301979] ? kmsan_memcpy_origins+0x13d/0x190 [ 1030.301979] ? __msan_memcpy+0x6f/0x80 [ 1030.301979] ? pskb_expand_head+0x436/0x1d20 [ 1030.301979] ? tcp_fragment+0x378/0x21d0 [ 1030.301979] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1030.301979] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1030.301979] ? tcp_ack+0x2888/0xa010 [ 1030.301979] ? tcp_rcv_established+0xf7e/0x2940 [ 1030.301979] ? tcp_v4_do_rcv+0x686/0xd80 [ 1030.301979] ? __release_sock+0x32d/0x750 [ 1030.301979] ? release_sock+0x99/0x2a0 [ 1030.301979] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1030.301979] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 1030.301979] ? tcp_sendmsg+0xb2/0x100 [ 1030.301979] ? inet_sendmsg+0x4e9/0x800 [ 1030.301979] ? __sys_sendto+0x940/0xb80 [ 1030.406173] ? __se_sys_sendto+0x107/0x130 [ 1030.406173] ? __x64_sys_sendto+0x6e/0x90 [ 1030.406173] ? do_syscall_64+0xcf/0x110 [ 1030.406173] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1030.424121] ? memcg_kmem_put_cache+0x73/0x460 [ 1030.424121] ? __msan_get_context_state+0x9/0x20 [ 1030.424121] ? INIT_INT+0xc/0x30 [ 1030.424121] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1030.424121] kmsan_memcpy_origins+0x13d/0x190 [ 1030.424121] __msan_memcpy+0x6f/0x80 [ 1030.424121] pskb_expand_head+0x436/0x1d20 [ 1030.424121] tcp_fragment+0x378/0x21d0 [ 1030.424121] tcp_sacktag_walk+0xe88/0x29d0 [ 1030.424121] tcp_sacktag_write_queue+0x2805/0x4630 [ 1030.424121] ? __update_load_avg_cfs_rq+0x105/0x10b0 [ 1030.424121] tcp_ack+0x2888/0xa010 [ 1030.424121] ? tcp_parse_options+0xbe/0x1cf0 [ 1030.424121] ? tcp_validate_incoming+0x50b/0x29d0 [ 1030.424121] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1030.424121] ? tcp_parse_options+0x1c55/0x1cf0 [ 1030.424121] tcp_rcv_established+0xf7e/0x2940 [ 1030.424121] ? __msan_get_context_state+0x9/0x20 [ 1030.424121] tcp_v4_do_rcv+0x686/0xd80 [ 1030.424121] ? inet_sk_rx_dst_set+0x200/0x200 [ 1030.424121] __release_sock+0x32d/0x750 [ 1030.424121] release_sock+0x99/0x2a0 [ 1030.424121] sk_stream_wait_memory+0x9cc/0x1430 [ 1030.424121] ? wait_woken+0x5b0/0x5b0 [ 1030.424121] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1030.424121] ? kmsan_internal_unpoison_shadow+0x10/0xd0 [ 1030.424121] tcp_sendmsg+0xb2/0x100 [ 1030.542055] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1030.542055] inet_sendmsg+0x4e9/0x800 [ 1030.552036] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1030.552036] ? security_socket_sendmsg+0x1bd/0x200 [ 1030.552036] ? inet_getname+0x490/0x490 [ 1030.552036] __sys_sendto+0x940/0xb80 [ 1030.552036] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 1030.552036] ? prepare_exit_to_usermode+0x182/0x4c0 [ 1030.552036] __se_sys_sendto+0x107/0x130 [ 1030.552036] __x64_sys_sendto+0x6e/0x90 [ 1030.552036] do_syscall_64+0xcf/0x110 [ 1030.552036] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1030.552036] RIP: 0033:0x457569 [ 1030.552036] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1030.611928] RSP: 002b:00007fa8e1de7c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1030.624629] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 1030.624629] RDX: fffffffffffffe6e RSI: 0000000020a88f88 RDI: 0000000000000003 [ 1030.624629] RBP: 000000000072bf00 R08: 0000000020e68000 R09: 0000000000000010 [ 1030.624629] R10: 0000000020000000 R11: 0000000000000246 R12: 00007fa8e1de86d4 [ 1030.624629] R13: 00000000004c406f R14: 00000000004d68f8 R15: 00000000ffffffff [ 1030.624629] Uninit was stored to memory at: [ 1030.624629] kmsan_internal_chain_origin+0x136/0x240 [ 1030.624629] __msan_chain_origin+0x6d/0xb0 [ 1030.677301] __save_stack_trace+0x8be/0xc60 [ 1030.681969] save_stack_trace+0xc6/0x110 [ 1030.681969] kmsan_internal_chain_origin+0x136/0x240 [ 1030.681969] kmsan_memcpy_origins+0x13d/0x190 [ 1030.681969] __msan_memcpy+0x6f/0x80 [ 1030.700715] pskb_expand_head+0x436/0x1d20 [ 1030.700715] tcp_fragment+0x378/0x21d0 [ 1030.700715] tcp_sacktag_walk+0xe88/0x29d0 [ 1030.700715] tcp_sacktag_write_queue+0x2805/0x4630 [ 1030.700715] tcp_ack+0x2888/0xa010 [ 1030.722119] tcp_rcv_established+0xf7e/0x2940 [ 1030.722119] tcp_v4_do_rcv+0x686/0xd80 [ 1030.722119] __release_sock+0x32d/0x750 [ 1030.722119] release_sock+0x99/0x2a0 [ 1030.722119] sk_stream_wait_memory+0x9cc/0x1430 [ 1030.722119] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1030.722119] tcp_sendmsg+0xb2/0x100 [ 1030.751927] inet_sendmsg+0x4e9/0x800 [ 1030.751927] __sys_sendto+0x940/0xb80 [ 1030.751927] __se_sys_sendto+0x107/0x130 [ 1030.751927] __x64_sys_sendto+0x6e/0x90 [ 1030.751927] do_syscall_64+0xcf/0x110 [ 1030.751927] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1030.776500] [ 1030.776500] Uninit was stored to memory at: [ 1030.776500] kmsan_internal_chain_origin+0x136/0x240 [ 1030.776500] __msan_chain_origin+0x6d/0xb0 [ 1030.776500] __save_stack_trace+0x8be/0xc60 [ 1030.776500] save_stack_trace+0xc6/0x110 [ 1030.776500] kmsan_internal_chain_origin+0x136/0x240 [ 1030.776500] kmsan_memcpy_origins+0x13d/0x190 [ 1030.776500] __msan_memcpy+0x6f/0x80 [ 1030.776500] pskb_expand_head+0x436/0x1d20 [ 1030.776500] tcp_fragment+0x378/0x21d0 [ 1030.776500] tcp_sacktag_walk+0xe88/0x29d0 [ 1030.776500] tcp_sacktag_write_queue+0x2805/0x4630 [ 1030.776500] tcp_ack+0x2888/0xa010 [ 1030.776500] tcp_rcv_established+0xf7e/0x2940 [ 1030.776500] tcp_v4_do_rcv+0x686/0xd80 [ 1030.776500] __release_sock+0x32d/0x750 [ 1030.776500] release_sock+0x99/0x2a0 [ 1030.776500] sk_stream_wait_memory+0x9cc/0x1430 [ 1030.776500] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1030.776500] tcp_sendmsg+0xb2/0x100 [ 1030.776500] inet_sendmsg+0x4e9/0x800 [ 1030.776500] __sys_sendto+0x940/0xb80 [ 1030.776500] __se_sys_sendto+0x107/0x130 [ 1030.776500] __x64_sys_sendto+0x6e/0x90 [ 1030.776500] do_syscall_64+0xcf/0x110 [ 1030.776500] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1030.776500] [ 1030.776500] Uninit was stored to memory at: [ 1030.776500] kmsan_internal_chain_origin+0x136/0x240 [ 1030.776500] __msan_chain_origin+0x6d/0xb0 [ 1030.776500] __save_stack_trace+0x8be/0xc60 [ 1030.776500] save_stack_trace+0xc6/0x110 [ 1030.776500] kmsan_internal_chain_origin+0x136/0x240 [ 1030.776500] kmsan_memcpy_origins+0x13d/0x190 [ 1030.776500] __msan_memcpy+0x6f/0x80 [ 1030.776500] pskb_expand_head+0x436/0x1d20 [ 1030.776500] tcp_fragment+0x378/0x21d0 [ 1030.776500] tcp_sacktag_walk+0xe88/0x29d0 [ 1030.776500] tcp_sacktag_write_queue+0x2805/0x4630 [ 1030.776500] tcp_ack+0x2888/0xa010 [ 1030.776500] tcp_rcv_established+0xf7e/0x2940 [ 1030.776500] tcp_v4_do_rcv+0x686/0xd80 [ 1030.776500] __release_sock+0x32d/0x750 [ 1030.776500] release_sock+0x99/0x2a0 [ 1030.776500] sk_stream_wait_memory+0x9cc/0x1430 [ 1030.776500] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1030.776500] tcp_sendmsg+0xb2/0x100 [ 1030.776500] inet_sendmsg+0x4e9/0x800 [ 1030.776500] __sys_sendto+0x940/0xb80 [ 1030.776500] __se_sys_sendto+0x107/0x130 [ 1030.776500] __x64_sys_sendto+0x6e/0x90 [ 1030.776500] do_syscall_64+0xcf/0x110 [ 1030.776500] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1030.776500] [ 1030.776500] Uninit was stored to memory at: [ 1030.776500] kmsan_internal_chain_origin+0x136/0x240 [ 1030.776500] __msan_chain_origin+0x6d/0xb0 [ 1030.776500] __save_stack_trace+0x8be/0xc60 [ 1030.776500] save_stack_trace+0xc6/0x110 [ 1030.776500] kmsan_internal_chain_origin+0x136/0x240 [ 1030.776500] kmsan_memcpy_origins+0x13d/0x190 [ 1030.776500] __msan_memcpy+0x6f/0x80 [ 1030.776500] pskb_expand_head+0x436/0x1d20 [ 1030.776500] tcp_fragment+0x378/0x21d0 [ 1030.776500] tcp_sacktag_walk+0xe88/0x29d0 [ 1030.776500] tcp_sacktag_write_queue+0x2805/0x4630 [ 1030.776500] tcp_ack+0x2888/0xa010 [ 1030.776500] tcp_rcv_established+0xf7e/0x2940 [ 1030.776500] tcp_v4_do_rcv+0x686/0xd80 [ 1030.776500] __release_sock+0x32d/0x750 [ 1030.776500] release_sock+0x99/0x2a0 [ 1030.776500] sk_stream_wait_memory+0x9cc/0x1430 [ 1030.776500] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1031.082066] tcp_sendmsg+0xb2/0x100 [ 1031.082066] inet_sendmsg+0x4e9/0x800 [ 1031.082066] __sys_sendto+0x940/0xb80 [ 1031.082066] __se_sys_sendto+0x107/0x130 [ 1031.082066] __x64_sys_sendto+0x6e/0x90 [ 1031.082066] do_syscall_64+0xcf/0x110 [ 1031.082066] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1031.082066] [ 1031.082066] Uninit was stored to memory at: [ 1031.082066] kmsan_internal_chain_origin+0x136/0x240 [ 1031.082066] __msan_chain_origin+0x6d/0xb0 [ 1031.082066] __save_stack_trace+0x8be/0xc60 [ 1031.082066] save_stack_trace+0xc6/0x110 [ 1031.082066] kmsan_internal_chain_origin+0x136/0x240 [ 1031.082066] kmsan_memcpy_origins+0x13d/0x190 [ 1031.082066] __msan_memcpy+0x6f/0x80 [ 1031.082066] pskb_expand_head+0x436/0x1d20 [ 1031.151941] tcp_fragment+0x378/0x21d0 [ 1031.151941] tcp_sacktag_walk+0xe88/0x29d0 [ 1031.151941] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.151941] tcp_ack+0x2888/0xa010 [ 1031.151941] tcp_rcv_established+0xf7e/0x2940 [ 1031.151941] tcp_v4_do_rcv+0x686/0xd80 [ 1031.151941] __release_sock+0x32d/0x750 [ 1031.151941] release_sock+0x99/0x2a0 [ 1031.151941] sk_stream_wait_memory+0x9cc/0x1430 [ 1031.151941] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1031.151941] tcp_sendmsg+0xb2/0x100 [ 1031.151941] inet_sendmsg+0x4e9/0x800 [ 1031.151941] __sys_sendto+0x940/0xb80 [ 1031.151941] __se_sys_sendto+0x107/0x130 [ 1031.151941] __x64_sys_sendto+0x6e/0x90 [ 1031.151941] do_syscall_64+0xcf/0x110 [ 1031.151941] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1031.222110] [ 1031.222110] Uninit was stored to memory at: [ 1031.222110] kmsan_internal_chain_origin+0x136/0x240 [ 1031.222110] __msan_chain_origin+0x6d/0xb0 [ 1031.222110] __save_stack_trace+0x8be/0xc60 [ 1031.222110] save_stack_trace+0xc6/0x110 [ 1031.222110] kmsan_internal_chain_origin+0x136/0x240 [ 1031.222110] kmsan_memcpy_origins+0x13d/0x190 [ 1031.222110] __msan_memcpy+0x6f/0x80 [ 1031.222110] pskb_expand_head+0x436/0x1d20 [ 1031.222110] tcp_fragment+0x378/0x21d0 [ 1031.222110] tcp_sacktag_walk+0xe88/0x29d0 [ 1031.222110] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.222110] tcp_ack+0x2888/0xa010 [ 1031.222110] tcp_rcv_established+0xf7e/0x2940 [ 1031.222110] tcp_v4_do_rcv+0x686/0xd80 [ 1031.291983] __release_sock+0x32d/0x750 [ 1031.291983] release_sock+0x99/0x2a0 [ 1031.291983] sk_stream_wait_memory+0x9cc/0x1430 [ 1031.291983] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1031.306301] tcp_sendmsg+0xb2/0x100 [ 1031.306301] inet_sendmsg+0x4e9/0x800 [ 1031.306301] __sys_sendto+0x940/0xb80 [ 1031.306301] __se_sys_sendto+0x107/0x130 [ 1031.306301] __x64_sys_sendto+0x6e/0x90 [ 1031.306301] do_syscall_64+0xcf/0x110 [ 1031.306301] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1031.306301] [ 1031.306301] Uninit was stored to memory at: [ 1031.306301] kmsan_internal_chain_origin+0x136/0x240 [ 1031.306301] __msan_chain_origin+0x6d/0xb0 [ 1031.306301] __save_stack_trace+0x8be/0xc60 [ 1031.306301] save_stack_trace+0xc6/0x110 [ 1031.306301] kmsan_internal_chain_origin+0x136/0x240 [ 1031.306301] kmsan_memcpy_origins+0x13d/0x190 [ 1031.306301] __msan_memcpy+0x6f/0x80 [ 1031.306301] pskb_expand_head+0x436/0x1d20 [ 1031.306301] tcp_fragment+0x378/0x21d0 [ 1031.306301] tcp_sacktag_walk+0xe88/0x29d0 [ 1031.306301] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.306301] tcp_ack+0x2888/0xa010 [ 1031.306301] tcp_rcv_established+0xf7e/0x2940 [ 1031.306301] tcp_v4_do_rcv+0x686/0xd80 [ 1031.306301] __release_sock+0x32d/0x750 [ 1031.306301] release_sock+0x99/0x2a0 [ 1031.306301] sk_stream_wait_memory+0x9cc/0x1430 [ 1031.306301] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1031.306301] tcp_sendmsg+0xb2/0x100 [ 1031.306301] inet_sendmsg+0x4e9/0x800 [ 1031.306301] __sys_sendto+0x940/0xb80 [ 1031.306301] __se_sys_sendto+0x107/0x130 [ 1031.306301] __x64_sys_sendto+0x6e/0x90 [ 1031.306301] do_syscall_64+0xcf/0x110 [ 1031.306301] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1031.306301] [ 1031.306301] Local variable description: ----_tcph@tcp_packet [ 1031.306301] Variable was created at: [ 1031.306301] tcp_packet+0xe1/0x73c0 [ 1031.306301] nf_conntrack_in+0x9f0/0x1edd [ 1031.517102] not chained 460000 origins [ 1031.521040] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc3+ #89 [ 1031.521771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1031.521771] Call Trace: [ 1031.521771] dump_stack+0x32d/0x480 [ 1031.521771] kmsan_internal_chain_origin+0x222/0x240 [ 1031.545657] ? kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] ? __msan_chain_origin+0x6d/0xb0 [ 1031.545657] ? __save_stack_trace+0x8be/0xc60 [ 1031.545657] ? save_stack_trace+0xc6/0x110 [ 1031.545657] ? kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] ? kmsan_memcpy_origins+0x13d/0x190 [ 1031.545657] ? __msan_memcpy+0x6f/0x80 [ 1031.545657] ? pskb_expand_head+0x436/0x1d20 [ 1031.545657] ? skb_shift+0x29a0/0x2d10 [ 1031.545657] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1031.545657] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] ? tcp_ack+0x2888/0xa010 [ 1031.545657] ? tcp_rcv_established+0xf7e/0x2940 [ 1031.545657] ? tcp_v4_do_rcv+0x686/0xd80 [ 1031.545657] ? tcp_v4_rcv+0x5a13/0x6520 [ 1031.545657] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1031.545657] ? ip_local_deliver+0x44b/0x510 [ 1031.545657] ? ip_rcv+0x6b6/0x740 [ 1031.545657] ? process_backlog+0x82b/0x11e0 [ 1031.545657] ? net_rx_action+0x98f/0x1d50 [ 1031.545657] ? __do_softirq+0x721/0xc7f [ 1031.545657] ? run_ksoftirqd+0x37/0x60 [ 1031.545657] ? smpboot_thread_fn+0x69c/0xb30 [ 1031.545657] ? kthread+0x5e7/0x620 [ 1031.545657] ? ret_from_fork+0x35/0x40 [ 1031.545657] ? kmsan_internal_chain_origin+0x90/0x240 [ 1031.545657] ? task_kmsan_context_state+0x51/0x90 [ 1031.545657] ? __msan_get_context_state+0x9/0x20 [ 1031.545657] ? __kernel_text_address+0x19/0x350 [ 1031.545657] ? ret_from_fork+0x35/0x40 [ 1031.545657] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1031.545657] ? in_task_stack+0x12c/0x210 [ 1031.545657] __msan_chain_origin+0x6d/0xb0 [ 1031.545657] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] __save_stack_trace+0x8be/0xc60 [ 1031.545657] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1031.545657] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] save_stack_trace+0xc6/0x110 [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] ? run_ksoftirqd+0x37/0x60 [ 1031.545657] ? kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] ? kmsan_memcpy_origins+0x13d/0x190 [ 1031.545657] ? __msan_memcpy+0x6f/0x80 [ 1031.545657] ? pskb_expand_head+0x436/0x1d20 [ 1031.545657] ? skb_shift+0x29a0/0x2d10 [ 1031.545657] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1031.545657] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] ? tcp_ack+0x2888/0xa010 [ 1031.545657] ? tcp_rcv_established+0xf7e/0x2940 [ 1031.545657] ? tcp_v4_do_rcv+0x686/0xd80 [ 1031.545657] ? tcp_v4_rcv+0x5a13/0x6520 [ 1031.545657] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1031.545657] ? ip_local_deliver+0x44b/0x510 [ 1031.545657] ? ip_rcv+0x6b6/0x740 [ 1031.545657] ? process_backlog+0x82b/0x11e0 [ 1031.545657] ? net_rx_action+0x98f/0x1d50 [ 1031.545657] ? __do_softirq+0x721/0xc7f [ 1031.545657] ? run_ksoftirqd+0x37/0x60 [ 1031.545657] ? smpboot_thread_fn+0x69c/0xb30 [ 1031.545657] ? kthread+0x5e7/0x620 [ 1031.545657] ? ret_from_fork+0x35/0x40 [ 1031.545657] ? memcg_kmem_put_cache+0x73/0x460 [ 1031.545657] ? __kmalloc_node_track_caller+0x1010/0x14e0 [ 1031.545657] ? __msan_get_context_state+0x9/0x20 [ 1031.545657] ? INIT_INT+0xc/0x30 [ 1031.545657] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1031.545657] kmsan_memcpy_origins+0x13d/0x190 [ 1031.545657] __msan_memcpy+0x6f/0x80 [ 1031.545657] pskb_expand_head+0x436/0x1d20 [ 1031.545657] skb_shift+0x29a0/0x2d10 [ 1031.545657] tcp_sacktag_walk+0x2156/0x29d0 [ 1031.545657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] tcp_ack+0x2888/0xa010 [ 1031.545657] ? tcp_parse_options+0xbe/0x1cf0 [ 1031.545657] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1031.545657] ? tcp_parse_options+0x1c55/0x1cf0 [ 1031.545657] tcp_rcv_established+0xf7e/0x2940 [ 1031.545657] ? __msan_get_context_state+0x9/0x20 [ 1031.545657] tcp_v4_do_rcv+0x686/0xd80 [ 1031.545657] tcp_v4_rcv+0x5a13/0x6520 [ 1031.545657] ? tcp_filter+0x260/0x260 [ 1031.545657] ip_local_deliver_finish+0x8d8/0xff0 [ 1031.545657] ? nf_hook_slow+0x36f/0x3d0 [ 1031.545657] ip_local_deliver+0x44b/0x510 [ 1031.545657] ? ip_local_deliver+0x510/0x510 [ 1031.545657] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1031.545657] ip_rcv+0x6b6/0x740 [ 1031.545657] ? ip_rcv_core+0x1370/0x1370 [ 1031.545657] process_backlog+0x82b/0x11e0 [ 1031.545657] ? ip_local_deliver_finish+0xff0/0xff0 [ 1031.545657] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1031.545657] net_rx_action+0x98f/0x1d50 [ 1031.545657] ? net_tx_action+0xf20/0xf20 [ 1031.545657] __do_softirq+0x721/0xc7f [ 1031.545657] ? ksoftirqd_should_run+0x50/0x50 [ 1031.545657] run_ksoftirqd+0x37/0x60 [ 1031.545657] smpboot_thread_fn+0x69c/0xb30 [ 1031.545657] kthread+0x5e7/0x620 [ 1031.545657] ? cpu_report_death+0x4a0/0x4a0 [ 1031.545657] ? INIT_BOOL+0x30/0x30 [ 1031.545657] ret_from_fork+0x35/0x40 [ 1031.545657] Uninit was stored to memory at: [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] __msan_chain_origin+0x6d/0xb0 [ 1031.545657] __save_stack_trace+0x8be/0xc60 [ 1031.545657] save_stack_trace+0xc6/0x110 [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] kmsan_memcpy_origins+0x13d/0x190 [ 1031.545657] __msan_memcpy+0x6f/0x80 [ 1031.545657] pskb_expand_head+0x436/0x1d20 [ 1031.545657] skb_shift+0x29a0/0x2d10 [ 1031.545657] tcp_sacktag_walk+0x2156/0x29d0 [ 1031.545657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] tcp_ack+0x2888/0xa010 [ 1031.545657] tcp_rcv_established+0xf7e/0x2940 [ 1031.545657] tcp_v4_do_rcv+0x686/0xd80 [ 1031.545657] tcp_v4_rcv+0x5a13/0x6520 [ 1031.545657] ip_local_deliver_finish+0x8d8/0xff0 [ 1031.545657] ip_local_deliver+0x44b/0x510 [ 1031.545657] ip_rcv+0x6b6/0x740 [ 1031.545657] process_backlog+0x82b/0x11e0 [ 1031.545657] net_rx_action+0x98f/0x1d50 [ 1031.545657] __do_softirq+0x721/0xc7f [ 1031.545657] [ 1031.545657] Uninit was stored to memory at: [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] __msan_chain_origin+0x6d/0xb0 [ 1031.545657] __save_stack_trace+0x8be/0xc60 [ 1031.545657] save_stack_trace+0xc6/0x110 [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] kmsan_memcpy_origins+0x13d/0x190 [ 1031.545657] __msan_memcpy+0x6f/0x80 [ 1031.545657] pskb_expand_head+0x436/0x1d20 [ 1031.545657] skb_shift+0x29a0/0x2d10 [ 1031.545657] tcp_sacktag_walk+0x2156/0x29d0 [ 1031.545657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] tcp_ack+0x2888/0xa010 [ 1031.545657] tcp_rcv_established+0xf7e/0x2940 [ 1031.545657] tcp_v4_do_rcv+0x686/0xd80 [ 1031.545657] tcp_v4_rcv+0x5a13/0x6520 [ 1031.545657] ip_local_deliver_finish+0x8d8/0xff0 [ 1031.545657] ip_local_deliver+0x44b/0x510 [ 1031.545657] ip_rcv+0x6b6/0x740 [ 1031.545657] process_backlog+0x82b/0x11e0 [ 1031.545657] net_rx_action+0x98f/0x1d50 [ 1031.545657] __do_softirq+0x721/0xc7f [ 1031.545657] [ 1031.545657] Uninit was stored to memory at: [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] __msan_chain_origin+0x6d/0xb0 [ 1031.545657] __save_stack_trace+0x8be/0xc60 [ 1031.545657] save_stack_trace+0xc6/0x110 [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] kmsan_memcpy_origins+0x13d/0x190 [ 1031.545657] __msan_memcpy+0x6f/0x80 [ 1031.545657] pskb_expand_head+0x436/0x1d20 [ 1031.545657] skb_shift+0x29a0/0x2d10 [ 1031.545657] tcp_sacktag_walk+0x2156/0x29d0 [ 1031.545657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] tcp_ack+0x2888/0xa010 [ 1031.545657] tcp_rcv_established+0xf7e/0x2940 [ 1031.545657] tcp_v4_do_rcv+0x686/0xd80 [ 1031.545657] tcp_v4_rcv+0x5a13/0x6520 [ 1031.545657] ip_local_deliver_finish+0x8d8/0xff0 [ 1031.545657] ip_local_deliver+0x44b/0x510 [ 1031.545657] ip_rcv+0x6b6/0x740 [ 1031.545657] process_backlog+0x82b/0x11e0 [ 1031.545657] net_rx_action+0x98f/0x1d50 [ 1031.545657] __do_softirq+0x721/0xc7f [ 1031.545657] [ 1031.545657] Uninit was stored to memory at: [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] __msan_chain_origin+0x6d/0xb0 [ 1031.545657] __save_stack_trace+0x8be/0xc60 [ 1031.545657] save_stack_trace+0xc6/0x110 [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] kmsan_memcpy_origins+0x13d/0x190 [ 1031.545657] __msan_memcpy+0x6f/0x80 [ 1031.545657] pskb_expand_head+0x436/0x1d20 [ 1031.545657] skb_shift+0x29a0/0x2d10 [ 1031.545657] tcp_sacktag_walk+0x2156/0x29d0 [ 1031.545657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] tcp_ack+0x2888/0xa010 [ 1031.545657] tcp_rcv_established+0xf7e/0x2940 [ 1031.545657] tcp_v4_do_rcv+0x686/0xd80 [ 1031.545657] tcp_v4_rcv+0x5a13/0x6520 [ 1031.545657] ip_local_deliver_finish+0x8d8/0xff0 [ 1031.545657] ip_local_deliver+0x44b/0x510 [ 1031.545657] ip_rcv+0x6b6/0x740 [ 1031.545657] process_backlog+0x82b/0x11e0 [ 1031.545657] net_rx_action+0x98f/0x1d50 [ 1031.545657] __do_softirq+0x721/0xc7f [ 1031.545657] [ 1031.545657] Uninit was stored to memory at: [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] __msan_chain_origin+0x6d/0xb0 [ 1031.545657] __save_stack_trace+0x8be/0xc60 [ 1031.545657] save_stack_trace+0xc6/0x110 [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] kmsan_memcpy_origins+0x13d/0x190 [ 1031.545657] __msan_memcpy+0x6f/0x80 [ 1031.545657] pskb_expand_head+0x436/0x1d20 [ 1031.545657] skb_shift+0x29a0/0x2d10 [ 1031.545657] tcp_sacktag_walk+0x2156/0x29d0 [ 1031.545657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] tcp_ack+0x2888/0xa010 [ 1031.545657] tcp_rcv_established+0xf7e/0x2940 [ 1031.545657] tcp_v4_do_rcv+0x686/0xd80 [ 1031.545657] tcp_v4_rcv+0x5a13/0x6520 [ 1031.545657] ip_local_deliver_finish+0x8d8/0xff0 [ 1031.545657] ip_local_deliver+0x44b/0x510 [ 1031.545657] ip_rcv+0x6b6/0x740 [ 1031.545657] process_backlog+0x82b/0x11e0 [ 1031.545657] net_rx_action+0x98f/0x1d50 [ 1031.545657] __do_softirq+0x721/0xc7f [ 1031.545657] [ 1031.545657] Uninit was stored to memory at: [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] __msan_chain_origin+0x6d/0xb0 [ 1031.545657] __save_stack_trace+0x8be/0xc60 [ 1031.545657] save_stack_trace+0xc6/0x110 [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] kmsan_memcpy_origins+0x13d/0x190 [ 1031.545657] __msan_memcpy+0x6f/0x80 [ 1031.545657] pskb_expand_head+0x436/0x1d20 [ 1031.545657] skb_shift+0x29a0/0x2d10 [ 1031.545657] tcp_sacktag_walk+0x2156/0x29d0 [ 1031.545657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] tcp_ack+0x2888/0xa010 [ 1031.545657] tcp_rcv_established+0xf7e/0x2940 [ 1031.545657] tcp_v4_do_rcv+0x686/0xd80 [ 1031.545657] tcp_v4_rcv+0x5a13/0x6520 [ 1031.545657] ip_local_deliver_finish+0x8d8/0xff0 [ 1031.545657] ip_local_deliver+0x44b/0x510 [ 1031.545657] ip_rcv+0x6b6/0x740 [ 1031.545657] process_backlog+0x82b/0x11e0 [ 1031.545657] net_rx_action+0x98f/0x1d50 [ 1031.545657] __do_softirq+0x721/0xc7f [ 1031.545657] [ 1031.545657] Uninit was stored to memory at: [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] __msan_chain_origin+0x6d/0xb0 [ 1031.545657] __save_stack_trace+0x8be/0xc60 [ 1031.545657] save_stack_trace+0xc6/0x110 [ 1031.545657] kmsan_internal_chain_origin+0x136/0x240 [ 1031.545657] kmsan_memcpy_origins+0x13d/0x190 [ 1031.545657] __msan_memcpy+0x6f/0x80 [ 1031.545657] pskb_expand_head+0x436/0x1d20 [ 1031.545657] skb_shift+0x29a0/0x2d10 [ 1031.545657] tcp_sacktag_walk+0x2156/0x29d0 [ 1031.545657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1031.545657] tcp_ack+0x2888/0xa010 [ 1031.545657] tcp_rcv_established+0xf7e/0x2940 [ 1031.545657] tcp_v4_do_rcv+0x686/0xd80 [ 1031.545657] tcp_v4_rcv+0x5a13/0x6520 [ 1031.545657] ip_local_deliver_finish+0x8d8/0xff0 [ 1031.545657] ip_local_deliver+0x44b/0x510 [ 1031.545657] ip_rcv+0x6b6/0x740 [ 1031.545657] process_backlog+0x82b/0x11e0 [ 1031.545657] net_rx_action+0x98f/0x1d50 [ 1031.545657] __do_softirq+0x721/0xc7f [ 1031.545657] [ 1031.545657] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1031.545657] Variable was created at: [ 1031.545657] ipv4_conntrack_local+0x75/0x470 [ 1031.545657] nf_hook_slow+0x15c/0x3d0 06:19:03 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) 06:19:03 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)) r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:03 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:19:03 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) gettid() 06:19:04 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:04 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:19:04 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)) r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:04 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1033.544626] not chained 470000 origins [ 1033.548582] CPU: 1 PID: 20209 Comm: udevd Not tainted 4.20.0-rc3+ #89 [ 1033.551781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1033.551781] Call Trace: [ 1033.551781] [ 1033.551781] dump_stack+0x32d/0x480 [ 1033.570075] kmsan_internal_chain_origin+0x222/0x240 [ 1033.570075] ? kmsan_set_origin+0x7f/0x100 [ 1033.570075] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1033.570075] ? __module_address+0x6a/0x5f0 [ 1033.570075] ? is_bpf_text_address+0x3e5/0x4d0 [ 1033.570075] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1033.570075] ? is_bpf_text_address+0x49e/0x4d0 [ 1033.570075] ? kmsan_internal_chain_origin+0x90/0x240 [ 1033.570075] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1033.570075] ? is_bpf_text_address+0x49e/0x4d0 [ 1033.570075] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1033.570075] __msan_chain_origin+0x6d/0xb0 [ 1033.570075] __save_stack_trace+0x833/0xc60 [ 1033.570075] ? save_stack_trace+0xc6/0x110 [ 1033.570075] save_stack_trace+0xc6/0x110 [ 1033.570075] kmsan_internal_chain_origin+0x136/0x240 [ 1033.570075] ? irq_exit+0x305/0x340 [ 1033.651245] ? do_syscall_64+0xcf/0x110 [ 1033.651245] ? kmsan_internal_chain_origin+0x136/0x240 [ 1033.651245] ? kmsan_memcpy_origins+0x13d/0x190 [ 1033.651245] ? __msan_memcpy+0x6f/0x80 [ 1033.651245] ? pskb_expand_head+0x436/0x1d20 [ 1033.651245] ? skb_shift+0xce2/0x2d10 [ 1033.651245] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1033.651245] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1033.685234] ? tcp_ack+0x2888/0xa010 [ 1033.685234] ? tcp_rcv_established+0xf7e/0x2940 [ 1033.685234] ? tcp_v4_do_rcv+0x686/0xd80 [ 1033.685234] ? tcp_v4_rcv+0x5a13/0x6520 [ 1033.685234] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1033.685234] ? ip_local_deliver+0x44b/0x510 [ 1033.685234] ? ip_rcv+0x6b6/0x740 [ 1033.685234] ? process_backlog+0x82b/0x11e0 [ 1033.685234] ? net_rx_action+0x98f/0x1d50 [ 1033.685234] ? __do_softirq+0x721/0xc7f [ 1033.685234] ? irq_exit+0x305/0x340 [ 1033.685234] ? exiting_irq+0xe/0x10 [ 1033.685234] ? smp_apic_timer_interrupt+0x64/0x90 [ 1033.685234] ? apic_timer_interrupt+0xf/0x20 [ 1033.685234] ? finish_lock_switch+0x2b/0x40 [ 1033.685234] ? finish_task_switch+0x17e/0x410 [ 1033.685234] ? __schedule+0x8a8/0xa60 [ 1033.685234] ? _cond_resched+0x7e/0x120 [ 1033.685234] ? copy_page_range+0x33dd/0x3e10 [ 1033.685234] ? copy_process+0x730d/0xc3c0 [ 1033.685234] ? _do_fork+0x3e3/0x1370 [ 1033.685234] ? __se_sys_clone+0xf6/0x110 [ 1033.685234] ? __x64_sys_clone+0x62/0x80 [ 1033.685234] ? do_syscall_64+0xcf/0x110 [ 1033.685234] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1033.685234] ? __msan_get_context_state+0x9/0x20 [ 1033.685234] ? INIT_INT+0xc/0x30 [ 1033.685234] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1033.685234] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1033.685234] kmsan_memcpy_origins+0x13d/0x190 [ 1033.685234] __msan_memcpy+0x6f/0x80 [ 1033.685234] pskb_expand_head+0x436/0x1d20 [ 1033.685234] skb_shift+0xce2/0x2d10 [ 1033.685234] tcp_sacktag_walk+0x2156/0x29d0 [ 1033.685234] tcp_sacktag_write_queue+0x2805/0x4630 [ 1033.685234] tcp_ack+0x2888/0xa010 [ 1033.685234] ? tcp_parse_options+0xbe/0x1cf0 [ 1033.685234] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1033.685234] ? tcp_parse_options+0x1c55/0x1cf0 [ 1033.685234] tcp_rcv_established+0xf7e/0x2940 [ 1033.685234] ? __msan_get_context_state+0x9/0x20 [ 1033.685234] tcp_v4_do_rcv+0x686/0xd80 [ 1033.685234] tcp_v4_rcv+0x5a13/0x6520 [ 1033.685234] ? tcp_filter+0x260/0x260 [ 1033.685234] ip_local_deliver_finish+0x8d8/0xff0 [ 1033.685234] ? nf_hook_slow+0x36f/0x3d0 [ 1033.685234] ip_local_deliver+0x44b/0x510 [ 1033.685234] ? ip_local_deliver+0x510/0x510 [ 1033.685234] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1033.685234] ip_rcv+0x6b6/0x740 [ 1033.685234] ? ip_rcv_core+0x1370/0x1370 [ 1033.685234] process_backlog+0x82b/0x11e0 [ 1033.685234] ? ip_local_deliver_finish+0xff0/0xff0 [ 1033.685234] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1033.685234] net_rx_action+0x98f/0x1d50 [ 1033.685234] ? net_tx_action+0xf20/0xf20 [ 1033.685234] __do_softirq+0x721/0xc7f [ 1033.685234] irq_exit+0x305/0x340 [ 1033.685234] exiting_irq+0xe/0x10 [ 1033.685234] smp_apic_timer_interrupt+0x64/0x90 [ 1033.685234] apic_timer_interrupt+0xf/0x20 [ 1033.685234] [ 1033.685234] RIP: 0010:finish_lock_switch+0x2b/0x40 [ 1033.685234] Code: 48 89 e5 53 48 89 fb e8 d3 f4 9b 00 8b b8 88 0c 00 00 48 8b 00 48 85 c0 75 12 48 89 df e8 3d ea 9b 00 c6 00 00 c6 03 00 fb 5b <5d> c3 e8 ee f3 9b 00 eb e7 66 90 66 2e 0f 1f 84 00 00 00 00 00 55 [ 1033.685234] RSP: 0018:ffff88812883f6f0 EFLAGS: 00000296 ORIG_RAX: ffffffffffffff13 [ 1033.685234] RAX: ffff8881dc3b8b80 RBX: ffff8881d0ff8000 RCX: ffff8881dc3b8b80 [ 1033.685234] RDX: ffff8881dc3b9b80 RSI: 0000160000000000 RDI: aaaaaaaaaaaab000 [ 1033.685234] RBP: ffff88812883f6f0 R08: ffff888000000000 R09: 0000000000000002 [ 1033.685234] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888144073c00 [ 1033.685234] R13: ffff88821fdb8510 R14: ffff888144074588 R15: ffff88821fdb7b80 [ 1033.685234] finish_task_switch+0x17e/0x410 [ 1033.685234] __schedule+0x8a8/0xa60 [ 1033.685234] ? copy_page_range+0x33dd/0x3e10 [ 1033.685234] _cond_resched+0x7e/0x120 [ 1033.685234] copy_page_range+0x33dd/0x3e10 [ 1033.685234] ? memcg_kmem_put_cache+0x73/0x460 [ 1033.685234] copy_process+0x730d/0xc3c0 [ 1033.685234] _do_fork+0x3e3/0x1370 [ 1033.685234] ? prepare_exit_to_usermode+0x182/0x4c0 [ 1033.685234] __se_sys_clone+0xf6/0x110 [ 1033.685234] __x64_sys_clone+0x62/0x80 [ 1033.685234] do_syscall_64+0xcf/0x110 [ 1033.685234] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1033.685234] RIP: 0033:0x7f48ab0fef46 [ 1033.685234] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 14 25 10 00 00 00 31 d2 49 81 c2 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 31 01 00 00 85 c0 41 89 c4 0f 85 3b 01 00 [ 1033.685234] RSP: 002b:00007ffd8f05aec0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1033.685234] RAX: ffffffffffffffda RBX: 00007ffd8f05aec0 RCX: 00007f48ab0fef46 [ 1033.685234] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1033.685234] RBP: 00007ffd8f05af20 R08: 0000000000004ef1 R09: 0000000000004ef1 [ 1033.685234] R10: 00007f48aba1ba70 R11: 0000000000000246 R12: 0000000000000000 [ 1033.685234] R13: 00007ffd8f05aee0 R14: 0000000000000005 R15: 0000000000000005 [ 1033.685234] Uninit was stored to memory at: [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] __msan_chain_origin+0x6d/0xb0 [ 1033.685234] save_stack_trace+0xfa/0x110 [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] kmsan_memcpy_origins+0x13d/0x190 [ 1033.685234] __msan_memcpy+0x6f/0x80 [ 1033.685234] pskb_expand_head+0x436/0x1d20 [ 1033.685234] skb_shift+0xce2/0x2d10 [ 1033.685234] tcp_sacktag_walk+0x2156/0x29d0 [ 1033.685234] tcp_sacktag_write_queue+0x2805/0x4630 [ 1033.685234] tcp_ack+0x2888/0xa010 [ 1033.685234] tcp_rcv_established+0xf7e/0x2940 [ 1033.685234] tcp_v4_do_rcv+0x686/0xd80 [ 1033.685234] tcp_v4_rcv+0x5a13/0x6520 [ 1033.685234] ip_local_deliver_finish+0x8d8/0xff0 [ 1033.685234] ip_local_deliver+0x44b/0x510 [ 1033.685234] ip_rcv+0x6b6/0x740 [ 1033.685234] process_backlog+0x82b/0x11e0 [ 1033.685234] net_rx_action+0x98f/0x1d50 [ 1033.685234] __do_softirq+0x721/0xc7f [ 1033.685234] [ 1033.685234] Uninit was stored to memory at: [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] __msan_chain_origin+0x6d/0xb0 [ 1033.685234] __save_stack_trace+0x833/0xc60 [ 1033.685234] save_stack_trace+0xc6/0x110 [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] kmsan_memcpy_origins+0x13d/0x190 [ 1033.685234] __msan_memcpy+0x6f/0x80 [ 1033.685234] pskb_expand_head+0x436/0x1d20 [ 1033.685234] skb_shift+0xce2/0x2d10 [ 1033.685234] tcp_sacktag_walk+0x2156/0x29d0 [ 1033.685234] tcp_sacktag_write_queue+0x2805/0x4630 [ 1033.685234] tcp_ack+0x2888/0xa010 [ 1033.685234] tcp_rcv_established+0xf7e/0x2940 [ 1033.685234] tcp_v4_do_rcv+0x686/0xd80 [ 1033.685234] tcp_v4_rcv+0x5a13/0x6520 [ 1033.685234] ip_local_deliver_finish+0x8d8/0xff0 [ 1033.685234] ip_local_deliver+0x44b/0x510 [ 1033.685234] ip_rcv+0x6b6/0x740 [ 1033.685234] process_backlog+0x82b/0x11e0 [ 1033.685234] net_rx_action+0x98f/0x1d50 [ 1033.685234] __do_softirq+0x721/0xc7f [ 1033.685234] [ 1033.685234] Uninit was stored to memory at: [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] __msan_chain_origin+0x6d/0xb0 [ 1033.685234] save_stack_trace+0xfa/0x110 [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] kmsan_memcpy_origins+0x13d/0x190 [ 1033.685234] __msan_memcpy+0x6f/0x80 [ 1033.685234] pskb_expand_head+0x436/0x1d20 [ 1033.685234] skb_shift+0xce2/0x2d10 [ 1033.685234] tcp_sacktag_walk+0x2156/0x29d0 [ 1033.685234] tcp_sacktag_write_queue+0x2805/0x4630 [ 1033.685234] tcp_ack+0x2888/0xa010 [ 1033.685234] tcp_rcv_established+0xf7e/0x2940 [ 1033.685234] tcp_v4_do_rcv+0x686/0xd80 [ 1033.685234] tcp_v4_rcv+0x5a13/0x6520 [ 1033.685234] ip_local_deliver_finish+0x8d8/0xff0 [ 1033.685234] ip_local_deliver+0x44b/0x510 [ 1033.685234] ip_rcv+0x6b6/0x740 [ 1033.685234] process_backlog+0x82b/0x11e0 [ 1033.685234] net_rx_action+0x98f/0x1d50 [ 1033.685234] __do_softirq+0x721/0xc7f [ 1033.685234] [ 1033.685234] Uninit was stored to memory at: [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] __msan_chain_origin+0x6d/0xb0 [ 1033.685234] __save_stack_trace+0x833/0xc60 [ 1033.685234] save_stack_trace+0xc6/0x110 [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] kmsan_memcpy_origins+0x13d/0x190 [ 1033.685234] __msan_memcpy+0x6f/0x80 [ 1033.685234] pskb_expand_head+0x436/0x1d20 [ 1033.685234] skb_shift+0xce2/0x2d10 [ 1033.685234] tcp_sacktag_walk+0x2156/0x29d0 [ 1033.685234] tcp_sacktag_write_queue+0x2805/0x4630 [ 1033.685234] tcp_ack+0x2888/0xa010 [ 1033.685234] tcp_rcv_established+0xf7e/0x2940 [ 1033.685234] tcp_v4_do_rcv+0x686/0xd80 [ 1033.685234] tcp_v4_rcv+0x5a13/0x6520 [ 1033.685234] ip_local_deliver_finish+0x8d8/0xff0 [ 1033.685234] ip_local_deliver+0x44b/0x510 [ 1033.685234] ip_rcv+0x6b6/0x740 [ 1033.685234] process_backlog+0x82b/0x11e0 [ 1033.685234] net_rx_action+0x98f/0x1d50 [ 1033.685234] __do_softirq+0x721/0xc7f [ 1033.685234] [ 1033.685234] Uninit was stored to memory at: [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] __msan_chain_origin+0x6d/0xb0 [ 1033.685234] save_stack_trace+0xfa/0x110 [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] kmsan_memcpy_origins+0x13d/0x190 [ 1033.685234] __msan_memcpy+0x6f/0x80 [ 1033.685234] pskb_expand_head+0x436/0x1d20 [ 1033.685234] skb_shift+0xce2/0x2d10 [ 1033.685234] tcp_sacktag_walk+0x2156/0x29d0 [ 1033.685234] tcp_sacktag_write_queue+0x2805/0x4630 [ 1033.685234] tcp_ack+0x2888/0xa010 [ 1033.685234] tcp_rcv_established+0xf7e/0x2940 [ 1033.685234] tcp_v4_do_rcv+0x686/0xd80 [ 1033.685234] tcp_v4_rcv+0x5a13/0x6520 [ 1033.685234] ip_local_deliver_finish+0x8d8/0xff0 [ 1033.685234] ip_local_deliver+0x44b/0x510 [ 1033.685234] ip_rcv+0x6b6/0x740 [ 1033.685234] process_backlog+0x82b/0x11e0 [ 1033.685234] net_rx_action+0x98f/0x1d50 [ 1033.685234] __do_softirq+0x721/0xc7f [ 1033.685234] [ 1033.685234] Uninit was stored to memory at: [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] __msan_chain_origin+0x6d/0xb0 [ 1033.685234] __save_stack_trace+0x833/0xc60 [ 1033.685234] save_stack_trace+0xc6/0x110 [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] kmsan_memcpy_origins+0x13d/0x190 [ 1033.685234] __msan_memcpy+0x6f/0x80 [ 1033.685234] pskb_expand_head+0x436/0x1d20 [ 1033.685234] skb_shift+0xce2/0x2d10 [ 1033.685234] tcp_sacktag_walk+0x2156/0x29d0 [ 1033.685234] tcp_sacktag_write_queue+0x2805/0x4630 [ 1033.685234] tcp_ack+0x2888/0xa010 [ 1033.685234] tcp_rcv_established+0xf7e/0x2940 [ 1033.685234] tcp_v4_do_rcv+0x686/0xd80 [ 1033.685234] tcp_v4_rcv+0x5a13/0x6520 [ 1033.685234] ip_local_deliver_finish+0x8d8/0xff0 [ 1033.685234] ip_local_deliver+0x44b/0x510 [ 1033.685234] ip_rcv+0x6b6/0x740 [ 1033.685234] process_backlog+0x82b/0x11e0 [ 1033.685234] net_rx_action+0x98f/0x1d50 [ 1033.685234] __do_softirq+0x721/0xc7f [ 1033.685234] [ 1033.685234] Uninit was stored to memory at: [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] __msan_chain_origin+0x6d/0xb0 [ 1033.685234] save_stack_trace+0xfa/0x110 [ 1033.685234] kmsan_internal_chain_origin+0x136/0x240 [ 1033.685234] kmsan_memcpy_origins+0x13d/0x190 [ 1033.685234] __msan_memcpy+0x6f/0x80 [ 1033.685234] pskb_expand_head+0x436/0x1d20 [ 1033.685234] skb_shift+0xce2/0x2d10 [ 1033.685234] tcp_sacktag_walk+0x2156/0x29d0 [ 1033.685234] tcp_sacktag_write_queue+0x2805/0x4630 [ 1033.685234] tcp_ack+0x2888/0xa010 [ 1033.685234] tcp_rcv_established+0xf7e/0x2940 [ 1033.685234] tcp_v4_do_rcv+0x686/0xd80 [ 1033.685234] tcp_v4_rcv+0x5a13/0x6520 [ 1033.685234] ip_local_deliver_finish+0x8d8/0xff0 [ 1033.685234] ip_local_deliver+0x44b/0x510 [ 1033.685234] ip_rcv+0x6b6/0x740 [ 1033.685234] process_backlog+0x82b/0x11e0 [ 1033.685234] net_rx_action+0x98f/0x1d50 [ 1033.685234] __do_softirq+0x721/0xc7f [ 1033.685234] [ 1033.685234] Local variable description: ----c.i.i@should_fail [ 1033.685234] Variable was created at: [ 1033.685234] should_fail+0x162/0x13c0 [ 1033.685234] __should_failslab+0x278/0x2a0 06:19:06 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c12") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)) r3 = dup3(r1, r0, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) [ 1035.269702] not chained 480000 origins [ 1035.271800] CPU: 1 PID: 20210 Comm: udevd Not tainted 4.20.0-rc3+ #89 [ 1035.271800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1035.271800] Call Trace: [ 1035.271800] [ 1035.271800] dump_stack+0x32d/0x480 [ 1035.271800] kmsan_internal_chain_origin+0x222/0x240 [ 1035.271800] ? kmsan_set_origin+0x7f/0x100 [ 1035.271800] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1035.271800] ? __module_address+0x6a/0x5f0 [ 1035.271800] ? is_bpf_text_address+0x3e5/0x4d0 [ 1035.321453] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1035.321453] ? is_bpf_text_address+0x49e/0x4d0 [ 1035.321453] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1035.321453] ? __module_address+0x6a/0x5f0 [ 1035.321453] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1035.321453] ? is_bpf_text_address+0x49e/0x4d0 [ 1035.321453] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1035.321453] __msan_chain_origin+0x6d/0xb0 [ 1035.321453] ? net_rx_action+0x98f/0x1d50 [ 1035.321453] __save_stack_trace+0x8be/0xc60 [ 1035.321453] ? net_rx_action+0x98f/0x1d50 [ 1035.321453] save_stack_trace+0xc6/0x110 [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] ? irq_exit+0x305/0x340 [ 1035.321453] ? user_path_at_empty+0x123/0x140 [ 1035.321453] ? kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] ? kmsan_memcpy_origins+0x13d/0x190 [ 1035.321453] ? __msan_memcpy+0x6f/0x80 [ 1035.321453] ? pskb_expand_head+0x436/0x1d20 [ 1035.321453] ? skb_shift+0xce2/0x2d10 [ 1035.321453] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1035.321453] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1035.321453] ? tcp_ack+0x2888/0xa010 [ 1035.321453] ? tcp_rcv_established+0xf7e/0x2940 [ 1035.321453] ? tcp_v4_do_rcv+0x686/0xd80 [ 1035.321453] ? tcp_v4_rcv+0x5a13/0x6520 [ 1035.321453] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1035.321453] ? ip_local_deliver+0x44b/0x510 [ 1035.321453] ? ip_rcv+0x6b6/0x740 [ 1035.321453] ? process_backlog+0x82b/0x11e0 [ 1035.321453] ? net_rx_action+0x98f/0x1d50 [ 1035.321453] ? __do_softirq+0x721/0xc7f [ 1035.321453] ? irq_exit+0x305/0x340 [ 1035.321453] ? exiting_irq+0xe/0x10 [ 1035.321453] ? smp_apic_timer_interrupt+0x64/0x90 [ 1035.321453] ? apic_timer_interrupt+0xf/0x20 [ 1035.321453] ? kmsan_get_shadow_origin_ptr+0x1bf/0x410 [ 1035.321453] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1035.321453] ? mutex_unlock+0x14b/0x300 [ 1035.321453] ? kernfs_dop_revalidate+0x61c/0x630 [ 1035.321453] ? lookup_fast+0x8d6/0x1750 [ 1035.321453] ? walk_component+0x11d/0xba0 [ 1035.321453] ? link_path_walk+0xb6c/0x21a0 [ 1035.321453] ? path_lookupat+0x1ab/0x1100 [ 1035.321453] ? filename_lookup+0x323/0xbe0 [ 1035.321453] ? user_path_at_empty+0x123/0x140 [ 1035.321453] ? do_readlinkat+0x164/0x520 [ 1035.321453] ? __se_sys_readlink+0x99/0xc0 [ 1035.321453] ? __x64_sys_readlink+0x4a/0x70 [ 1035.321453] ? do_syscall_64+0xcf/0x110 [ 1035.321453] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1035.321453] ? __msan_get_context_state+0x9/0x20 [ 1035.321453] ? INIT_INT+0xc/0x30 [ 1035.321453] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1035.321453] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1035.321453] kmsan_memcpy_origins+0x13d/0x190 [ 1035.321453] __msan_memcpy+0x6f/0x80 [ 1035.321453] pskb_expand_head+0x436/0x1d20 [ 1035.321453] skb_shift+0xce2/0x2d10 [ 1035.321453] tcp_sacktag_walk+0x2156/0x29d0 [ 1035.321453] tcp_sacktag_write_queue+0x2805/0x4630 [ 1035.321453] tcp_ack+0x2888/0xa010 [ 1035.321453] ? tcp_parse_options+0xbe/0x1cf0 [ 1035.321453] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1035.321453] ? tcp_parse_options+0x1c55/0x1cf0 [ 1035.321453] tcp_rcv_established+0xf7e/0x2940 [ 1035.321453] ? __msan_get_context_state+0x9/0x20 [ 1035.321453] tcp_v4_do_rcv+0x686/0xd80 [ 1035.321453] tcp_v4_rcv+0x5a13/0x6520 [ 1035.321453] ? tcp_filter+0x260/0x260 [ 1035.321453] ip_local_deliver_finish+0x8d8/0xff0 [ 1035.321453] ? nf_hook_slow+0x36f/0x3d0 [ 1035.321453] ip_local_deliver+0x44b/0x510 [ 1035.321453] ? ip_local_deliver+0x510/0x510 [ 1035.321453] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1035.321453] ip_rcv+0x6b6/0x740 [ 1035.321453] ? ip_rcv_core+0x1370/0x1370 [ 1035.321453] process_backlog+0x82b/0x11e0 [ 1035.321453] ? ip_local_deliver_finish+0xff0/0xff0 [ 1035.321453] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1035.321453] net_rx_action+0x98f/0x1d50 [ 1035.321453] ? net_tx_action+0xf20/0xf20 [ 1035.321453] __do_softirq+0x721/0xc7f [ 1035.321453] irq_exit+0x305/0x340 [ 1035.321453] exiting_irq+0xe/0x10 [ 1035.321453] smp_apic_timer_interrupt+0x64/0x90 [ 1035.321453] apic_timer_interrupt+0xf/0x20 [ 1035.321453] [ 1035.321453] RIP: 0010:kmsan_get_shadow_origin_ptr+0x1bf/0x410 [ 1035.321453] Code: e9 0f 83 e1 7f 48 c1 e1 05 48 01 ca 0f 84 9f 00 00 00 48 85 c0 0f 84 96 00 00 00 48 8b 0a 83 e1 02 48 85 c9 0f 84 87 00 00 00 <48> 8b 48 40 48 85 c9 0f 84 eb 01 00 00 48 8b 50 48 48 85 d2 0f 84 [ 1035.321453] RSP: 0018:ffff88811373f6e0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 1035.321453] RAX: ffffea000674b7a0 RBX: ffffffff8c91d000 RCX: 000000000674b7a0 [ 1035.321453] RDX: 0000000000000000 RSI: ffff88819373f778 RDI: 0000000000000440 [ 1035.321453] RBP: ffff88811373f710 R08: ffff888000000000 R09: 0000000000000002 [ 1035.321453] R10: ffffffff8b0013f8 R11: ffffffff8257e340 R12: ffff88819373f778 [ 1035.321453] R13: ffff88811373f778 R14: ffffffff8c91c000 R15: ffff88811373f778 [ 1035.321453] ? kernfs_put+0xe90/0xe90 [ 1035.321453] ? __entry_text_end+0x7/0x7 [ 1035.321453] __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1035.321453] mutex_unlock+0x14b/0x300 [ 1035.321453] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 1035.321453] ? strcmp+0x83/0x160 [ 1035.321453] kernfs_dop_revalidate+0x61c/0x630 [ 1035.321453] ? kernfs_put+0xe90/0xe90 [ 1035.321453] lookup_fast+0x8d6/0x1750 [ 1035.321453] walk_component+0x11d/0xba0 [ 1035.321453] link_path_walk+0xb6c/0x21a0 [ 1035.321453] path_lookupat+0x1ab/0x1100 [ 1035.321453] ? user_path_at_empty+0x123/0x140 [ 1035.321453] filename_lookup+0x323/0xbe0 [ 1035.321453] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1035.321453] ? getname_flags+0x608/0xac0 [ 1035.321453] user_path_at_empty+0x123/0x140 [ 1035.321453] do_readlinkat+0x164/0x520 [ 1035.321453] ? prepare_exit_to_usermode+0x182/0x4c0 [ 1035.321453] __se_sys_readlink+0x99/0xc0 [ 1035.321453] __x64_sys_readlink+0x4a/0x70 [ 1035.321453] do_syscall_64+0xcf/0x110 [ 1035.321453] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1035.321453] RIP: 0033:0x7f48ab124577 [ 1035.321453] Code: f0 ff ff 77 02 f3 c3 48 8b 15 bd 38 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 90 90 b8 59 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 91 38 2b 00 31 d2 48 29 c2 64 [ 1035.321453] RSP: 002b:00007ffd8f0614a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000059 [ 1035.321453] RAX: ffffffffffffffda RBX: 000000000203e250 RCX: 00007f48ab124577 [ 1035.321453] RDX: 0000000000000400 RSI: 00007ffd8f0614b0 RDI: 00007ffd8f061990 [ 1035.321453] RBP: 000000000203ef80 R08: 000000000203ef80 R09: 7665642f7379732f [ 1035.321453] R10: 7269762f73656369 R11: 0000000000000246 R12: 00007ffd8f061990 [ 1035.321453] R13: 0000000000000400 R14: 000000000203e250 R15: 000000000000000b [ 1035.321453] Uninit was stored to memory at: [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] __msan_chain_origin+0x6d/0xb0 [ 1035.321453] __save_stack_trace+0x8be/0xc60 [ 1035.321453] save_stack_trace+0xc6/0x110 [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] kmsan_memcpy_origins+0x13d/0x190 [ 1035.321453] __msan_memcpy+0x6f/0x80 [ 1035.321453] pskb_expand_head+0x436/0x1d20 [ 1035.321453] skb_shift+0xce2/0x2d10 [ 1035.321453] tcp_sacktag_walk+0x2156/0x29d0 [ 1035.321453] tcp_sacktag_write_queue+0x2805/0x4630 [ 1035.321453] tcp_ack+0x2888/0xa010 [ 1035.321453] tcp_rcv_established+0xf7e/0x2940 [ 1035.321453] tcp_v4_do_rcv+0x686/0xd80 [ 1035.321453] tcp_v4_rcv+0x5a13/0x6520 [ 1035.321453] ip_local_deliver_finish+0x8d8/0xff0 [ 1035.321453] ip_local_deliver+0x44b/0x510 [ 1035.321453] ip_rcv+0x6b6/0x740 [ 1035.321453] process_backlog+0x82b/0x11e0 [ 1035.321453] net_rx_action+0x98f/0x1d50 [ 1035.321453] __do_softirq+0x721/0xc7f [ 1035.321453] [ 1035.321453] Uninit was stored to memory at: [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] __msan_chain_origin+0x6d/0xb0 [ 1035.321453] __save_stack_trace+0x8be/0xc60 [ 1035.321453] save_stack_trace+0xc6/0x110 [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] kmsan_memcpy_origins+0x13d/0x190 [ 1035.321453] __msan_memcpy+0x6f/0x80 [ 1035.321453] pskb_expand_head+0x436/0x1d20 [ 1035.321453] skb_shift+0xce2/0x2d10 [ 1035.321453] tcp_sacktag_walk+0x2156/0x29d0 [ 1035.321453] tcp_sacktag_write_queue+0x2805/0x4630 [ 1035.321453] tcp_ack+0x2888/0xa010 [ 1035.321453] tcp_rcv_established+0xf7e/0x2940 [ 1035.321453] tcp_v4_do_rcv+0x686/0xd80 [ 1035.321453] tcp_v4_rcv+0x5a13/0x6520 [ 1035.321453] ip_local_deliver_finish+0x8d8/0xff0 [ 1035.321453] ip_local_deliver+0x44b/0x510 [ 1035.321453] ip_rcv+0x6b6/0x740 [ 1035.321453] process_backlog+0x82b/0x11e0 [ 1035.321453] net_rx_action+0x98f/0x1d50 [ 1035.321453] __do_softirq+0x721/0xc7f [ 1035.321453] [ 1035.321453] Uninit was stored to memory at: [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] __msan_chain_origin+0x6d/0xb0 [ 1035.321453] __save_stack_trace+0x8be/0xc60 [ 1035.321453] save_stack_trace+0xc6/0x110 [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] kmsan_memcpy_origins+0x13d/0x190 [ 1035.321453] __msan_memcpy+0x6f/0x80 [ 1035.321453] pskb_expand_head+0x436/0x1d20 [ 1035.321453] skb_shift+0xce2/0x2d10 [ 1035.321453] tcp_sacktag_walk+0x2156/0x29d0 [ 1035.321453] tcp_sacktag_write_queue+0x2805/0x4630 [ 1035.321453] tcp_ack+0x2888/0xa010 [ 1035.321453] tcp_rcv_established+0xf7e/0x2940 [ 1035.321453] tcp_v4_do_rcv+0x686/0xd80 [ 1035.321453] tcp_v4_rcv+0x5a13/0x6520 [ 1035.321453] ip_local_deliver_finish+0x8d8/0xff0 [ 1035.321453] ip_local_deliver+0x44b/0x510 [ 1035.321453] ip_rcv+0x6b6/0x740 [ 1035.321453] process_backlog+0x82b/0x11e0 [ 1035.321453] net_rx_action+0x98f/0x1d50 [ 1035.321453] __do_softirq+0x721/0xc7f [ 1035.321453] [ 1035.321453] Uninit was stored to memory at: [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] __msan_chain_origin+0x6d/0xb0 [ 1035.321453] __save_stack_trace+0x8be/0xc60 [ 1035.321453] save_stack_trace+0xc6/0x110 [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] kmsan_memcpy_origins+0x13d/0x190 [ 1035.321453] __msan_memcpy+0x6f/0x80 [ 1035.321453] pskb_expand_head+0x436/0x1d20 [ 1035.321453] skb_shift+0xce2/0x2d10 [ 1035.321453] tcp_sacktag_walk+0x2156/0x29d0 [ 1035.321453] tcp_sacktag_write_queue+0x2805/0x4630 [ 1035.321453] tcp_ack+0x2888/0xa010 [ 1035.321453] tcp_rcv_established+0xf7e/0x2940 [ 1035.321453] tcp_v4_do_rcv+0x686/0xd80 [ 1035.321453] tcp_v4_rcv+0x5a13/0x6520 [ 1035.321453] ip_local_deliver_finish+0x8d8/0xff0 [ 1035.321453] ip_local_deliver+0x44b/0x510 [ 1035.321453] ip_rcv+0x6b6/0x740 [ 1035.321453] process_backlog+0x82b/0x11e0 [ 1035.321453] net_rx_action+0x98f/0x1d50 [ 1035.321453] __do_softirq+0x721/0xc7f [ 1035.321453] [ 1035.321453] Uninit was stored to memory at: [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] __msan_chain_origin+0x6d/0xb0 [ 1035.321453] __save_stack_trace+0x8be/0xc60 [ 1035.321453] save_stack_trace+0xc6/0x110 [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] kmsan_memcpy_origins+0x13d/0x190 [ 1035.321453] __msan_memcpy+0x6f/0x80 [ 1035.321453] pskb_expand_head+0x436/0x1d20 [ 1035.321453] skb_shift+0xce2/0x2d10 [ 1035.321453] tcp_sacktag_walk+0x2156/0x29d0 [ 1035.321453] tcp_sacktag_write_queue+0x2805/0x4630 [ 1035.321453] tcp_ack+0x2888/0xa010 [ 1035.321453] tcp_rcv_established+0xf7e/0x2940 [ 1035.321453] tcp_v4_do_rcv+0x686/0xd80 [ 1035.321453] tcp_v4_rcv+0x5a13/0x6520 [ 1035.321453] ip_local_deliver_finish+0x8d8/0xff0 [ 1035.321453] ip_local_deliver+0x44b/0x510 [ 1035.321453] ip_rcv+0x6b6/0x740 [ 1035.321453] process_backlog+0x82b/0x11e0 [ 1035.321453] net_rx_action+0x98f/0x1d50 [ 1035.321453] __do_softirq+0x721/0xc7f [ 1035.321453] [ 1035.321453] Uninit was stored to memory at: [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] __msan_chain_origin+0x6d/0xb0 [ 1035.321453] __save_stack_trace+0x8be/0xc60 [ 1035.321453] save_stack_trace+0xc6/0x110 [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] kmsan_memcpy_origins+0x13d/0x190 [ 1035.321453] __msan_memcpy+0x6f/0x80 [ 1035.321453] pskb_expand_head+0x436/0x1d20 [ 1035.321453] skb_shift+0xce2/0x2d10 [ 1035.321453] tcp_sacktag_walk+0x2156/0x29d0 [ 1035.321453] tcp_sacktag_write_queue+0x2805/0x4630 [ 1035.321453] tcp_ack+0x2888/0xa010 [ 1035.321453] tcp_rcv_established+0xf7e/0x2940 [ 1035.321453] tcp_v4_do_rcv+0x686/0xd80 [ 1035.321453] tcp_v4_rcv+0x5a13/0x6520 [ 1035.321453] ip_local_deliver_finish+0x8d8/0xff0 [ 1035.321453] ip_local_deliver+0x44b/0x510 [ 1035.321453] ip_rcv+0x6b6/0x740 [ 1035.321453] process_backlog+0x82b/0x11e0 [ 1035.321453] net_rx_action+0x98f/0x1d50 [ 1035.321453] __do_softirq+0x721/0xc7f [ 1035.321453] [ 1035.321453] Uninit was stored to memory at: [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] __msan_chain_origin+0x6d/0xb0 [ 1035.321453] __save_stack_trace+0x8be/0xc60 [ 1035.321453] save_stack_trace+0xc6/0x110 [ 1035.321453] kmsan_internal_chain_origin+0x136/0x240 [ 1035.321453] kmsan_memcpy_origins+0x13d/0x190 [ 1035.321453] __msan_memcpy+0x6f/0x80 [ 1035.321453] pskb_expand_head+0x436/0x1d20 [ 1035.321453] skb_shift+0xce2/0x2d10 [ 1035.321453] tcp_sacktag_walk+0x2156/0x29d0 [ 1035.321453] tcp_sacktag_write_queue+0x2805/0x4630 [ 1035.321453] tcp_ack+0x2888/0xa010 [ 1035.321453] tcp_rcv_established+0xf7e/0x2940 [ 1035.321453] tcp_v4_do_rcv+0x686/0xd80 [ 1035.321453] tcp_v4_rcv+0x5a13/0x6520 [ 1035.321453] ip_local_deliver_finish+0x8d8/0xff0 [ 1035.321453] ip_local_deliver+0x44b/0x510 [ 1035.321453] ip_rcv+0x6b6/0x740 [ 1035.321453] process_backlog+0x82b/0x11e0 [ 1035.321453] net_rx_action+0x98f/0x1d50 [ 1035.321453] __do_softirq+0x721/0xc7f [ 1035.321453] [ 1035.321453] Local variable description: ----v.addr.i.i.i@run_posix_cpu_timers [ 1035.321453] Variable was created at: [ 1035.321453] run_posix_cpu_timers+0xbb/0x4720 [ 1035.321453] update_process_times+0x1b0/0x1e0 06:19:07 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") 06:19:07 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:07 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)) r2 = dup3(0xffffffffffffffff, r0, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)) 06:19:08 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c12") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:08 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) 06:19:08 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:08 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:08 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c12") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:08 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:08 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:08 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c12628571") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:09 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)) r3 = dup3(r1, 0xffffffffffffffff, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)) 06:19:09 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) 06:19:09 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000380), &(0x7f00000001c0)) 06:19:09 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:09 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:09 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c12628571") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:09 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1038.830252] not chained 490000 origins [ 1038.832015] CPU: 1 PID: 30166 Comm: syz-executor4 Not tainted 4.20.0-rc3+ #89 [ 1038.832015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1038.832015] Call Trace: [ 1038.832015] dump_stack+0x32d/0x480 [ 1038.832015] kmsan_internal_chain_origin+0x222/0x240 [ 1038.832015] ? save_stack_trace+0xc6/0x110 [ 1038.832015] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1038.832015] ? kmsan_internal_chain_origin+0x90/0x240 [ 1038.832015] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1038.832015] ? is_bpf_text_address+0x49e/0x4d0 [ 1038.832015] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1038.832015] ? in_task_stack+0x12c/0x210 [ 1038.832015] __msan_chain_origin+0x6d/0xb0 [ 1038.832015] ? tcp_ack+0x2888/0xa010 [ 1038.832015] __save_stack_trace+0x8be/0xc60 [ 1038.832015] ? tcp_ack+0x2888/0xa010 [ 1038.832015] save_stack_trace+0xc6/0x110 [ 1038.832015] kmsan_internal_chain_origin+0x136/0x240 [ 1038.832015] ? __se_sys_sendto+0x107/0x130 [ 1038.832015] ? kmsan_internal_chain_origin+0x136/0x240 [ 1038.832015] ? kmsan_memcpy_origins+0x13d/0x190 [ 1038.832015] ? __msan_memcpy+0x6f/0x80 [ 1038.832015] ? pskb_expand_head+0x436/0x1d20 [ 1038.832015] ? tcp_fragment+0x378/0x21d0 [ 1038.832015] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1038.832015] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1038.832015] ? tcp_ack+0x2888/0xa010 [ 1038.832015] ? tcp_rcv_established+0xf7e/0x2940 [ 1038.832015] ? tcp_v4_do_rcv+0x686/0xd80 [ 1038.832015] ? __release_sock+0x32d/0x750 [ 1038.832015] ? release_sock+0x99/0x2a0 [ 1038.832015] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1038.832015] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 1038.984215] ? tcp_sendmsg+0xb2/0x100 [ 1038.991203] ? inet_sendmsg+0x4e9/0x800 [ 1038.991203] ? __sys_sendto+0x940/0xb80 [ 1038.991203] ? __se_sys_sendto+0x107/0x130 [ 1038.991203] ? __x64_sys_sendto+0x6e/0x90 [ 1038.991203] ? do_syscall_64+0xcf/0x110 [ 1038.991203] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1038.991203] ? memcg_kmem_put_cache+0x73/0x460 [ 1038.991203] ? __msan_get_context_state+0x9/0x20 [ 1038.991203] ? INIT_INT+0xc/0x30 [ 1038.991203] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1038.991203] kmsan_memcpy_origins+0x13d/0x190 [ 1038.991203] __msan_memcpy+0x6f/0x80 [ 1038.991203] pskb_expand_head+0x436/0x1d20 [ 1038.991203] tcp_fragment+0x378/0x21d0 [ 1038.991203] ? kmsan_set_origin+0x7f/0x100 [ 1038.991203] tcp_sacktag_walk+0xe88/0x29d0 [ 1038.991203] tcp_sacktag_write_queue+0x2805/0x4630 [ 1038.991203] ? __update_load_avg_cfs_rq+0x105/0x10b0 [ 1038.991203] tcp_ack+0x2888/0xa010 [ 1038.991203] ? tcp_parse_options+0xbe/0x1cf0 [ 1038.991203] ? tcp_validate_incoming+0x50b/0x29d0 [ 1038.991203] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1038.991203] ? tcp_parse_options+0x1c55/0x1cf0 [ 1038.991203] tcp_rcv_established+0xf7e/0x2940 [ 1038.991203] ? __msan_get_context_state+0x9/0x20 [ 1038.991203] tcp_v4_do_rcv+0x686/0xd80 [ 1038.991203] ? inet_sk_rx_dst_set+0x200/0x200 [ 1038.991203] __release_sock+0x32d/0x750 [ 1038.991203] release_sock+0x99/0x2a0 [ 1038.991203] sk_stream_wait_memory+0x9cc/0x1430 [ 1038.991203] ? wait_woken+0x5b0/0x5b0 [ 1038.991203] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1038.991203] ? kmsan_internal_unpoison_shadow+0x10/0xd0 [ 1038.991203] tcp_sendmsg+0xb2/0x100 [ 1038.991203] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1038.991203] inet_sendmsg+0x4e9/0x800 [ 1038.991203] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1038.991203] ? security_socket_sendmsg+0x1bd/0x200 [ 1038.991203] ? inet_getname+0x490/0x490 [ 1038.991203] __sys_sendto+0x940/0xb80 [ 1038.991203] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 1038.991203] ? prepare_exit_to_usermode+0x182/0x4c0 [ 1038.991203] __se_sys_sendto+0x107/0x130 [ 1038.991203] __x64_sys_sendto+0x6e/0x90 [ 1038.991203] do_syscall_64+0xcf/0x110 [ 1038.991203] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1038.991203] RIP: 0033:0x457569 [ 1038.991203] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1038.991203] RSP: 002b:00007fa8e1de7c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1038.991203] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 1038.991203] RDX: fffffffffffffe6e RSI: 0000000020a88f88 RDI: 0000000000000003 [ 1038.991203] RBP: 000000000072bf00 R08: 0000000020e68000 R09: 0000000000000010 [ 1038.991203] R10: 0000000020000000 R11: 0000000000000246 R12: 00007fa8e1de86d4 [ 1038.991203] R13: 00000000004c406f R14: 00000000004d68f8 R15: 00000000ffffffff [ 1038.991203] Uninit was stored to memory at: [ 1038.991203] kmsan_internal_chain_origin+0x136/0x240 [ 1038.991203] __msan_chain_origin+0x6d/0xb0 [ 1038.991203] __save_stack_trace+0x8be/0xc60 [ 1038.991203] save_stack_trace+0xc6/0x110 [ 1038.991203] kmsan_internal_chain_origin+0x136/0x240 [ 1038.991203] kmsan_memcpy_origins+0x13d/0x190 [ 1038.991203] __msan_memcpy+0x6f/0x80 [ 1038.991203] pskb_expand_head+0x436/0x1d20 [ 1038.991203] tcp_fragment+0x378/0x21d0 [ 1038.991203] tcp_sacktag_walk+0xe88/0x29d0 [ 1038.991203] tcp_sacktag_write_queue+0x2805/0x4630 [ 1038.991203] tcp_ack+0x2888/0xa010 [ 1038.991203] tcp_rcv_established+0xf7e/0x2940 [ 1038.991203] tcp_v4_do_rcv+0x686/0xd80 [ 1038.991203] __release_sock+0x32d/0x750 [ 1038.991203] release_sock+0x99/0x2a0 [ 1038.991203] sk_stream_wait_memory+0x9cc/0x1430 [ 1038.991203] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1038.991203] tcp_sendmsg+0xb2/0x100 [ 1038.991203] inet_sendmsg+0x4e9/0x800 [ 1038.991203] __sys_sendto+0x940/0xb80 [ 1038.991203] __se_sys_sendto+0x107/0x130 [ 1038.991203] __x64_sys_sendto+0x6e/0x90 [ 1038.991203] do_syscall_64+0xcf/0x110 [ 1038.991203] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1038.991203] [ 1038.991203] Uninit was stored to memory at: [ 1038.991203] kmsan_internal_chain_origin+0x136/0x240 [ 1038.991203] __msan_chain_origin+0x6d/0xb0 [ 1038.991203] __save_stack_trace+0x8be/0xc60 [ 1038.991203] save_stack_trace+0xc6/0x110 [ 1038.991203] kmsan_internal_chain_origin+0x136/0x240 [ 1038.991203] kmsan_memcpy_origins+0x13d/0x190 [ 1038.991203] __msan_memcpy+0x6f/0x80 [ 1038.991203] pskb_expand_head+0x436/0x1d20 [ 1038.991203] tcp_fragment+0x378/0x21d0 [ 1038.991203] tcp_sacktag_walk+0xe88/0x29d0 [ 1038.991203] tcp_sacktag_write_queue+0x2805/0x4630 [ 1038.991203] tcp_ack+0x2888/0xa010 [ 1038.991203] tcp_rcv_established+0xf7e/0x2940 [ 1038.991203] tcp_v4_do_rcv+0x686/0xd80 [ 1038.991203] __release_sock+0x32d/0x750 [ 1038.991203] release_sock+0x99/0x2a0 [ 1038.991203] sk_stream_wait_memory+0x9cc/0x1430 [ 1038.991203] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1038.991203] tcp_sendmsg+0xb2/0x100 [ 1038.991203] inet_sendmsg+0x4e9/0x800 [ 1038.991203] __sys_sendto+0x940/0xb80 [ 1038.991203] __se_sys_sendto+0x107/0x130 [ 1038.991203] __x64_sys_sendto+0x6e/0x90 [ 1038.991203] do_syscall_64+0xcf/0x110 [ 1038.991203] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1038.991203] [ 1038.991203] Uninit was stored to memory at: [ 1038.991203] kmsan_internal_chain_origin+0x136/0x240 [ 1038.991203] __msan_chain_origin+0x6d/0xb0 [ 1038.991203] __save_stack_trace+0x8be/0xc60 [ 1038.991203] save_stack_trace+0xc6/0x110 [ 1038.991203] kmsan_internal_chain_origin+0x136/0x240 [ 1038.991203] kmsan_memcpy_origins+0x13d/0x190 [ 1038.991203] __msan_memcpy+0x6f/0x80 [ 1038.991203] pskb_expand_head+0x436/0x1d20 [ 1038.991203] tcp_fragment+0x378/0x21d0 [ 1038.991203] tcp_sacktag_walk+0xe88/0x29d0 [ 1038.991203] tcp_sacktag_write_queue+0x2805/0x4630 [ 1038.991203] tcp_ack+0x2888/0xa010 [ 1038.991203] tcp_rcv_established+0xf7e/0x2940 [ 1038.991203] tcp_v4_do_rcv+0x686/0xd80 [ 1038.991203] __release_sock+0x32d/0x750 [ 1038.991203] release_sock+0x99/0x2a0 [ 1038.991203] sk_stream_wait_memory+0x9cc/0x1430 [ 1038.991203] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1038.991203] tcp_sendmsg+0xb2/0x100 [ 1038.991203] inet_sendmsg+0x4e9/0x800 [ 1038.991203] __sys_sendto+0x940/0xb80 [ 1038.991203] __se_sys_sendto+0x107/0x130 [ 1038.991203] __x64_sys_sendto+0x6e/0x90 [ 1038.991203] do_syscall_64+0xcf/0x110 [ 1038.991203] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1038.991203] [ 1038.991203] Uninit was stored to memory at: [ 1038.991203] kmsan_internal_chain_origin+0x136/0x240 [ 1038.991203] __msan_chain_origin+0x6d/0xb0 [ 1038.991203] __save_stack_trace+0x8be/0xc60 [ 1038.991203] save_stack_trace+0xc6/0x110 [ 1038.991203] kmsan_internal_chain_origin+0x136/0x240 [ 1038.991203] kmsan_memcpy_origins+0x13d/0x190 [ 1038.991203] __msan_memcpy+0x6f/0x80 [ 1038.991203] pskb_expand_head+0x436/0x1d20 [ 1038.991203] tcp_fragment+0x378/0x21d0 [ 1038.991203] tcp_sacktag_walk+0xe88/0x29d0 [ 1038.991203] tcp_sacktag_write_queue+0x2805/0x4630 [ 1038.991203] tcp_ack+0x2888/0xa010 [ 1038.991203] tcp_rcv_established+0xf7e/0x2940 [ 1038.991203] tcp_v4_do_rcv+0x686/0xd80 [ 1038.991203] __release_sock+0x32d/0x750 [ 1038.991203] release_sock+0x99/0x2a0 [ 1038.991203] sk_stream_wait_memory+0x9cc/0x1430 [ 1038.991203] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1038.991203] tcp_sendmsg+0xb2/0x100 [ 1038.991203] inet_sendmsg+0x4e9/0x800 [ 1038.991203] __sys_sendto+0x940/0xb80 [ 1038.991203] __se_sys_sendto+0x107/0x130 [ 1038.991203] __x64_sys_sendto+0x6e/0x90 [ 1038.991203] do_syscall_64+0xcf/0x110 [ 1038.991203] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1038.991203] [ 1038.991203] Uninit was stored to memory at: [ 1038.991203] kmsan_internal_chain_origin+0x136/0x240 [ 1038.991203] __msan_chain_origin+0x6d/0xb0 [ 1038.991203] __save_stack_trace+0x8be/0xc60 [ 1038.991203] save_stack_trace+0xc6/0x110 [ 1038.991203] kmsan_internal_chain_origin+0x136/0x240 [ 1038.991203] kmsan_memcpy_origins+0x13d/0x190 [ 1038.991203] __msan_memcpy+0x6f/0x80 [ 1038.991203] pskb_expand_head+0x436/0x1d20 [ 1038.991203] tcp_fragment+0x378/0x21d0 [ 1038.991203] tcp_sacktag_walk+0xe88/0x29d0 [ 1038.991203] tcp_sacktag_write_queue+0x2805/0x4630 [ 1038.991203] tcp_ack+0x2888/0xa010 [ 1038.991203] tcp_rcv_established+0xf7e/0x2940 [ 1038.991203] tcp_v4_do_rcv+0x686/0xd80 [ 1038.991203] __release_sock+0x32d/0x750 [ 1038.991203] release_sock+0x99/0x2a0 [ 1038.991203] sk_stream_wait_memory+0x9cc/0x1430 [ 1038.991203] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1039.790807] tcp_sendmsg+0xb2/0x100 [ 1039.790807] inet_sendmsg+0x4e9/0x800 [ 1039.790807] __sys_sendto+0x940/0xb80 [ 1039.790807] __se_sys_sendto+0x107/0x130 [ 1039.810419] __x64_sys_sendto+0x6e/0x90 [ 1039.810419] do_syscall_64+0xcf/0x110 [ 1039.810419] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1039.810419] [ 1039.810419] Uninit was stored to memory at: [ 1039.810419] kmsan_internal_chain_origin+0x136/0x240 [ 1039.810419] __msan_chain_origin+0x6d/0xb0 [ 1039.810419] __save_stack_trace+0x8be/0xc60 [ 1039.810419] save_stack_trace+0xc6/0x110 [ 1039.810419] kmsan_internal_chain_origin+0x136/0x240 [ 1039.810419] kmsan_memcpy_origins+0x13d/0x190 [ 1039.810419] __msan_memcpy+0x6f/0x80 [ 1039.810419] pskb_expand_head+0x436/0x1d20 [ 1039.810419] tcp_fragment+0x378/0x21d0 [ 1039.810419] tcp_sacktag_walk+0xe88/0x29d0 [ 1039.810419] tcp_sacktag_write_queue+0x2805/0x4630 [ 1039.810419] tcp_ack+0x2888/0xa010 [ 1039.810419] tcp_rcv_established+0xf7e/0x2940 [ 1039.810419] tcp_v4_do_rcv+0x686/0xd80 [ 1039.810419] __release_sock+0x32d/0x750 [ 1039.810419] release_sock+0x99/0x2a0 [ 1039.810419] sk_stream_wait_memory+0x9cc/0x1430 [ 1039.810419] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1039.810419] tcp_sendmsg+0xb2/0x100 [ 1039.810419] inet_sendmsg+0x4e9/0x800 [ 1039.810419] __sys_sendto+0x940/0xb80 [ 1039.810419] __se_sys_sendto+0x107/0x130 [ 1039.810419] __x64_sys_sendto+0x6e/0x90 [ 1039.810419] do_syscall_64+0xcf/0x110 [ 1039.810419] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1039.810419] [ 1039.810419] Uninit was stored to memory at: [ 1039.810419] kmsan_internal_chain_origin+0x136/0x240 [ 1039.810419] __msan_chain_origin+0x6d/0xb0 [ 1039.810419] __save_stack_trace+0x8be/0xc60 [ 1039.810419] save_stack_trace+0xc6/0x110 [ 1039.810419] kmsan_internal_chain_origin+0x136/0x240 [ 1039.810419] kmsan_memcpy_origins+0x13d/0x190 [ 1039.810419] __msan_memcpy+0x6f/0x80 [ 1039.810419] pskb_expand_head+0x436/0x1d20 [ 1039.810419] tcp_fragment+0x378/0x21d0 [ 1039.810419] tcp_sacktag_walk+0xe88/0x29d0 [ 1039.810419] tcp_sacktag_write_queue+0x2805/0x4630 [ 1039.810419] tcp_ack+0x2888/0xa010 [ 1039.810419] tcp_rcv_established+0xf7e/0x2940 [ 1039.810419] tcp_v4_do_rcv+0x686/0xd80 [ 1039.810419] __release_sock+0x32d/0x750 [ 1039.810419] release_sock+0x99/0x2a0 [ 1039.810419] sk_stream_wait_memory+0x9cc/0x1430 [ 1039.810419] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1039.810419] tcp_sendmsg+0xb2/0x100 [ 1039.810419] inet_sendmsg+0x4e9/0x800 [ 1039.810419] __sys_sendto+0x940/0xb80 [ 1039.810419] __se_sys_sendto+0x107/0x130 06:19:10 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:10 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:10 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:10 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:19:10 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c12628571") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:11 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000180)=ANY=[@ANYBLOB="66696c7465720000000000fe0000000002000000edff00e449"], 0x1) ioctl$sock_ifreq(r0, 0x890b, &(0x7f0000000140)={"69666230020000000200", @ifru_map}) [ 1039.810419] __x64_sys_sendto+0x6e/0x90 [ 1039.810419] do_syscall_64+0xcf/0x110 [ 1039.810419] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1039.810419] [ 1039.810419] Local variable description: ----_tcph@tcp_packet [ 1040.050582] Variable was created at: [ 1040.050582] tcp_packet+0xe1/0x73c0 [ 1040.050582] nf_conntrack_in+0x9f0/0x1edd 06:19:11 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) 06:19:11 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x61) read(r0, &(0x7f0000000080)=""/11, 0x392) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)) dup3(r1, r0, 0x0) ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000140)) 06:19:11 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c1262857180") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:11 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) 06:19:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 06:19:11 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x803, 0x80010000000006) r2 = socket$packet(0x11, 0x808000000002, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) sendto$inet6(r1, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 06:19:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 06:19:12 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c1262857180") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:12 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) mincore(&(0x7f00003a0000/0x600000)=nil, 0x600000, &(0x7f00000002c0)=""/184) 06:19:12 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) 06:19:12 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x803, 0x80010000000006) r2 = socket$packet(0x11, 0x808000000002, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) sendto$inet6(r1, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 06:19:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 06:19:12 executing program 1: openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0) 06:19:12 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sigaltstack(&(0x7f00002cb000/0x3000)=nil, &(0x7f0000ef9ff8)) 06:19:12 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c1262857180") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:13 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) 06:19:13 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x803, 0x80010000000006) r2 = socket$packet(0x11, 0x808000000002, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) sendto$inet6(r1, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 06:19:13 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r0, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) 06:19:13 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socket$inet_tcp(0x2, 0x1, 0x0) readv(0xffffffffffffffff, &(0x7f0000000280), 0x1000000000000034) accept$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x0, @remote}, &(0x7f0000000240)=0x10) clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000280)={0xb, 0x0, 0x2}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b700000005ed0050bfa30000000000000703000028feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000005504000001ed00001d040000000000002c460000000000006b0a00fe000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000100)='EPL\x00'}, 0x48) write$tun(0xffffffffffffffff, &(0x7f0000000440)=ANY=[], 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) clock_nanosleep(0x3, 0x0, &(0x7f00000000c0)={0x0, 0x1c9c380}, &(0x7f0000000180)) mknodat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x0, 0x0) exit(0x0) 06:19:13 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:13 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x0, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:13 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) 06:19:13 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r0, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) 06:19:13 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:13 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:13 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)}], 0x1, &(0x7f0000000000)}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)="2f67726f3c23fb57e6c60f1f4b45b74d999a9a8c2ce15b26e518a4cb3a9cd12dcea440d899c22c652b3a471b4a7db7f3fef6e02e2be389de133945a385bd81e9bdeeee03000000000000005b540745df4b1dee483b157624c5bc719a099e6a3509000000398c34", 0x2761, 0x0) write$cgroup_pid(r0, &(0x7f0000000100), 0xda4fff08) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0x50, &(0x7f0000000200)}, 0x10) gettid() perf_event_open$cgroup(&(0x7f0000000900)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x800, 0x5, 0x200, 0x0, 0x8, 0x1c00000000000, 0x3, 0x0, 0xcf, 0x0, 0x3, 0x2, 0x7, 0x0, 0x8001, 0x1, 0x0, 0x8000, 0x4, 0x5, 0x0, 0x8000, 0x80000001, 0x2, 0x0, 0x0, 0x80, 0x0, 0x5, 0x200, 0x0, 0x0, 0x0, @perf_config_ext={0x8000}, 0x1000, 0x7, 0x1, 0x4, 0xb0bf, 0x5, 0xe}, r0, 0xa, r0, 0x9) r1 = perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x1f, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0), 0x12) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000040)) perf_event_open$cgroup(&(0x7f0000001c00)={0x0, 0x70, 0x81, 0x0, 0x0, 0x3, 0x0, 0x0, 0x10000, 0xa, 0x2, 0x7fffffff, 0x0, 0x1000, 0x0, 0x2, 0x8, 0x8, 0x3, 0x1, 0x3, 0xe66a, 0x6, 0x200, 0x0, 0x4, 0x3, 0x3, 0x1cd1ab66, 0x0, 0x0, 0xefa0, 0x8, 0x1, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_config_ext={0x0, 0x9}, 0x40, 0x7, 0x0, 0x7, 0x0, 0xf8c, 0x6}, r0, 0x9, r1, 0x8) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x660c, 0x0) 06:19:14 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) 06:19:14 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r0, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) 06:19:14 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:14 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:14 executing program 1: openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)="2f67726f3c23fb57e6c60f1f4b45b74d999a9a8c2ce15b26e518a4cb3a9cd12dcea440d899c22c652b3a471b4a7db7f3fef6e02e2be389de133945a385bd81e9bdeeee03000000000000005b540745df4b1dee483b157624c5bc719a099e6a3509000000398c34", 0x2761, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x2, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x3e, &(0x7f0000000040), 0x52d) 06:19:14 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) 06:19:14 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 06:19:14 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:15 executing program 1: 06:19:15 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:15 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 06:19:15 executing program 2: 06:19:15 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:15 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") socket$inet(0x10, 0x100000803, 0x4) sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:15 executing program 1: 06:19:15 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 06:19:15 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:15 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180), 0x0) 06:19:15 executing program 1: 06:19:16 executing program 2: 06:19:16 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$TCFLSH(0xffffffffffffffff, 0x80045432, 0x70affb) 06:19:16 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 06:19:16 executing program 1: 06:19:16 executing program 2: 06:19:16 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:16 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$TCFLSH(0xffffffffffffffff, 0x80045432, 0x70affb) 06:19:16 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180), 0x0) 06:19:16 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 06:19:16 executing program 2: 06:19:16 executing program 1: 06:19:16 executing program 0: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:17 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180), 0x0) 06:19:17 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$TCFLSH(0xffffffffffffffff, 0x80045432, 0x70affb) 06:19:17 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 06:19:17 executing program 2: 06:19:17 executing program 0: unshare(0x24020400) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:17 executing program 1: 06:19:17 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r0, 0x80045432, 0x70affb) 06:19:17 executing program 2: 06:19:17 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)}], 0x1}, 0x0) 06:19:17 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:17 executing program 0: unshare(0x24020400) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:17 executing program 1: 06:19:18 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r0, 0x80045432, 0x70affb) 06:19:18 executing program 2: 06:19:18 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)}], 0x1}, 0x0) 06:19:18 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r0, 0x80045432, 0x70affb) 06:19:18 executing program 0: unshare(0x24020400) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:18 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:18 executing program 1: 06:19:18 executing program 2: 06:19:18 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:18 executing program 1: 06:19:18 executing program 2: 06:19:19 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r0, 0x80045432, 0x70affb) 06:19:19 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)}], 0x1}, 0x0) 06:19:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:19 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) sendmmsg(r0, &(0x7f0000000700)=[{{&(0x7f0000000000)=@generic={0x0, "3289fc8846f0de034cf0ce61731b71d3bfc8dee92b533d06a59c1b0e392c61d4381f5d86b1fa332cb3f6f1ae15bd5ee6b155977f31d27b4b424f0e7f87281c1dc13b738fc6bd287f744dcf1e2f3aa634aff65733b9d9771c8888d9843469628f03206b15b493907732224bd6b053648cb8feaa8ec0da6fd237fb27946564"}, 0x80, &(0x7f0000000680)}}], 0x1, 0x0) 06:19:19 executing program 2: clone(0x0, &(0x7f00000000c0), &(0x7f0000000000), &(0x7f0000000180), &(0x7f0000000200)) ioprio_set$pid(0x1, 0x0, 0x0) 06:19:19 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r0, 0x80045432, 0x70affb) 06:19:19 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:19 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc4", 0x26}], 0x1}, 0x0) 06:19:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:19 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) dup3(r0, r1, 0x0) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000480)) 06:19:20 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:20 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r0, 0x80045432, 0x70affb) 06:19:20 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc4", 0x26}], 0x1}, 0x0) 06:19:20 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x3a, &(0x7f00000001c0)={@local, @dev, [], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @remote={0xac, 0x14, 0x223}, {[@rr={0x7, 0x3}]}}, @icmp=@timestamp_reply}}}}, &(0x7f0000000100)) 06:19:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:20 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) dup3(r0, r1, 0x0) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000480)) 06:19:20 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:20 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:20 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc4", 0x26}], 0x1}, 0x0) 06:19:20 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f0000000500)={'syz0\x00'}, 0x45c) ioctl$UI_SET_PHYS(r0, 0x4008556c, &(0x7f0000000000)='syz0\x00') ioctl$UI_DEV_CREATE(r0, 0x5501) [ 1050.058026] input: syz0 as /devices/virtual/input/input22 06:19:21 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) dup3(r0, r1, 0x0) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000480)) 06:19:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:21 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:21 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c6", 0x39}], 0x1}, 0x0) 06:19:21 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)) 06:19:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:21 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c6", 0x39}], 0x1}, 0x0) 06:19:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:21 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) dup3(r0, r1, 0x0) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000480)) 06:19:21 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:22 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000680)=0xfff, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x921b527a62bfd8af) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1ffc}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x400100) setsockopt$inet_tcp_int(r0, 0x6, 0xc, &(0x7f00000003c0)=0x80, 0x4) 06:19:22 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:22 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:22 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000480)) 06:19:22 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c6", 0x39}], 0x1}, 0x0) 06:19:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:22 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000402000)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000080)=0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000040), 0x1c) 06:19:22 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:23 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) dup3(r0, r1, 0x0) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000480)) 06:19:23 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:23 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf3", 0x43}], 0x1}, 0x0) 06:19:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:23 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000402000)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000080)=0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000040), 0x1c) 06:19:23 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:23 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff) dup3(r0, 0xffffffffffffffff, 0x0) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f0000000480)) 06:19:23 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:23 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf3", 0x43}], 0x1}, 0x0) 06:19:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:23 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000402000)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000080)=0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000040), 0x1c) 06:19:24 executing program 1: r0 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, r0) dup3(0xffffffffffffffff, r0, 0x0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000480)) 06:19:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:24 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:24 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000402000)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000080)=0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000040), 0x1c) 06:19:24 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf3", 0x43}], 0x1}, 0x0) 06:19:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:24 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, r1) dup3(r0, r1, 0x0) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000480)) 06:19:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:24 executing program 4: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:24 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000402000)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000080)=0x1c) 06:19:25 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc88", 0x48}], 0x1}, 0x0) 06:19:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:25 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff) dup3(r0, r1, 0x0) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000480)) 06:19:25 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:25 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:25 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000402000)={0xa, 0x0, 0x0, @loopback}, 0x1c) 06:19:25 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) dup3(0xffffffffffffffff, r1, 0x0) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000480)) 06:19:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:25 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc88", 0x48}], 0x1}, 0x0) 06:19:25 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:19:25 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:25 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) 06:19:26 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) dup3(r0, 0xffffffffffffffff, 0x0) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000480)) 06:19:26 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 06:19:26 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc88", 0x48}], 0x1}, 0x0) 06:19:26 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) 06:19:26 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x0) 06:19:26 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) dup3(r0, r1, 0x0) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f0000000480)) 06:19:26 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 06:19:26 executing program 0: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='.\x00', 0x0) r0 = socket$inet6(0xa, 0x2000000000001, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000687000)=0x9, 0x4) bind$inet6(r0, &(0x7f0000402000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000080), 0x0, 0x20000000, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) 06:19:27 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b07", 0x4a}], 0x1}, 0x0) 06:19:27 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r0, 0x80045432, 0x70affb) 06:19:27 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x0) [ 1056.215992] not chained 500000 origins [ 1056.219943] CPU: 1 PID: 30738 Comm: syz-executor0 Not tainted 4.20.0-rc3+ #89 [ 1056.221792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1056.221792] Call Trace: [ 1056.221792] dump_stack+0x32d/0x480 [ 1056.221792] ? save_stack_trace+0xc6/0x110 [ 1056.221792] kmsan_internal_chain_origin+0x222/0x240 [ 1056.221792] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1056.221792] ? is_bpf_text_address+0x49e/0x4d0 [ 1056.221792] ? INIT_INT+0xc/0x30 [ 1056.221792] ? __msan_warning+0x76/0xc0 [ 1056.221792] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1056.221792] ? __save_stack_trace+0x9f2/0xc60 [ 1056.221792] __msan_chain_origin+0x6d/0xb0 [ 1056.221792] save_stack_trace+0xfa/0x110 [ 1056.221792] kmsan_internal_chain_origin+0x136/0x240 [ 1056.221792] ? do_syscall_64+0xcf/0x110 [ 1056.221792] ? kmsan_internal_chain_origin+0x136/0x240 [ 1056.221792] ? kmsan_memcpy_origins+0x13d/0x190 [ 1056.221792] ? __msan_memcpy+0x6f/0x80 [ 1056.221792] ? skb_copy_bits+0x1d2/0xc90 [ 1056.221792] ? skb_copy+0x56c/0xba0 [ 1056.221792] ? tcp_send_synack+0x7a3/0x18f0 [ 1056.320319] ? tcp_rcv_state_process+0x275d/0x6c60 [ 1056.320319] ? tcp_v6_do_rcv+0x112b/0x21b0 [ 1056.320319] ? __release_sock+0x32d/0x750 [ 1056.333734] ? release_sock+0x99/0x2a0 [ 1056.333734] ? __inet_stream_connect+0xdff/0x15d0 [ 1056.333734] ? tcp_sendmsg_locked+0x6655/0x6c30 [ 1056.347198] ? tcp_sendmsg+0xb2/0x100 [ 1056.347198] ? inet_sendmsg+0x4e9/0x800 [ 1056.347198] ? __sys_sendto+0x940/0xb80 [ 1056.347198] ? __se_sys_sendto+0x107/0x130 [ 1056.365721] ? __x64_sys_sendto+0x6e/0x90 [ 1056.365721] ? do_syscall_64+0xcf/0x110 [ 1056.365721] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1056.365721] ? memcg_kmem_put_cache+0x73/0x460 [ 1056.365721] ? __msan_get_context_state+0x9/0x20 [ 1056.365721] ? INIT_INT+0xc/0x30 [ 1056.365721] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1056.365721] ? __msan_get_context_state+0x9/0x20 [ 1056.365721] kmsan_memcpy_origins+0x13d/0x190 [ 1056.365721] __msan_memcpy+0x6f/0x80 [ 1056.365721] skb_copy_bits+0x1d2/0xc90 [ 1056.365721] skb_copy+0x56c/0xba0 [ 1056.365721] tcp_send_synack+0x7a3/0x18f0 [ 1056.365721] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 1056.365721] tcp_rcv_state_process+0x275d/0x6c60 [ 1056.365721] ? tcp_connect+0x544e/0x6220 [ 1056.365721] tcp_v6_do_rcv+0x112b/0x21b0 [ 1056.365721] ? tcp_v6_destroy_sock+0x60/0x60 [ 1056.365721] __release_sock+0x32d/0x750 [ 1056.365721] release_sock+0x99/0x2a0 [ 1056.365721] __inet_stream_connect+0xdff/0x15d0 [ 1056.365721] ? wait_woken+0x5b0/0x5b0 [ 1056.365721] tcp_sendmsg_locked+0x6655/0x6c30 [ 1056.365721] ? aa_label_sk_perm+0xda/0x960 [ 1056.365721] ? kmsan_set_origin+0x7f/0x100 [ 1056.365721] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1056.365721] ? __msan_poison_alloca+0x1e0/0x270 [ 1056.365721] ? __local_bh_enable_ip+0x46/0x260 [ 1056.365721] ? __msan_poison_alloca+0x1e0/0x270 [ 1056.365721] tcp_sendmsg+0xb2/0x100 [ 1056.365721] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1056.365721] inet_sendmsg+0x4e9/0x800 [ 1056.365721] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1056.365721] ? security_socket_sendmsg+0x1bd/0x200 [ 1056.365721] ? inet_getname+0x490/0x490 [ 1056.365721] __sys_sendto+0x940/0xb80 [ 1056.365721] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 1056.365721] ? prepare_exit_to_usermode+0x182/0x4c0 [ 1056.365721] __se_sys_sendto+0x107/0x130 [ 1056.365721] __x64_sys_sendto+0x6e/0x90 [ 1056.365721] do_syscall_64+0xcf/0x110 [ 1056.365721] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1056.550287] RIP: 0033:0x457569 [ 1056.550287] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1056.550287] RSP: 002b:00007f90c4e7bc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1056.550287] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 1056.550287] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 1056.550287] RBP: 000000000072bf00 R08: 0000000020000040 R09: 000000000000001c [ 1056.550287] R10: 0000000020000000 R11: 0000000000000246 R12: 00007f90c4e7c6d4 [ 1056.550287] R13: 00000000004c407b R14: 00000000004d6910 R15: 00000000ffffffff [ 1056.550287] Uninit was stored to memory at: [ 1056.550287] kmsan_internal_chain_origin+0x136/0x240 [ 1056.550287] __msan_chain_origin+0x6d/0xb0 [ 1056.550287] save_stack_trace+0xfa/0x110 [ 1056.550287] kmsan_internal_chain_origin+0x136/0x240 [ 1056.550287] kmsan_memcpy_origins+0x13d/0x190 [ 1056.550287] __msan_memcpy+0x6f/0x80 [ 1056.550287] skb_copy_bits+0x1d2/0xc90 [ 1056.550287] skb_copy+0x56c/0xba0 [ 1056.658097] tcp_send_synack+0x7a3/0x18f0 06:19:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 06:19:27 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r0, 0x80045432, 0x70affb) 06:19:27 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b07", 0x4a}], 0x1}, 0x0) [ 1056.658097] tcp_rcv_state_process+0x275d/0x6c60 [ 1056.658097] tcp_v6_do_rcv+0x112b/0x21b0 [ 1056.658097] __release_sock+0x32d/0x750 [ 1056.658097] release_sock+0x99/0x2a0 [ 1056.658097] __inet_stream_connect+0xdff/0x15d0 [ 1056.658097] tcp_sendmsg_locked+0x6655/0x6c30 [ 1056.658097] tcp_sendmsg+0xb2/0x100 [ 1056.658097] inet_sendmsg+0x4e9/0x800 [ 1056.658097] __sys_sendto+0x940/0xb80 [ 1056.658097] __se_sys_sendto+0x107/0x130 [ 1056.658097] __x64_sys_sendto+0x6e/0x90 [ 1056.658097] do_syscall_64+0xcf/0x110 [ 1056.658097] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1056.658097] [ 1056.658097] Uninit was stored to memory at: [ 1056.658097] kmsan_internal_chain_origin+0x136/0x240 [ 1056.658097] __msan_chain_origin+0x6d/0xb0 [ 1056.733529] __save_stack_trace+0x833/0xc60 [ 1056.737211] save_stack_trace+0xc6/0x110 [ 1056.740423] kmsan_internal_chain_origin+0x136/0x240 [ 1056.746351] kmsan_memcpy_origins+0x13d/0x190 [ 1056.746351] __msan_memcpy+0x6f/0x80 [ 1056.753323] skb_copy_bits+0x1d2/0xc90 [ 1056.753323] skb_copy+0x56c/0xba0 [ 1056.753323] tcp_send_synack+0x7a3/0x18f0 [ 1056.765179] tcp_rcv_state_process+0x275d/0x6c60 [ 1056.770448] tcp_v6_do_rcv+0x112b/0x21b0 [ 1056.770448] __release_sock+0x32d/0x750 [ 1056.770448] release_sock+0x99/0x2a0 [ 1056.781910] __inet_stream_connect+0xdff/0x15d0 [ 1056.781910] tcp_sendmsg_locked+0x6655/0x6c30 [ 1056.781910] tcp_sendmsg+0xb2/0x100 [ 1056.781910] inet_sendmsg+0x4e9/0x800 [ 1056.781910] __sys_sendto+0x940/0xb80 [ 1056.781910] __se_sys_sendto+0x107/0x130 [ 1056.781910] __x64_sys_sendto+0x6e/0x90 [ 1056.781910] do_syscall_64+0xcf/0x110 [ 1056.812938] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1056.812938] [ 1056.812938] Uninit was stored to memory at: [ 1056.812938] kmsan_internal_chain_origin+0x136/0x240 [ 1056.827936] __msan_chain_origin+0x6d/0xb0 [ 1056.827936] save_stack_trace+0xfa/0x110 [ 1056.827936] kmsan_internal_chain_origin+0x136/0x240 [ 1056.827936] kmsan_memcpy_origins+0x13d/0x190 [ 1056.827936] __msan_memcpy+0x6f/0x80 [ 1056.827936] skb_copy_bits+0x1d2/0xc90 [ 1056.827936] skb_copy+0x56c/0xba0 [ 1056.859804] tcp_send_synack+0x7a3/0x18f0 [ 1056.859804] tcp_rcv_state_process+0x275d/0x6c60 [ 1056.870344] tcp_v6_do_rcv+0x112b/0x21b0 [ 1056.870344] __release_sock+0x32d/0x750 [ 1056.870344] release_sock+0x99/0x2a0 [ 1056.870344] __inet_stream_connect+0xdff/0x15d0 [ 1056.870344] tcp_sendmsg_locked+0x6655/0x6c30 [ 1056.870344] tcp_sendmsg+0xb2/0x100 [ 1056.870344] inet_sendmsg+0x4e9/0x800 [ 1056.870344] __sys_sendto+0x940/0xb80 [ 1056.870344] __se_sys_sendto+0x107/0x130 [ 1056.870344] __x64_sys_sendto+0x6e/0x90 [ 1056.870344] do_syscall_64+0xcf/0x110 [ 1056.870344] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1056.870344] [ 1056.870344] Uninit was stored to memory at: [ 1056.870344] kmsan_internal_chain_origin+0x136/0x240 [ 1056.870344] __msan_chain_origin+0x6d/0xb0 [ 1056.870344] __save_stack_trace+0x833/0xc60 [ 1056.870344] save_stack_trace+0xc6/0x110 [ 1056.870344] kmsan_internal_chain_origin+0x136/0x240 [ 1056.870344] kmsan_memcpy_origins+0x13d/0x190 [ 1056.870344] __msan_memcpy+0x6f/0x80 [ 1056.870344] skb_copy_bits+0x1d2/0xc90 [ 1056.870344] skb_copy+0x56c/0xba0 [ 1056.870344] tcp_send_synack+0x7a3/0x18f0 [ 1056.870344] tcp_rcv_state_process+0x275d/0x6c60 [ 1056.870344] tcp_v6_do_rcv+0x112b/0x21b0 [ 1056.870344] __release_sock+0x32d/0x750 [ 1056.870344] release_sock+0x99/0x2a0 [ 1056.870344] __inet_stream_connect+0xdff/0x15d0 [ 1056.870344] tcp_sendmsg_locked+0x6655/0x6c30 [ 1056.870344] tcp_sendmsg+0xb2/0x100 [ 1056.870344] inet_sendmsg+0x4e9/0x800 [ 1056.870344] __sys_sendto+0x940/0xb80 [ 1056.870344] __se_sys_sendto+0x107/0x130 [ 1056.870344] __x64_sys_sendto+0x6e/0x90 [ 1056.870344] do_syscall_64+0xcf/0x110 [ 1056.870344] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1056.870344] [ 1056.870344] Uninit was stored to memory at: [ 1056.870344] kmsan_internal_chain_origin+0x136/0x240 [ 1056.870344] __msan_chain_origin+0x6d/0xb0 [ 1056.870344] save_stack_trace+0xfa/0x110 [ 1056.870344] kmsan_internal_chain_origin+0x136/0x240 [ 1056.870344] kmsan_memcpy_origins+0x13d/0x190 [ 1056.870344] __msan_memcpy+0x6f/0x80 [ 1056.870344] skb_copy_bits+0x1d2/0xc90 [ 1056.870344] skb_copy+0x56c/0xba0 [ 1056.870344] tcp_send_synack+0x7a3/0x18f0 [ 1056.870344] tcp_rcv_state_process+0x275d/0x6c60 [ 1056.870344] tcp_v6_do_rcv+0x112b/0x21b0 [ 1056.870344] __release_sock+0x32d/0x750 [ 1056.870344] release_sock+0x99/0x2a0 [ 1056.870344] __inet_stream_connect+0xdff/0x15d0 [ 1056.870344] tcp_sendmsg_locked+0x6655/0x6c30 [ 1056.870344] tcp_sendmsg+0xb2/0x100 [ 1056.870344] inet_sendmsg+0x4e9/0x800 [ 1056.870344] __sys_sendto+0x940/0xb80 [ 1056.870344] __se_sys_sendto+0x107/0x130 [ 1056.870344] __x64_sys_sendto+0x6e/0x90 [ 1056.870344] do_syscall_64+0xcf/0x110 [ 1056.870344] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1056.870344] [ 1056.870344] Uninit was stored to memory at: [ 1056.870344] kmsan_internal_chain_origin+0x136/0x240 [ 1056.870344] __msan_chain_origin+0x6d/0xb0 [ 1056.870344] __save_stack_trace+0x833/0xc60 [ 1056.870344] save_stack_trace+0xc6/0x110 [ 1056.870344] kmsan_internal_chain_origin+0x136/0x240 [ 1056.870344] kmsan_memcpy_origins+0x13d/0x190 [ 1056.870344] __msan_memcpy+0x6f/0x80 [ 1056.870344] skb_copy_bits+0x1d2/0xc90 [ 1056.870344] skb_copy+0x56c/0xba0 [ 1056.870344] tcp_send_synack+0x7a3/0x18f0 [ 1056.870344] tcp_rcv_state_process+0x275d/0x6c60 [ 1056.870344] tcp_v6_do_rcv+0x112b/0x21b0 [ 1056.870344] __release_sock+0x32d/0x750 [ 1056.870344] release_sock+0x99/0x2a0 [ 1056.870344] __inet_stream_connect+0xdff/0x15d0 [ 1056.870344] tcp_sendmsg_locked+0x6655/0x6c30 [ 1056.870344] tcp_sendmsg+0xb2/0x100 [ 1056.870344] inet_sendmsg+0x4e9/0x800 [ 1056.870344] __sys_sendto+0x940/0xb80 [ 1056.870344] __se_sys_sendto+0x107/0x130 [ 1056.870344] __x64_sys_sendto+0x6e/0x90 [ 1056.870344] do_syscall_64+0xcf/0x110 [ 1056.870344] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1056.870344] [ 1056.870344] Uninit was stored to memory at: [ 1056.870344] kmsan_internal_chain_origin+0x136/0x240 [ 1056.870344] __msan_chain_origin+0x6d/0xb0 [ 1056.870344] save_stack_trace+0xfa/0x110 [ 1056.870344] kmsan_internal_chain_origin+0x136/0x240 [ 1056.870344] kmsan_memcpy_origins+0x13d/0x190 [ 1056.870344] __msan_memcpy+0x6f/0x80 [ 1056.870344] skb_copy_bits+0x1d2/0xc90 [ 1056.870344] skb_copy+0x56c/0xba0 [ 1056.870344] tcp_send_synack+0x7a3/0x18f0 [ 1056.870344] tcp_rcv_state_process+0x275d/0x6c60 [ 1056.870344] tcp_v6_do_rcv+0x112b/0x21b0 [ 1056.870344] __release_sock+0x32d/0x750 [ 1056.870344] release_sock+0x99/0x2a0 [ 1056.870344] __inet_stream_connect+0xdff/0x15d0 [ 1056.870344] tcp_sendmsg_locked+0x6655/0x6c30 [ 1056.870344] tcp_sendmsg+0xb2/0x100 [ 1056.870344] inet_sendmsg+0x4e9/0x800 [ 1056.870344] __sys_sendto+0x940/0xb80 [ 1056.870344] __se_sys_sendto+0x107/0x130 [ 1056.870344] __x64_sys_sendto+0x6e/0x90 [ 1056.870344] do_syscall_64+0xcf/0x110 06:19:28 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0xa, &(0x7f0000000680)=0xfff, 0x4) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r1, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) write$binfmt_elf64(r1, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1ffc}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x400100) setsockopt$inet_tcp_int(r1, 0x6, 0xc, &(0x7f00000003c0)=0x80, 0x4) [ 1056.870344] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1056.870344] [ 1056.870344] Local variable description: ----state.i.i@ip6_finish_output2 [ 1056.870344] Variable was created at: [ 1056.870344] ip6_finish_output2+0x87/0x22d0 [ 1056.870344] ip6_finish_output+0xc13/0xca0 06:19:28 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x0) 06:19:28 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b07", 0x4a}], 0x1}, 0x0) 06:19:28 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r0, 0x80045432, 0x70affb) 06:19:28 executing program 3: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2000000000001, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000687000), 0x4) bind$inet6(r0, &(0x7f0000402000)={0xa, 0x0, 0x0, @loopback}, 0x1c) 06:19:29 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendto$inet6(r0, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x3, @mcast2}, 0x1c) 06:19:29 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) 06:19:29 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(0xffffffffffffffff, 0x0) 06:19:29 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000000)=0xfffffffffffffc00, 0x4) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f00000001c0)) ioctl$sock_inet6_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, &(0x7f0000000040)) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) shutdown(r0, 0x1) 06:19:29 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b0798", 0x4b}], 0x1}, 0x0) 06:19:29 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:29 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:29 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b0798", 0x4b}], 0x1}, 0x0) 06:19:29 executing program 2: inotify_init() r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r0, 0x0) 06:19:29 executing program 0: r0 = socket(0x40000000002, 0x3, 0x2) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") sendto$unix(r0, &(0x7f0000000080), 0x7272, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x2a) 06:19:29 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000001080)={0x2, 0x4e20, @local}, 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000002c0)=0xc0000619, 0x4) sendto$inet(r1, &(0x7f0000000280)="85", 0x1, 0x0, &(0x7f0000000300)={0x2, 0x0, @dev}, 0x10) 06:19:30 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001500ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b0798", 0x4b}], 0x1}, 0x0) 06:19:30 executing program 2: inotify_init() r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r0, 0x0) 06:19:30 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x70affb) 06:19:30 executing program 0: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = memfd_create(&(0x7f0000001fc1)='#vmnet1nodevem1\x00', 0x0) write(r1, &(0x7f0000002000)='/', 0x1) sendfile(r1, r1, &(0x7f0000000000), 0x7f) sendfile(r1, r1, &(0x7f0000001000), 0xfec) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r1, 0x0) mount(&(0x7f00000001c0)=ANY=[], &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)='romfs\x00', 0x1000, &(0x7f00000001c0)) umount2(&(0x7f0000000080)='./file0\x00', 0x0) 06:19:30 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000000)=0xfffffffffffffc00, 0x4) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f00000001c0)) ioctl$sock_inet6_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, &(0x7f0000000040)) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) shutdown(r0, 0x1) 06:19:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x2, 0x0, 0x1000, &(0x7f0000028000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000ffc000/0x1000)=nil, 0x1000}, &(0x7f0000000200)=0x10) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f00000000c0)="c744240006000000c744240200000080c7442406000000000f01142466b8c2008ec80f070f0f369a0f2002674669f9c12c000026660f38157e0f660f0dbead00000066baf80cb8bcecb281ef66bafc0cb80b000000ef0f20d835080000000f22d8", 0x61}], 0x1, 0x0, &(0x7f0000000180), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000240)="0f21abd9f6b8fc0d8ec03e0cfcd8fa2e3e0f00d9baf80c66b89c39008866efbafc0c66b80a5e000066efbaf80c66b884929d8f66efbafc0c66b8e100000066eff2f30f19809988260f06", 0x4a}], 0x0, 0x0, &(0x7f00000001c0), 0x36c) ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, &(0x7f0000000000)={'teql0\x00', {0x2, 0x0, @dev}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:30 executing program 5: 06:19:30 executing program 2: inotify_init() r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r0, 0x0) 06:19:30 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(0xffffffffffffffff, 0x80045432, 0x70affb) [ 1059.805343] *** Guest State *** [ 1059.808849] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 1059.818000] CR4: actual=0x0000000000022040, shadow=0x0000000000020000, gh_mask=ffffffffffffe871 [ 1059.827055] CR3 = 0x0000000000000000 [ 1059.830820] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 1059.837133] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 1059.843325] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 1059.850065] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 1059.858365] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1059.866612] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1059.874832] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1059.883070] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1059.891110] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1059.899310] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 1059.907505] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 1059.915737] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 1059.923974] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 1059.932160] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 1059.938629] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 1059.946305] Interruptibility = 00000000 ActivityState = 00000000 [ 1059.952746] *** Host State *** [ 1059.956012] RIP = 0xffffffff812cfa68 RSP = 0xffff8880769df378 [ 1059.962281] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 1059.968749] FSBase=00007fcc19084700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000 [ 1059.976781] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 1059.982871] CR0=0000000080050033 CR3=000000008dab4000 CR4=00000000001426e0 [ 1059.989939] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260 [ 1059.996825] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 1060.003121] *** Control State *** [ 1060.006650] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 1060.013607] EntryControls=0000d1ff ExitControls=002fefff [ 1060.019131] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 1060.026299] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 1060.033234] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 1060.039858] reason=80000021 qualification=0000000000000000 [ 1060.046352] IDTVectoring: info=00000000 errcode=00000000 [ 1060.052014] TSC Offset = 0xfffffdc274990901 06:19:31 executing program 2: inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='.\x00', 0x80000002) r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r0, 0x0) 06:19:31 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(0xffffffffffffffff, 0x80045432, 0x70affb) 06:19:31 executing program 0: [ 1060.056451] EPT pointer = 0x00000000774b201e 06:19:31 executing program 5: 06:19:31 executing program 0: 06:19:31 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(0xffffffffffffffff, 0x80045432, 0x70affb) 06:19:31 executing program 2: inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='.\x00', 0x80000002) r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r0, 0x0) 06:19:31 executing program 3: [ 1060.786030] *** Guest State *** [ 1060.789507] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 1060.798633] CR4: actual=0x0000000000022040, shadow=0x0000000000020000, gh_mask=ffffffffffffe871 [ 1060.807744] CR3 = 0x0000000000000000 [ 1060.811543] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 1060.817751] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 1060.823932] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 1060.830668] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 1060.838891] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1060.847074] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1060.855315] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1060.863507] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1060.871543] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1060.879788] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 1060.888044] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 1060.896400] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 1060.904714] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 1060.912997] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 1060.919457] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 1060.927114] Interruptibility = 00000000 ActivityState = 00000000 [ 1060.933499] *** Host State *** [ 1060.936747] RIP = 0xffffffff812cfa68 RSP = 0xffff88808d8bf378 [ 1060.942913] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 1060.949401] FSBase=00007fcc190a5700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000 [ 1060.957412] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 1060.963489] CR0=0000000080050033 CR3=000000008dab4000 CR4=00000000001426f0 [ 1060.970563] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260 [ 1060.977414] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 1060.983720] *** Control State *** [ 1060.987274] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 1060.994219] EntryControls=0000d1ff ExitControls=002fefff [ 1060.999753] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 1061.006912] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 1061.013768] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 1061.020402] reason=80000021 qualification=0000000000000000 [ 1061.027029] IDTVectoring: info=00000000 errcode=00000000 [ 1061.032711] TSC Offset = 0xfffffdc1fa084429 [ 1061.037105] EPT pointer = 0x000000007978401e 06:19:32 executing program 4: ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045432, 0x0) 06:19:32 executing program 1: 06:19:32 executing program 3: 06:19:32 executing program 2: inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='.\x00', 0x80000002) r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r0, 0x0) 06:19:32 executing program 0: 06:19:32 executing program 5: 06:19:32 executing program 0: 06:19:32 executing program 3: 06:19:32 executing program 5: 06:19:32 executing program 2: inotify_init() inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='.\x00', 0x80000002) r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r0, 0x0) 06:19:32 executing program 1: 06:19:32 executing program 4: 06:19:32 executing program 3: 06:19:32 executing program 0: 06:19:33 executing program 5: 06:19:33 executing program 1: 06:19:33 executing program 2: inotify_init() inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='.\x00', 0x80000002) r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r0, 0x0) 06:19:33 executing program 4: 06:19:33 executing program 2: inotify_init() inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='.\x00', 0x80000002) r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r0, 0x0) 06:19:33 executing program 3: 06:19:33 executing program 0: 06:19:33 executing program 1: 06:19:33 executing program 4: 06:19:33 executing program 5: 06:19:33 executing program 0: 06:19:33 executing program 3: 06:19:33 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) 06:19:34 executing program 1: 06:19:34 executing program 4: 06:19:34 executing program 5: 06:19:34 executing program 0: 06:19:34 executing program 3: 06:19:34 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) 06:19:34 executing program 4: 06:19:34 executing program 1: 06:19:34 executing program 5: 06:19:34 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) 06:19:34 executing program 0: 06:19:34 executing program 3: 06:19:34 executing program 1: 06:19:35 executing program 5: 06:19:35 executing program 4: 06:19:35 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) 06:19:35 executing program 0: 06:19:35 executing program 5: 06:19:35 executing program 3: 06:19:35 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)) 06:19:35 executing program 4: setxattr$security_smack_entry(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)='security.SMACK64\x00', &(0x7f00000002c0)='security^^[\x00', 0xc, 0x0) r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000250007031dfffd946fa2830020200a0009000000001d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000140)={"76657469c4a20e0008004000bdefff09", 0x43732e5398416f1a}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) recvmmsg(r0, &(0x7f0000000240)=[{{&(0x7f0000000080)=@ipx, 0x80, &(0x7f0000000200), 0x0, &(0x7f0000001540)=""/4096, 0x1000}}], 0x40001c2, 0x0, 0x0) 06:19:35 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f0000000500)={'syz0\x00'}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) r1 = fcntl$dupfd(r0, 0x0, r0) writev(r1, &(0x7f0000000bc0)=[{&(0x7f0000000b40)}], 0x1) 06:19:35 executing program 0: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f0000000500)={'syz0\x00'}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0x0) 06:19:35 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f0000000500)={'syz0\x00'}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x0) [ 1064.789349] netlink: 4 bytes leftover after parsing attributes in process `syz-executor4'. [ 1064.808263] input: syz0 as /devices/virtual/input/input23 06:19:36 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) [ 1064.925050] netlink: 4 bytes leftover after parsing attributes in process `syz-executor4'. [ 1065.004126] netlink: 4 bytes leftover after parsing attributes in process `syz-executor4'. [ 1065.019792] input: syz0 as /devices/virtual/input/input27 [ 1065.062368] netlink: 4 bytes leftover after parsing attributes in process `syz-executor4'. 06:19:36 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r1, &(0x7f0000000100), 0x0, 0xc001, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) sendmsg(r1, &(0x7f0000000200)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000a40)="e694446313bf3fbb7da9fb7044d8d6bb7449171c7a0931f0465c2412cf80f5d557ceb62420f506ae868cac9ead69705ec96964f2ec4effd0c769d94debe11981cdf2a8a7994841b3bfa645b1cfa3879d6e3b1eacf164664d692f951d2d2f323df5c384294c059b4824ef9e3559e0ca12b114d17007978d7427d2427722cbd55690b6d2c53b43731d5eefeecdaf5b00f06fcb1bf690843fbc1e68cc725d256da47e593beb1f00328f79adc639bf9f8ff7a9dad39f52e0d12a1d074bd08969c4077fbc4be4a6d06f545cdea6d3024988b688bb7fe8a543e710684a830c2092d506f7a8c70b970c424e04722358f032204af7de5a7ee2fa11d17c00385fd95432ea5b4d93678dcdf0f09aca1a4e842c1570d8d53e481362d0e9f661ad20db9f7b0409c862be90feccad089349ca6bdd09b957006b3b22b62f13c721396efba767cecadb5a9bcf18f093b0e0aaa42e479b397ce0db2bf0efeb2435742523a5a2ffc4c3dc1e86162eab1431665eeecc098e7ad859d6f859b3d41bf32362619172f88a58560eb4cd837443363dd6c5d93aa3818d7b549a206040e781807d95f0dd810ab475a5007e2d6178180d3cdda9896aa51236451bffe19de27f73eb1b671f097cc2dba1bc0f4b7c51b7452f6e570b0152fb853c157f86d6a733942aa72a440f52dab3978ae8ee73147d9fa9b7a164ea737dc6b0e0eb8bbef9aa67288d38aa1274a22510b1dfa5bdf4016c6fcaa243f9b02912332397272c535f4603aef9c77f16f34b048e3df04b32eb83375cf9b740e6b6d51963499173b565ebe3856090c2e9df95e5f52ef2068a09365f0f241ce18356aca0b08888f1188205135ddd9d9781cec144eeeb30ab68cd31e46afc7c5d730edbf9988f481ff17055782d6ec1dee6488f7ef6ed60615aa8a0c10fd201d0c1f3bc48fb03cd533bac108ac1a7f3bc71743622eee36213008ec7314d39787aef46d3229765e57acba8ae2b6a0ddbc75f68976092219a29c2d11ea845fb3232ba90934ba9549dbfa323fabd51392c619109ce4b7759f2a335972262d9032b357f1df5aa280e27aa917c4a1107dd0e0968ccb9b1d0e11d1a38a670a1e82dc7a2bc4f75c46292b0d0dbfb4d3df934674a786c75f6d9f4067c8832061a06f7827e07d17334a9d12400b37d6f8f58eecfbe388e7ee1b1708bdf78288844d4b780dab9c83914c7ef40c4828a4296386356073cd0ea142d7e78798ce39c53978af30d6f570c0a5850bb19a1ca7b51c0097780673c719a89975bf52884ba20e30b777a36e6b3cba1ad1c73297ce20ebcb739d09b9c4e581713f461041c57b4b909422d38514f6112ddce864975b4ead6ef383d3ecb645938c611f9ac32069cf8749b559fb93f8fb945f5b51de634873ab7f4bc8b119f48192dc8e1f5e0f9c0978cddadef0d5e686bd89ada25b514b753b78436eaf4c3f6295570a0c39fb927ba9147b41b9f12d4b0b17f009aab928c080837436498f131d4ad0e0187212bbb940435b946fea98a755fd20ffdb3cf57cfdc06d459bb69fd1d9745397d52262630bcd8423bfe3f5fcc3c2e8589e050167c7fcaf57cdfd9eaf36dad34c6effa0d387c5d06314e030eab55aacbd8d3e74a4d5f0a0901bb5b9b47489bed052401d74b774a5d373d55d4e31a0b115a13683f8174ce6159cccba8fa93b3a77d5fdbf132d998bc26483dfee0a0050ce30a30b49156a0c4fbfa963d4d428937537b591fe6524dac4b19c4fde980e5036902ab340bb953819d2f38357c1aa74f5ebda7435a3c88b5af48599b4ce781048e056abb678a484e21252f4c4ccdeb9b69ece762f1cc32737dbd175a5c0ed03c4872cb24349658a61cb2ffa5f54bdb41d2b854d8873b3af1d4f8e39a85716db12581de7df4c065c7c3144921e467030045d28036b1718186f24e66910c4542d6b5c8642e033fc6410ff4b00f40ea57662bfa81394344218744f1a33b7ca43d8930132cf3419fc7d673a644dd02b1d133fedfeded41d0de12db74f0056c6c484f6a74b459c51a3683ecb51e07456efa8339e2573cf7014e872a93e193983a583631c0f5135588e1d48d105c6a7c581a92f0805ec83f85640f1b0804ee8e085c2a01cecd19295dd3b5e8bdb44d9545760e8724228e3f8234896851fad9e3988dd1cb40cc64fa930c2352fea071ae40488521e5ba23c4aab781a07187422a1a5435101ed7be522a09703fe2174f216d087c6e4f0ec398d0ebf8605b42b9eaea01f82706408e8f7bf7c6037441fdc84d5362911f417509d26e55d4217cb5f97f4228b5598ad4ed36a76b7ab5458fe67de606766fef1fbf4af3e2e122c960c0bfeaf212be868a417a88861f362377e98aa6c5aa5ccec0f777590dd51c31ba3ccd5f81515a8d333848a437cd44720e9db2a5c5a1919be5169e5d72812b14eb4373f384648af8d4bcc2f7ca66037dd401466f1e262ccd2d90b28f1223901e08bf2624f365d7caab28498e65cb77a34b3629f6614f03a5189173bb0bf2fd919768a056d021f064a4020de48e5634f9f46d963f0b31a731fe3e9250326b8ffc8012b44d2c90519a4b79646eb37b36aed484b351a8b0693dbd119fd6558a03e000d00670727e1983197dec5288279891bed3923a5fb6cf499aca1731a70e5d0f8ee44951e168fbdaa9005220907a046ec983e41aab159dbc7ba020a925299110a19eb6b92f78419324b517f11095e0c7beac9c01bdab66960ec57c6c5d7e03d1a8e9563ccb4689d9c3815d3e1c211f3d152240cda453d1913ea4bace978633d57f53e0895b8e05c09e24dce06d67313a55d59bda1f7ee6c33c18dd493cbc", 0x7d0}], 0x1, &(0x7f00000036c0)}, 0x0) [ 1065.103565] input: syz0 as /devices/virtual/input/input28 06:19:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000300)={0x0, &(0x7f0000000240), 0xc}) 06:19:36 executing program 3: perf_event_open$cgroup(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x4000004010}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f007e574d000330809022cfde26555dc9ecfe1974406edad38364782d63b6612854b9e49dbdcaef718197e37e870a308b1e2c798fa788a46d3025ef933e51828ab675064e2adbe9126423b4a73d68fbe99c6db2f160d49cb6cce76c27289a4f9d097354aaa5860d2383df87526baa184d90bb7729366c17bc33d765e9bc2f882a13f30300000000000000971f795d12f529fa31d2c0a775242289bce062d10d24ded5406918a66b2c75c43fe1ff458ae5cd9fec63039ba5a7b66a60ede5ccdabc7ee77660ef23587f533ec328ccdff02226021384b0c235f114ed9ade92767aecc356acdeb610df4203009f240357f7350000000000000000252f48b95bfbbb3a865535298bdc36d71db635f41c57771db77aeaff883feb3dc3a924bd5f796e396ad3af37945058839e812270bc40901fa654e7cc3292a82fc80c374dc07142a1c2e9d3caefe910ebd3b948a3bfebef5fa8d82473c7fbf3ec", 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0xc020660b, &(0x7f00000001c0)=0xfbfffffaff0) 06:19:36 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) 06:19:36 executing program 4: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r0, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x5, 0x70, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x9, 0x0, 0x10001, 0x7, 0x77, 0x401, 0x4, 0x0, 0x0, 0x10001, 0x0, 0x8, 0x0, 0x6, 0x0, 0x7ff, 0x0, 0xfffffffffffffffe, 0x80000000, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000200)}, 0x800, 0x71, 0xffffffffffffffff, 0x7}, 0x0, 0xa, 0xffffffffffffffff, 0x2) socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) write$cgroup_int(r2, &(0x7f0000000980), 0xffffff4d) close(r2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$kcm(r1, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) 06:19:36 executing program 0: perf_event_open$cgroup(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x4000004010}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f007e574d000330809022cfde26555dc9ecfe1974406edad38364782d63b6612854b9e49dbdcaef718197e37e870a308b1e2c798fa788a46d3025ef933e51828ab675064e2adbe9126423b4a73d68fbe99c6db2f160d49cb6cce76c27289a4f9d097354aaa5860d2383df87526baa184d90bb7729366c17bc33d765e9bc2f882a13f30300000000000000971f795d12f529fa31d2c0a775242289bce062d10d24ded5406918a66b2c75c43fe1ff458ae5cd9fec63039ba5a7b66a60ede5ccdabc7ee77660ef23587f533ec328ccdff02226021384b0c235f114ed9ade92767aecc356acdeb610df4203009f240357f7350000000000000000252f48b95bfbbb3a865535298bdc36d71db635f41c57771db77aeaff883feb3dc3a924bd5f796e396ad3af37945058839e812270bc40901fa654e7cc3292a82fc80c374dc07142a1c2e9d3caefe910ebd3b948a3bfebef5fa8d82473c7fbf3ec", 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0xc020660b, &(0x7f00000001c0)) 06:19:36 executing program 1: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz0\x00', 0x200002, 0x0) mkdirat$cgroup(r0, &(0x7f0000000380), 0x1ff) r1 = openat$cgroup_ro(r0, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000340)) perf_event_open(&(0x7f00000003c0)={0x5, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x97b5, 0x0, 0x0, 0x0, 0x0, 0x6, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x7, 0x77, 0x401, 0x4, 0x0, 0x3fe0000, 0x0, 0x0, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000200), 0x3}, 0x800, 0x71, 0xffffffffffffffff, 0x7, 0x7, 0x0, 0xffffffffffffff01}, 0x0, 0xa, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000440)="2f677288b9702e73746174007d88231ba79cfad631b04fb68d9fb4db977cf33fec62de80dfdfb5acfaf3d5eeb38f73553b6cc55a955c21bd4862af8f2c6bf5a75682774d76fe52fdecdf01de8c7fe9105e629655442851b5a5415cd4b43dd221c8bcb4b8b6eaaf6299aee1967b237166322ddc70aa806d384f45322e") socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) write$cgroup_int(r3, &(0x7f0000000980), 0xffffff4d) close(r3) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$kcm(r2, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) 06:19:36 executing program 3: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz0\x00', 0x200002, 0x0) mkdirat$cgroup(r0, &(0x7f0000000380), 0x1ff) r1 = openat$cgroup_ro(r0, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000340)) perf_event_open(&(0x7f00000003c0)={0x5, 0x70, 0x3, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x3, 0x97b5, 0x0, 0x0, 0x0, 0x0, 0x6, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x77, 0x401, 0x4, 0x0, 0x3fe0000, 0x10001, 0x0, 0x8, 0x0, 0x6, 0x0, 0x7ff, 0x0, 0xfffffffffffffffe, 0x80000000, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000200), 0x3}, 0x800, 0x71, 0xffffffffffffffff, 0x7, 0x7, 0x0, 0xffffffffffffff01}, 0x0, 0xa, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000440)="2f677288b9702e73746174007d88231ba79cfad631b04fb68d9fb4db977cf33fec62de80dfdfb5acfaf3d5eeb38f73553b6cc55a955c21bd4862af8f2c6bf5a75682774d76fe52fdecdf01de8c7fe9105e629655442851b5a5415cd4b43dd221c8bcb4b8b6eaaf6299aee1967b237166322ddc70aa806d384f45322e") socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) write$cgroup_int(r3, &(0x7f0000000980), 0xffffff4d) close(r3) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$kcm(r2, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) 06:19:36 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_MCE_KILL(0x21, 0x0, 0x0) 06:19:37 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(r1, 0x0) 06:19:37 executing program 0: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) close(r0) 06:19:37 executing program 5: ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000480)}) r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz'}, 0x0, 0x0, 0xffffffffffffffff) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000380)={{{@in6=@mcast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@loopback}}, &(0x7f0000000480)=0xfffffffffffffe20) stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)) keyctl$chown(0x4, r0, r1, 0x0) 06:19:37 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x80000002) r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) write$UHID_CREATE(r1, &(0x7f0000000080)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000280)=""/4096, 0x1000}, 0x120) ftruncate(0xffffffffffffffff, 0x0) 06:19:37 executing program 0: r0 = socket$inet6(0xa, 0xa000000000001, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000687000)=0x5c802861, 0x4) bind$inet6(r0, &(0x7f0000402000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0xfffffefffffffffe, &(0x7f0000f62fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 06:19:37 executing program 5: socket$inet6_udplite(0xa, 0x2, 0x88) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x7c774aac) ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) r0 = socket$inet6(0xa, 0x803, 0x3) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x2, 0x31, 0xffffffffffffffff, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)=""/49, 0x31}], 0x10000023, &(0x7f00000002c0)=""/77, 0x4d}, 0x0) recvmsg$kcm(r1, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) sendmsg(r2, &(0x7f00000001c0)={0x0, 0xff0f000000000000, &(0x7f0000000100), 0x4c, &(0x7f0000000000)}, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") 06:19:37 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r1, &(0x7f0000000000)='D', 0x1, 0x0, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10) 06:19:37 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850200002f00000027000083c5951d0095889b0be0000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) 06:19:38 executing program 3: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz0\x00', 0x200002, 0x0) mkdirat$cgroup(r0, &(0x7f0000000380), 0x1ff) r1 = openat$cgroup_ro(r0, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000340)) perf_event_open(&(0x7f00000003c0)={0x5, 0x70, 0x3, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x3, 0x97b5, 0x0, 0x0, 0x0, 0x0, 0x6, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x77, 0x401, 0x4, 0x0, 0x3fe0000, 0x10001, 0x0, 0x8, 0x0, 0x6, 0x0, 0x7ff, 0x0, 0xfffffffffffffffe, 0x80000000, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000200), 0x3}, 0x800, 0x71, 0xffffffffffffffff, 0x7, 0x7, 0x0, 0xffffffffffffff01}, 0x0, 0xa, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000440)="2f677288b9702e73746174007d88231ba79cfad631b04fb68d9fb4db977cf33fec62de80dfdfb5acfaf3d5eeb38f73553b6cc55a955c21bd4862af8f2c6bf5a75682774d76fe52fdecdf01de8c7fe9105e629655442851b5a5415cd4b43dd221c8bcb4b8b6eaaf6299aee1967b237166322ddc70aa806d384f45322e") socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) write$cgroup_int(r3, &(0x7f0000000980), 0xffffff4d) close(r3) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$kcm(r2, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) 06:19:38 executing program 1: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz0\x00', 0x200002, 0x0) mkdirat$cgroup(r0, &(0x7f0000000380), 0x1ff) r1 = openat$cgroup_ro(r0, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000340)) perf_event_open(&(0x7f00000003c0)={0x5, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x97b5, 0x0, 0x0, 0x0, 0x0, 0x6, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x7, 0x77, 0x401, 0x4, 0x0, 0x3fe0000, 0x0, 0x0, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000200), 0x3}, 0x800, 0x71, 0xffffffffffffffff, 0x7, 0x7, 0x0, 0xffffffffffffff01}, 0x0, 0xa, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000440)="2f677288b9702e73746174007d88231ba79cfad631b04fb68d9fb4db977cf33fec62de80dfdfb5acfaf3d5eeb38f73553b6cc55a955c21bd4862af8f2c6bf5a75682774d76fe52fdecdf01de8c7fe9105e629655442851b5a5415cd4b43dd221c8bcb4b8b6eaaf6299aee1967b237166322ddc70aa806d384f45322e") socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) write$cgroup_int(r3, &(0x7f0000000980), 0xffffff4d) close(r3) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$kcm(r2, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) 06:19:38 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fd0ffc)=0x2) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000001240)={'team0\x00'}) accept4$packet(0xffffffffffffffff, &(0x7f00000013c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001400)=0xc, 0x0) dup3(r1, r0, 0x0) 06:19:38 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) 06:19:38 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='meiory.events\x00', 0x26e1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) 06:19:38 executing program 0: perf_event_open(&(0x7f0000940000)={0x2, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)) gettid() r0 = socket$inet6(0xa, 0x2, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000200)={0x0, 0x0}) perf_event_open(&(0x7f0000000140)={0x5, 0x70, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x5, 0x1a, 0x7f, 0x10001, 0xfffffffffffffffb, 0x1ff, 0x1, 0xfffffffffffff0b2, 0x0, 0x0, 0x0, 0x5cb, 0x8000, 0x3, 0x1, 0x0, 0x80, 0x0, 0x100000001, 0x10001, 0x0, 0x0, 0x3ff, 0x0, 0x5, 0x401, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}, 0x0, 0x401, 0xfffc000000000000}, r1, 0x0, 0xffffffffffffffff, 0x2) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) sendmmsg(0xffffffffffffffff, &(0x7f0000007e00), 0x3ffffeb, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0) memfd_create(&(0x7f0000000100)='md5sum\\selinuxloeth0%\x00', 0x0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000240)='bbr\x00', 0x4) 06:19:39 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x12}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) ptrace$setregset(0x4209, r2, 0x0, &(0x7f0000000100)={&(0x7f0000000040)}) 06:19:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x5, 0x400000028, 0x7fff, 0x3f}, 0xe) 06:19:39 executing program 3: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x4, 0x4, 0x200000000000101}, 0x2c) 06:19:39 executing program 5: socket$inet6(0xa, 0x0, 0x3) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x5, 0x400000028, 0x7fff, 0x3f}, 0xe) 06:19:39 executing program 2: syz_emit_ethernet(0x6a, &(0x7f00000000c0)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x223}, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x223}, @dev, {[@timestamp={0x8, 0x2c, 0x0, 0x0, 0x0, [{[@rand_addr]}, {[@multicast1]}, {}, {[@loopback]}, {[@broadcast]}, {}]}]}}}}}}}, &(0x7f0000000000)) 06:19:39 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000002500)=ANY=[@ANYBLOB='\x00'], 0x1) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcdd) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) 06:19:39 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000680)='net/sockstat6\x00') ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) preadv(r1, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/248, 0xf8}], 0x1, 0x0) 06:19:39 executing program 0: pipe(&(0x7f0000000780)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfffffef3) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x12, 0x246f) read(r0, &(0x7f0000000200)=""/250, 0x50c7e3e3) r2 = socket$inet6(0xa, 0x2, 0x0) fadvise64(0xffffffffffffffff, 0x0, 0x1, 0x3) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000380)={0x16, 0x6f, 0x0, {0x1, [{}]}}, 0x16) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000640)=[@mss, @mss, @mss], 0x3) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001440)='cgroup.stat\x00', 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00') setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000007c0)='teql0\x00', 0x10) utimes(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)={{0x77359400}}) getsockopt$inet6_udp_int(r1, 0x11, 0x0, &(0x7f00000001c0), &(0x7f0000000680)=0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) fsetxattr$security_smack_entry(r0, &(0x7f0000000080)='security.SMACK64EXEC\x00', &(0x7f00000000c0)='IPVS\x00', 0x5, 0x1) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x0) ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000040)) linkat(r3, &(0x7f0000000300)='./file0\x00', r3, &(0x7f00000006c0)='./file0\x00', 0x1400) sendfile(r1, r1, &(0x7f0000000140), 0x3ff) write$UHID_CREATE2(r1, &(0x7f0000000440)={0xb, 'syz0\x00', 'syz1\x00', 'syz0\x00', 0xda, 0x1, 0x3200000000, 0x2, 0x6, 0xfff, "757709a5b8f42809bd9bd67e57352cf244e89668c087469b98fae672b70475e4d33292d7da67091db8a516ab1e76212c509f6c9c8948937dbfabfc60d2892debe623e438e35ed4f8c8a66c8f54555762138e8addf0bfa373254abebe27e00348297e0ee2713fe0d24506b90696342fe81dce0035a90e6da83fd69588be6370f07b85e91739f80124033fbd5ee23a3474f8eb882318a9b1f0e421a9141f8ea16da2190557b61d69092604eeb0082ababf226b4a21c40be27fe8de728677b2f2f7a730e5e89cb2ab4155b776a291be4bd8129120a9cc77af4dc347"}, 0x1f2) setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000340)='trusted.overlay.origin\x00', &(0x7f00000003c0)='y\x00', 0x2, 0x2) ioctl$sock_inet_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000740)) ioctl$EVIOCSREP(r3, 0x40084503, &(0x7f0000000700)=[0x81, 0x8]) ioctl$RTC_VL_CLR(r0, 0x7014) sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0) 06:19:40 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r1 = getpid() setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000000), 0x4) sched_setscheduler(r1, 0x5, &(0x7f0000000140)) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x17, &(0x7f0000000040)=[@mss, @mss], 0x2000000000000188) 06:19:40 executing program 2: prctl$PR_CAPBSET_READ(0x17, 0x400000000000020) 06:19:40 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f00000001c0), 0xfffffef3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'ip6gretap0\x00', 0x0}) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000180)={@dev={0xac, 0x14, 0x14, 0x18}, @dev={0xac, 0x14, 0x14, 0x21}, r4}, 0xc) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_tables_matches\x00') sendfile(r3, r5, &(0x7f0000000000)=0x12, 0x246f) read(r1, &(0x7f0000000200)=""/250, 0x50c7e3e3) r6 = socket$inet6(0xa, 0x2, 0x0) fadvise64(r6, 0x0, 0x1, 0x3) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001440)='cgroup.stat\x00', 0x0, 0x0) write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000001480)={0x20, 0x0, 0x0, {0x8, 0x0, 0x0, 0x7fffffff}}, 0x20) connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) ioctl$TUNSETLINK(r7, 0x400454cd, 0x0) sendmmsg(r6, &(0x7f00000092c0), 0x400000000000180, 0x0) sendto$inet6(r0, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000018, &(0x7f0000000300), 0x10f) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f00000000c0)=[@mss, @mss, @mss, @mss, @mss, @mss], 0x6) r8 = open(&(0x7f0000002000)='./bus\x00', 0x100000141042, 0x0) ftruncate(r8, 0x10099b3) sendfile(r0, r8, &(0x7f0000d83ff8), 0x8000fffffffe) connect$unix(0xffffffffffffffff, &(0x7f0000006780)=@file={0x0, './bus\x00'}, 0x6e) 06:19:40 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000040)=0x4, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @mss, @mss, @mss], 0x2217) 06:19:40 executing program 4: inotify_add_watch(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000005380)={'team0\x00'}) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) clock_gettime(0x0, &(0x7f0000005180)) recvmmsg(0xffffffffffffffff, &(0x7f0000004f00), 0x0, 0x0, &(0x7f00000051c0)) recvfrom(0xffffffffffffffff, &(0x7f0000005200)=""/101, 0x65, 0x0, &(0x7f0000005280)=@ax25={0x3, {"5f1b4f9eb63234"}}, 0x80) connect(r0, &(0x7f00000012c0)=@nl=@unspec, 0x80) 06:19:40 executing program 3: memfd_create(&(0x7f0000000080)='/dev/null\x00', 0x0) prctl$PR_GET_NAME(0x10, &(0x7f0000000100)=""/4096) 06:19:40 executing program 2: sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="000000000800120000ffff1500000000000000fd39000000000000000000800100006400e00000010000000010000000000035000000000008000000000000ff0000e80000bb000000000000000003000500000000006700423b1d632b0100200000c128f6d2eb6eddadc1000000000000080000000000000000000000c1"], 0x7e}}, 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000080)=""/228) socket$inet6(0xa, 0x80005, 0x7) r0 = socket$key(0xf, 0x3, 0x2) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f00000001c0), 0xfffffef3) read(r1, &(0x7f0000000200)=""/250, 0x50c7e3e3) r3 = socket$inet6(0xa, 0x2, 0x2000000000000000) r4 = socket$inet6(0xa, 0x1000000000002, 0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0}) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) setitimer(0x2, &(0x7f00000006c0)={{r6, r7/1000+30000}, {r5}}, &(0x7f0000000700)) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='cgroup.stat\x00', 0x0, 0x0) write$FUSE_IOCTL(r8, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x0, 0x1}}, 0x20) fsetxattr$security_smack_entry(r3, &(0x7f00000004c0)='security.SMACK64MMAP\x00', &(0x7f0000000640)='\x00', 0x1, 0x1) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, &(0x7f0000000340)) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) ioctl$sock_ifreq(r2, 0x8956, &(0x7f00000001c0)={'veth0_to_bond\x00', @ifru_addrs=@ax25={0x3, {"ee75b8edf7dee0"}, 0x40}}) getsockopt$IP6T_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x29, 0x45, &(0x7f0000000040)={'HL\x00'}, &(0x7f0000000140)=0x1e) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000a00)) connect$inet6(r3, &(0x7f0000000580)={0xa, 0x4e23, 0x1, @ipv4={[], [], @loopback}, 0xfffffffffffffffc}, 0x1c) sendmmsg(r3, &(0x7f00000092c0), 0x4ff, 0x0) request_key(&(0x7f00000003c0)='.dead\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000440)='ip6gretap0\x00', 0xfffffffffffffffa) read(r8, &(0x7f0000000380)=""/60, 0x3c) getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000d40)={{{@in6=@mcast1, @in6=@loopback}}, {{}, 0x0, @in=@local}}, &(0x7f0000000d00)=0x15c) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000840)=0xc) read$eventfd(r1, &(0x7f0000000180), 0x8) sendmmsg(r0, &(0x7f0000000040), 0x8000000000000d2, 0x40000) ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000000540)={'eql\x00', {0x2, 0x4e20, @local}}) 06:19:41 executing program 5: prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil}, 0x68) 06:19:41 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) pipe(&(0x7f0000000040)) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @mss, @mss, @mss], 0x2217) 06:19:41 executing program 4: write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) write$binfmt_aout(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="08010007a30000007d000000ffffff7f3e0100000500000000000000000000008394efd2b7dde50bbc9c50fdba8d3e8638db0d5dba23ffa019ae7bfe708144de9ff74e3ebef59c629bfc83e6f9ee66fa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xc3) r3 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) sendfile(r2, r3, 0x0, 0x5a92) sendfile(r3, r3, &(0x7f00000000c0), 0xbf99) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000)=[@mss, @mss, @mss], 0x3) sendfile(r3, r1, &(0x7f0000000240), 0xffffffff) 06:19:41 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x4) 06:19:42 executing program 0: pipe(&(0x7f0000000780)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfffffef3) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x12, 0x246f) read(r0, &(0x7f0000000200)=""/250, 0x50c7e3e3) r2 = socket$inet6(0xa, 0x2, 0x0) fadvise64(0xffffffffffffffff, 0x0, 0x1, 0x3) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000380)={0x16, 0x6f, 0x0, {0x1, [{}]}}, 0x16) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000640)=[@mss, @mss, @mss], 0x3) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001440)='cgroup.stat\x00', 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00') setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000007c0)='teql0\x00', 0x10) utimes(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)={{0x77359400}}) getsockopt$inet6_udp_int(r1, 0x11, 0x0, &(0x7f00000001c0), &(0x7f0000000680)=0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) fsetxattr$security_smack_entry(r0, &(0x7f0000000080)='security.SMACK64EXEC\x00', &(0x7f00000000c0)='IPVS\x00', 0x5, 0x1) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x0) ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000040)) linkat(r3, &(0x7f0000000300)='./file0\x00', r3, &(0x7f00000006c0)='./file0\x00', 0x1400) sendfile(r1, r1, &(0x7f0000000140), 0x3ff) write$UHID_CREATE2(r1, &(0x7f0000000440)={0xb, 'syz0\x00', 'syz1\x00', 'syz0\x00', 0xda, 0x1, 0x3200000000, 0x2, 0x6, 0xfff, "757709a5b8f42809bd9bd67e57352cf244e89668c087469b98fae672b70475e4d33292d7da67091db8a516ab1e76212c509f6c9c8948937dbfabfc60d2892debe623e438e35ed4f8c8a66c8f54555762138e8addf0bfa373254abebe27e00348297e0ee2713fe0d24506b90696342fe81dce0035a90e6da83fd69588be6370f07b85e91739f80124033fbd5ee23a3474f8eb882318a9b1f0e421a9141f8ea16da2190557b61d69092604eeb0082ababf226b4a21c40be27fe8de728677b2f2f7a730e5e89cb2ab4155b776a291be4bd8129120a9cc77af4dc347"}, 0x1f2) setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000340)='trusted.overlay.origin\x00', &(0x7f00000003c0)='y\x00', 0x2, 0x2) ioctl$sock_inet_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000740)) ioctl$EVIOCSREP(r3, 0x40084503, &(0x7f0000000700)=[0x81, 0x8]) ioctl$RTC_VL_CLR(r0, 0x7014) sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0) 06:19:42 executing program 4: 06:19:42 executing program 1: 06:19:42 executing program 3: 06:19:42 executing program 5: 06:19:42 executing program 2: 06:19:42 executing program 4: 06:19:42 executing program 2: 06:19:42 executing program 1: 06:19:42 executing program 5: 06:19:42 executing program 3: 06:19:42 executing program 4: 06:19:43 executing program 0: 06:19:43 executing program 2: 06:19:43 executing program 5: 06:19:43 executing program 4: 06:19:43 executing program 1: 06:19:43 executing program 3: 06:19:43 executing program 2: 06:19:43 executing program 5: 06:19:43 executing program 4: 06:19:43 executing program 3: 06:19:43 executing program 1: 06:19:43 executing program 0: 06:19:44 executing program 2: 06:19:44 executing program 4: 06:19:44 executing program 3: 06:19:44 executing program 5: 06:19:44 executing program 0: 06:19:44 executing program 2: 06:19:44 executing program 1: 06:19:44 executing program 3: 06:19:44 executing program 4: 06:19:44 executing program 5: 06:19:44 executing program 2: 06:19:44 executing program 1: 06:19:44 executing program 0: 06:19:45 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, r0, 0x0) 06:19:45 executing program 5: socket$nl_route(0x10, 0x3, 0x0) getsockname(0xffffffffffffffff, &(0x7f0000000100)=@generic, &(0x7f0000000240)=0x80) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendto(0xffffffffffffffff, &(0x7f0000000780), 0x0, 0x0, &(0x7f00000001c0)=@nfc_llcp={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "5af95134d8d1601f36c0844986a5ed63bc3c7940ab838da749063dbec8fb418c6469f7075074591ebcf16b88b58501faadd69dd8f33666a258f80a3958c634"}, 0x80) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000180)) setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, &(0x7f00000000c0), 0x4) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000080)=@unspec, 0xc) geteuid() lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000540), &(0x7f0000000580)=0xc) getgid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000006c0), &(0x7f0000000700)=0xc) setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='system.posix_acl_access\x00', &(0x7f0000000800)=ANY=[], 0x0, 0x0) sendto$unix(r0, &(0x7f0000000080), 0x0, 0x4000041, 0x0, 0xffffff5b) 06:19:45 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x0) 06:19:45 executing program 1: r0 = inotify_init1(0x0) stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)) stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000400), &(0x7f0000000440)=0xc) getresgid(&(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0)) getresgid(&(0x7f0000000700), &(0x7f0000000740), &(0x7f0000000780)) getresgid(&(0x7f00000007c0), &(0x7f0000000800), &(0x7f0000000840)) gettid() getpgid(0x0) creat(&(0x7f00000001c0)='./file0\x00', 0x0) getpid() inotify_add_watch(r0, &(0x7f00000000c0)='./file0\x00', 0xf0e05d0f9dde7836) 06:19:45 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f0000000140)='./bus\x00', 0x20141042, 0x0) getegid() getgid() lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000840)={{}, {}, [{}], {0x4, 0x3}}, 0x2c, 0x3) creat(&(0x7f0000000100)='./bus\x00', 0x0) write$binfmt_aout(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB], 0x0) 06:19:45 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setstatus(r1, 0x4, 0x0) 06:19:45 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, r0, 0x0) 06:19:45 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bridge0\x00'}) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0xf0}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c}, 0x1c}}, 0x0) 06:19:45 executing program 0: clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) gettid() wait4(0x0, &(0x7f0000000100), 0x80000000, &(0x7f0000000400)) clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) 06:19:45 executing program 4: inotify_init1(0x0) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KDENABIO(0xffffffffffffffff, 0x4b36) close(r0) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000045c0)=ANY=[], 0x0) setresgid(0x0, 0x0, 0x0) write$cgroup_subtree(r1, &(0x7f0000000140), 0x0) 06:19:45 executing program 2: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000040)='trusted.overlay.nlink\x00', &(0x7f0000000080)={'U-', 0x10001}, 0x28, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000100)) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000140)) ptrace$getregset(0x4204, 0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=""/3, 0x3}) connect$netlink(0xffffffffffffffff, &(0x7f00000002c0)=@unspec, 0xc) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000300)) ioctl$void(0xffffffffffffffff, 0x0) dup(0xffffffffffffffff) getpgrp(0x0) lsetxattr$trusted_overlay_opaque(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)='trusted.overlay.opaque\x00', &(0x7f0000000740)='y\x00', 0x2, 0x0) recvfrom$unix(0xffffffffffffffff, &(0x7f0000000780)=""/254, 0xfe, 0x0, &(0x7f0000000880)=@abs, 0x6e) read(r0, &(0x7f0000000900)=""/147, 0x93) 06:19:46 executing program 1: getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, &(0x7f0000000140)) ioctl$TIOCLINUX3(0xffffffffffffffff, 0x541c, &(0x7f0000000180)) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x0) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000300)) ptrace$getsig(0x4202, 0x0, 0x0, &(0x7f0000000340)) recvfrom(0xffffffffffffffff, &(0x7f0000000380)=""/4096, 0x1000, 0x0, &(0x7f0000001380)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80) write$P9_RLCREATE(0xffffffffffffffff, &(0x7f0000001400)={0x18}, 0x18) openat$urandom(0xffffffffffffff9c, &(0x7f0000001440)='/dev/urandom\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000001480)={0x0, @speck128, 0x0, "40b75d704943a975"}) prctl$PR_SVE_SET_VL(0x32, 0x0) 06:19:46 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, r0, 0x0) 06:19:46 executing program 5: setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='lo\x00', 0x10) fsetxattr(0xffffffffffffffff, &(0x7f0000000080)=@random={'user.', 'security}selfsecurityposix_acl_access)eth1wlan1&system\x00'}, &(0x7f00000000c0)='lo\x00', 0x3, 0x2) ioctl$INOTIFY_IOC_SETNEXTWD(0xffffffffffffffff, 0x40044900, 0x3) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x3, 0x7fff, 0x7, 0x8, 0x3, 0x6, 0x7fffffff, 0x140, 0x40, 0x32f, 0x3, 0x4, 0x38, 0x2, 0x7fff, 0x0, 0xfff}, [{0xd91eaa6cafc81ffa, 0x0, 0xfffffffffffffffe, 0x400, 0x7, 0xfffffffffffffff8, 0x80, 0x4}], "0080edb016b5d1354f76c3e4eedcd5987e0a3e9635306869984c46797bc66c883e1e2e089df6917714f36dadf8d021406bdbd9aa0fe6f3ea54b1585e66600aa485f4669d3535fe0a76a2ea7a4972deba3c682ef8c1732e3bbff10fe8760ae0ee2d2c1aaeac10a7f2524ffa7c", [[], [], []]}, 0x3e4) poll(&(0x7f0000000840)=[{0xffffffffffffffff, 0x4040}, {0xffffffffffffffff, 0x80}, {0xffffffffffffffff, 0x1000}, {0xffffffffffffffff, 0x8}], 0x4, 0x8) poll(&(0x7f0000000880)=[{}, {0xffffffffffffffff, 0x4000}, {0xffffffffffffffff, 0x12b5}, {}, {}], 0x5, 0x2) setxattr$security_selinux(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900)='security.selinux\x00', &(0x7f0000000940)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x3) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000980)={0x68, 0x29, 0x2, {0x100, [{{0x12, 0x3, 0x1}, 0x5ed2, 0x4, 0x7, './file0'}, {{0x0, 0x0, 0x3}, 0x6, 0x0, 0x7, './file0'}, {{0x42, 0x2, 0x4}, 0xd, 0x4, 0x7, './file0'}]}}, 0x68) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000a40)="4145f5bd3a0d00ec2e91c89ccfb520d97d63a293e2ad633d6ac30c5811a870cb5fdc2d2c63fb49e7f5501d8fea71bbe5aff17314d2fc297fbddcb4f890bbb78279bc90e8494f0c076410fb6e530d16f1e2a702791e14dc28b975f69039d266d03e922e78d78237b8f99f95e7fb1caef6ee7283498af32e85d43090229e47e90603340068d2784671ef", 0x89) 06:19:46 executing program 2: unshare(0x8000000) r0 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000040)={0x0, 0x4, 0x5}) mq_timedsend(r0, &(0x7f0000000040), 0x0, 0x0, &(0x7f00000000c0)={0x77359400}) mq_timedreceive(r0, &(0x7f0000000180)=""/204, 0xcc, 0x200000000000, &(0x7f0000000280)={0x77359400}) 06:19:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000200)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xffffffffffff0d4b}}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f00000000c0)={0x0, 0x7fffffff}) 06:19:46 executing program 0: io_setup(0xf2de, &(0x7f0000000040)) 06:19:46 executing program 1: mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4}) mq_unlink(&(0x7f0000fc4ffb)='eth0\x00') 06:19:46 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, r0, 0x0) 06:19:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000001c0)={0x2710, 0x2, 0x0, 0x1000, &(0x7f0000028000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f00000000c0)="c744240006000000c744240200000080c7442406000000000f01142466b8c2008ec80f070f0f369a0f2002674669f9c12c000026660f38157e0f660f0dbead00000066baf80cb8bcecb281ef66bafc0cb80b000000ef0f20d835080000000f22d8", 0x61}], 0x1, 0x0, &(0x7f0000000180), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) memfd_create(&(0x7f0000000040)='eth1lo^.vboxnet1ppp1\x00', 0x3) ioctl$KVM_NMI(r2, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000240)="0f21abd9f6b8fc0d8ec03e0cfcd8fa2e3e0f00d9baf80c66b89c39008866efbafc0c66b80a5e000066efbaf80c66b884929d8f66efbafc0c66b8e100000066eff2f30f19809988260f06", 0x4a}], 0x0, 0x0, &(0x7f00000001c0), 0x36c) ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, &(0x7f0000000000)={'teql0\x00', {0x2, 0x0, @dev}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:19:47 executing program 4: socket$nl_route(0x10, 0x3, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000000)) fstat(0xffffffffffffff9c, &(0x7f0000000040)) getresgid(&(0x7f00000000c0), &(0x7f00000004c0), &(0x7f0000000140)) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180), 0xc) write$binfmt_elf32(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000005fc0), 0x0, 0x0, &(0x7f0000006180)) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000000380)='trusted.overlay.opaque\x00', &(0x7f0000000480)='y\x00', 0x2, 0x0) timer_create(0x0, &(0x7f0000000100)={0x0, 0x0, 0x1}, &(0x7f0000000500)=0x0) writev(0xffffffffffffffff, &(0x7f0000005b40), 0x0) timer_delete(r0) 06:19:47 executing program 2: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz0\x00', 0x200002, 0x0) mkdirat$cgroup(r0, &(0x7f0000000380), 0x1ff) openat$cgroup_ro(r0, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000340)) perf_event_open(&(0x7f00000003c0)={0x5, 0x70, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8, 0x0, 0x6, 0x6, 0x0, 0x5, 0x9, 0x0, 0x10001, 0x7, 0x77, 0x401, 0x4, 0x0, 0x3fe0000, 0x10001, 0x0, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000200), 0x3}, 0x0, 0x71, 0x0, 0x7, 0x7, 0x0, 0xffffffffffffff01}, 0x0, 0xa, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) write$cgroup_int(r2, &(0x7f0000000980), 0xffffff4d) close(r2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$kcm(r1, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) 06:19:47 executing program 1: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz0\x00', 0x200002, 0x0) getpid() mkdirat$cgroup(r0, &(0x7f0000000380), 0x1ff) r1 = openat$cgroup_ro(r0, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000340)) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) write$cgroup_int(r3, &(0x7f0000000980), 0xffffff4d) close(r3) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$kcm(r2, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) 06:19:47 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, r0, 0x0) [ 1076.249716] *** Guest State *** [ 1076.253315] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 1076.262561] CR4: actual=0x0000000000022040, shadow=0x0000000000020000, gh_mask=ffffffffffffe871 [ 1076.271476] CR3 = 0x0000000000000000 [ 1076.275356] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 1076.281384] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 1076.287540] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 1076.294452] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 1076.302602] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1076.310633] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1076.318791] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1076.326950] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1076.335111] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1076.343248] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 1076.351307] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 1076.359439] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 1076.367617] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 1076.375791] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 1076.382373] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 1076.389939] Interruptibility = 00000000 ActivityState = 00000000 [ 1076.396371] *** Host State *** [ 1076.399614] RIP = 0xffffffff812cfa68 RSP = 0xffff8880732bf378 [ 1076.405805] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 1076.412400] FSBase=00007f500ad06700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000 [ 1076.420248] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 1076.426342] CR0=0000000080050033 CR3=0000000073094000 CR4=00000000001426f0 [ 1076.433532] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260 [ 1076.440251] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 1076.446476] *** Control State *** 06:19:47 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={0xffffffffffffffff, r0, 0x0, 0xd, &(0x7f0000000300)='rdma.current\x00'}, 0x30) perf_event_open(&(0x7f0000000400)={0x5, 0x70, 0x81, 0x200, 0x3, 0x3, 0x0, 0x4, 0x2, 0x3, 0x3, 0x7fff, 0xf21f, 0x4, 0x8000, 0x85, 0xffff, 0xba4d, 0x1, 0x20, 0x101, 0xfff, 0x5, 0x1, 0x0, 0x9ff1, 0x8001, 0x3f, 0x401, 0xd4, 0x249, 0x1, 0x0, 0x4, 0x0, 0x6, 0x0, 0x4b, 0x0, 0xffffffff, 0x3, @perf_config_ext={0x80, 0x80}, 0x10000, 0xd, 0x0, 0x0, 0x3, 0x6, 0x4}, r1, 0xffffffffffffffff, r0, 0x3) perf_event_open(&(0x7f0000000840)={0x0, 0x70, 0x0, 0x5933, 0x0, 0x0, 0x0, 0x5, 0x20000, 0x0, 0xf37, 0x400000000000a15c, 0xbe14, 0x7, 0x3f, 0xb2e5, 0x5, 0x9, 0x9, 0x4, 0x9, 0x0, 0xffffffffffffffc0, 0xb834, 0x0, 0x45, 0x6, 0x2, 0x7, 0x5, 0x6, 0x100000001, 0x0, 0x0, 0x8, 0x0, 0x2, 0xff, 0x0, 0xff, 0x1, @perf_bp={&(0x7f0000000240)}, 0x0, 0x3, 0x9, 0x5, 0x100000001, 0xb04, 0xe1ec}, r1, 0x9, r0, 0x9) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xb, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3}, [@jmp={0x5, 0x0, 0x0, 0x5, 0x8, 0xfffffffffffffff4, 0x4}, @jmp={0x5, 0x8, 0x0, 0x0, 0xa, 0x44, 0x5}, @exit, @map={0x18, 0x8}, @generic={0x8, 0x401, 0x3f, 0x3f}, @initr0={0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xffffffff}]}, &(0x7f0000000480)='GPL\x00', 0x3, 0xbb, &(0x7f0000000780)=""/187, 0x41000, 0x1, [], 0x0, 0xc}, 0x48) write$cgroup_int(r0, &(0x7f00000001c0), 0x12) write$cgroup_subtree(r2, &(0x7f0000000000)={[{0x0, 'memory'}]}, 0x200600) mkdirat$cgroup(r0, &(0x7f0000000600)='syz1\x00', 0x1ff) r3 = openat$cgroup_ro(r0, &(0x7f0000000200)='rdma.current\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000040)='[cgroup{}lo\x00'}, 0x30) openat$cgroup_type(r2, &(0x7f00000004c0)='cgroup.type\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f0000000100)=r4, 0x12) r5 = getpid() bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={r3, 0x1, 0x1, 0x0, &(0x7f0000000380)=[0x0, 0x0, 0x0], 0x3}, 0x20) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x1) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000740)={r5, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000500)='!/\x00'}, 0x30) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000400)=ANY=[], 0x0) openat$cgroup_type(r3, &(0x7f0000000280)='cgroup.type\x00', 0x2, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x5000000) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r6, 0x40042409, 0x0) [ 1076.450011] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 1076.456896] EntryControls=0000d1ff ExitControls=002fefff [ 1076.462533] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 1076.469510] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 1076.476438] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 1076.483206] reason=80000021 qualification=0000000000000000 [ 1076.489585] IDTVectoring: info=00000000 errcode=00000000 [ 1076.495200] TSC Offset = 0xfffffdb9b8311c48 [ 1076.499597] EPT pointer = 0x0000000072b7201e 06:19:47 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000ac0)='GPL\x00') socket$kcm(0xa, 0x40122000000003, 0x11) r0 = socket$kcm(0xa, 0x2, 0x11) ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, &(0x7f0000000380)) setsockopt$sock_attach_bpf(r0, 0x29, 0xb, &(0x7f0000000040), 0x52d) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000003c0)=@generic={0xc, "ddf95228adcb80d455a64ea96b388c597669d14253d4c01472089f2cfd33ee18601957bc7a0ee267debd46825d7baa4d9ff4e47649ba1ba27857ff311486d58cb08b2eb1bed032bbb59941c2626fde700c63a1aa80847916e8d614a8e84b706c2aff16592e209b8b80a7e685e9f9d3aaa59d695e36cb12585ccbda1b29d8"}, 0x80, &(0x7f00000005c0), 0x0, &(0x7f0000000600), 0x0, 0x8001}, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0x4, &(0x7f0000000140), 0x1e4) [ 1076.818866] *** Guest State *** [ 1076.822627] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 1076.831541] CR4: actual=0x0000000000022040, shadow=0x0000000000020000, gh_mask=ffffffffffffe871 [ 1076.840629] CR3 = 0x0000000000000000 [ 1076.844569] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 1076.850604] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 1076.856937] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 1076.863954] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 1076.872252] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1076.880281] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1076.888509] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1076.896707] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1076.904894] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 1076.913068] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 1076.921102] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 1076.929297] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 1076.937583] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 1076.945880] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 1076.952793] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 1076.960308] Interruptibility = 00000000 ActivityState = 00000000 [ 1076.966810] *** Host State *** [ 1076.970078] RIP = 0xffffffff812cfa68 RSP = 0xffff88807558f378 [ 1076.976425] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 1076.983041] FSBase=00007f500ace5700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000 [ 1076.990918] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 1076.997080] CR0=0000000080050033 CR3=0000000073094000 CR4=00000000001426e0 [ 1077.004300] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260 [ 1077.011017] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 1077.017342] *** Control State *** [ 1077.020849] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 1077.027792] EntryControls=0000d1ff ExitControls=002fefff [ 1077.033458] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 1077.040439] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 1077.047299] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 1077.054085] reason=80000021 qualification=0000000000000000 [ 1077.060448] IDTVectoring: info=00000000 errcode=00000000 06:19:48 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, 0xffffffffffffffff, 0x0) [ 1077.066113] TSC Offset = 0xfffffdb954caf549 [ 1077.070503] EPT pointer = 0x0000000079cc501e 06:19:48 executing program 4: r0 = socket$kcm(0xa, 0x2, 0x11) setsockopt$sock_attach_bpf(r0, 0x11, 0xb, &(0x7f0000000040), 0x52d) 06:19:48 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='memory.swap.current\x00', 0x0, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x12c, 0x10000000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='\f', 0x1}], 0x1, &(0x7f0000000580)}, 0x20008844) bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000000)=@raw, &(0x7f0000000080)='syzkaller\x00', 0x8001, 0x0, 0x0, 0x0, 0x1}, 0x48) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000380)={&(0x7f0000000340)='./file0\x00'}, 0x10) 06:19:48 executing program 2: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz0\x00', 0x200002, 0x0) mkdirat$cgroup(r0, &(0x7f0000000380), 0x1ff) openat$cgroup_ro(r0, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000340)) perf_event_open(&(0x7f00000003c0)={0x5, 0x70, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8, 0x0, 0x6, 0x6, 0x0, 0x5, 0x9, 0x0, 0x10001, 0x7, 0x77, 0x401, 0x4, 0x0, 0x3fe0000, 0x10001, 0x0, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000200), 0x3}, 0x0, 0x71, 0x0, 0x7, 0x7, 0x0, 0xffffffffffffff01}, 0x0, 0xa, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) write$cgroup_int(r2, &(0x7f0000000980), 0xffffff4d) close(r2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$kcm(r1, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) 06:19:48 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) close(r1) 06:19:48 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, 0xffffffffffffffff, 0x0) 06:19:48 executing program 1: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000240)='syz0\x00', 0x200002, 0x0) getpid() mkdirat$cgroup(r0, &(0x7f0000000380), 0x1ff) r1 = openat$cgroup_ro(r0, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000340)) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) write$cgroup_int(r3, &(0x7f0000000980), 0xffffff4d) close(r3) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$kcm(r2, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) 06:19:48 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0xfffffc8f) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10) splice(r1, 0x0, r3, 0x0, 0x10005, 0x0) 06:19:49 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) close(r1) 06:19:49 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, 0xffffffffffffffff, 0x0) 06:19:49 executing program 0: r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000080)={0x0, 0x80000001}) [ 1078.172766] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! 06:19:49 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, r0, 0x0) 06:19:49 executing program 5: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) close(r0) 06:19:49 executing program 0: r0 = socket$inet6(0xa, 0x2000000000001, 0x0) r1 = socket$inet6(0xa, 0xa000000000001, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000687000)=0x5c802861, 0x4) bind$inet6(r1, &(0x7f0000402000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000000100), 0x0, 0xfffffefffffffffe, &(0x7f0000f62fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000687000)=0x9, 0x4) bind$inet6(r0, &(0x7f0000402000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000080), 0x0, 0x20000000, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) listen(r0, 0x0) 06:19:49 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, r0, 0x0) 06:19:49 executing program 2: r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fsetxattr$trusted_overlay_opaque(r0, &(0x7f00000001c0)='trusted.overlay.opaque\x00', &(0x7f0000000200)='y\x00', 0x2, 0x0) setxattr$security_ima(&(0x7f0000000040)='./bus\x00', &(0x7f0000000080)='security.ima\x00', &(0x7f00000000c0)=@v1={0x2, "200a1f3b"}, 0x5, 0x0) [ 1078.859352] TCP: request_sock_TCPv6: Possible SYN flooding on port 20000. Sending cookies. Check SNMP counters. 06:19:50 executing program 1: 06:19:50 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, r0, 0x0) 06:19:50 executing program 5: 06:19:50 executing program 4: 06:19:50 executing program 0: 06:19:50 executing program 2: 06:19:50 executing program 1: 06:19:50 executing program 5: 06:19:50 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x108012, r0, 0x0) 06:19:50 executing program 4: 06:19:50 executing program 0: 06:19:50 executing program 2: 06:19:50 executing program 4: 06:19:50 executing program 5: 06:19:51 executing program 1: 06:19:51 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x108012, r0, 0x0) 06:19:51 executing program 0: 06:19:51 executing program 4: 06:19:51 executing program 2: 06:19:51 executing program 5: 06:19:51 executing program 4: 06:19:51 executing program 1: 06:19:51 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 06:19:51 executing program 0: 06:19:51 executing program 2: 06:19:51 executing program 4: 06:19:52 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 06:19:52 executing program 5: 06:19:52 executing program 2: 06:19:52 executing program 0: 06:19:52 executing program 1: 06:19:52 executing program 4: 06:19:52 executing program 2: 06:19:52 executing program 5: 06:19:52 executing program 0: 06:19:52 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 06:19:52 executing program 1: 06:19:52 executing program 4: 06:19:52 executing program 2: 06:19:52 executing program 5: 06:19:52 executing program 0: 06:19:53 executing program 1: 06:19:53 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x108012, 0xffffffffffffffff, 0x0) 06:19:53 executing program 2: 06:19:53 executing program 4: 06:19:53 executing program 0: 06:19:53 executing program 5: 06:19:53 executing program 1: 06:19:53 executing program 2: 06:19:53 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x108012, 0xffffffffffffffff, 0x0) 06:19:53 executing program 4: 06:19:53 executing program 0: 06:19:54 executing program 1: 06:19:54 executing program 5: 06:19:54 executing program 2: 06:19:54 executing program 4: 06:19:54 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_execute_func(&(0x7f0000000140)="cd80c20000b0b06969ef69dc00d9c4017d50ee8adcd0d01192000880410fd1b02db5d90000007cc481c653fb0fcdc4e3a95fd965eabe3c3b4d4d408064797f41dfdf400e01efc4a1fd28d29d7d2f67450f483b1c0a1a63460fc4c161fc4d96040476789f") 06:19:54 executing program 3: creat(&(0x7f0000000700)='./bus\x00', 0x0) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x108012, 0xffffffffffffffff, 0x0) 06:19:54 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x2}) r1 = syz_open_pts(r0, 0x0) read(r1, &(0x7f0000000280)=""/1, 0xfffffece) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)) syz_open_procfs(0x0, &(0x7f0000000040)='fd/4\x00') close(r0) 06:19:54 executing program 0: socketpair$unix(0x1, 0x4000000000000002, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = timerfd_create(0x0, 0x0) timerfd_gettime(r1, &(0x7f0000000000)) 06:19:54 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000940000)={0x2, 0x78, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup3(r1, r0, 0x80000) close(0xffffffffffffffff) 06:19:54 executing program 4: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00') 06:19:54 executing program 1: syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00') 06:19:54 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$inet(0x10, 0x100000803, 0x4) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001200ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 06:19:55 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:19:55 executing program 4: socket$inet6(0xa, 0x803, 0x3) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x5, 0x400000028, 0x7fff, 0x3f}, 0xe) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x80, 0x0, 0x1}) pread64(0xffffffffffffffff, &(0x7f0000001200)=""/248, 0xf8, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000280)=ANY=[], 0x0) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000100)={0x0, 0x81, 0x8001, 0x2, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x100000001}) write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000640)=ANY=[], 0x0) syz_genetlink_get_family_id$nbd(0xffffffffffffffff) 06:19:55 executing program 5: prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000240), 0x126) 06:19:55 executing program 0: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f0000000300)=ANY=[], &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)="7379736673002a864f4bc00bce1bdb20637213b1e894d120715f9dc1125b042c7226eb0136d9624ea1d23374a660fe5ac173722fd367ad22e8553025a2e8be0bc5514379af7213d32b8d5d06dc8fbf2c849ed9cdefc74b03dfa9cb5a90b28b4b24d7862c3d66fca53167d5424235435a3dbb76bc7d3c42fc2e9c696114a6f888f0da85277683cfc1c4d2bf71c255a3134d64cc3fed8e97798deb8631cbf7682c9fa2ed031465aa191df922f764297cba22a8499d177f49fba940f55bbc8b723fd374f1fed78c8aeec6811d9b5879487387d56594a14c2588274de84fa27610302b3fb54172a8c910a07e7c76ea465aa68402", 0x0, &(0x7f0000000080)) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) lseek(r0, 0x0, 0x4) 06:19:55 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000002500)=ANY=[@ANYBLOB="00696f20bc91a5522c34bee708d76f54b7ed54caa83be5694ad700a18bb62dc6db4d5ba464a153b7b10c7ac30d8ac47eeedb9e4710d6bab4ac8afd1b8f35bd12de1ce6c61cb95bc1ad4235880e157346d74180e7db01f51382f74c29abaa98b424b2851e7b5700a0a05a2162459bcc5354a8ee4891f74f9f36eda6d18f6ebb4369241264df856e2017375d100a0889341bce5ba3b871053081bf2cf0142279a7b2ef10c614d9211b3141141f701f302d2ac6540723793b70c43f28ea5bb9e8c77c3bdbb1445418e3877bbca89d63"], 0xce) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcdd) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) 06:19:55 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:19:55 executing program 3: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)) r0 = socket$inet6(0xa, 0x2, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000200)) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x3ffffeb, 0x0) 06:19:55 executing program 5: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)) gettid() r0 = socket$inet6(0xa, 0x2, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000200)={0x0, 0x0}) perf_event_open(&(0x7f0000000140)={0x5, 0x70, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x20, 0x0, 0x3, 0x0, 0x5, 0x1a, 0x7f, 0x10001, 0xfffffffffffffffb, 0x1ff, 0x1, 0xfffffffffffff0b2, 0x0, 0x0, 0x0, 0x5cb, 0x8000, 0x3, 0x1, 0x7ff, 0x80, 0x40, 0x100000001, 0x10001, 0x100, 0x0, 0x3ff, 0x10000, 0x5, 0x401, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}, 0x0, 0x401, 0xfffc000000000000, 0x0, 0xffffffffffffffff, 0x0, 0xff}, r1, 0x0, 0xffffffffffffffff, 0x2) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x3ffffeb, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0) memfd_create(&(0x7f0000000100)='md5sum\\selinuxloeth0%\x00', 0x6) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000240)='bbr\x00', 0x4) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000540)=0xc) 06:19:55 executing program 4: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x4, 0x0, &(0x7f0000000000)=[@register_looper={0x40086303}], 0x0, 0x0, &(0x7f0000000480)}) 06:19:56 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000980)="6e65742f6970365f666c6f776c6162656c006ec03114893458edc1c9d8dc4b0000ae982640d0e6bb51ff07000000000000aa319198e91f0a4d43697c2bcdf94edcc5a22a138ff33bd66432ebe5140e8bdab7fc3968286d6627a1397193227d4733c145e66536c6c275112560e72b3097843b5cdac480c3a8145473cbde841dc7cc3bb138") close(r0) [ 1084.912388] binder: 31616:31617 BC_FREE_BUFFER u0000000000000000 no match 06:19:56 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:19:56 executing program 1: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") bpf$MAP_CREATE(0x0, &(0x7f0000dec000)={0x2, 0x4, 0x400000, 0x7}, 0x2c) 06:19:56 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x6) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.events\x00', 0xea02ffe0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x50}) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x9011, r1, 0x0) 06:19:56 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:19:56 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair(0x0, 0x0, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000180)='\x00'}, 0x10) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f0000000300)={0x100, {{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}}}, 0x88) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000140)=0x78, 0x4) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r2, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000100), 0x921b527a62bfdc30) recvmsg(r2, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f00000002c0)=""/20, 0x14}, 0x100) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfef1) 06:19:56 executing program 1: seccomp(0x0, 0x0, &(0x7f0000000100)={0x0, &(0x7f00000000c0)}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r0 = gettid() clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) socketpair$inet6(0xa, 0x0, 0x0, &(0x7f00000000c0)) clock_nanosleep(0x0, 0x0, &(0x7f0000000080)={0x0, r1+10000000}, &(0x7f00000001c0)) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000000140)) clone(0x0, &(0x7f00000000c0), &(0x7f0000000000), &(0x7f0000000180), &(0x7f0000000200)) clock_gettime(0x0, &(0x7f0000000500)={0x0}) pselect6(0x40, &(0x7f0000000440)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7ff, 0xb979}, &(0x7f0000000480)={0x0, 0x7fffffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, &(0x7f00000004c0)={0x81, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff}, &(0x7f0000000540)={r2}, &(0x7f00000005c0)={&(0x7f0000000580), 0x8}) openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x4000, 0x0) tkill(r0, 0x1004000000016) openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x43fffe, 0x0) recvmsg(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)=@hci, 0x1c6, &(0x7f0000000000), 0x0, &(0x7f00000003c0)=""/75, 0xffffffffffffffd5}, 0x0) 06:19:56 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) close(r1) 06:19:57 executing program 4: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000003c0)={0x12}, 0x8) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) close(r0) [ 1086.281628] not chained 510000 origins [ 1086.284303] CPU: 0 PID: 31642 Comm: syz-executor0 Not tainted 4.20.0-rc3+ #89 [ 1086.284303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1086.284303] Call Trace: [ 1086.284303] [ 1086.284303] dump_stack+0x32d/0x480 [ 1086.284303] kmsan_internal_chain_origin+0x222/0x240 [ 1086.284303] ? __do_softirq+0x721/0xc7f [ 1086.284303] ? kmsan_internal_chain_origin+0x136/0x240 [ 1086.284303] ? __msan_chain_origin+0x6d/0xb0 [ 1086.284303] ? __save_stack_trace+0x8be/0xc60 [ 1086.284303] ? save_stack_trace+0xc6/0x110 [ 1086.284303] ? kmsan_internal_chain_origin+0x136/0x240 [ 1086.284303] ? kmsan_memcpy_origins+0x13d/0x190 [ 1086.348274] ? __msan_memcpy+0x6f/0x80 [ 1086.349437] ? pskb_expand_head+0x436/0x1d20 [ 1086.349437] ? ___pskb_trim+0x3c9/0x1bf0 [ 1086.349437] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1086.349437] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1086.349437] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1086.371890] ? ip_local_deliver+0x44b/0x510 [ 1086.371890] ? ip_rcv+0x6b6/0x740 [ 1086.371890] ? process_backlog+0x82b/0x11e0 [ 1086.385063] ? net_rx_action+0x98f/0x1d50 [ 1086.385063] ? __do_softirq+0x721/0xc7f [ 1086.385063] ? do_softirq_own_stack+0x49/0x80 [ 1086.385063] ? __local_bh_enable_ip+0x228/0x260 [ 1086.385063] ? local_bh_enable+0x36/0x40 [ 1086.385063] ? ip_finish_output2+0x1430/0x1560 [ 1086.385063] ? ip_finish_output+0xd93/0x10f0 [ 1086.385063] ? ip_output+0x55c/0x630 [ 1086.385063] ? __ip_queue_xmit+0x1bb5/0x2170 [ 1086.385063] ? ip_queue_xmit+0xcc/0xf0 [ 1086.385063] ? __tcp_transmit_skb+0x425c/0x5e00 [ 1086.385063] ? __tcp_retransmit_skb+0x2fe9/0x46c0 [ 1086.385063] ? tcp_xmit_retransmit_queue+0xea0/0x1c10 [ 1086.385063] ? tcp_ack+0x91b2/0xa010 [ 1086.385063] ? tcp_rcv_established+0xf7e/0x2940 [ 1086.385063] ? tcp_v4_do_rcv+0x686/0xd80 [ 1086.385063] ? __release_sock+0x32d/0x750 [ 1086.385063] ? sk_wait_data+0x2c3/0x920 [ 1086.385063] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1086.385063] ? inet_recvmsg+0x5b8/0x6c0 [ 1086.385063] ? sock_recvmsg+0x1d1/0x230 [ 1086.385063] ? ___sys_recvmsg+0x444/0xae0 [ 1086.385063] ? __se_sys_recvmsg+0x2fa/0x450 [ 1086.385063] ? __x64_sys_recvmsg+0x4a/0x70 [ 1086.385063] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1086.385063] ? in_task_stack+0x12c/0x210 [ 1086.385063] ? get_stack_info+0x206/0x220 [ 1086.385063] __msan_chain_origin+0x6d/0xb0 [ 1086.385063] ? tcp_v4_do_rcv+0x686/0xd80 [ 1086.385063] __save_stack_trace+0x8be/0xc60 [ 1086.385063] ? tcp_v4_do_rcv+0x686/0xd80 [ 1086.385063] save_stack_trace+0xc6/0x110 [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] ? ip_finish_output+0xd93/0x10f0 [ 1086.385063] ? sk_wait_data+0x2c3/0x920 [ 1086.385063] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1086.385063] ? inet_recvmsg+0x5b8/0x6c0 [ 1086.385063] ? kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] ? kmsan_memcpy_origins+0x13d/0x190 [ 1086.385063] ? __msan_memcpy+0x6f/0x80 [ 1086.385063] ? pskb_expand_head+0x436/0x1d20 [ 1086.385063] ? ___pskb_trim+0x3c9/0x1bf0 [ 1086.385063] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1086.385063] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1086.385063] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1086.385063] ? ip_local_deliver+0x44b/0x510 [ 1086.385063] ? ip_rcv+0x6b6/0x740 [ 1086.385063] ? process_backlog+0x82b/0x11e0 [ 1086.385063] ? net_rx_action+0x98f/0x1d50 [ 1086.385063] ? __do_softirq+0x721/0xc7f [ 1086.385063] ? do_softirq_own_stack+0x49/0x80 [ 1086.385063] ? __local_bh_enable_ip+0x228/0x260 [ 1086.385063] ? local_bh_enable+0x36/0x40 [ 1086.385063] ? ip_finish_output2+0x1430/0x1560 [ 1086.385063] ? ip_finish_output+0xd93/0x10f0 [ 1086.385063] ? ip_output+0x55c/0x630 [ 1086.385063] ? __ip_queue_xmit+0x1bb5/0x2170 [ 1086.385063] ? ip_queue_xmit+0xcc/0xf0 [ 1086.385063] ? __tcp_transmit_skb+0x425c/0x5e00 [ 1086.385063] ? __tcp_retransmit_skb+0x2fe9/0x46c0 [ 1086.385063] ? tcp_xmit_retransmit_queue+0xea0/0x1c10 [ 1086.385063] ? tcp_ack+0x91b2/0xa010 [ 1086.385063] ? tcp_rcv_established+0xf7e/0x2940 [ 1086.385063] ? memcg_kmem_put_cache+0x73/0x460 [ 1086.385063] ? __msan_get_context_state+0x9/0x20 [ 1086.385063] ? INIT_INT+0xc/0x30 [ 1086.385063] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1086.385063] kmsan_memcpy_origins+0x13d/0x190 [ 1086.385063] __msan_memcpy+0x6f/0x80 [ 1086.385063] pskb_expand_head+0x436/0x1d20 [ 1086.385063] ___pskb_trim+0x3c9/0x1bf0 [ 1086.385063] sk_filter_trim_cap+0x5ac/0xa60 [ 1086.385063] tcp_v4_rcv+0x4a1b/0x6520 [ 1086.385063] ? tcp_filter+0x260/0x260 [ 1086.385063] ip_local_deliver_finish+0x8d8/0xff0 [ 1086.385063] ? nf_hook_slow+0x36f/0x3d0 [ 1086.385063] ip_local_deliver+0x44b/0x510 [ 1086.385063] ? ip_local_deliver+0x510/0x510 [ 1086.385063] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1086.385063] ip_rcv+0x6b6/0x740 [ 1086.385063] ? ip_rcv_core+0x1370/0x1370 [ 1086.385063] process_backlog+0x82b/0x11e0 [ 1086.385063] ? ip_local_deliver_finish+0xff0/0xff0 [ 1086.385063] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1086.385063] net_rx_action+0x98f/0x1d50 [ 1086.385063] ? net_tx_action+0xf20/0xf20 [ 1086.385063] __do_softirq+0x721/0xc7f [ 1086.385063] do_softirq_own_stack+0x49/0x80 [ 1086.385063] [ 1086.385063] __local_bh_enable_ip+0x228/0x260 [ 1086.385063] local_bh_enable+0x36/0x40 [ 1086.385063] ip_finish_output2+0x1430/0x1560 [ 1086.385063] ip_finish_output+0xd93/0x10f0 [ 1086.385063] ip_output+0x55c/0x630 [ 1086.385063] ? ip_mc_finish_output+0x440/0x440 [ 1086.385063] ? ip_finish_output+0x10f0/0x10f0 [ 1086.385063] __ip_queue_xmit+0x1bb5/0x2170 [ 1086.385063] ? kmsan_set_origin+0x7f/0x100 [ 1086.385063] ip_queue_xmit+0xcc/0xf0 [ 1086.385063] ? dst_hold_safe+0x5d0/0x5d0 [ 1086.385063] __tcp_transmit_skb+0x425c/0x5e00 [ 1086.385063] __tcp_retransmit_skb+0x2fe9/0x46c0 [ 1086.385063] ? ipv4_mtu+0x47d/0x530 [ 1086.385063] tcp_xmit_retransmit_queue+0xea0/0x1c10 [ 1086.385063] tcp_ack+0x91b2/0xa010 [ 1086.385063] tcp_rcv_established+0xf7e/0x2940 [ 1086.385063] ? __msan_get_context_state+0x9/0x20 [ 1086.385063] tcp_v4_do_rcv+0x686/0xd80 [ 1086.385063] ? inet_sk_rx_dst_set+0x200/0x200 [ 1086.385063] __release_sock+0x32d/0x750 [ 1086.385063] sk_wait_data+0x2c3/0x920 [ 1086.385063] ? tcp_send_ack+0x68/0x90 [ 1086.385063] ? tcp_cleanup_rbuf+0x57b/0x8e0 [ 1086.385063] ? wait_woken+0x5b0/0x5b0 [ 1086.385063] tcp_recvmsg+0x1d10/0x4aa0 [ 1086.385063] ? inet_recvmsg+0xaf/0x6c0 [ 1086.385063] ? tcp_mmap+0x150/0x150 [ 1086.385063] inet_recvmsg+0x5b8/0x6c0 [ 1086.385063] sock_recvmsg+0x1d1/0x230 [ 1086.385063] ? inet_sendpage+0x990/0x990 [ 1086.385063] ___sys_recvmsg+0x444/0xae0 [ 1086.385063] ? __fdget+0x329/0x440 [ 1086.385063] __se_sys_recvmsg+0x2fa/0x450 [ 1086.385063] __x64_sys_recvmsg+0x4a/0x70 [ 1086.385063] do_syscall_64+0xcf/0x110 [ 1086.385063] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1086.385063] RIP: 0033:0x457569 [ 1086.385063] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1086.385063] RSP: 002b:00007f90c4e7bc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1086.385063] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1086.385063] RDX: 0000000000000100 RSI: 0000000020000240 RDI: 0000000000000007 [ 1086.385063] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1086.385063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f90c4e7c6d4 [ 1086.385063] R13: 00000000004c399f R14: 00000000004d5f38 R15: 00000000ffffffff [ 1086.385063] Uninit was stored to memory at: [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] __msan_chain_origin+0x6d/0xb0 [ 1086.385063] __save_stack_trace+0x8be/0xc60 [ 1086.385063] save_stack_trace+0xc6/0x110 [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] kmsan_memcpy_origins+0x13d/0x190 [ 1086.385063] __msan_memcpy+0x6f/0x80 [ 1086.385063] pskb_expand_head+0x436/0x1d20 [ 1086.385063] ___pskb_trim+0x3c9/0x1bf0 [ 1086.385063] sk_filter_trim_cap+0x5ac/0xa60 [ 1086.385063] tcp_v4_rcv+0x4a1b/0x6520 [ 1086.385063] ip_local_deliver_finish+0x8d8/0xff0 [ 1086.385063] ip_local_deliver+0x44b/0x510 [ 1086.385063] ip_rcv+0x6b6/0x740 [ 1086.385063] process_backlog+0x82b/0x11e0 [ 1086.385063] net_rx_action+0x98f/0x1d50 [ 1086.385063] __do_softirq+0x721/0xc7f [ 1086.385063] [ 1086.385063] Uninit was stored to memory at: [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] __msan_chain_origin+0x6d/0xb0 [ 1086.385063] __save_stack_trace+0x8be/0xc60 [ 1086.385063] save_stack_trace+0xc6/0x110 [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] kmsan_memcpy_origins+0x13d/0x190 [ 1086.385063] __msan_memcpy+0x6f/0x80 [ 1086.385063] pskb_expand_head+0x436/0x1d20 [ 1086.385063] ___pskb_trim+0x3c9/0x1bf0 [ 1086.385063] sk_filter_trim_cap+0x5ac/0xa60 [ 1086.385063] tcp_v4_rcv+0x4a1b/0x6520 [ 1086.385063] ip_local_deliver_finish+0x8d8/0xff0 [ 1086.385063] ip_local_deliver+0x44b/0x510 [ 1086.385063] ip_rcv+0x6b6/0x740 [ 1086.385063] process_backlog+0x82b/0x11e0 [ 1086.385063] net_rx_action+0x98f/0x1d50 [ 1086.385063] __do_softirq+0x721/0xc7f [ 1086.385063] [ 1086.385063] Uninit was stored to memory at: [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] __msan_chain_origin+0x6d/0xb0 [ 1086.385063] __save_stack_trace+0x8be/0xc60 [ 1086.385063] save_stack_trace+0xc6/0x110 [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] kmsan_memcpy_origins+0x13d/0x190 [ 1086.385063] __msan_memcpy+0x6f/0x80 [ 1086.385063] pskb_expand_head+0x436/0x1d20 [ 1086.385063] ___pskb_trim+0x3c9/0x1bf0 [ 1086.385063] sk_filter_trim_cap+0x5ac/0xa60 [ 1086.385063] tcp_v4_rcv+0x4a1b/0x6520 [ 1086.385063] ip_local_deliver_finish+0x8d8/0xff0 [ 1086.385063] ip_local_deliver+0x44b/0x510 [ 1086.385063] ip_rcv+0x6b6/0x740 [ 1086.385063] process_backlog+0x82b/0x11e0 [ 1086.385063] net_rx_action+0x98f/0x1d50 [ 1086.385063] __do_softirq+0x721/0xc7f [ 1086.385063] [ 1086.385063] Uninit was stored to memory at: [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] __msan_chain_origin+0x6d/0xb0 [ 1086.385063] __save_stack_trace+0x8be/0xc60 [ 1086.385063] save_stack_trace+0xc6/0x110 [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] kmsan_memcpy_origins+0x13d/0x190 [ 1086.385063] __msan_memcpy+0x6f/0x80 [ 1086.385063] pskb_expand_head+0x436/0x1d20 [ 1086.385063] ___pskb_trim+0x3c9/0x1bf0 [ 1086.385063] sk_filter_trim_cap+0x5ac/0xa60 [ 1086.385063] tcp_v4_rcv+0x4a1b/0x6520 [ 1086.385063] ip_local_deliver_finish+0x8d8/0xff0 [ 1086.385063] ip_local_deliver+0x44b/0x510 [ 1086.385063] ip_rcv+0x6b6/0x740 [ 1086.385063] process_backlog+0x82b/0x11e0 [ 1086.385063] net_rx_action+0x98f/0x1d50 [ 1086.385063] __do_softirq+0x721/0xc7f [ 1086.385063] [ 1086.385063] Uninit was stored to memory at: [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] __msan_chain_origin+0x6d/0xb0 [ 1086.385063] __save_stack_trace+0x8be/0xc60 [ 1086.385063] save_stack_trace+0xc6/0x110 [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] kmsan_memcpy_origins+0x13d/0x190 [ 1086.385063] __msan_memcpy+0x6f/0x80 [ 1086.385063] pskb_expand_head+0x436/0x1d20 [ 1086.385063] ___pskb_trim+0x3c9/0x1bf0 [ 1086.385063] sk_filter_trim_cap+0x5ac/0xa60 [ 1086.385063] tcp_v4_rcv+0x4a1b/0x6520 [ 1086.385063] ip_local_deliver_finish+0x8d8/0xff0 [ 1086.385063] ip_local_deliver+0x44b/0x510 [ 1086.385063] ip_rcv+0x6b6/0x740 [ 1086.385063] process_backlog+0x82b/0x11e0 [ 1086.385063] net_rx_action+0x98f/0x1d50 [ 1086.385063] __do_softirq+0x721/0xc7f [ 1086.385063] [ 1086.385063] Uninit was stored to memory at: [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] __msan_chain_origin+0x6d/0xb0 [ 1086.385063] __save_stack_trace+0x8be/0xc60 [ 1086.385063] save_stack_trace+0xc6/0x110 [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] kmsan_memcpy_origins+0x13d/0x190 [ 1086.385063] __msan_memcpy+0x6f/0x80 [ 1086.385063] pskb_expand_head+0x436/0x1d20 [ 1086.385063] ___pskb_trim+0x3c9/0x1bf0 [ 1086.385063] sk_filter_trim_cap+0x5ac/0xa60 [ 1086.385063] tcp_v4_rcv+0x4a1b/0x6520 [ 1086.385063] ip_local_deliver_finish+0x8d8/0xff0 [ 1086.385063] ip_local_deliver+0x44b/0x510 [ 1086.385063] ip_rcv+0x6b6/0x740 [ 1086.385063] process_backlog+0x82b/0x11e0 [ 1086.385063] net_rx_action+0x98f/0x1d50 [ 1086.385063] __do_softirq+0x721/0xc7f [ 1086.385063] [ 1086.385063] Uninit was stored to memory at: [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] __msan_chain_origin+0x6d/0xb0 [ 1086.385063] __save_stack_trace+0x8be/0xc60 [ 1086.385063] save_stack_trace+0xc6/0x110 [ 1086.385063] kmsan_internal_chain_origin+0x136/0x240 [ 1086.385063] kmsan_memcpy_origins+0x13d/0x190 [ 1086.385063] __msan_memcpy+0x6f/0x80 [ 1086.385063] pskb_expand_head+0x436/0x1d20 [ 1086.385063] ___pskb_trim+0x3c9/0x1bf0 [ 1086.385063] sk_filter_trim_cap+0x5ac/0xa60 [ 1086.385063] tcp_v4_rcv+0x4a1b/0x6520 [ 1086.385063] ip_local_deliver_finish+0x8d8/0xff0 [ 1086.385063] ip_local_deliver+0x44b/0x510 [ 1086.385063] ip_rcv+0x6b6/0x740 [ 1086.385063] process_backlog+0x82b/0x11e0 [ 1086.385063] net_rx_action+0x98f/0x1d50 [ 1086.385063] __do_softirq+0x721/0xc7f [ 1086.385063] [ 1086.385063] Local variable description: ----virt_expires.i@run_posix_cpu_timers [ 1086.385063] Variable was created at: [ 1086.385063] run_posix_cpu_timers+0x52/0x4720 [ 1086.385063] update_process_times+0x1b0/0x1e0 [ 1087.920755] not chained 520000 origins [ 1087.921835] CPU: 1 PID: 31619 Comm: syz-executor5 Not tainted 4.20.0-rc3+ #89 [ 1087.921835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1087.921835] Call Trace: [ 1087.921835] [ 1087.921835] dump_stack+0x32d/0x480 [ 1087.921835] ? save_stack_trace+0xc6/0x110 [ 1087.921835] kmsan_internal_chain_origin+0x222/0x240 [ 1087.921835] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 1087.921835] ? kmsan_internal_chain_origin+0x136/0x240 [ 1087.921835] ? __msan_chain_origin+0x6d/0xb0 [ 1087.921835] ? __save_stack_trace+0x8be/0xc60 [ 1087.921835] ? save_stack_trace+0xc6/0x110 [ 1087.921835] ? kmsan_internal_chain_origin+0x136/0x240 [ 1087.921835] ? kmsan_memcpy_origins+0x13d/0x190 [ 1087.921835] ? __msan_memcpy+0x6f/0x80 [ 1087.921835] ? pskb_expand_head+0x436/0x1d20 [ 1087.921835] ? ___pskb_trim+0x3c9/0x1bf0 [ 1087.921835] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1087.921835] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1087.921835] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1087.921835] ? ip_local_deliver+0x44b/0x510 [ 1087.921835] ? ip_rcv+0x6b6/0x740 [ 1087.921835] ? process_backlog+0x82b/0x11e0 [ 1087.921835] ? net_rx_action+0x98f/0x1d50 [ 1087.921835] ? __do_softirq+0x721/0xc7f [ 1087.921835] ? irq_exit+0x305/0x340 [ 1087.921835] ? exiting_irq+0xe/0x10 [ 1087.921835] ? smp_apic_timer_interrupt+0x64/0x90 [ 1087.921835] ? apic_timer_interrupt+0xf/0x20 [ 1087.921835] ? nf_nat_ipv6_local_fn+0x8f3/0xc30 [ 1087.921835] ? nf_hook_slow+0x15c/0x3d0 [ 1087.921835] ? __ip6_local_out+0x57e/0x770 [ 1087.921835] ? ip6_local_out+0xa4/0x1d0 [ 1087.921835] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1087.921835] ? __module_address+0x6a/0x5f0 [ 1087.921835] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1087.921835] ? is_bpf_text_address+0x49e/0x4d0 [ 1087.921835] ? INIT_INT+0xc/0x30 [ 1087.921835] __msan_chain_origin+0x6d/0xb0 [ 1087.921835] __save_stack_trace+0xaff/0xc60 [ 1087.921835] save_stack_trace+0xc6/0x110 [ 1087.921835] kmsan_internal_chain_origin+0x136/0x240 [ 1087.921835] ? nf_nat_ipv6_local_fn+0x8f3/0xc30 [ 1087.921835] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1087.921835] ? kmsan_internal_chain_origin+0x136/0x240 [ 1087.921835] ? kmsan_memcpy_origins+0x13d/0x190 [ 1087.921835] ? __msan_memcpy+0x6f/0x80 [ 1087.921835] ? pskb_expand_head+0x436/0x1d20 [ 1087.921835] ? ___pskb_trim+0x3c9/0x1bf0 [ 1087.921835] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1087.921835] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1087.921835] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1087.921835] ? ip_local_deliver+0x44b/0x510 [ 1087.921835] ? ip_rcv+0x6b6/0x740 [ 1087.921835] ? process_backlog+0x82b/0x11e0 [ 1087.921835] ? net_rx_action+0x98f/0x1d50 [ 1087.921835] ? __do_softirq+0x721/0xc7f [ 1087.921835] ? irq_exit+0x305/0x340 [ 1087.921835] ? exiting_irq+0xe/0x10 [ 1087.921835] ? smp_apic_timer_interrupt+0x64/0x90 [ 1087.921835] ? apic_timer_interrupt+0xf/0x20 [ 1087.921835] ? nf_nat_ipv6_local_fn+0x8f3/0xc30 [ 1087.921835] ? nf_hook_slow+0x15c/0x3d0 [ 1087.921835] ? __ip6_local_out+0x57e/0x770 [ 1087.921835] ? ip6_local_out+0xa4/0x1d0 [ 1087.921835] ? ip6_send_skb+0xf6/0x3b0 [ 1087.921835] ? udp_v6_send_skb+0x113f/0x1df0 [ 1087.921835] ? udpv6_sendmsg+0x43e5/0x4960 [ 1087.921835] ? inet_sendmsg+0x4e9/0x800 [ 1087.921835] ? ___sys_sendmsg+0xe3b/0x1240 [ 1087.921835] ? __sys_sendmmsg+0x56b/0xa90 [ 1087.921835] ? __se_sys_sendmmsg+0xbd/0xe0 [ 1087.921835] ? __x64_sys_sendmmsg+0x56/0x70 [ 1087.921835] ? do_syscall_64+0xcf/0x110 [ 1087.921835] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1087.921835] ? __msan_get_context_state+0x9/0x20 [ 1087.921835] ? INIT_INT+0xc/0x30 [ 1087.921835] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1087.921835] kmsan_memcpy_origins+0x13d/0x190 [ 1087.921835] __msan_memcpy+0x6f/0x80 [ 1087.921835] pskb_expand_head+0x436/0x1d20 [ 1088.279473] ___pskb_trim+0x3c9/0x1bf0 [ 1088.285446] sk_filter_trim_cap+0x5ac/0xa60 [ 1088.285446] tcp_v4_rcv+0x4a1b/0x6520 [ 1088.285446] ? tcp_filter+0x260/0x260 [ 1088.285446] ip_local_deliver_finish+0x8d8/0xff0 [ 1088.285446] ? nf_hook_slow+0x36f/0x3d0 [ 1088.285446] ip_local_deliver+0x44b/0x510 [ 1088.285446] ? ip_local_deliver+0x510/0x510 [ 1088.285446] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1088.285446] ip_rcv+0x6b6/0x740 [ 1088.285446] ? ip_rcv_core+0x1370/0x1370 [ 1088.285446] process_backlog+0x82b/0x11e0 [ 1088.285446] ? ip_local_deliver_finish+0xff0/0xff0 [ 1088.285446] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1088.285446] net_rx_action+0x98f/0x1d50 [ 1088.285446] ? net_tx_action+0xf20/0xf20 [ 1088.285446] __do_softirq+0x721/0xc7f [ 1088.285446] irq_exit+0x305/0x340 [ 1088.285446] exiting_irq+0xe/0x10 [ 1088.285446] smp_apic_timer_interrupt+0x64/0x90 [ 1088.285446] apic_timer_interrupt+0xf/0x20 [ 1088.285446] [ 1088.285446] RIP: 0010:nf_nat_ipv6_local_fn+0x8f3/0xc30 [ 1088.285446] Code: 00 85 db 0f 88 0a 02 00 00 45 85 f6 0f 88 12 02 00 00 e8 10 f9 ec f7 e9 55 01 00 00 e8 06 f9 ec f7 e9 4b 01 00 00 48 8b 45 a0 <49> 8d 5c 07 44 4c 8b 75 80 4d 85 f6 0f 85 c1 02 00 00 44 0f b7 2b [ 1088.285446] RSP: 0018:ffff8880728bf2f8 EFLAGS: 00000297 ORIG_RAX: ffffffffffffff13 [ 1088.285446] RAX: 0000000000000000 RBX: ffff8880a4f12906 RCX: ffff8880a6ed7906 [ 1088.285446] RDX: ffff8880a5997904 RSI: 0000160000000000 RDI: aaaaaaaaaaaab000 [ 1088.285446] RBP: ffff8880728bf3b0 R08: ffff888000000000 R09: 0000000000000002 [ 1088.285446] R10: 0000000000000000 R11: ffffffff89b99560 R12: ffff88819788e388 [ 1088.285446] R13: 0000000087e0019e R14: ffff8880aadc6111 R15: ffff8880a4f128c0 [ 1088.285446] ? nf_nat_ipv6_out+0xba0/0xba0 [ 1088.285446] ? nf_nat_ipv6_local_fn+0x807/0xc30 [ 1088.285446] ? nf_nat_ipv6_out+0xba0/0xba0 [ 1088.285446] nf_hook_slow+0x15c/0x3d0 [ 1088.285446] __ip6_local_out+0x57e/0x770 [ 1088.285446] ? __ip6_local_out+0x770/0x770 [ 1088.285446] ip6_local_out+0xa4/0x1d0 [ 1088.285446] ip6_send_skb+0xf6/0x3b0 [ 1088.285446] udp_v6_send_skb+0x113f/0x1df0 [ 1088.285446] udpv6_sendmsg+0x43e5/0x4960 [ 1088.285446] ? ip_copy_metadata+0x1710/0x1710 [ 1088.285446] ? __udp6_lib_rcv+0x3ea0/0x3ea0 [ 1088.285446] inet_sendmsg+0x4e9/0x800 [ 1088.285446] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1088.285446] ? security_socket_sendmsg+0x1bd/0x200 [ 1088.285446] ___sys_sendmsg+0xe3b/0x1240 [ 1088.285446] ? inet_getname+0x490/0x490 [ 1088.285446] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1088.285446] ? kmsan_set_origin+0x7f/0x100 [ 1088.285446] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1088.285446] ? _cond_resched+0xc7/0x120 [ 1088.285446] __sys_sendmmsg+0x56b/0xa90 [ 1088.285446] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 1088.285446] ? prepare_exit_to_usermode+0x182/0x4c0 [ 1088.285446] __se_sys_sendmmsg+0xbd/0xe0 [ 1088.285446] __x64_sys_sendmmsg+0x56/0x70 [ 1088.285446] do_syscall_64+0xcf/0x110 [ 1088.285446] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1088.285446] RIP: 0033:0x457569 [ 1088.285446] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1088.285446] RSP: 002b:00007f500ace4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1088.285446] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457569 [ 1088.285446] RDX: 0000000003ffffeb RSI: 0000000020007e00 RDI: 0000000000000005 [ 1088.285446] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000 [ 1088.285446] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f500ace56d4 [ 1088.285446] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 00000000ffffffff [ 1088.285446] Uninit was stored to memory at: [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] __msan_chain_origin+0x6d/0xb0 [ 1088.285446] __save_stack_trace+0x8be/0xc60 [ 1088.285446] save_stack_trace+0xc6/0x110 [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] kmsan_memcpy_origins+0x13d/0x190 [ 1088.285446] __msan_memcpy+0x6f/0x80 [ 1088.285446] pskb_expand_head+0x436/0x1d20 [ 1088.285446] ___pskb_trim+0x3c9/0x1bf0 [ 1088.285446] sk_filter_trim_cap+0x5ac/0xa60 [ 1088.285446] tcp_v4_rcv+0x4a1b/0x6520 [ 1088.285446] ip_local_deliver_finish+0x8d8/0xff0 [ 1088.285446] ip_local_deliver+0x44b/0x510 [ 1088.285446] ip_rcv+0x6b6/0x740 [ 1088.285446] process_backlog+0x82b/0x11e0 [ 1088.285446] net_rx_action+0x98f/0x1d50 [ 1088.285446] __do_softirq+0x721/0xc7f [ 1088.285446] [ 1088.285446] Uninit was stored to memory at: [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] __msan_chain_origin+0x6d/0xb0 [ 1088.285446] __save_stack_trace+0x8be/0xc60 [ 1088.285446] save_stack_trace+0xc6/0x110 [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] kmsan_memcpy_origins+0x13d/0x190 [ 1088.285446] __msan_memcpy+0x6f/0x80 [ 1088.285446] pskb_expand_head+0x436/0x1d20 [ 1088.285446] ___pskb_trim+0x3c9/0x1bf0 [ 1088.285446] sk_filter_trim_cap+0x5ac/0xa60 [ 1088.285446] tcp_v4_rcv+0x4a1b/0x6520 [ 1088.285446] ip_local_deliver_finish+0x8d8/0xff0 [ 1088.285446] ip_local_deliver+0x44b/0x510 [ 1088.285446] ip_rcv+0x6b6/0x740 [ 1088.285446] process_backlog+0x82b/0x11e0 [ 1088.285446] net_rx_action+0x98f/0x1d50 [ 1088.285446] __do_softirq+0x721/0xc7f [ 1088.285446] [ 1088.285446] Uninit was stored to memory at: [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] __msan_chain_origin+0x6d/0xb0 [ 1088.285446] __save_stack_trace+0x8be/0xc60 [ 1088.285446] save_stack_trace+0xc6/0x110 [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] kmsan_memcpy_origins+0x13d/0x190 [ 1088.285446] __msan_memcpy+0x6f/0x80 [ 1088.285446] pskb_expand_head+0x436/0x1d20 [ 1088.285446] ___pskb_trim+0x3c9/0x1bf0 [ 1088.285446] sk_filter_trim_cap+0x5ac/0xa60 [ 1088.285446] tcp_v4_rcv+0x4a1b/0x6520 [ 1088.285446] ip_local_deliver_finish+0x8d8/0xff0 [ 1088.285446] ip_local_deliver+0x44b/0x510 [ 1088.285446] ip_rcv+0x6b6/0x740 [ 1088.285446] process_backlog+0x82b/0x11e0 [ 1088.285446] net_rx_action+0x98f/0x1d50 [ 1088.285446] __do_softirq+0x721/0xc7f [ 1088.285446] [ 1088.285446] Uninit was stored to memory at: [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] __msan_chain_origin+0x6d/0xb0 [ 1088.285446] __save_stack_trace+0x8be/0xc60 [ 1088.285446] save_stack_trace+0xc6/0x110 [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] kmsan_memcpy_origins+0x13d/0x190 [ 1088.285446] __msan_memcpy+0x6f/0x80 [ 1088.285446] pskb_expand_head+0x436/0x1d20 [ 1088.285446] ___pskb_trim+0x3c9/0x1bf0 [ 1088.285446] sk_filter_trim_cap+0x5ac/0xa60 [ 1088.285446] tcp_v4_rcv+0x4a1b/0x6520 [ 1088.285446] ip_local_deliver_finish+0x8d8/0xff0 [ 1088.285446] ip_local_deliver+0x44b/0x510 [ 1088.285446] ip_rcv+0x6b6/0x740 [ 1088.285446] process_backlog+0x82b/0x11e0 [ 1088.285446] net_rx_action+0x98f/0x1d50 [ 1088.285446] __do_softirq+0x721/0xc7f [ 1088.285446] [ 1088.285446] Uninit was stored to memory at: [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] __msan_chain_origin+0x6d/0xb0 [ 1088.285446] __save_stack_trace+0x8be/0xc60 [ 1088.285446] save_stack_trace+0xc6/0x110 [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] kmsan_memcpy_origins+0x13d/0x190 [ 1088.285446] __msan_memcpy+0x6f/0x80 [ 1088.285446] pskb_expand_head+0x436/0x1d20 [ 1088.285446] ___pskb_trim+0x3c9/0x1bf0 [ 1088.285446] sk_filter_trim_cap+0x5ac/0xa60 [ 1088.285446] tcp_v4_rcv+0x4a1b/0x6520 [ 1088.285446] ip_local_deliver_finish+0x8d8/0xff0 [ 1088.285446] ip_local_deliver+0x44b/0x510 [ 1088.285446] ip_rcv+0x6b6/0x740 [ 1088.285446] process_backlog+0x82b/0x11e0 [ 1088.285446] net_rx_action+0x98f/0x1d50 [ 1088.285446] __do_softirq+0x721/0xc7f [ 1088.285446] [ 1088.285446] Uninit was stored to memory at: [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] __msan_chain_origin+0x6d/0xb0 [ 1088.285446] __save_stack_trace+0x8be/0xc60 [ 1088.285446] save_stack_trace+0xc6/0x110 [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] kmsan_memcpy_origins+0x13d/0x190 [ 1088.285446] __msan_memcpy+0x6f/0x80 [ 1088.285446] pskb_expand_head+0x436/0x1d20 [ 1088.285446] ___pskb_trim+0x3c9/0x1bf0 [ 1088.285446] sk_filter_trim_cap+0x5ac/0xa60 [ 1088.285446] tcp_v4_rcv+0x4a1b/0x6520 [ 1088.285446] ip_local_deliver_finish+0x8d8/0xff0 [ 1088.285446] ip_local_deliver+0x44b/0x510 [ 1088.285446] ip_rcv+0x6b6/0x740 [ 1088.285446] process_backlog+0x82b/0x11e0 [ 1088.285446] net_rx_action+0x98f/0x1d50 [ 1088.285446] __do_softirq+0x721/0xc7f [ 1088.285446] [ 1088.285446] Uninit was stored to memory at: [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] __msan_chain_origin+0x6d/0xb0 [ 1088.285446] __save_stack_trace+0x8be/0xc60 [ 1088.285446] save_stack_trace+0xc6/0x110 [ 1088.285446] kmsan_internal_chain_origin+0x136/0x240 [ 1088.285446] kmsan_memcpy_origins+0x13d/0x190 [ 1088.285446] __msan_memcpy+0x6f/0x80 [ 1088.285446] pskb_expand_head+0x436/0x1d20 [ 1088.285446] ___pskb_trim+0x3c9/0x1bf0 [ 1088.285446] sk_filter_trim_cap+0x5ac/0xa60 [ 1088.285446] tcp_v4_rcv+0x4a1b/0x6520 [ 1088.285446] ip_local_deliver_finish+0x8d8/0xff0 [ 1088.285446] ip_local_deliver+0x44b/0x510 [ 1088.285446] ip_rcv+0x6b6/0x740 [ 1088.285446] process_backlog+0x82b/0x11e0 [ 1088.285446] net_rx_action+0x98f/0x1d50 [ 1088.285446] __do_softirq+0x721/0xc7f [ 1088.285446] 06:20:00 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000040)={0xa, 0x45, 0x0, @ipv4={[], [], @remote}}, 0x1c) [ 1088.285446] Local variable description: ----c.i.i@should_fail [ 1088.285446] Variable was created at: [ 1088.285446] should_fail+0x162/0x13c0 [ 1088.285446] __should_failslab+0x278/0x2a0 06:20:00 executing program 5: 06:20:00 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) close(r1) 06:20:00 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000008c0)={&(0x7f0000000000), 0xc, &(0x7f0000000880)={&(0x7f0000001940)=ANY=[@ANYBLOB="000000000000000014001600100001000c00070073797a5f74756e0014000300626f6e645f736c6176655f3100000000"], 0x1}}, 0x0) 06:20:00 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1e, &(0x7f0000000080)=""/10, &(0x7f0000000140)=0xa) 06:20:00 executing program 3: 06:20:00 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair(0x0, 0x0, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000180)='\x00'}, 0x10) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f0000000300)={0x100, {{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}}}, 0x88) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000140)=0x78, 0x4) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r2, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000100), 0x921b527a62bfdc30) recvmsg(r2, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f00000002c0)=""/20, 0x14}, 0x100) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfef1) 06:20:01 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) close(r1) 06:20:01 executing program 3: 06:20:01 executing program 1: 06:20:01 executing program 5: [ 1090.294472] not chained 530000 origins [ 1090.298416] CPU: 1 PID: 31697 Comm: syz-executor2 Not tainted 4.20.0-rc3+ #89 [ 1090.301775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1090.301775] Call Trace: [ 1090.301775] [ 1090.317801] dump_stack+0x32d/0x480 [ 1090.317801] kmsan_internal_chain_origin+0x222/0x240 [ 1090.317801] ? kmsan_set_origin+0x7f/0x100 [ 1090.317801] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1090.333806] ? __module_address+0x6a/0x5f0 [ 1090.333806] ? is_bpf_text_address+0x3e5/0x4d0 [ 1090.333806] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1090.333806] ? is_bpf_text_address+0x49e/0x4d0 [ 1090.333806] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1090.333806] ? __module_address+0x6a/0x5f0 [ 1090.366519] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1090.366519] ? is_bpf_text_address+0x49e/0x4d0 [ 1090.366519] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1090.366519] __msan_chain_origin+0x6d/0xb0 [ 1090.366519] ? ip_rcv+0x6b6/0x740 [ 1090.366519] __save_stack_trace+0x8be/0xc60 [ 1090.366519] ? ip_rcv+0x6b6/0x740 [ 1090.366519] save_stack_trace+0xc6/0x110 [ 1090.366519] kmsan_internal_chain_origin+0x136/0x240 [ 1090.366519] ? irq_exit+0x305/0x340 [ 1090.366519] ? do_exit+0x10f2/0x4070 [ 1090.366519] ? kmsan_internal_chain_origin+0x136/0x240 [ 1090.366519] ? kmsan_memcpy_origins+0x13d/0x190 [ 1090.366519] ? __msan_memcpy+0x6f/0x80 [ 1090.366519] ? pskb_expand_head+0x436/0x1d20 [ 1090.366519] ? skb_shift+0xce2/0x2d10 [ 1090.366519] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1090.366519] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1090.366519] ? tcp_ack+0x2888/0xa010 [ 1090.366519] ? tcp_rcv_established+0xf7e/0x2940 [ 1090.366519] ? tcp_v4_do_rcv+0x686/0xd80 [ 1090.366519] ? tcp_v4_rcv+0x5a13/0x6520 [ 1090.366519] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1090.366519] ? ip_local_deliver+0x44b/0x510 [ 1090.366519] ? ip_rcv+0x6b6/0x740 [ 1090.366519] ? process_backlog+0x82b/0x11e0 [ 1090.366519] ? net_rx_action+0x98f/0x1d50 [ 1090.366519] ? __do_softirq+0x721/0xc7f [ 1090.487628] ? irq_exit+0x305/0x340 [ 1090.487628] ? exiting_irq+0xe/0x10 [ 1090.487628] ? smp_apic_timer_interrupt+0x64/0x90 [ 1090.487628] ? apic_timer_interrupt+0xf/0x20 [ 1090.487628] ? kmsan_get_shadow_origin_ptr+0xe4/0x410 [ 1090.487628] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1090.515883] ? unmap_page_range+0x101c/0x3950 [ 1090.515883] ? unmap_single_vma+0x43f/0x5e0 [ 1090.515883] ? unmap_vmas+0x251/0x380 [ 1090.515883] ? exit_mmap+0x51e/0xa10 [ 1090.515883] ? __mmput+0x17a/0x700 [ 1090.515883] ? mmput+0x190/0x210 [ 1090.515883] ? exit_mm+0xa90/0xc70 [ 1090.515883] ? do_exit+0x10f2/0x4070 [ 1090.515883] ? do_group_exit+0x1a7/0x350 [ 1090.515883] ? get_signal+0x11e2/0x2330 [ 1090.515883] ? do_signal+0x1f3/0x2fc0 [ 1090.515883] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1090.515883] ? syscall_return_slowpath+0xed/0x730 [ 1090.515883] ? do_syscall_64+0xf5/0x110 [ 1090.515883] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1090.515883] ? __msan_get_context_state+0x9/0x20 [ 1090.515883] ? INIT_INT+0xc/0x30 [ 1090.515883] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1090.515883] kmsan_memcpy_origins+0x13d/0x190 [ 1090.515883] __msan_memcpy+0x6f/0x80 [ 1090.515883] pskb_expand_head+0x436/0x1d20 [ 1090.515883] skb_shift+0xce2/0x2d10 [ 1090.515883] tcp_sacktag_walk+0x2156/0x29d0 [ 1090.515883] tcp_sacktag_write_queue+0x2805/0x4630 [ 1090.515883] tcp_ack+0x2888/0xa010 [ 1090.515883] ? tcp_parse_options+0xbe/0x1cf0 [ 1090.515883] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1090.515883] ? tcp_parse_options+0x1c55/0x1cf0 [ 1090.515883] tcp_rcv_established+0xf7e/0x2940 [ 1090.515883] ? __msan_get_context_state+0x9/0x20 [ 1090.515883] tcp_v4_do_rcv+0x686/0xd80 [ 1090.515883] tcp_v4_rcv+0x5a13/0x6520 [ 1090.515883] ? tcp_filter+0x260/0x260 [ 1090.515883] ip_local_deliver_finish+0x8d8/0xff0 [ 1090.515883] ? nf_hook_slow+0x36f/0x3d0 [ 1090.515883] ip_local_deliver+0x44b/0x510 [ 1090.515883] ? ip_local_deliver+0x510/0x510 [ 1090.515883] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1090.515883] ip_rcv+0x6b6/0x740 [ 1090.515883] ? ip_rcv_core+0x1370/0x1370 [ 1090.515883] process_backlog+0x82b/0x11e0 [ 1090.515883] ? ip_local_deliver_finish+0xff0/0xff0 [ 1090.515883] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1090.515883] net_rx_action+0x98f/0x1d50 [ 1090.515883] ? net_tx_action+0xf20/0xf20 [ 1090.515883] __do_softirq+0x721/0xc7f [ 1090.515883] irq_exit+0x305/0x340 [ 1090.515883] exiting_irq+0xe/0x10 [ 1090.515883] smp_apic_timer_interrupt+0x64/0x90 [ 1090.515883] apic_timer_interrupt+0xf/0x20 [ 1090.515883] [ 1090.515883] RIP: 0010:kmsan_get_shadow_origin_ptr+0xe4/0x410 [ 1090.515883] Code: c2 48 d3 ea 48 85 d2 75 3f 48 89 c1 48 c1 e9 2e 75 36 48 8b 0c 25 20 6d 91 8c 48 85 c9 74 29 48 89 c2 48 c1 ea 22 48 8b 0c d1 <48> 85 c9 74 19 48 c1 e8 1b 83 e0 7f 48 c1 e0 05 48 01 c1 74 09 f6 [ 1090.515883] RSP: 0018:ffff888073b4f310 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 1090.515883] RAX: 000000000c38f568 RBX: ffffffff8c91d000 RCX: ffff88821fff1000 [ 1090.515883] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8c38f568 [ 1090.515883] RBP: ffff888073b4f340 R08: 0000000000000000 R09: ffffffffffffffff [ 1090.515883] R10: 000000ffffffffff R11: 0000000000000000 R12: 000000000c38f568 [ 1090.515883] R13: 00000000001472d5 R14: ffffffff8c91c000 R15: ffffffff8c38f568 [ 1090.515883] __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1090.515883] unmap_page_range+0x101c/0x3950 [ 1090.515883] unmap_single_vma+0x43f/0x5e0 [ 1090.515883] unmap_vmas+0x251/0x380 [ 1090.515883] exit_mmap+0x51e/0xa10 [ 1090.515883] ? __khugepaged_exit+0x6e9/0x8b0 [ 1090.515883] __mmput+0x17a/0x700 [ 1090.515883] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1090.515883] mmput+0x190/0x210 [ 1090.515883] exit_mm+0xa90/0xc70 [ 1090.515883] do_exit+0x10f2/0x4070 [ 1090.515883] do_group_exit+0x1a7/0x350 [ 1090.515883] get_signal+0x11e2/0x2330 [ 1090.515883] ? do_signal+0x1dd/0x2fc0 [ 1090.515883] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1090.515883] do_signal+0x1f3/0x2fc0 [ 1090.515883] ? kmsan_set_origin+0x7f/0x100 [ 1090.515883] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1090.515883] prepare_exit_to_usermode+0x2c9/0x4c0 [ 1090.515883] syscall_return_slowpath+0xed/0x730 [ 1090.515883] do_syscall_64+0xf5/0x110 [ 1090.515883] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1090.515883] RIP: 0033:0x457569 [ 1090.515883] Code: 83 c4 18 c3 e8 d8 64 00 00 48 8b 04 24 48 8b 4c 24 08 48 89 01 e8 d7 2d fc ff e8 22 7a fc ff b8 02 00 00 00 48 8d 0d 2a 51 0c <01> 87 01 8b 05 22 51 0c 01 83 f8 01 0f 85 8a 00 00 00 b8 01 00 00 [ 1090.515883] RSP: 002b:00007f93d5e01cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1090.515883] RAX: fffffffffffffe00 RBX: 000000000072bf08 RCX: 0000000000457569 [ 1090.515883] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08 [ 1090.515883] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1090.515883] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c [ 1090.515883] R13: 0000000000a3fb7f R14: 00007f93d5e029c0 R15: 0000000000000000 [ 1090.515883] Uninit was stored to memory at: [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] __msan_chain_origin+0x6d/0xb0 [ 1090.515883] __save_stack_trace+0x8be/0xc60 [ 1090.515883] save_stack_trace+0xc6/0x110 [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] kmsan_memcpy_origins+0x13d/0x190 [ 1090.515883] __msan_memcpy+0x6f/0x80 [ 1090.515883] pskb_expand_head+0x436/0x1d20 [ 1090.515883] skb_shift+0xce2/0x2d10 [ 1090.515883] tcp_sacktag_walk+0x2156/0x29d0 [ 1090.515883] tcp_sacktag_write_queue+0x2805/0x4630 [ 1090.515883] tcp_ack+0x2888/0xa010 [ 1090.515883] tcp_rcv_established+0xf7e/0x2940 [ 1090.515883] tcp_v4_do_rcv+0x686/0xd80 [ 1090.515883] tcp_v4_rcv+0x5a13/0x6520 [ 1090.515883] ip_local_deliver_finish+0x8d8/0xff0 [ 1090.515883] ip_local_deliver+0x44b/0x510 [ 1090.515883] ip_rcv+0x6b6/0x740 [ 1090.515883] process_backlog+0x82b/0x11e0 [ 1090.515883] net_rx_action+0x98f/0x1d50 [ 1090.515883] __do_softirq+0x721/0xc7f [ 1090.515883] [ 1090.515883] Uninit was stored to memory at: [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] __msan_chain_origin+0x6d/0xb0 [ 1090.515883] __save_stack_trace+0x8be/0xc60 [ 1090.515883] save_stack_trace+0xc6/0x110 [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] kmsan_memcpy_origins+0x13d/0x190 [ 1090.515883] __msan_memcpy+0x6f/0x80 [ 1090.515883] pskb_expand_head+0x436/0x1d20 [ 1090.515883] skb_shift+0xce2/0x2d10 [ 1090.515883] tcp_sacktag_walk+0x2156/0x29d0 [ 1090.515883] tcp_sacktag_write_queue+0x2805/0x4630 [ 1090.515883] tcp_ack+0x2888/0xa010 [ 1090.515883] tcp_rcv_established+0xf7e/0x2940 [ 1090.515883] tcp_v4_do_rcv+0x686/0xd80 [ 1090.515883] tcp_v4_rcv+0x5a13/0x6520 [ 1090.515883] ip_local_deliver_finish+0x8d8/0xff0 [ 1090.515883] ip_local_deliver+0x44b/0x510 [ 1090.515883] ip_rcv+0x6b6/0x740 [ 1090.515883] process_backlog+0x82b/0x11e0 [ 1090.515883] net_rx_action+0x98f/0x1d50 [ 1090.515883] __do_softirq+0x721/0xc7f [ 1090.515883] [ 1090.515883] Uninit was stored to memory at: [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] __msan_chain_origin+0x6d/0xb0 [ 1090.515883] __save_stack_trace+0x8be/0xc60 [ 1090.515883] save_stack_trace+0xc6/0x110 [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] kmsan_memcpy_origins+0x13d/0x190 [ 1090.515883] __msan_memcpy+0x6f/0x80 [ 1090.515883] pskb_expand_head+0x436/0x1d20 [ 1090.515883] skb_shift+0xce2/0x2d10 [ 1090.515883] tcp_sacktag_walk+0x2156/0x29d0 [ 1090.515883] tcp_sacktag_write_queue+0x2805/0x4630 [ 1090.515883] tcp_ack+0x2888/0xa010 [ 1090.515883] tcp_rcv_established+0xf7e/0x2940 [ 1090.515883] tcp_v4_do_rcv+0x686/0xd80 [ 1090.515883] tcp_v4_rcv+0x5a13/0x6520 [ 1090.515883] ip_local_deliver_finish+0x8d8/0xff0 [ 1090.515883] ip_local_deliver+0x44b/0x510 [ 1090.515883] ip_rcv+0x6b6/0x740 [ 1090.515883] process_backlog+0x82b/0x11e0 [ 1090.515883] net_rx_action+0x98f/0x1d50 [ 1090.515883] __do_softirq+0x721/0xc7f [ 1090.515883] [ 1090.515883] Uninit was stored to memory at: [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] __msan_chain_origin+0x6d/0xb0 [ 1090.515883] __save_stack_trace+0x8be/0xc60 [ 1090.515883] save_stack_trace+0xc6/0x110 [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] kmsan_memcpy_origins+0x13d/0x190 [ 1090.515883] __msan_memcpy+0x6f/0x80 [ 1090.515883] pskb_expand_head+0x436/0x1d20 [ 1090.515883] skb_shift+0xce2/0x2d10 [ 1090.515883] tcp_sacktag_walk+0x2156/0x29d0 [ 1090.515883] tcp_sacktag_write_queue+0x2805/0x4630 [ 1090.515883] tcp_ack+0x2888/0xa010 [ 1090.515883] tcp_rcv_established+0xf7e/0x2940 [ 1090.515883] tcp_v4_do_rcv+0x686/0xd80 [ 1090.515883] tcp_v4_rcv+0x5a13/0x6520 [ 1090.515883] ip_local_deliver_finish+0x8d8/0xff0 [ 1090.515883] ip_local_deliver+0x44b/0x510 [ 1090.515883] ip_rcv+0x6b6/0x740 [ 1090.515883] process_backlog+0x82b/0x11e0 [ 1090.515883] net_rx_action+0x98f/0x1d50 [ 1090.515883] __do_softirq+0x721/0xc7f [ 1090.515883] [ 1090.515883] Uninit was stored to memory at: [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] __msan_chain_origin+0x6d/0xb0 [ 1090.515883] __save_stack_trace+0x8be/0xc60 [ 1090.515883] save_stack_trace+0xc6/0x110 [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] kmsan_memcpy_origins+0x13d/0x190 [ 1090.515883] __msan_memcpy+0x6f/0x80 [ 1090.515883] pskb_expand_head+0x436/0x1d20 [ 1090.515883] skb_shift+0xce2/0x2d10 [ 1090.515883] tcp_sacktag_walk+0x2156/0x29d0 [ 1090.515883] tcp_sacktag_write_queue+0x2805/0x4630 [ 1090.515883] tcp_ack+0x2888/0xa010 [ 1090.515883] tcp_rcv_established+0xf7e/0x2940 [ 1090.515883] tcp_v4_do_rcv+0x686/0xd80 [ 1090.515883] tcp_v4_rcv+0x5a13/0x6520 [ 1090.515883] ip_local_deliver_finish+0x8d8/0xff0 [ 1090.515883] ip_local_deliver+0x44b/0x510 [ 1090.515883] ip_rcv+0x6b6/0x740 [ 1090.515883] process_backlog+0x82b/0x11e0 [ 1090.515883] net_rx_action+0x98f/0x1d50 [ 1090.515883] __do_softirq+0x721/0xc7f [ 1090.515883] [ 1090.515883] Uninit was stored to memory at: [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] __msan_chain_origin+0x6d/0xb0 [ 1090.515883] __save_stack_trace+0x8be/0xc60 [ 1090.515883] save_stack_trace+0xc6/0x110 [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] kmsan_memcpy_origins+0x13d/0x190 [ 1090.515883] __msan_memcpy+0x6f/0x80 [ 1090.515883] pskb_expand_head+0x436/0x1d20 [ 1090.515883] skb_shift+0xce2/0x2d10 [ 1090.515883] tcp_sacktag_walk+0x2156/0x29d0 [ 1090.515883] tcp_sacktag_write_queue+0x2805/0x4630 [ 1090.515883] tcp_ack+0x2888/0xa010 [ 1090.515883] tcp_rcv_established+0xf7e/0x2940 [ 1090.515883] tcp_v4_do_rcv+0x686/0xd80 [ 1090.515883] tcp_v4_rcv+0x5a13/0x6520 [ 1090.515883] ip_local_deliver_finish+0x8d8/0xff0 [ 1090.515883] ip_local_deliver+0x44b/0x510 [ 1090.515883] ip_rcv+0x6b6/0x740 [ 1090.515883] process_backlog+0x82b/0x11e0 [ 1090.515883] net_rx_action+0x98f/0x1d50 [ 1090.515883] __do_softirq+0x721/0xc7f [ 1090.515883] [ 1090.515883] Uninit was stored to memory at: [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] __msan_chain_origin+0x6d/0xb0 [ 1090.515883] __save_stack_trace+0x8be/0xc60 [ 1090.515883] save_stack_trace+0xc6/0x110 [ 1090.515883] kmsan_internal_chain_origin+0x136/0x240 [ 1090.515883] kmsan_memcpy_origins+0x13d/0x190 [ 1090.515883] __msan_memcpy+0x6f/0x80 [ 1090.515883] pskb_expand_head+0x436/0x1d20 [ 1090.515883] skb_shift+0xce2/0x2d10 [ 1090.515883] tcp_sacktag_walk+0x2156/0x29d0 [ 1090.515883] tcp_sacktag_write_queue+0x2805/0x4630 [ 1090.515883] tcp_ack+0x2888/0xa010 [ 1090.515883] tcp_rcv_established+0xf7e/0x2940 [ 1090.515883] tcp_v4_do_rcv+0x686/0xd80 [ 1090.515883] tcp_v4_rcv+0x5a13/0x6520 [ 1090.515883] ip_local_deliver_finish+0x8d8/0xff0 [ 1090.515883] ip_local_deliver+0x44b/0x510 [ 1090.515883] ip_rcv+0x6b6/0x740 [ 1090.515883] process_backlog+0x82b/0x11e0 [ 1090.515883] net_rx_action+0x98f/0x1d50 [ 1090.515883] __do_softirq+0x721/0xc7f [ 1090.515883] [ 1090.515883] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1090.515883] Variable was created at: [ 1090.515883] ipv4_conntrack_local+0x75/0x470 [ 1090.515883] nf_hook_slow+0x15c/0x3d0 [ 1091.645366] not chained 540000 origins [ 1091.649303] CPU: 1 PID: 31697 Comm: syz-executor2 Not tainted 4.20.0-rc3+ #89 [ 1091.651792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1091.651792] Call Trace: [ 1091.651792] [ 1091.651792] dump_stack+0x32d/0x480 [ 1091.651792] kmsan_internal_chain_origin+0x222/0x240 [ 1091.651792] ? kmsan_set_origin+0x7f/0x100 [ 1091.651792] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1091.651792] ? __module_address+0x6a/0x5f0 [ 1091.651792] ? is_bpf_text_address+0x3e5/0x4d0 [ 1091.651792] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1091.651792] ? is_bpf_text_address+0x49e/0x4d0 [ 1091.651792] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1091.651792] ? __module_address+0x6a/0x5f0 [ 1091.651792] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1091.719519] ? in_task_stack+0x12c/0x210 [ 1091.719519] ? get_stack_info+0x206/0x220 [ 1091.719519] __msan_chain_origin+0x6d/0xb0 [ 1091.719519] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1091.719519] __save_stack_trace+0x8be/0xc60 [ 1091.719519] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1091.719519] save_stack_trace+0xc6/0x110 [ 1091.719519] kmsan_internal_chain_origin+0x136/0x240 [ 1091.719519] ? irq_exit+0x305/0x340 [ 1091.719519] ? do_exit+0x10f2/0x4070 [ 1091.719519] ? kmsan_internal_chain_origin+0x136/0x240 [ 1091.719519] ? kmsan_memcpy_origins+0x13d/0x190 [ 1091.719519] ? __msan_memcpy+0x6f/0x80 [ 1091.719519] ? pskb_expand_head+0x436/0x1d20 [ 1091.719519] ? skb_shift+0xce2/0x2d10 [ 1091.719519] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1091.719519] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1091.719519] ? tcp_ack+0x2888/0xa010 [ 1091.719519] ? tcp_rcv_established+0xf7e/0x2940 [ 1091.719519] ? tcp_v4_do_rcv+0x686/0xd80 [ 1091.719519] ? tcp_v4_rcv+0x5a13/0x6520 [ 1091.719519] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1091.719519] ? ip_local_deliver+0x44b/0x510 [ 1091.719519] ? ip_rcv+0x6b6/0x740 [ 1091.719519] ? process_backlog+0x82b/0x11e0 [ 1091.719519] ? net_rx_action+0x98f/0x1d50 [ 1091.719519] ? __do_softirq+0x721/0xc7f [ 1091.719519] ? irq_exit+0x305/0x340 [ 1091.719519] ? exiting_irq+0xe/0x10 [ 1091.719519] ? smp_apic_timer_interrupt+0x64/0x90 [ 1091.719519] ? apic_timer_interrupt+0xf/0x20 [ 1091.719519] ? kmsan_get_shadow_origin_ptr+0xe4/0x410 [ 1091.719519] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1091.719519] ? unmap_page_range+0x101c/0x3950 [ 1091.719519] ? unmap_single_vma+0x43f/0x5e0 [ 1091.719519] ? unmap_vmas+0x251/0x380 [ 1091.719519] ? exit_mmap+0x51e/0xa10 [ 1091.719519] ? __mmput+0x17a/0x700 [ 1091.719519] ? mmput+0x190/0x210 [ 1091.719519] ? exit_mm+0xa90/0xc70 [ 1091.893973] ? do_exit+0x10f2/0x4070 [ 1091.893973] ? do_group_exit+0x1a7/0x350 [ 1091.893973] ? get_signal+0x11e2/0x2330 [ 1091.893973] ? do_signal+0x1f3/0x2fc0 [ 1091.893973] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1091.893973] ? syscall_return_slowpath+0xed/0x730 [ 1091.893973] ? do_syscall_64+0xf5/0x110 [ 1091.893973] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1091.893973] ? __msan_get_context_state+0x9/0x20 [ 1091.893973] ? INIT_INT+0xc/0x30 [ 1091.893973] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1091.939713] kmsan_memcpy_origins+0x13d/0x190 [ 1091.939713] __msan_memcpy+0x6f/0x80 [ 1091.939713] pskb_expand_head+0x436/0x1d20 [ 1091.939713] skb_shift+0xce2/0x2d10 [ 1091.939713] tcp_sacktag_walk+0x2156/0x29d0 [ 1091.939713] tcp_sacktag_write_queue+0x2805/0x4630 [ 1091.939713] tcp_ack+0x2888/0xa010 [ 1091.939713] ? tcp_parse_options+0xbe/0x1cf0 [ 1091.939713] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1091.939713] ? tcp_parse_options+0x1c55/0x1cf0 [ 1091.939713] tcp_rcv_established+0xf7e/0x2940 [ 1091.939713] ? __msan_get_context_state+0x9/0x20 [ 1091.939713] tcp_v4_do_rcv+0x686/0xd80 [ 1091.939713] tcp_v4_rcv+0x5a13/0x6520 [ 1091.939713] ? tcp_filter+0x260/0x260 [ 1091.939713] ip_local_deliver_finish+0x8d8/0xff0 [ 1091.939713] ? nf_hook_slow+0x36f/0x3d0 [ 1091.939713] ip_local_deliver+0x44b/0x510 [ 1091.939713] ? ip_local_deliver+0x510/0x510 [ 1091.939713] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1091.939713] ip_rcv+0x6b6/0x740 [ 1091.939713] ? ip_rcv_core+0x1370/0x1370 [ 1091.939713] process_backlog+0x82b/0x11e0 [ 1091.939713] ? ip_local_deliver_finish+0xff0/0xff0 [ 1091.939713] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1091.939713] net_rx_action+0x98f/0x1d50 [ 1091.939713] ? net_tx_action+0xf20/0xf20 [ 1091.939713] __do_softirq+0x721/0xc7f [ 1091.939713] irq_exit+0x305/0x340 [ 1091.939713] exiting_irq+0xe/0x10 [ 1091.939713] smp_apic_timer_interrupt+0x64/0x90 [ 1091.939713] apic_timer_interrupt+0xf/0x20 [ 1091.939713] [ 1091.939713] RIP: 0010:kmsan_get_shadow_origin_ptr+0xe4/0x410 [ 1091.939713] Code: c2 48 d3 ea 48 85 d2 75 3f 48 89 c1 48 c1 e9 2e 75 36 48 8b 0c 25 20 6d 91 8c 48 85 c9 74 29 48 89 c2 48 c1 ea 22 48 8b 0c d1 <48> 85 c9 74 19 48 c1 e8 1b 83 e0 7f 48 c1 e0 05 48 01 c1 74 09 f6 [ 1091.939713] RSP: 0018:ffff888073b4f310 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 1091.939713] RAX: 000000000c38f568 RBX: ffffffff8c91d000 RCX: ffff88821fff1000 [ 1091.939713] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8c38f568 [ 1091.939713] RBP: ffff888073b4f340 R08: 0000000000000000 R09: ffffffffffffffff [ 1091.939713] R10: 000000ffffffffff R11: 0000000000000000 R12: 000000000c38f568 [ 1091.939713] R13: 00000000001472d5 R14: ffffffff8c91c000 R15: ffffffff8c38f568 [ 1091.939713] __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1091.939713] unmap_page_range+0x101c/0x3950 [ 1091.939713] unmap_single_vma+0x43f/0x5e0 [ 1091.939713] unmap_vmas+0x251/0x380 [ 1091.939713] exit_mmap+0x51e/0xa10 [ 1091.939713] ? __khugepaged_exit+0x6e9/0x8b0 [ 1091.939713] __mmput+0x17a/0x700 [ 1091.939713] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1091.939713] mmput+0x190/0x210 [ 1091.939713] exit_mm+0xa90/0xc70 [ 1091.939713] do_exit+0x10f2/0x4070 [ 1091.939713] do_group_exit+0x1a7/0x350 [ 1091.939713] get_signal+0x11e2/0x2330 [ 1091.939713] ? do_signal+0x1dd/0x2fc0 [ 1091.939713] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1091.939713] do_signal+0x1f3/0x2fc0 [ 1091.939713] ? kmsan_set_origin+0x7f/0x100 [ 1091.939713] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1091.939713] prepare_exit_to_usermode+0x2c9/0x4c0 [ 1091.939713] syscall_return_slowpath+0xed/0x730 [ 1091.939713] do_syscall_64+0xf5/0x110 [ 1091.939713] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1091.939713] RIP: 0033:0x457569 [ 1091.939713] Code: 83 c4 18 c3 e8 d8 64 00 00 48 8b 04 24 48 8b 4c 24 08 48 89 01 e8 d7 2d fc ff e8 22 7a fc ff b8 02 00 00 00 48 8d 0d 2a 51 0c <01> 87 01 8b 05 22 51 0c 01 83 f8 01 0f 85 8a 00 00 00 b8 01 00 00 [ 1091.939713] RSP: 002b:00007f93d5e01cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1091.939713] RAX: fffffffffffffe00 RBX: 000000000072bf08 RCX: 0000000000457569 [ 1091.939713] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08 [ 1091.939713] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1091.939713] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c [ 1091.939713] R13: 0000000000a3fb7f R14: 00007f93d5e029c0 R15: 0000000000000000 [ 1091.939713] Uninit was stored to memory at: [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] __msan_chain_origin+0x6d/0xb0 [ 1091.939713] __save_stack_trace+0x8be/0xc60 [ 1091.939713] save_stack_trace+0xc6/0x110 [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] kmsan_memcpy_origins+0x13d/0x190 [ 1091.939713] __msan_memcpy+0x6f/0x80 [ 1091.939713] pskb_expand_head+0x436/0x1d20 [ 1091.939713] skb_shift+0xce2/0x2d10 [ 1091.939713] tcp_sacktag_walk+0x2156/0x29d0 [ 1091.939713] tcp_sacktag_write_queue+0x2805/0x4630 [ 1091.939713] tcp_ack+0x2888/0xa010 [ 1091.939713] tcp_rcv_established+0xf7e/0x2940 [ 1091.939713] tcp_v4_do_rcv+0x686/0xd80 [ 1091.939713] tcp_v4_rcv+0x5a13/0x6520 [ 1091.939713] ip_local_deliver_finish+0x8d8/0xff0 [ 1091.939713] ip_local_deliver+0x44b/0x510 [ 1091.939713] ip_rcv+0x6b6/0x740 [ 1091.939713] process_backlog+0x82b/0x11e0 [ 1091.939713] net_rx_action+0x98f/0x1d50 [ 1091.939713] __do_softirq+0x721/0xc7f [ 1091.939713] [ 1091.939713] Uninit was stored to memory at: [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] __msan_chain_origin+0x6d/0xb0 [ 1091.939713] __save_stack_trace+0x8be/0xc60 [ 1091.939713] save_stack_trace+0xc6/0x110 [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] kmsan_memcpy_origins+0x13d/0x190 [ 1091.939713] __msan_memcpy+0x6f/0x80 [ 1091.939713] pskb_expand_head+0x436/0x1d20 [ 1091.939713] skb_shift+0xce2/0x2d10 [ 1091.939713] tcp_sacktag_walk+0x2156/0x29d0 [ 1091.939713] tcp_sacktag_write_queue+0x2805/0x4630 [ 1091.939713] tcp_ack+0x2888/0xa010 [ 1091.939713] tcp_rcv_established+0xf7e/0x2940 [ 1091.939713] tcp_v4_do_rcv+0x686/0xd80 [ 1091.939713] tcp_v4_rcv+0x5a13/0x6520 [ 1091.939713] ip_local_deliver_finish+0x8d8/0xff0 [ 1091.939713] ip_local_deliver+0x44b/0x510 [ 1091.939713] ip_rcv+0x6b6/0x740 [ 1091.939713] process_backlog+0x82b/0x11e0 [ 1091.939713] net_rx_action+0x98f/0x1d50 [ 1091.939713] __do_softirq+0x721/0xc7f [ 1091.939713] [ 1091.939713] Uninit was stored to memory at: [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] __msan_chain_origin+0x6d/0xb0 [ 1091.939713] __save_stack_trace+0x8be/0xc60 [ 1091.939713] save_stack_trace+0xc6/0x110 [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] kmsan_memcpy_origins+0x13d/0x190 [ 1091.939713] __msan_memcpy+0x6f/0x80 [ 1091.939713] pskb_expand_head+0x436/0x1d20 [ 1091.939713] skb_shift+0xce2/0x2d10 [ 1091.939713] tcp_sacktag_walk+0x2156/0x29d0 [ 1091.939713] tcp_sacktag_write_queue+0x2805/0x4630 [ 1091.939713] tcp_ack+0x2888/0xa010 [ 1091.939713] tcp_rcv_established+0xf7e/0x2940 [ 1091.939713] tcp_v4_do_rcv+0x686/0xd80 [ 1091.939713] tcp_v4_rcv+0x5a13/0x6520 [ 1091.939713] ip_local_deliver_finish+0x8d8/0xff0 [ 1091.939713] ip_local_deliver+0x44b/0x510 [ 1091.939713] ip_rcv+0x6b6/0x740 [ 1091.939713] process_backlog+0x82b/0x11e0 [ 1091.939713] net_rx_action+0x98f/0x1d50 [ 1091.939713] __do_softirq+0x721/0xc7f [ 1091.939713] [ 1091.939713] Uninit was stored to memory at: [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] __msan_chain_origin+0x6d/0xb0 [ 1091.939713] __save_stack_trace+0x8be/0xc60 [ 1091.939713] save_stack_trace+0xc6/0x110 [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] kmsan_memcpy_origins+0x13d/0x190 [ 1091.939713] __msan_memcpy+0x6f/0x80 [ 1091.939713] pskb_expand_head+0x436/0x1d20 [ 1091.939713] skb_shift+0xce2/0x2d10 [ 1091.939713] tcp_sacktag_walk+0x2156/0x29d0 [ 1091.939713] tcp_sacktag_write_queue+0x2805/0x4630 [ 1091.939713] tcp_ack+0x2888/0xa010 [ 1091.939713] tcp_rcv_established+0xf7e/0x2940 [ 1091.939713] tcp_v4_do_rcv+0x686/0xd80 [ 1091.939713] tcp_v4_rcv+0x5a13/0x6520 [ 1091.939713] ip_local_deliver_finish+0x8d8/0xff0 [ 1091.939713] ip_local_deliver+0x44b/0x510 [ 1091.939713] ip_rcv+0x6b6/0x740 [ 1091.939713] process_backlog+0x82b/0x11e0 [ 1091.939713] net_rx_action+0x98f/0x1d50 [ 1091.939713] __do_softirq+0x721/0xc7f [ 1091.939713] [ 1091.939713] Uninit was stored to memory at: [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] __msan_chain_origin+0x6d/0xb0 [ 1091.939713] __save_stack_trace+0x8be/0xc60 [ 1091.939713] save_stack_trace+0xc6/0x110 [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] kmsan_memcpy_origins+0x13d/0x190 [ 1091.939713] __msan_memcpy+0x6f/0x80 [ 1091.939713] pskb_expand_head+0x436/0x1d20 [ 1091.939713] skb_shift+0xce2/0x2d10 [ 1091.939713] tcp_sacktag_walk+0x2156/0x29d0 [ 1091.939713] tcp_sacktag_write_queue+0x2805/0x4630 [ 1091.939713] tcp_ack+0x2888/0xa010 [ 1091.939713] tcp_rcv_established+0xf7e/0x2940 [ 1091.939713] tcp_v4_do_rcv+0x686/0xd80 [ 1091.939713] tcp_v4_rcv+0x5a13/0x6520 [ 1091.939713] ip_local_deliver_finish+0x8d8/0xff0 [ 1091.939713] ip_local_deliver+0x44b/0x510 [ 1091.939713] ip_rcv+0x6b6/0x740 [ 1091.939713] process_backlog+0x82b/0x11e0 [ 1091.939713] net_rx_action+0x98f/0x1d50 [ 1091.939713] __do_softirq+0x721/0xc7f [ 1091.939713] [ 1091.939713] Uninit was stored to memory at: [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] __msan_chain_origin+0x6d/0xb0 [ 1091.939713] __save_stack_trace+0x8be/0xc60 [ 1091.939713] save_stack_trace+0xc6/0x110 [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] kmsan_memcpy_origins+0x13d/0x190 [ 1091.939713] __msan_memcpy+0x6f/0x80 [ 1091.939713] pskb_expand_head+0x436/0x1d20 [ 1091.939713] skb_shift+0xce2/0x2d10 [ 1091.939713] tcp_sacktag_walk+0x2156/0x29d0 [ 1091.939713] tcp_sacktag_write_queue+0x2805/0x4630 [ 1091.939713] tcp_ack+0x2888/0xa010 [ 1091.939713] tcp_rcv_established+0xf7e/0x2940 [ 1091.939713] tcp_v4_do_rcv+0x686/0xd80 [ 1091.939713] tcp_v4_rcv+0x5a13/0x6520 [ 1091.939713] ip_local_deliver_finish+0x8d8/0xff0 [ 1091.939713] ip_local_deliver+0x44b/0x510 [ 1091.939713] ip_rcv+0x6b6/0x740 [ 1091.939713] process_backlog+0x82b/0x11e0 [ 1091.939713] net_rx_action+0x98f/0x1d50 [ 1091.939713] __do_softirq+0x721/0xc7f [ 1091.939713] [ 1091.939713] Uninit was stored to memory at: [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] __msan_chain_origin+0x6d/0xb0 [ 1091.939713] __save_stack_trace+0x8be/0xc60 [ 1091.939713] save_stack_trace+0xc6/0x110 [ 1091.939713] kmsan_internal_chain_origin+0x136/0x240 [ 1091.939713] kmsan_memcpy_origins+0x13d/0x190 [ 1091.939713] __msan_memcpy+0x6f/0x80 [ 1091.939713] pskb_expand_head+0x436/0x1d20 [ 1091.939713] skb_shift+0xce2/0x2d10 [ 1091.939713] tcp_sacktag_walk+0x2156/0x29d0 [ 1091.939713] tcp_sacktag_write_queue+0x2805/0x4630 [ 1091.939713] tcp_ack+0x2888/0xa010 [ 1091.939713] tcp_rcv_established+0xf7e/0x2940 [ 1091.939713] tcp_v4_do_rcv+0x686/0xd80 [ 1091.939713] tcp_v4_rcv+0x5a13/0x6520 [ 1091.939713] ip_local_deliver_finish+0x8d8/0xff0 [ 1091.939713] ip_local_deliver+0x44b/0x510 06:20:01 executing program 5: 06:20:02 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0x10, 0x800000000002, 0x0) sendmsg$kcm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=ANY=[]}, 0x0) sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="2e000000120081aee4050cecff0e00fa078b5bdb4cb904e473730e55cff26d1b0e001200000000005e510befccd7", 0x2e}], 0x1, &(0x7f0000000200)}, 0x0) 06:20:02 executing program 1: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$netlink(0x10, 0x3, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000200)={&(0x7f0000000140), 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) 06:20:02 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") r1 = socket$netlink(0x10, 0x3, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000200)={&(0x7f0000000140), 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x24, r2, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) 06:20:03 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, &(0x7f0000000100)=0x80) 06:20:03 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000040008912, &(0x7f0000000940)="0a5c2d02402b6200007070") r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070") socketpair(0x11, 0x2, 0x6, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mmap(&(0x7f0000000000/0x5000)=nil, 0x5000, 0x2000002, 0x10031, r2, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r4, 0x0, 0x81, &(0x7f0000000800)={'filter\x00', 0x0, 0x3, 0x7e, [], 0x9, &(0x7f00000006c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000780)=""/126}, &(0x7f0000000880)=0x78) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r5, 0x894b, &(0x7f0000000100)) r6 = socket$inet6(0xa, 0x6, 0x0) setsockopt$sock_timeval(r6, 0x1, 0x14, &(0x7f0000000280)={0x0, 0x7530}, 0xfffffffffffffea3) bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r7 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x7ff}, &(0x7f0000000140)=0xffffffffffffffb8) openat$cgroup_ro(r4, &(0x7f0000000180)='pids.events\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f00000002c0)={r8, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x18}}}}, 0x84) ioctl$sock_inet_SIOCRTMSG(r7, 0x890d, &(0x7f0000000640)={0x5, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x13}}, {0x2, 0x0, @multicast1}, {0x2, 0x4e24, @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)='tunl0\x00', 0x800, 0x4, 0x7fff}) listen(r6, 0x6) getsockopt$ARPT_SO_GET_REVISION_TARGET(r5, 0x0, 0x63, &(0x7f0000000440)={'TPROXY\x00'}, &(0x7f0000000600)=0x1e) setsockopt(r7, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) r9 = socket$inet6(0xa, 0x0, 0x5) ioctl(r9, 0x8912, &(0x7f00000008c0)="153f623470a9867c6326934935a5306698b2542d4ef67d07000000531348c953f0bb718d206b0dbe53b3e000837677a4e1076435d1233940b98ba3388e3679d707995a843da372459e12c43ebfc877c9d33d8fe8f769ead91232657a9d7766cb5a17e14682a1701b5943a720bcc0e05ac1c066d064de5a01f548") socket$nl_generic(0x10, 0x3, 0x10) connect$inet(r7, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) r10 = accept(r6, 0x0, &(0x7f0000000080)=0x194) sendmsg$IPVS_CMD_DEL_DAEMON(r10, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8804081}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="20002dbd7000ffdbdf250a00000028000300080001000100030000000000000000001400020065727370616e300000000000000000000c000100080001000a000000280003001400020062637366300000000000000000000000080007004e2200000800030004"], 0x1}, 0x1, 0x0, 0x0, 0x4800}, 0x4000) ioctl(r2, 0x5, &(0x7f00000004c0)="6786597fe4190d6fdb4db780d8e82c2c065a03a51e4052f068cf751d4b8680bf22b29ef4f05579f2c64ff4a296de5713b418411f82c6bb2bf48d8ab7960c7fc3dece40cbd4244f7d4e98eb89c6b5a96210321c84bbd9a71ee9916a6bf0b834c7075725cb5fad6a8fba78cc4ede6d62b4c921a1805d6de3543ecf8df31c585cf6a579cda0541265a37f01226e36bca97611f8bfe74875aa040517f5d2725cc1a11eff7c26a8fb5aba95a1033e398870822621640c3a8c0f875b9c8cd10c81b7cb8d24dcba8d21ef165007") 06:20:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1091.939713] ip_rcv+0x6b6/0x740 [ 1091.939713] process_backlog+0x82b/0x11e0 [ 1091.939713] net_rx_action+0x98f/0x1d50 [ 1091.939713] __do_softirq+0x721/0xc7f [ 1091.939713] [ 1091.939713] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1091.939713] Variable was created at: [ 1091.939713] ipv4_conntrack_local+0x75/0x470 [ 1091.939713] nf_hook_slow+0x15c/0x3d0 [ 1093.022584] not chained 550000 origins [ 1093.026531] CPU: 1 PID: 31697 Comm: syz-executor2 Not tainted 4.20.0-rc3+ #89 [ 1093.031807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1093.031807] Call Trace: [ 1093.031807] [ 1093.031807] dump_stack+0x32d/0x480 [ 1093.031807] ? __msan_poison_alloca+0x1e0/0x270 [ 1093.031807] kmsan_internal_chain_origin+0x222/0x240 [ 1093.031807] ? set_irq_regs+0x79/0xc0 [ 1093.031807] ? ret_from_intr+0x13/0x33 [ 1093.031807] ? flat_init_apic_ldr+0x180/0x180 [ 1093.031807] ? apic_timer_interrupt+0xa/0x20 [ 1093.031807] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1093.031807] ? __module_address+0x6a/0x5f0 [ 1093.031807] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1093.031807] ? is_bpf_text_address+0x49e/0x4d0 [ 1093.031807] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1093.031807] __msan_chain_origin+0x6d/0xb0 [ 1093.031807] ? process_backlog+0x82b/0x11e0 [ 1093.031807] __save_stack_trace+0x8be/0xc60 [ 1093.031807] ? process_backlog+0x82b/0x11e0 [ 1093.031807] save_stack_trace+0xc6/0x110 [ 1093.031807] kmsan_internal_chain_origin+0x136/0x240 [ 1093.031807] ? irq_exit+0x305/0x340 [ 1093.031807] ? do_exit+0x10f2/0x4070 [ 1093.031807] ? kmsan_internal_chain_origin+0x136/0x240 [ 1093.031807] ? kmsan_memcpy_origins+0x13d/0x190 [ 1093.031807] ? __msan_memcpy+0x6f/0x80 [ 1093.031807] ? pskb_expand_head+0x436/0x1d20 [ 1093.031807] ? skb_shift+0xce2/0x2d10 [ 1093.031807] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1093.031807] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1093.031807] ? tcp_ack+0x2888/0xa010 [ 1093.031807] ? tcp_rcv_established+0xf7e/0x2940 [ 1093.031807] ? tcp_v4_do_rcv+0x686/0xd80 [ 1093.031807] ? tcp_v4_rcv+0x5a13/0x6520 [ 1093.031807] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1093.031807] ? ip_local_deliver+0x44b/0x510 [ 1093.031807] ? ip_rcv+0x6b6/0x740 [ 1093.031807] ? process_backlog+0x82b/0x11e0 [ 1093.031807] ? net_rx_action+0x98f/0x1d50 [ 1093.031807] ? __do_softirq+0x721/0xc7f [ 1093.031807] ? irq_exit+0x305/0x340 [ 1093.031807] ? exiting_irq+0xe/0x10 [ 1093.031807] ? smp_apic_timer_interrupt+0x64/0x90 [ 1093.031807] ? apic_timer_interrupt+0xf/0x20 [ 1093.031807] ? kmsan_get_shadow_origin_ptr+0xe4/0x410 [ 1093.231049] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1093.231049] ? unmap_page_range+0x101c/0x3950 [ 1093.231049] ? unmap_single_vma+0x43f/0x5e0 [ 1093.231049] ? unmap_vmas+0x251/0x380 [ 1093.231049] ? exit_mmap+0x51e/0xa10 [ 1093.231049] ? __mmput+0x17a/0x700 [ 1093.231049] ? mmput+0x190/0x210 [ 1093.231049] ? exit_mm+0xa90/0xc70 [ 1093.231049] ? do_exit+0x10f2/0x4070 [ 1093.231049] ? do_group_exit+0x1a7/0x350 [ 1093.231049] ? get_signal+0x11e2/0x2330 [ 1093.231049] ? do_signal+0x1f3/0x2fc0 [ 1093.231049] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1093.231049] ? syscall_return_slowpath+0xed/0x730 [ 1093.231049] ? do_syscall_64+0xf5/0x110 [ 1093.231049] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1093.231049] ? __msan_get_context_state+0x9/0x20 [ 1093.231049] ? INIT_INT+0xc/0x30 [ 1093.231049] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1093.231049] kmsan_memcpy_origins+0x13d/0x190 [ 1093.231049] __msan_memcpy+0x6f/0x80 [ 1093.231049] pskb_expand_head+0x436/0x1d20 [ 1093.231049] skb_shift+0xce2/0x2d10 [ 1093.231049] tcp_sacktag_walk+0x2156/0x29d0 [ 1093.231049] tcp_sacktag_write_queue+0x2805/0x4630 [ 1093.231049] tcp_ack+0x2888/0xa010 [ 1093.231049] ? tcp_parse_options+0xbe/0x1cf0 [ 1093.231049] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1093.231049] ? tcp_parse_options+0x1c55/0x1cf0 [ 1093.231049] tcp_rcv_established+0xf7e/0x2940 [ 1093.231049] ? __msan_get_context_state+0x9/0x20 [ 1093.231049] tcp_v4_do_rcv+0x686/0xd80 [ 1093.231049] tcp_v4_rcv+0x5a13/0x6520 [ 1093.231049] ? tcp_filter+0x260/0x260 [ 1093.231049] ip_local_deliver_finish+0x8d8/0xff0 [ 1093.231049] ? nf_hook_slow+0x36f/0x3d0 [ 1093.231049] ip_local_deliver+0x44b/0x510 [ 1093.231049] ? ip_local_deliver+0x510/0x510 [ 1093.231049] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1093.231049] ip_rcv+0x6b6/0x740 [ 1093.231049] ? ip_rcv_core+0x1370/0x1370 [ 1093.231049] process_backlog+0x82b/0x11e0 [ 1093.231049] ? ip_local_deliver_finish+0xff0/0xff0 [ 1093.231049] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1093.231049] net_rx_action+0x98f/0x1d50 [ 1093.231049] ? net_tx_action+0xf20/0xf20 [ 1093.231049] __do_softirq+0x721/0xc7f [ 1093.231049] irq_exit+0x305/0x340 [ 1093.231049] exiting_irq+0xe/0x10 [ 1093.231049] smp_apic_timer_interrupt+0x64/0x90 [ 1093.231049] apic_timer_interrupt+0xf/0x20 [ 1093.231049] [ 1093.231049] RIP: 0010:kmsan_get_shadow_origin_ptr+0xe4/0x410 [ 1093.231049] Code: c2 48 d3 ea 48 85 d2 75 3f 48 89 c1 48 c1 e9 2e 75 36 48 8b 0c 25 20 6d 91 8c 48 85 c9 74 29 48 89 c2 48 c1 ea 22 48 8b 0c d1 <48> 85 c9 74 19 48 c1 e8 1b 83 e0 7f 48 c1 e0 05 48 01 c1 74 09 f6 [ 1093.231049] RSP: 0018:ffff888073b4f310 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 1093.231049] RAX: 000000000c38f568 RBX: ffffffff8c91d000 RCX: ffff88821fff1000 [ 1093.231049] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8c38f568 [ 1093.231049] RBP: ffff888073b4f340 R08: 0000000000000000 R09: ffffffffffffffff [ 1093.231049] R10: 000000ffffffffff R11: 0000000000000000 R12: 000000000c38f568 [ 1093.231049] R13: 00000000001472d5 R14: ffffffff8c91c000 R15: ffffffff8c38f568 [ 1093.231049] __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1093.231049] unmap_page_range+0x101c/0x3950 [ 1093.231049] unmap_single_vma+0x43f/0x5e0 [ 1093.231049] unmap_vmas+0x251/0x380 [ 1093.231049] exit_mmap+0x51e/0xa10 [ 1093.231049] ? __khugepaged_exit+0x6e9/0x8b0 [ 1093.231049] __mmput+0x17a/0x700 [ 1093.231049] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1093.231049] mmput+0x190/0x210 [ 1093.231049] exit_mm+0xa90/0xc70 [ 1093.231049] do_exit+0x10f2/0x4070 [ 1093.231049] do_group_exit+0x1a7/0x350 [ 1093.231049] get_signal+0x11e2/0x2330 [ 1093.231049] ? do_signal+0x1dd/0x2fc0 [ 1093.231049] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1093.231049] do_signal+0x1f3/0x2fc0 [ 1093.231049] ? kmsan_set_origin+0x7f/0x100 [ 1093.231049] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1093.231049] prepare_exit_to_usermode+0x2c9/0x4c0 [ 1093.231049] syscall_return_slowpath+0xed/0x730 [ 1093.231049] do_syscall_64+0xf5/0x110 [ 1093.231049] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1093.231049] RIP: 0033:0x457569 [ 1093.231049] Code: 83 c4 18 c3 e8 d8 64 00 00 48 8b 04 24 48 8b 4c 24 08 48 89 01 e8 d7 2d fc ff e8 22 7a fc ff b8 02 00 00 00 48 8d 0d 2a 51 0c <01> 87 01 8b 05 22 51 0c 01 83 f8 01 0f 85 8a 00 00 00 b8 01 00 00 [ 1093.231049] RSP: 002b:00007f93d5e01cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1093.231049] RAX: fffffffffffffe00 RBX: 000000000072bf08 RCX: 0000000000457569 [ 1093.231049] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08 [ 1093.231049] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1093.231049] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c [ 1093.231049] R13: 0000000000a3fb7f R14: 00007f93d5e029c0 R15: 0000000000000000 [ 1093.231049] Uninit was stored to memory at: [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] __msan_chain_origin+0x6d/0xb0 [ 1093.231049] __save_stack_trace+0x8be/0xc60 [ 1093.231049] save_stack_trace+0xc6/0x110 [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] kmsan_memcpy_origins+0x13d/0x190 [ 1093.231049] __msan_memcpy+0x6f/0x80 [ 1093.231049] pskb_expand_head+0x436/0x1d20 [ 1093.231049] skb_shift+0xce2/0x2d10 [ 1093.231049] tcp_sacktag_walk+0x2156/0x29d0 [ 1093.231049] tcp_sacktag_write_queue+0x2805/0x4630 [ 1093.231049] tcp_ack+0x2888/0xa010 [ 1093.231049] tcp_rcv_established+0xf7e/0x2940 [ 1093.231049] tcp_v4_do_rcv+0x686/0xd80 [ 1093.231049] tcp_v4_rcv+0x5a13/0x6520 [ 1093.231049] ip_local_deliver_finish+0x8d8/0xff0 [ 1093.231049] ip_local_deliver+0x44b/0x510 [ 1093.231049] ip_rcv+0x6b6/0x740 [ 1093.231049] process_backlog+0x82b/0x11e0 [ 1093.231049] net_rx_action+0x98f/0x1d50 [ 1093.231049] __do_softirq+0x721/0xc7f [ 1093.231049] [ 1093.231049] Uninit was stored to memory at: [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] __msan_chain_origin+0x6d/0xb0 [ 1093.231049] __save_stack_trace+0x8be/0xc60 [ 1093.231049] save_stack_trace+0xc6/0x110 [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] kmsan_memcpy_origins+0x13d/0x190 [ 1093.231049] __msan_memcpy+0x6f/0x80 [ 1093.231049] pskb_expand_head+0x436/0x1d20 [ 1093.231049] skb_shift+0xce2/0x2d10 [ 1093.231049] tcp_sacktag_walk+0x2156/0x29d0 [ 1093.231049] tcp_sacktag_write_queue+0x2805/0x4630 [ 1093.231049] tcp_ack+0x2888/0xa010 [ 1093.231049] tcp_rcv_established+0xf7e/0x2940 [ 1093.231049] tcp_v4_do_rcv+0x686/0xd80 [ 1093.231049] tcp_v4_rcv+0x5a13/0x6520 [ 1093.231049] ip_local_deliver_finish+0x8d8/0xff0 [ 1093.231049] ip_local_deliver+0x44b/0x510 [ 1093.231049] ip_rcv+0x6b6/0x740 [ 1093.231049] process_backlog+0x82b/0x11e0 [ 1093.231049] net_rx_action+0x98f/0x1d50 [ 1093.231049] __do_softirq+0x721/0xc7f [ 1093.231049] [ 1093.231049] Uninit was stored to memory at: [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] __msan_chain_origin+0x6d/0xb0 [ 1093.231049] __save_stack_trace+0x8be/0xc60 [ 1093.231049] save_stack_trace+0xc6/0x110 [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] kmsan_memcpy_origins+0x13d/0x190 [ 1093.231049] __msan_memcpy+0x6f/0x80 [ 1093.231049] pskb_expand_head+0x436/0x1d20 [ 1093.231049] skb_shift+0xce2/0x2d10 [ 1093.231049] tcp_sacktag_walk+0x2156/0x29d0 [ 1093.231049] tcp_sacktag_write_queue+0x2805/0x4630 [ 1093.231049] tcp_ack+0x2888/0xa010 [ 1093.231049] tcp_rcv_established+0xf7e/0x2940 [ 1093.231049] tcp_v4_do_rcv+0x686/0xd80 [ 1093.231049] tcp_v4_rcv+0x5a13/0x6520 [ 1093.231049] ip_local_deliver_finish+0x8d8/0xff0 [ 1093.231049] ip_local_deliver+0x44b/0x510 [ 1093.231049] ip_rcv+0x6b6/0x740 [ 1093.231049] process_backlog+0x82b/0x11e0 [ 1093.231049] net_rx_action+0x98f/0x1d50 [ 1093.231049] __do_softirq+0x721/0xc7f [ 1093.231049] [ 1093.231049] Uninit was stored to memory at: [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] __msan_chain_origin+0x6d/0xb0 [ 1093.231049] __save_stack_trace+0x8be/0xc60 [ 1093.231049] save_stack_trace+0xc6/0x110 [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] kmsan_memcpy_origins+0x13d/0x190 [ 1093.231049] __msan_memcpy+0x6f/0x80 [ 1093.231049] pskb_expand_head+0x436/0x1d20 [ 1093.231049] skb_shift+0xce2/0x2d10 [ 1093.231049] tcp_sacktag_walk+0x2156/0x29d0 [ 1093.231049] tcp_sacktag_write_queue+0x2805/0x4630 [ 1093.231049] tcp_ack+0x2888/0xa010 [ 1093.231049] tcp_rcv_established+0xf7e/0x2940 [ 1093.231049] tcp_v4_do_rcv+0x686/0xd80 [ 1093.231049] tcp_v4_rcv+0x5a13/0x6520 [ 1093.231049] ip_local_deliver_finish+0x8d8/0xff0 [ 1093.231049] ip_local_deliver+0x44b/0x510 [ 1093.231049] ip_rcv+0x6b6/0x740 [ 1093.231049] process_backlog+0x82b/0x11e0 [ 1093.231049] net_rx_action+0x98f/0x1d50 [ 1093.231049] __do_softirq+0x721/0xc7f [ 1093.231049] [ 1093.231049] Uninit was stored to memory at: [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] __msan_chain_origin+0x6d/0xb0 [ 1093.231049] __save_stack_trace+0x8be/0xc60 [ 1093.231049] save_stack_trace+0xc6/0x110 [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] kmsan_memcpy_origins+0x13d/0x190 [ 1093.231049] __msan_memcpy+0x6f/0x80 [ 1093.231049] pskb_expand_head+0x436/0x1d20 [ 1093.231049] skb_shift+0xce2/0x2d10 [ 1093.231049] tcp_sacktag_walk+0x2156/0x29d0 [ 1093.231049] tcp_sacktag_write_queue+0x2805/0x4630 [ 1093.231049] tcp_ack+0x2888/0xa010 [ 1093.231049] tcp_rcv_established+0xf7e/0x2940 [ 1093.231049] tcp_v4_do_rcv+0x686/0xd80 [ 1093.231049] tcp_v4_rcv+0x5a13/0x6520 [ 1093.231049] ip_local_deliver_finish+0x8d8/0xff0 [ 1093.231049] ip_local_deliver+0x44b/0x510 [ 1093.231049] ip_rcv+0x6b6/0x740 [ 1093.231049] process_backlog+0x82b/0x11e0 [ 1093.231049] net_rx_action+0x98f/0x1d50 [ 1093.231049] __do_softirq+0x721/0xc7f [ 1093.231049] [ 1093.231049] Uninit was stored to memory at: [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] __msan_chain_origin+0x6d/0xb0 [ 1093.231049] __save_stack_trace+0x8be/0xc60 [ 1093.231049] save_stack_trace+0xc6/0x110 [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] kmsan_memcpy_origins+0x13d/0x190 [ 1093.231049] __msan_memcpy+0x6f/0x80 [ 1093.231049] pskb_expand_head+0x436/0x1d20 [ 1093.231049] skb_shift+0xce2/0x2d10 [ 1093.231049] tcp_sacktag_walk+0x2156/0x29d0 [ 1093.231049] tcp_sacktag_write_queue+0x2805/0x4630 [ 1093.231049] tcp_ack+0x2888/0xa010 [ 1093.231049] tcp_rcv_established+0xf7e/0x2940 [ 1093.231049] tcp_v4_do_rcv+0x686/0xd80 [ 1093.231049] tcp_v4_rcv+0x5a13/0x6520 [ 1093.231049] ip_local_deliver_finish+0x8d8/0xff0 [ 1093.231049] ip_local_deliver+0x44b/0x510 [ 1093.231049] ip_rcv+0x6b6/0x740 [ 1093.231049] process_backlog+0x82b/0x11e0 [ 1093.231049] net_rx_action+0x98f/0x1d50 [ 1093.231049] __do_softirq+0x721/0xc7f [ 1093.231049] [ 1093.231049] Uninit was stored to memory at: [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] __msan_chain_origin+0x6d/0xb0 [ 1093.231049] __save_stack_trace+0x8be/0xc60 [ 1093.231049] save_stack_trace+0xc6/0x110 [ 1093.231049] kmsan_internal_chain_origin+0x136/0x240 [ 1093.231049] kmsan_memcpy_origins+0x13d/0x190 [ 1093.231049] __msan_memcpy+0x6f/0x80 [ 1093.231049] pskb_expand_head+0x436/0x1d20 [ 1093.231049] skb_shift+0xce2/0x2d10 [ 1093.231049] tcp_sacktag_walk+0x2156/0x29d0 [ 1093.231049] tcp_sacktag_write_queue+0x2805/0x4630 [ 1093.231049] tcp_ack+0x2888/0xa010 [ 1093.231049] tcp_rcv_established+0xf7e/0x2940 [ 1093.231049] tcp_v4_do_rcv+0x686/0xd80 [ 1093.231049] tcp_v4_rcv+0x5a13/0x6520 [ 1093.231049] ip_local_deliver_finish+0x8d8/0xff0 [ 1093.231049] ip_local_deliver+0x44b/0x510 [ 1093.231049] ip_rcv+0x6b6/0x740 [ 1093.231049] process_backlog+0x82b/0x11e0 [ 1093.231049] net_rx_action+0x98f/0x1d50 [ 1093.231049] __do_softirq+0x721/0xc7f [ 1093.231049] [ 1093.231049] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1093.231049] Variable was created at: [ 1093.231049] ipv4_conntrack_local+0x75/0x470 [ 1093.231049] nf_hook_slow+0x15c/0x3d0 [ 1094.427796] not chained 560000 origins [ 1094.431745] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc3+ #89 [ 1094.431789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1094.431789] Call Trace: [ 1094.431789] dump_stack+0x32d/0x480 [ 1094.431789] kmsan_internal_chain_origin+0x222/0x240 [ 1094.431789] ? kmsan_set_origin+0x7f/0x100 [ 1094.431789] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1094.431789] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1094.431789] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1094.431789] ? in_task_stack+0x12c/0x210 [ 1094.431789] ? task_kmsan_context_state+0x51/0x90 [ 1094.431789] ? __msan_get_context_state+0x9/0x20 [ 1094.431789] ? __kernel_text_address+0x19/0x350 [ 1094.431789] ? ret_from_fork+0x35/0x40 [ 1094.431789] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1094.431789] ? in_task_stack+0x12c/0x210 [ 1094.431789] __msan_chain_origin+0x6d/0xb0 [ 1094.431789] ? kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] __save_stack_trace+0x8be/0xc60 [ 1094.431789] ? kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] save_stack_trace+0xc6/0x110 [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] ? run_ksoftirqd+0x37/0x60 [ 1094.431789] ? kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] ? kmsan_memcpy_origins+0x13d/0x190 [ 1094.431789] ? __msan_memcpy+0x6f/0x80 [ 1094.431789] ? pskb_expand_head+0x436/0x1d20 [ 1094.431789] ? skb_shift+0xce2/0x2d10 [ 1094.431789] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1094.431789] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1094.431789] ? tcp_ack+0x2888/0xa010 [ 1094.431789] ? tcp_rcv_established+0xf7e/0x2940 [ 1094.431789] ? tcp_v4_do_rcv+0x686/0xd80 [ 1094.431789] ? tcp_v4_rcv+0x5a13/0x6520 [ 1094.431789] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1094.431789] ? ip_local_deliver+0x44b/0x510 [ 1094.431789] ? ip_rcv+0x6b6/0x740 [ 1094.431789] ? process_backlog+0x82b/0x11e0 [ 1094.431789] ? net_rx_action+0x98f/0x1d50 [ 1094.431789] ? __do_softirq+0x721/0xc7f [ 1094.431789] ? run_ksoftirqd+0x37/0x60 [ 1094.431789] ? smpboot_thread_fn+0x69c/0xb30 [ 1094.431789] ? kthread+0x5e7/0x620 [ 1094.431789] ? ret_from_fork+0x35/0x40 [ 1094.431789] ? memcg_kmem_put_cache+0x73/0x460 [ 1094.431789] ? __kmalloc_node_track_caller+0x1010/0x14e0 [ 1094.431789] ? __msan_get_context_state+0x9/0x20 [ 1094.431789] ? INIT_INT+0xc/0x30 [ 1094.431789] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1094.431789] kmsan_memcpy_origins+0x13d/0x190 [ 1094.431789] __msan_memcpy+0x6f/0x80 [ 1094.431789] pskb_expand_head+0x436/0x1d20 [ 1094.431789] skb_shift+0xce2/0x2d10 [ 1094.431789] tcp_sacktag_walk+0x2156/0x29d0 [ 1094.431789] tcp_sacktag_write_queue+0x2805/0x4630 [ 1094.431789] tcp_ack+0x2888/0xa010 [ 1094.431789] ? tcp_parse_options+0xbe/0x1cf0 [ 1094.431789] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1094.431789] ? tcp_parse_options+0x1c55/0x1cf0 [ 1094.431789] tcp_rcv_established+0xf7e/0x2940 [ 1094.431789] ? __msan_get_context_state+0x9/0x20 [ 1094.431789] tcp_v4_do_rcv+0x686/0xd80 [ 1094.431789] tcp_v4_rcv+0x5a13/0x6520 [ 1094.431789] ? tcp_filter+0x260/0x260 [ 1094.431789] ip_local_deliver_finish+0x8d8/0xff0 [ 1094.431789] ? nf_hook_slow+0x36f/0x3d0 [ 1094.431789] ip_local_deliver+0x44b/0x510 [ 1094.431789] ? ip_local_deliver+0x510/0x510 [ 1094.431789] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1094.431789] ip_rcv+0x6b6/0x740 [ 1094.431789] ? ip_rcv_core+0x1370/0x1370 [ 1094.431789] process_backlog+0x82b/0x11e0 [ 1094.431789] ? ip_local_deliver_finish+0xff0/0xff0 [ 1094.431789] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1094.431789] net_rx_action+0x98f/0x1d50 [ 1094.431789] ? net_tx_action+0xf20/0xf20 [ 1094.431789] __do_softirq+0x721/0xc7f [ 1094.431789] ? ksoftirqd_should_run+0x50/0x50 [ 1094.431789] run_ksoftirqd+0x37/0x60 [ 1094.431789] smpboot_thread_fn+0x69c/0xb30 [ 1094.431789] kthread+0x5e7/0x620 [ 1094.431789] ? cpu_report_death+0x4a0/0x4a0 [ 1094.431789] ? INIT_BOOL+0x30/0x30 [ 1094.431789] ret_from_fork+0x35/0x40 [ 1094.431789] Uninit was stored to memory at: [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] __msan_chain_origin+0x6d/0xb0 [ 1094.431789] __save_stack_trace+0x8be/0xc60 [ 1094.431789] save_stack_trace+0xc6/0x110 [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] kmsan_memcpy_origins+0x13d/0x190 [ 1094.431789] __msan_memcpy+0x6f/0x80 [ 1094.431789] pskb_expand_head+0x436/0x1d20 [ 1094.431789] skb_shift+0xce2/0x2d10 [ 1094.431789] tcp_sacktag_walk+0x2156/0x29d0 [ 1094.431789] tcp_sacktag_write_queue+0x2805/0x4630 [ 1094.431789] tcp_ack+0x2888/0xa010 [ 1094.431789] tcp_rcv_established+0xf7e/0x2940 [ 1094.431789] tcp_v4_do_rcv+0x686/0xd80 [ 1094.431789] tcp_v4_rcv+0x5a13/0x6520 [ 1094.431789] ip_local_deliver_finish+0x8d8/0xff0 [ 1094.431789] ip_local_deliver+0x44b/0x510 [ 1094.431789] ip_rcv+0x6b6/0x740 [ 1094.431789] process_backlog+0x82b/0x11e0 [ 1094.431789] net_rx_action+0x98f/0x1d50 [ 1094.431789] __do_softirq+0x721/0xc7f [ 1094.431789] [ 1094.431789] Uninit was stored to memory at: [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] __msan_chain_origin+0x6d/0xb0 [ 1094.431789] __save_stack_trace+0x8be/0xc60 [ 1094.431789] save_stack_trace+0xc6/0x110 [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] kmsan_memcpy_origins+0x13d/0x190 [ 1094.431789] __msan_memcpy+0x6f/0x80 [ 1094.431789] pskb_expand_head+0x436/0x1d20 [ 1094.431789] skb_shift+0xce2/0x2d10 [ 1094.431789] tcp_sacktag_walk+0x2156/0x29d0 [ 1094.431789] tcp_sacktag_write_queue+0x2805/0x4630 [ 1094.431789] tcp_ack+0x2888/0xa010 [ 1094.431789] tcp_rcv_established+0xf7e/0x2940 [ 1094.431789] tcp_v4_do_rcv+0x686/0xd80 [ 1094.431789] tcp_v4_rcv+0x5a13/0x6520 [ 1094.431789] ip_local_deliver_finish+0x8d8/0xff0 [ 1094.431789] ip_local_deliver+0x44b/0x510 [ 1094.431789] ip_rcv+0x6b6/0x740 [ 1094.431789] process_backlog+0x82b/0x11e0 [ 1094.431789] net_rx_action+0x98f/0x1d50 [ 1094.431789] __do_softirq+0x721/0xc7f [ 1094.431789] [ 1094.431789] Uninit was stored to memory at: [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] __msan_chain_origin+0x6d/0xb0 [ 1094.431789] __save_stack_trace+0x8be/0xc60 [ 1094.431789] save_stack_trace+0xc6/0x110 [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] kmsan_memcpy_origins+0x13d/0x190 [ 1094.431789] __msan_memcpy+0x6f/0x80 [ 1094.431789] pskb_expand_head+0x436/0x1d20 [ 1094.431789] skb_shift+0xce2/0x2d10 [ 1094.431789] tcp_sacktag_walk+0x2156/0x29d0 [ 1094.431789] tcp_sacktag_write_queue+0x2805/0x4630 [ 1094.431789] tcp_ack+0x2888/0xa010 [ 1094.431789] tcp_rcv_established+0xf7e/0x2940 [ 1094.431789] tcp_v4_do_rcv+0x686/0xd80 [ 1094.431789] tcp_v4_rcv+0x5a13/0x6520 [ 1094.431789] ip_local_deliver_finish+0x8d8/0xff0 [ 1094.431789] ip_local_deliver+0x44b/0x510 [ 1094.431789] ip_rcv+0x6b6/0x740 [ 1094.431789] process_backlog+0x82b/0x11e0 [ 1094.431789] net_rx_action+0x98f/0x1d50 [ 1094.431789] __do_softirq+0x721/0xc7f [ 1094.431789] [ 1094.431789] Uninit was stored to memory at: [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] __msan_chain_origin+0x6d/0xb0 [ 1094.431789] __save_stack_trace+0x8be/0xc60 [ 1094.431789] save_stack_trace+0xc6/0x110 [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] kmsan_memcpy_origins+0x13d/0x190 [ 1094.431789] __msan_memcpy+0x6f/0x80 [ 1094.431789] pskb_expand_head+0x436/0x1d20 [ 1094.431789] skb_shift+0xce2/0x2d10 [ 1094.431789] tcp_sacktag_walk+0x2156/0x29d0 [ 1094.431789] tcp_sacktag_write_queue+0x2805/0x4630 [ 1094.431789] tcp_ack+0x2888/0xa010 [ 1094.431789] tcp_rcv_established+0xf7e/0x2940 [ 1094.431789] tcp_v4_do_rcv+0x686/0xd80 [ 1094.431789] tcp_v4_rcv+0x5a13/0x6520 [ 1094.431789] ip_local_deliver_finish+0x8d8/0xff0 [ 1094.431789] ip_local_deliver+0x44b/0x510 [ 1094.431789] ip_rcv+0x6b6/0x740 [ 1094.431789] process_backlog+0x82b/0x11e0 [ 1094.431789] net_rx_action+0x98f/0x1d50 [ 1094.431789] __do_softirq+0x721/0xc7f [ 1094.431789] [ 1094.431789] Uninit was stored to memory at: [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] __msan_chain_origin+0x6d/0xb0 [ 1094.431789] __save_stack_trace+0x8be/0xc60 [ 1094.431789] save_stack_trace+0xc6/0x110 [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] kmsan_memcpy_origins+0x13d/0x190 [ 1094.431789] __msan_memcpy+0x6f/0x80 [ 1094.431789] pskb_expand_head+0x436/0x1d20 [ 1094.431789] skb_shift+0xce2/0x2d10 [ 1094.431789] tcp_sacktag_walk+0x2156/0x29d0 [ 1094.431789] tcp_sacktag_write_queue+0x2805/0x4630 [ 1094.431789] tcp_ack+0x2888/0xa010 [ 1094.431789] tcp_rcv_established+0xf7e/0x2940 [ 1094.431789] tcp_v4_do_rcv+0x686/0xd80 [ 1094.431789] tcp_v4_rcv+0x5a13/0x6520 [ 1094.431789] ip_local_deliver_finish+0x8d8/0xff0 [ 1094.431789] ip_local_deliver+0x44b/0x510 [ 1094.431789] ip_rcv+0x6b6/0x740 [ 1094.431789] process_backlog+0x82b/0x11e0 [ 1094.431789] net_rx_action+0x98f/0x1d50 [ 1094.431789] __do_softirq+0x721/0xc7f [ 1094.431789] [ 1094.431789] Uninit was stored to memory at: [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] __msan_chain_origin+0x6d/0xb0 [ 1094.431789] __save_stack_trace+0x8be/0xc60 [ 1094.431789] save_stack_trace+0xc6/0x110 [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] kmsan_memcpy_origins+0x13d/0x190 [ 1094.431789] __msan_memcpy+0x6f/0x80 [ 1094.431789] pskb_expand_head+0x436/0x1d20 [ 1094.431789] skb_shift+0xce2/0x2d10 [ 1094.431789] tcp_sacktag_walk+0x2156/0x29d0 [ 1094.431789] tcp_sacktag_write_queue+0x2805/0x4630 [ 1094.431789] tcp_ack+0x2888/0xa010 [ 1094.431789] tcp_rcv_established+0xf7e/0x2940 [ 1094.431789] tcp_v4_do_rcv+0x686/0xd80 [ 1094.431789] tcp_v4_rcv+0x5a13/0x6520 [ 1094.431789] ip_local_deliver_finish+0x8d8/0xff0 [ 1094.431789] ip_local_deliver+0x44b/0x510 [ 1094.431789] ip_rcv+0x6b6/0x740 [ 1094.431789] process_backlog+0x82b/0x11e0 [ 1094.431789] net_rx_action+0x98f/0x1d50 [ 1094.431789] __do_softirq+0x721/0xc7f [ 1094.431789] [ 1094.431789] Uninit was stored to memory at: [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] __msan_chain_origin+0x6d/0xb0 [ 1094.431789] __save_stack_trace+0x8be/0xc60 [ 1094.431789] save_stack_trace+0xc6/0x110 [ 1094.431789] kmsan_internal_chain_origin+0x136/0x240 [ 1094.431789] kmsan_memcpy_origins+0x13d/0x190 [ 1094.431789] __msan_memcpy+0x6f/0x80 [ 1094.431789] pskb_expand_head+0x436/0x1d20 [ 1094.431789] skb_shift+0xce2/0x2d10 [ 1094.431789] tcp_sacktag_walk+0x2156/0x29d0 [ 1094.431789] tcp_sacktag_write_queue+0x2805/0x4630 [ 1094.431789] tcp_ack+0x2888/0xa010 [ 1094.431789] tcp_rcv_established+0xf7e/0x2940 [ 1094.431789] tcp_v4_do_rcv+0x686/0xd80 [ 1094.431789] tcp_v4_rcv+0x5a13/0x6520 [ 1094.431789] ip_local_deliver_finish+0x8d8/0xff0 [ 1094.431789] ip_local_deliver+0x44b/0x510 [ 1094.431789] ip_rcv+0x6b6/0x740 [ 1094.431789] process_backlog+0x82b/0x11e0 [ 1094.431789] net_rx_action+0x98f/0x1d50 [ 1094.431789] __do_softirq+0x721/0xc7f [ 1094.431789] [ 1094.431789] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1094.431789] Variable was created at: [ 1094.431789] ipv4_conntrack_local+0x75/0x470 [ 1094.431789] nf_hook_slow+0x15c/0x3d0 06:20:06 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair(0x0, 0x0, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000180)='\x00'}, 0x10) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f0000000300)={0x100, {{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}}}, 0x88) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000140)=0x78, 0x4) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r2, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000100), 0x921b527a62bfdc30) recvmsg(r2, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f00000002c0)=""/20, 0x14}, 0x100) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfef1) 06:20:06 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:06 executing program 4: unshare(0x24020400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 06:20:06 executing program 5: getsockname$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000540)='teql0\x00') ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000500)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r2, 0x80045432, 0x70affb) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x75, 0x4) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000400)={'raw\x00'}, &(0x7f00000000c0)=0x54) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) 06:20:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000027000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000000)="2ef26db80e0000000f23c80f21f8350800c0000f23f8d39d00100000eacc4e0000f700660f3839d13e660f38806cbf07440f20c0350c000000440f22c02e0f300f228266baa100ec", 0x48}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:20:07 executing program 4: 06:20:07 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) [ 1096.139525] dccp_close: ABORT with 1 bytes unread 06:20:07 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000040008912, &(0x7f0000000940)="0a5c2d02402b6200007070") r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070") socketpair(0x11, 0x2, 0x6, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mmap(&(0x7f0000000000/0x5000)=nil, 0x5000, 0x2000002, 0x10031, r2, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r4, 0x0, 0x81, &(0x7f0000000800)={'filter\x00', 0x0, 0x3, 0x7e, [], 0x9, &(0x7f00000006c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000780)=""/126}, &(0x7f0000000880)=0x78) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r5, 0x894b, &(0x7f0000000100)) r6 = socket$inet6(0xa, 0x6, 0x0) setsockopt$sock_timeval(r6, 0x1, 0x14, &(0x7f0000000280)={0x0, 0x7530}, 0xfffffffffffffea3) bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r7 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x7ff}, &(0x7f0000000140)=0xffffffffffffffb8) openat$cgroup_ro(r4, &(0x7f0000000180)='pids.events\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f00000002c0)={r8, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x18}}}}, 0x84) ioctl$sock_inet_SIOCRTMSG(r7, 0x890d, &(0x7f0000000640)={0x5, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x13}}, {0x2, 0x0, @multicast1}, {0x2, 0x4e24, @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)='tunl0\x00', 0x800, 0x4, 0x7fff}) listen(r6, 0x6) getsockopt$ARPT_SO_GET_REVISION_TARGET(r5, 0x0, 0x63, &(0x7f0000000440)={'TPROXY\x00'}, &(0x7f0000000600)=0x1e) setsockopt(r7, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) r9 = socket$inet6(0xa, 0x0, 0x5) ioctl(r9, 0x8912, &(0x7f00000008c0)="153f623470a9867c6326934935a5306698b2542d4ef67d07000000531348c953f0bb718d206b0dbe53b3e000837677a4e1076435d1233940b98ba3388e3679d707995a843da372459e12c43ebfc877c9d33d8fe8f769ead91232657a9d7766cb5a17e14682a1701b5943a720bcc0e05ac1c066d064de5a01f548") socket$nl_generic(0x10, 0x3, 0x10) connect$inet(r7, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) r10 = accept(r6, 0x0, &(0x7f0000000080)=0x194) sendmsg$IPVS_CMD_DEL_DAEMON(r10, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8804081}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="20002dbd7000ffdbdf250a00000028000300080001000100030000000000000000001400020065727370616e300000000000000000000c000100080001000a000000280003001400020062637366300000000000000000000000080007004e2200000800030004"], 0x1}, 0x1, 0x0, 0x0, 0x4800}, 0x4000) ioctl(r2, 0x5, &(0x7f00000004c0)="6786597fe4190d6fdb4db780d8e82c2c065a03a51e4052f068cf751d4b8680bf22b29ef4f05579f2c64ff4a296de5713b418411f82c6bb2bf48d8ab7960c7fc3dece40cbd4244f7d4e98eb89c6b5a96210321c84bbd9a71ee9916a6bf0b834c7075725cb5fad6a8fba78cc4ede6d62b4c921a1805d6de3543ecf8df31c585cf6a579cda0541265a37f01226e36bca97611f8bfe74875aa040517f5d2725cc1a11eff7c26a8fb5aba95a1033e398870822621640c3a8c0f875b9c8cd10c81b7cb8d24dcba8d21ef165007") [ 1096.363508] not chained 570000 origins [ 1096.367472] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc3+ #89 [ 1096.371797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1096.371797] Call Trace: [ 1096.371797] dump_stack+0x32d/0x480 [ 1096.371797] kmsan_internal_chain_origin+0x222/0x240 [ 1096.371797] ? kmsan_set_origin+0x7f/0x100 [ 1096.371797] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1096.371797] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1096.371797] ? in_task_stack+0x12c/0x210 [ 1096.371797] ? task_kmsan_context_state+0x51/0x90 [ 1096.419071] ? __msan_get_context_state+0x9/0x20 [ 1096.419071] ? __kernel_text_address+0x19/0x350 [ 1096.419071] ? ret_from_fork+0x35/0x40 [ 1096.419071] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1096.419071] ? in_task_stack+0x12c/0x210 [ 1096.419071] __msan_chain_origin+0x6d/0xb0 [ 1096.419071] ? kmsan_internal_chain_origin+0x136/0x240 [ 1096.419071] __save_stack_trace+0x8be/0xc60 [ 1096.419071] ? kmsan_internal_chain_origin+0x136/0x240 [ 1096.419071] save_stack_trace+0xc6/0x110 [ 1096.419071] kmsan_internal_chain_origin+0x136/0x240 [ 1096.419071] ? run_ksoftirqd+0x37/0x60 [ 1096.419071] ? kmsan_internal_chain_origin+0x136/0x240 [ 1096.476913] ? kmsan_memcpy_origins+0x13d/0x190 [ 1096.476913] ? __msan_memcpy+0x6f/0x80 [ 1096.476913] ? pskb_expand_head+0x436/0x1d20 [ 1096.476913] ? skb_shift+0xfc3/0x2d10 [ 1096.476913] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1096.476913] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1096.476913] ? tcp_ack+0x2888/0xa010 [ 1096.510282] ? tcp_rcv_established+0xf7e/0x2940 [ 1096.513485] ? tcp_v4_do_rcv+0x686/0xd80 [ 1096.513485] ? tcp_v4_rcv+0x5a13/0x6520 [ 1096.513485] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1096.513485] ? ip_local_deliver+0x44b/0x510 [ 1096.513485] ? ip_rcv+0x6b6/0x740 [ 1096.513485] ? process_backlog+0x82b/0x11e0 [ 1096.513485] ? net_rx_action+0x98f/0x1d50 [ 1096.513485] ? __do_softirq+0x721/0xc7f [ 1096.513485] ? run_ksoftirqd+0x37/0x60 [ 1096.551279] ? smpboot_thread_fn+0x69c/0xb30 [ 1096.551279] ? kthread+0x5e7/0x620 [ 1096.551279] ? ret_from_fork+0x35/0x40 [ 1096.563315] ? memcg_kmem_put_cache+0x73/0x460 [ 1096.563315] ? __kmalloc_node_track_caller+0x1010/0x14e0 [ 1096.563315] ? __msan_get_context_state+0x9/0x20 [ 1096.577508] ? INIT_INT+0xc/0x30 [ 1096.577508] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1096.577508] kmsan_memcpy_origins+0x13d/0x190 [ 1096.577508] __msan_memcpy+0x6f/0x80 [ 1096.577508] pskb_expand_head+0x436/0x1d20 [ 1096.577508] skb_shift+0xfc3/0x2d10 [ 1096.577508] tcp_sacktag_walk+0x2156/0x29d0 [ 1096.577508] tcp_sacktag_write_queue+0x2805/0x4630 [ 1096.577508] tcp_ack+0x2888/0xa010 [ 1096.577508] ? tcp_parse_options+0xbe/0x1cf0 [ 1096.577508] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1096.577508] ? tcp_parse_options+0x1c55/0x1cf0 [ 1096.577508] tcp_rcv_established+0xf7e/0x2940 [ 1096.577508] ? __msan_get_context_state+0x9/0x20 [ 1096.577508] tcp_v4_do_rcv+0x686/0xd80 [ 1096.577508] tcp_v4_rcv+0x5a13/0x6520 [ 1096.577508] ? tcp_filter+0x260/0x260 [ 1096.577508] ip_local_deliver_finish+0x8d8/0xff0 [ 1096.577508] ? nf_hook_slow+0x36f/0x3d0 [ 1096.577508] ip_local_deliver+0x44b/0x510 [ 1096.577508] ? ip_local_deliver+0x510/0x510 [ 1096.577508] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1096.577508] ip_rcv+0x6b6/0x740 [ 1096.577508] ? ip_rcv_core+0x1370/0x1370 [ 1096.577508] process_backlog+0x82b/0x11e0 [ 1096.577508] ? ip_local_deliver_finish+0xff0/0xff0 [ 1096.577508] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1096.577508] net_rx_action+0x98f/0x1d50 [ 1096.577508] ? net_tx_action+0xf20/0xf20 [ 1096.577508] __do_softirq+0x721/0xc7f [ 1096.577508] ? ksoftirqd_should_run+0x50/0x50 [ 1096.577508] run_ksoftirqd+0x37/0x60 [ 1096.577508] smpboot_thread_fn+0x69c/0xb30 [ 1096.720587] kthread+0x5e7/0x620 [ 1096.720587] ? cpu_report_death+0x4a0/0x4a0 [ 1096.720587] ? INIT_BOOL+0x30/0x30 [ 1096.720587] ret_from_fork+0x35/0x40 [ 1096.720587] Uninit was stored to memory at: [ 1096.720587] kmsan_internal_chain_origin+0x136/0x240 [ 1096.720587] __msan_chain_origin+0x6d/0xb0 [ 1096.720587] __save_stack_trace+0x8be/0xc60 [ 1096.720587] save_stack_trace+0xc6/0x110 [ 1096.720587] kmsan_internal_chain_origin+0x136/0x240 [ 1096.758214] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. [ 1096.720587] kmsan_memcpy_origins+0x13d/0x190 [ 1096.720587] __msan_memcpy+0x6f/0x80 [ 1096.720587] pskb_expand_head+0x436/0x1d20 [ 1096.720587] skb_shift+0xce2/0x2d10 [ 1096.720587] tcp_sacktag_walk+0x2156/0x29d0 [ 1096.720587] tcp_sacktag_write_queue+0x2805/0x4630 [ 1096.720587] tcp_ack+0x2888/0xa010 [ 1096.720587] tcp_rcv_established+0xf7e/0x2940 [ 1096.720587] tcp_v4_do_rcv+0x686/0xd80 [ 1096.720587] tcp_v4_rcv+0x5a13/0x6520 [ 1096.720587] ip_local_deliver_finish+0x8d8/0xff0 [ 1096.720587] ip_local_deliver+0x44b/0x510 [ 1096.720587] ip_rcv+0x6b6/0x740 [ 1096.720587] process_backlog+0x82b/0x11e0 [ 1096.720587] net_rx_action+0x98f/0x1d50 [ 1096.720587] __do_softirq+0x721/0xc7f [ 1096.720587] [ 1096.720587] Uninit was stored to memory at: [ 1096.720587] kmsan_internal_chain_origin+0x136/0x240 [ 1096.720587] __msan_chain_origin+0x6d/0xb0 [ 1096.720587] __save_stack_trace+0x8be/0xc60 [ 1096.720587] save_stack_trace+0xc6/0x110 [ 1096.720587] kmsan_internal_chain_origin+0x136/0x240 [ 1096.720587] kmsan_memcpy_origins+0x13d/0x190 [ 1096.720587] __msan_memcpy+0x6f/0x80 [ 1096.720587] pskb_expand_head+0x436/0x1d20 [ 1096.720587] skb_shift+0xce2/0x2d10 [ 1096.720587] tcp_sacktag_walk+0x2156/0x29d0 [ 1096.720587] tcp_sacktag_write_queue+0x2805/0x4630 [ 1096.720587] tcp_ack+0x2888/0xa010 [ 1096.720587] tcp_rcv_established+0xf7e/0x2940 [ 1096.720587] tcp_v4_do_rcv+0x686/0xd80 [ 1096.720587] tcp_v4_rcv+0x5a13/0x6520 [ 1096.720587] ip_local_deliver_finish+0x8d8/0xff0 [ 1096.720587] ip_local_deliver+0x44b/0x510 [ 1096.720587] ip_rcv+0x6b6/0x740 [ 1096.720587] process_backlog+0x82b/0x11e0 [ 1096.720587] net_rx_action+0x98f/0x1d50 [ 1096.720587] __do_softirq+0x721/0xc7f [ 1096.720587] [ 1096.720587] Uninit was stored to memory at: [ 1096.720587] kmsan_internal_chain_origin+0x136/0x240 [ 1096.720587] __msan_chain_origin+0x6d/0xb0 [ 1096.720587] __save_stack_trace+0x8be/0xc60 [ 1096.720587] save_stack_trace+0xc6/0x110 [ 1096.720587] kmsan_internal_chain_origin+0x136/0x240 [ 1096.720587] kmsan_memcpy_origins+0x13d/0x190 [ 1096.720587] __msan_memcpy+0x6f/0x80 [ 1096.720587] pskb_expand_head+0x436/0x1d20 [ 1096.720587] skb_shift+0xce2/0x2d10 [ 1096.720587] tcp_sacktag_walk+0x2156/0x29d0 [ 1096.720587] tcp_sacktag_write_queue+0x2805/0x4630 [ 1096.720587] tcp_ack+0x2888/0xa010 [ 1096.720587] tcp_rcv_established+0xf7e/0x2940 [ 1096.720587] tcp_v4_do_rcv+0x686/0xd80 [ 1096.720587] tcp_v4_rcv+0x5a13/0x6520 [ 1096.720587] ip_local_deliver_finish+0x8d8/0xff0 [ 1096.720587] ip_local_deliver+0x44b/0x510 [ 1096.720587] ip_rcv+0x6b6/0x740 [ 1096.720587] process_backlog+0x82b/0x11e0 [ 1096.720587] net_rx_action+0x98f/0x1d50 [ 1096.720587] __do_softirq+0x721/0xc7f [ 1096.720587] [ 1096.720587] Uninit was stored to memory at: [ 1096.720587] kmsan_internal_chain_origin+0x136/0x240 [ 1096.720587] __msan_chain_origin+0x6d/0xb0 [ 1096.720587] __save_stack_trace+0x8be/0xc60 [ 1097.045599] save_stack_trace+0xc6/0x110 [ 1097.045599] kmsan_internal_chain_origin+0x136/0x240 [ 1097.045599] kmsan_memcpy_origins+0x13d/0x190 [ 1097.045599] __msan_memcpy+0x6f/0x80 [ 1097.045599] pskb_expand_head+0x436/0x1d20 [ 1097.045599] skb_shift+0xce2/0x2d10 [ 1097.045599] tcp_sacktag_walk+0x2156/0x29d0 [ 1097.045599] tcp_sacktag_write_queue+0x2805/0x4630 [ 1097.045599] tcp_ack+0x2888/0xa010 [ 1097.045599] tcp_rcv_established+0xf7e/0x2940 [ 1097.045599] tcp_v4_do_rcv+0x686/0xd80 [ 1097.045599] tcp_v4_rcv+0x5a13/0x6520 [ 1097.045599] ip_local_deliver_finish+0x8d8/0xff0 [ 1097.045599] ip_local_deliver+0x44b/0x510 [ 1097.045599] ip_rcv+0x6b6/0x740 [ 1097.045599] process_backlog+0x82b/0x11e0 [ 1097.045599] net_rx_action+0x98f/0x1d50 [ 1097.113218] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. [ 1097.045599] __do_softirq+0x721/0xc7f [ 1097.045599] [ 1097.045599] Uninit was stored to memory at: [ 1097.045599] kmsan_internal_chain_origin+0x136/0x240 [ 1097.045599] __msan_chain_origin+0x6d/0xb0 [ 1097.045599] __save_stack_trace+0x8be/0xc60 [ 1097.045599] save_stack_trace+0xc6/0x110 [ 1097.045599] kmsan_internal_chain_origin+0x136/0x240 [ 1097.045599] kmsan_memcpy_origins+0x13d/0x190 [ 1097.045599] __msan_memcpy+0x6f/0x80 [ 1097.045599] pskb_expand_head+0x436/0x1d20 [ 1097.045599] skb_shift+0xce2/0x2d10 [ 1097.045599] tcp_sacktag_walk+0x2156/0x29d0 [ 1097.045599] tcp_sacktag_write_queue+0x2805/0x4630 [ 1097.045599] tcp_ack+0x2888/0xa010 [ 1097.045599] tcp_rcv_established+0xf7e/0x2940 [ 1097.045599] tcp_v4_do_rcv+0x686/0xd80 [ 1097.045599] tcp_v4_rcv+0x5a13/0x6520 [ 1097.045599] ip_local_deliver_finish+0x8d8/0xff0 [ 1097.045599] ip_local_deliver+0x44b/0x510 [ 1097.045599] ip_rcv+0x6b6/0x740 [ 1097.045599] process_backlog+0x82b/0x11e0 [ 1097.045599] net_rx_action+0x98f/0x1d50 [ 1097.045599] __do_softirq+0x721/0xc7f [ 1097.045599] [ 1097.045599] Uninit was stored to memory at: [ 1097.045599] kmsan_internal_chain_origin+0x136/0x240 [ 1097.045599] __msan_chain_origin+0x6d/0xb0 [ 1097.045599] __save_stack_trace+0x8be/0xc60 [ 1097.045599] save_stack_trace+0xc6/0x110 [ 1097.045599] kmsan_internal_chain_origin+0x136/0x240 [ 1097.045599] kmsan_memcpy_origins+0x13d/0x190 [ 1097.045599] __msan_memcpy+0x6f/0x80 [ 1097.045599] pskb_expand_head+0x436/0x1d20 [ 1097.045599] skb_shift+0xce2/0x2d10 [ 1097.045599] tcp_sacktag_walk+0x2156/0x29d0 [ 1097.045599] tcp_sacktag_write_queue+0x2805/0x4630 [ 1097.045599] tcp_ack+0x2888/0xa010 [ 1097.045599] tcp_rcv_established+0xf7e/0x2940 [ 1097.045599] tcp_v4_do_rcv+0x686/0xd80 [ 1097.045599] tcp_v4_rcv+0x5a13/0x6520 [ 1097.045599] ip_local_deliver_finish+0x8d8/0xff0 [ 1097.045599] ip_local_deliver+0x44b/0x510 [ 1097.045599] ip_rcv+0x6b6/0x740 [ 1097.045599] process_backlog+0x82b/0x11e0 [ 1097.045599] net_rx_action+0x98f/0x1d50 [ 1097.045599] __do_softirq+0x721/0xc7f [ 1097.045599] [ 1097.045599] Uninit was stored to memory at: [ 1097.045599] kmsan_internal_chain_origin+0x136/0x240 [ 1097.045599] __msan_chain_origin+0x6d/0xb0 [ 1097.045599] __save_stack_trace+0x8be/0xc60 [ 1097.045599] save_stack_trace+0xc6/0x110 [ 1097.045599] kmsan_internal_chain_origin+0x136/0x240 [ 1097.045599] kmsan_memcpy_origins+0x13d/0x190 [ 1097.045599] __msan_memcpy+0x6f/0x80 [ 1097.045599] pskb_expand_head+0x436/0x1d20 [ 1097.045599] skb_shift+0xce2/0x2d10 [ 1097.045599] tcp_sacktag_walk+0x2156/0x29d0 [ 1097.045599] tcp_sacktag_write_queue+0x2805/0x4630 [ 1097.045599] tcp_ack+0x2888/0xa010 [ 1097.045599] tcp_rcv_established+0xf7e/0x2940 [ 1097.045599] tcp_v4_do_rcv+0x686/0xd80 [ 1097.045599] tcp_v4_rcv+0x5a13/0x6520 [ 1097.045599] ip_local_deliver_finish+0x8d8/0xff0 [ 1097.045599] ip_local_deliver+0x44b/0x510 [ 1097.045599] ip_rcv+0x6b6/0x740 [ 1097.045599] process_backlog+0x82b/0x11e0 [ 1097.045599] net_rx_action+0x98f/0x1d50 [ 1097.045599] __do_softirq+0x721/0xc7f [ 1097.045599] 06:20:07 executing program 1: capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x7ffffffffffffffd}) 06:20:07 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:07 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:08 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) [ 1097.045599] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1097.045599] Variable was created at: [ 1097.045599] ipv4_conntrack_local+0x75/0x470 [ 1097.045599] nf_hook_slow+0x15c/0x3d0 06:20:08 executing program 0: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000240)={"626f6e645f736c6176655f30000e00", {0x2, 0x0, @rand_addr, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}}) 06:20:08 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) [ 1097.597348] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:08 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)) r0 = socket$inet6(0xa, 0x803, 0x3) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)="2f67726f75702e73746174003c23fb572a1f0294e6f378b41ad54b4d9d9a1f63f8785ad188a7e1c48875e05b18a4cb3a9cd12dcea440d899c22cebd3b6abf62d996addb07aa3cde470652b3a471b4a7fa2f3fdf6e034d8000000004b1dee483b157624c59c0100e89e6a357c000000", 0x2761, 0x0) write$cgroup_subtree(r1, &(0x7f00000001c0)=ANY=[], 0xffffff19) socket$inet6(0xa, 0x1000000000002, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast2}, &(0x7f0000000080)=0x10) mmap(&(0x7f0000165000/0x1000)=nil, 0x1000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x6611, &(0x7f0000000040)) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") 06:20:08 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @dev, 0x3}], 0x1c) 06:20:08 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:09 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(0xffffffffffffffff) 06:20:09 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000040008912, &(0x7f0000000940)="0a5c2d02402b6200007070") r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070") socketpair(0x11, 0x2, 0x6, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mmap(&(0x7f0000000000/0x5000)=nil, 0x5000, 0x2000002, 0x10031, r2, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r4, 0x0, 0x81, &(0x7f0000000800)={'filter\x00', 0x0, 0x3, 0x7e, [], 0x9, &(0x7f00000006c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000780)=""/126}, &(0x7f0000000880)=0x78) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r5, 0x894b, &(0x7f0000000100)) r6 = socket$inet6(0xa, 0x6, 0x0) setsockopt$sock_timeval(r6, 0x1, 0x14, &(0x7f0000000280)={0x0, 0x7530}, 0xfffffffffffffea3) bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r7 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x7ff}, &(0x7f0000000140)=0xffffffffffffffb8) openat$cgroup_ro(r4, &(0x7f0000000180)='pids.events\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f00000002c0)={r8, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x18}}}}, 0x84) ioctl$sock_inet_SIOCRTMSG(r7, 0x890d, &(0x7f0000000640)={0x5, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x13}}, {0x2, 0x0, @multicast1}, {0x2, 0x4e24, @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)='tunl0\x00', 0x800, 0x4, 0x7fff}) listen(r6, 0x6) getsockopt$ARPT_SO_GET_REVISION_TARGET(r5, 0x0, 0x63, &(0x7f0000000440)={'TPROXY\x00'}, &(0x7f0000000600)=0x1e) setsockopt(r7, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) r9 = socket$inet6(0xa, 0x0, 0x5) ioctl(r9, 0x8912, &(0x7f00000008c0)="153f623470a9867c6326934935a5306698b2542d4ef67d07000000531348c953f0bb718d206b0dbe53b3e000837677a4e1076435d1233940b98ba3388e3679d707995a843da372459e12c43ebfc877c9d33d8fe8f769ead91232657a9d7766cb5a17e14682a1701b5943a720bcc0e05ac1c066d064de5a01f548") socket$nl_generic(0x10, 0x3, 0x10) connect$inet(r7, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) r10 = accept(r6, 0x0, &(0x7f0000000080)=0x194) sendmsg$IPVS_CMD_DEL_DAEMON(r10, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8804081}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="20002dbd7000ffdbdf250a00000028000300080001000100030000000000000000001400020065727370616e300000000000000000000c000100080001000a000000280003001400020062637366300000000000000000000000080007004e2200000800030004"], 0x1}, 0x1, 0x0, 0x0, 0x4800}, 0x4000) ioctl(r2, 0x5, &(0x7f00000004c0)="6786597fe4190d6fdb4db780d8e82c2c065a03a51e4052f068cf751d4b8680bf22b29ef4f05579f2c64ff4a296de5713b418411f82c6bb2bf48d8ab7960c7fc3dece40cbd4244f7d4e98eb89c6b5a96210321c84bbd9a71ee9916a6bf0b834c7075725cb5fad6a8fba78cc4ede6d62b4c921a1805d6de3543ecf8df31c585cf6a579cda0541265a37f01226e36bca97611f8bfe74875aa040517f5d2725cc1a11eff7c26a8fb5aba95a1033e398870822621640c3a8c0f875b9c8cd10c81b7cb8d24dcba8d21ef165007") 06:20:10 executing program 1: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000240)="0a5c2d023c126285718070") bpf$MAP_CREATE(0x0, &(0x7f0000dec000)={0x2, 0x4, 0x1, 0x7, 0x4}, 0x2c) [ 1099.263977] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:10 executing program 5: 06:20:10 executing program 2: socket$inet6(0xa, 0x803, 0x3) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r0) 06:20:10 executing program 0: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000240)={"626f6e645f736c6176655f30000e00", {0x2, 0x0, @rand_addr, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}}) 06:20:10 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) prctl$PR_GET_DUMPABLE(0x3) 06:20:10 executing program 1: creat(&(0x7f0000000000)='./file0\x00', 0x0) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000000040)='trusted.overlay.opaque\x00', &(0x7f0000000380)='y\x00', 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000100)) mknod(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000200)) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='fd/3\x00') ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000340)) keyctl$link(0x8, 0x0, 0x0) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000600)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0), &(0x7f00000002c0)=0xc) geteuid() write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000400)={0x54, 0x7d, 0x0, {{0x0, 0x39, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, "", 0x0, "", 0x1, '@', 0x5, 'user\x00'}, 0x6, 'vmnet1'}}, 0x54) write$binfmt_elf64(r0, &(0x7f0000000640)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) 06:20:10 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:11 executing program 2: socket$inet6(0xa, 0x803, 0x3) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r0) 06:20:11 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) prctl$PR_GET_KEEPCAPS(0x7) 06:20:11 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) prctl$PR_GET_CHILD_SUBREAPER(0x25) 06:20:11 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) chmod(&(0x7f0000000080)='./file0\x00', 0x0) openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x0, 0x0) readlinkat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=""/65, 0x41) getdents(0xffffffffffffffff, &(0x7f00000004c0)=""/73, 0x49) r0 = getpgrp(0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f00000005c0)='fdinfo/4\x00') recvfrom$unix(0xffffffffffffffff, &(0x7f0000000600)=""/75, 0x4b, 0x0, &(0x7f0000000680)=@abs, 0x6e) mkdirat(0xffffffffffffffff, &(0x7f0000000700)='./file0\x00', 0x0) clock_gettime(0x0, &(0x7f0000000780)) utimensat(0xffffffffffffffff, &(0x7f0000000740)='./file0\x00', &(0x7f00000007c0)={{}, {0x0, 0x2710}}, 0x0) r1 = getpgrp(0x0) execve(&(0x7f0000000800)='./file0/../file0\x00', &(0x7f00000008c0), &(0x7f0000000980)) fchown(0xffffffffffffffff, 0x0, 0x0) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) linkat(0xffffffffffffffff, &(0x7f00000009c0)='./file0/../file0\x00', 0xffffffffffffffff, &(0x7f0000000a00)='./file0\x00', 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000a40)=0x1000) utimensat(0xffffffffffffffff, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)={{0x77359400}, {0x0, 0x2710}}, 0x0) open(&(0x7f0000000b00)='./file0/../file0\x00', 0x0, 0x0) tgkill(r1, r0, 0x0) 06:20:11 executing program 1: 06:20:11 executing program 4: socket$inet6(0xa, 0x803, 0x4) r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:11 executing program 0: [ 1100.394348] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:11 executing program 2: socket$inet6(0xa, 0x803, 0x3) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r0) 06:20:11 executing program 5: 06:20:11 executing program 4: socket$inet6(0xa, 0x803, 0x4) r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:11 executing program 1: 06:20:11 executing program 3: 06:20:11 executing program 0: [ 1100.933557] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:12 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r0) 06:20:12 executing program 5: 06:20:12 executing program 3: 06:20:12 executing program 4: socket$inet6(0xa, 0x803, 0x4) r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:12 executing program 1: 06:20:12 executing program 5: 06:20:12 executing program 0: [ 1101.445113] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:12 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r0) 06:20:12 executing program 3: 06:20:12 executing program 1: 06:20:12 executing program 4: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:13 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r0) 06:20:13 executing program 5: 06:20:13 executing program 0: 06:20:13 executing program 3: [ 1102.189375] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:13 executing program 5: 06:20:13 executing program 1: 06:20:13 executing program 0: 06:20:13 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:13 executing program 4: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:13 executing program 3: [ 1102.858582] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:13 executing program 5: 06:20:14 executing program 1: 06:20:14 executing program 0: 06:20:14 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:14 executing program 4: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:14 executing program 3: [ 1103.338705] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:14 executing program 5: 06:20:14 executing program 1: 06:20:14 executing program 3: 06:20:14 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:14 executing program 0: 06:20:14 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) [ 1103.835162] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:14 executing program 5: 06:20:15 executing program 1: 06:20:15 executing program 3: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz'}, &(0x7f0000000180)="c6", 0x1, 0xfffffffffffffffc) keyctl$assume_authority(0x10, r0) 06:20:15 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:15 executing program 0: r0 = socket$netlink(0x10, 0x3, 0xf) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, &(0x7f0000000680), 0x4) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x140000}, 0xc) pipe(&(0x7f0000000100)={0xffffffffffffffff}) read(r1, &(0x7f0000000200)=""/250, 0x50c7e3e3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000580)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DEST(r1, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f0000000b00)=ANY=[]}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) fchdir(r2) r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f0000000380)={0x100000000, 0x0, 0x100000000}) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x402c5828, &(0x7f0000000080)) ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80047601, &(0x7f0000000780)) write$P9_RFLUSH(r3, &(0x7f0000000180)={0x19d}, 0x1a6db1e6) syncfs(0xffffffffffffffff) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) 06:20:15 executing program 5: [ 1104.467019] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:15 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:15 executing program 3: 06:20:15 executing program 1: 06:20:15 executing program 5: 06:20:16 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:16 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={[], [], @loopback}}, 0x1c) sendto$inet6(r1, &(0x7f0000000100), 0xfffffffffffffeeb, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) shutdown(r1, 0x2) splice(r1, 0x0, r0, 0x0, 0xab10, 0x0) 06:20:16 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1105.190697] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:16 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:16 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair(0x0, 0x0, 0x0, &(0x7f0000000280)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000180)='\x00'}, 0x10) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000140)=0x78, 0x4) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x921b527a62bfdc30) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f00000002c0)=""/20, 0x14}, 0x100) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfef1) 06:20:16 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:16 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={[], [], @loopback}}, 0x1c) sendto$inet6(r1, &(0x7f0000000100), 0xfffffffffffffeeb, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) shutdown(r1, 0x2) splice(r1, 0x0, r0, 0x0, 0xab10, 0x0) 06:20:16 executing program 0: mkdir(&(0x7f0000000200)='./file0\x00', 0x0) mount(&(0x7f0000000140)=ANY=[], &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='tmpfs\x00', 0x0, &(0x7f000000a000)) umount2(&(0x7f0000000100)='./file0\x00', 0x0) 06:20:16 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1105.948399] not chained 580000 origins [ 1105.951791] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc3+ #89 [ 1105.958124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1105.958124] Call Trace: [ 1105.958124] dump_stack+0x32d/0x480 [ 1105.958124] ? save_stack_trace+0xc6/0x110 [ 1105.977149] kmsan_internal_chain_origin+0x222/0x240 [ 1105.977149] ? kmsan_internal_chain_origin+0x136/0x240 [ 1105.977149] ? __msan_chain_origin+0x6d/0xb0 [ 1105.977149] ? __save_stack_trace+0x8be/0xc60 [ 1105.977149] ? save_stack_trace+0xc6/0x110 [ 1105.977149] ? kmsan_internal_chain_origin+0x136/0x240 [ 1105.977149] ? kmsan_memcpy_origins+0x13d/0x190 [ 1105.977149] ? __msan_memcpy+0x6f/0x80 [ 1105.977149] ? pskb_expand_head+0x436/0x1d20 [ 1105.977149] ? ___pskb_trim+0x3c9/0x1bf0 [ 1106.025145] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. [ 1106.021919] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1106.021919] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1106.021919] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1106.021919] ? ip_local_deliver+0x44b/0x510 [ 1106.021919] ? ip_rcv+0x6b6/0x740 [ 1106.021919] ? process_backlog+0x82b/0x11e0 [ 1106.021919] ? net_rx_action+0x98f/0x1d50 [ 1106.021919] ? __do_softirq+0x721/0xc7f [ 1106.021919] ? run_ksoftirqd+0x37/0x60 [ 1106.021919] ? smpboot_thread_fn+0x69c/0xb30 [ 1106.021919] ? kthread+0x5e7/0x620 [ 1106.021919] ? ret_from_fork+0x35/0x40 [ 1106.021919] ? __local_bh_enable_ip+0x46/0x260 [ 1106.086974] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1106.091920] ? in_task_stack+0x12c/0x210 [ 1106.091920] ? task_kmsan_context_state+0x51/0x90 [ 1106.091920] ? __msan_get_context_state+0x9/0x20 [ 1106.091920] ? __kernel_text_address+0x19/0x350 [ 1106.091920] ? ret_from_fork+0x35/0x40 [ 1106.091920] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1106.091920] ? in_task_stack+0x12c/0x210 [ 1106.091920] __msan_chain_origin+0x6d/0xb0 [ 1106.091920] ? __msan_memcpy+0x6f/0x80 [ 1106.091920] __save_stack_trace+0x8be/0xc60 [ 1106.091920] ? __msan_memcpy+0x6f/0x80 [ 1106.091920] save_stack_trace+0xc6/0x110 [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] ? kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] ? kmsan_memcpy_origins+0x13d/0x190 [ 1106.091920] ? __msan_memcpy+0x6f/0x80 [ 1106.091920] ? pskb_expand_head+0x436/0x1d20 [ 1106.091920] ? ___pskb_trim+0x3c9/0x1bf0 [ 1106.091920] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1106.091920] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1106.091920] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1106.091920] ? ip_local_deliver+0x44b/0x510 [ 1106.091920] ? ip_rcv+0x6b6/0x740 [ 1106.091920] ? process_backlog+0x82b/0x11e0 [ 1106.091920] ? net_rx_action+0x98f/0x1d50 [ 1106.091920] ? __do_softirq+0x721/0xc7f [ 1106.091920] ? run_ksoftirqd+0x37/0x60 [ 1106.091920] ? smpboot_thread_fn+0x69c/0xb30 [ 1106.091920] ? kthread+0x5e7/0x620 [ 1106.091920] ? ret_from_fork+0x35/0x40 [ 1106.091920] ? memcg_kmem_put_cache+0x73/0x460 [ 1106.091920] ? __msan_get_context_state+0x9/0x20 [ 1106.091920] ? INIT_INT+0xc/0x30 [ 1106.091920] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1106.091920] kmsan_memcpy_origins+0x13d/0x190 [ 1106.091920] __msan_memcpy+0x6f/0x80 [ 1106.091920] pskb_expand_head+0x436/0x1d20 [ 1106.091920] ___pskb_trim+0x3c9/0x1bf0 [ 1106.091920] sk_filter_trim_cap+0x5ac/0xa60 [ 1106.091920] tcp_v4_rcv+0x4a1b/0x6520 [ 1106.091920] ? tcp_filter+0x260/0x260 [ 1106.091920] ip_local_deliver_finish+0x8d8/0xff0 [ 1106.091920] ? nf_hook_slow+0x36f/0x3d0 [ 1106.091920] ip_local_deliver+0x44b/0x510 [ 1106.091920] ? ip_local_deliver+0x510/0x510 [ 1106.091920] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1106.091920] ip_rcv+0x6b6/0x740 [ 1106.091920] ? ip_rcv_core+0x1370/0x1370 [ 1106.091920] process_backlog+0x82b/0x11e0 [ 1106.091920] ? ip_local_deliver_finish+0xff0/0xff0 [ 1106.091920] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1106.091920] net_rx_action+0x98f/0x1d50 [ 1106.091920] ? net_tx_action+0xf20/0xf20 [ 1106.091920] __do_softirq+0x721/0xc7f [ 1106.091920] ? ksoftirqd_should_run+0x50/0x50 [ 1106.091920] run_ksoftirqd+0x37/0x60 [ 1106.091920] smpboot_thread_fn+0x69c/0xb30 [ 1106.091920] kthread+0x5e7/0x620 [ 1106.091920] ? cpu_report_death+0x4a0/0x4a0 [ 1106.091920] ? INIT_BOOL+0x30/0x30 [ 1106.091920] ret_from_fork+0x35/0x40 [ 1106.091920] Uninit was stored to memory at: [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] __msan_chain_origin+0x6d/0xb0 [ 1106.091920] __save_stack_trace+0x8be/0xc60 [ 1106.091920] save_stack_trace+0xc6/0x110 [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] kmsan_memcpy_origins+0x13d/0x190 [ 1106.091920] __msan_memcpy+0x6f/0x80 [ 1106.091920] pskb_expand_head+0x436/0x1d20 [ 1106.091920] ___pskb_trim+0x3c9/0x1bf0 [ 1106.091920] sk_filter_trim_cap+0x5ac/0xa60 [ 1106.091920] tcp_v4_rcv+0x4a1b/0x6520 [ 1106.091920] ip_local_deliver_finish+0x8d8/0xff0 [ 1106.091920] ip_local_deliver+0x44b/0x510 [ 1106.091920] ip_rcv+0x6b6/0x740 [ 1106.091920] process_backlog+0x82b/0x11e0 [ 1106.091920] net_rx_action+0x98f/0x1d50 [ 1106.091920] __do_softirq+0x721/0xc7f [ 1106.091920] [ 1106.091920] Uninit was stored to memory at: [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] __msan_chain_origin+0x6d/0xb0 [ 1106.091920] __save_stack_trace+0x8be/0xc60 [ 1106.091920] save_stack_trace+0xc6/0x110 [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] kmsan_memcpy_origins+0x13d/0x190 [ 1106.091920] __msan_memcpy+0x6f/0x80 [ 1106.091920] pskb_expand_head+0x436/0x1d20 [ 1106.091920] ___pskb_trim+0x3c9/0x1bf0 [ 1106.091920] sk_filter_trim_cap+0x5ac/0xa60 [ 1106.091920] tcp_v4_rcv+0x4a1b/0x6520 [ 1106.091920] ip_local_deliver_finish+0x8d8/0xff0 [ 1106.091920] ip_local_deliver+0x44b/0x510 [ 1106.091920] ip_rcv+0x6b6/0x740 [ 1106.091920] process_backlog+0x82b/0x11e0 [ 1106.091920] net_rx_action+0x98f/0x1d50 [ 1106.091920] __do_softirq+0x721/0xc7f [ 1106.091920] [ 1106.091920] Uninit was stored to memory at: [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] __msan_chain_origin+0x6d/0xb0 [ 1106.091920] __save_stack_trace+0x8be/0xc60 [ 1106.091920] save_stack_trace+0xc6/0x110 [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] kmsan_memcpy_origins+0x13d/0x190 [ 1106.091920] __msan_memcpy+0x6f/0x80 [ 1106.091920] pskb_expand_head+0x436/0x1d20 [ 1106.091920] ___pskb_trim+0x3c9/0x1bf0 [ 1106.091920] sk_filter_trim_cap+0x5ac/0xa60 [ 1106.091920] tcp_v4_rcv+0x4a1b/0x6520 [ 1106.091920] ip_local_deliver_finish+0x8d8/0xff0 [ 1106.091920] ip_local_deliver+0x44b/0x510 [ 1106.091920] ip_rcv+0x6b6/0x740 [ 1106.091920] process_backlog+0x82b/0x11e0 [ 1106.091920] net_rx_action+0x98f/0x1d50 [ 1106.091920] __do_softirq+0x721/0xc7f [ 1106.091920] [ 1106.091920] Uninit was stored to memory at: [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] __msan_chain_origin+0x6d/0xb0 [ 1106.091920] __save_stack_trace+0x8be/0xc60 [ 1106.091920] save_stack_trace+0xc6/0x110 [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] kmsan_memcpy_origins+0x13d/0x190 [ 1106.091920] __msan_memcpy+0x6f/0x80 [ 1106.091920] pskb_expand_head+0x436/0x1d20 [ 1106.091920] ___pskb_trim+0x3c9/0x1bf0 [ 1106.091920] sk_filter_trim_cap+0x5ac/0xa60 [ 1106.091920] tcp_v4_rcv+0x4a1b/0x6520 [ 1106.091920] ip_local_deliver_finish+0x8d8/0xff0 [ 1106.091920] ip_local_deliver+0x44b/0x510 [ 1106.091920] ip_rcv+0x6b6/0x740 [ 1106.091920] process_backlog+0x82b/0x11e0 [ 1106.091920] net_rx_action+0x98f/0x1d50 [ 1106.091920] __do_softirq+0x721/0xc7f [ 1106.091920] [ 1106.091920] Uninit was stored to memory at: [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] __msan_chain_origin+0x6d/0xb0 [ 1106.091920] __save_stack_trace+0x8be/0xc60 [ 1106.091920] save_stack_trace+0xc6/0x110 [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] kmsan_memcpy_origins+0x13d/0x190 [ 1106.091920] __msan_memcpy+0x6f/0x80 [ 1106.091920] pskb_expand_head+0x436/0x1d20 [ 1106.091920] ___pskb_trim+0x3c9/0x1bf0 [ 1106.091920] sk_filter_trim_cap+0x5ac/0xa60 [ 1106.091920] tcp_v4_rcv+0x4a1b/0x6520 [ 1106.091920] ip_local_deliver_finish+0x8d8/0xff0 [ 1106.091920] ip_local_deliver+0x44b/0x510 [ 1106.091920] ip_rcv+0x6b6/0x740 [ 1106.091920] process_backlog+0x82b/0x11e0 [ 1106.091920] net_rx_action+0x98f/0x1d50 [ 1106.091920] __do_softirq+0x721/0xc7f [ 1106.091920] [ 1106.091920] Uninit was stored to memory at: [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] __msan_chain_origin+0x6d/0xb0 [ 1106.091920] __save_stack_trace+0x8be/0xc60 [ 1106.091920] save_stack_trace+0xc6/0x110 [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] kmsan_memcpy_origins+0x13d/0x190 [ 1106.091920] __msan_memcpy+0x6f/0x80 [ 1106.091920] pskb_expand_head+0x436/0x1d20 [ 1106.091920] ___pskb_trim+0x3c9/0x1bf0 [ 1106.091920] sk_filter_trim_cap+0x5ac/0xa60 [ 1106.091920] tcp_v4_rcv+0x4a1b/0x6520 [ 1106.091920] ip_local_deliver_finish+0x8d8/0xff0 [ 1106.091920] ip_local_deliver+0x44b/0x510 [ 1106.091920] ip_rcv+0x6b6/0x740 [ 1106.091920] process_backlog+0x82b/0x11e0 [ 1106.091920] net_rx_action+0x98f/0x1d50 [ 1106.091920] __do_softirq+0x721/0xc7f [ 1106.091920] [ 1106.091920] Uninit was stored to memory at: [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] __msan_chain_origin+0x6d/0xb0 [ 1106.091920] __save_stack_trace+0x8be/0xc60 [ 1106.091920] save_stack_trace+0xc6/0x110 [ 1106.091920] kmsan_internal_chain_origin+0x136/0x240 [ 1106.091920] kmsan_memcpy_origins+0x13d/0x190 [ 1106.091920] __msan_memcpy+0x6f/0x80 [ 1106.091920] pskb_expand_head+0x436/0x1d20 [ 1106.091920] ___pskb_trim+0x3c9/0x1bf0 [ 1106.091920] sk_filter_trim_cap+0x5ac/0xa60 [ 1106.091920] tcp_v4_rcv+0x4a1b/0x6520 [ 1106.091920] ip_local_deliver_finish+0x8d8/0xff0 [ 1106.091920] ip_local_deliver+0x44b/0x510 [ 1106.091920] ip_rcv+0x6b6/0x740 [ 1106.091920] process_backlog+0x82b/0x11e0 [ 1106.091920] net_rx_action+0x98f/0x1d50 [ 1106.091920] __do_softirq+0x721/0xc7f [ 1106.091920] [ 1106.091920] Local variable description: ----c.i.i@should_fail 06:20:17 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) [ 1106.091920] Variable was created at: [ 1106.091920] should_fail+0x162/0x13c0 [ 1106.091920] __should_failslab+0x278/0x2a0 06:20:18 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:18 executing program 2: socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r0) 06:20:18 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000580)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000600)={'bridge_slave_1\x00', 0x201e}) 06:20:18 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:18 executing program 3: seccomp(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xffffffff}]}) r0 = syz_open_dev$loop(&(0x7f00000002c0)='/dev/loop#\x00', 0x0, 0x0) readahead(r0, 0x0, 0x0) [ 1107.578585] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:18 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1}) 06:20:18 executing program 2: socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r0) 06:20:18 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:18 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000dfdfee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f0000000040)=""/141) 06:20:19 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:19 executing program 2: socket$inet6(0xa, 0x803, 0x3) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r0) [ 1108.239494] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:19 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='oom_score_adj\x00') lseek(r0, 0x0, 0x4) 06:20:19 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:19 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1108.588351] audit: type=1326 audit(1542694819.649:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=32083 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0xffff0000 06:20:19 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000010207041dfffd946fa2830020200a0009000200001d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0) 06:20:19 executing program 4: socket$inet6(0xa, 0x803, 0x4) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) [ 1108.858091] netlink: 5 bytes leftover after parsing attributes in process `syz-executor5'. [ 1108.877088] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:20 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000040)=""/11, 0xffffff3a) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000100)) setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000140), 0x4) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000080)) 06:20:20 executing program 0: clone(0x100400, &(0x7f00000000c0), &(0x7f0000000040), &(0x7f0000000180), &(0x7f00000001c0)) 06:20:20 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:20 executing program 5: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='./file0\x00', &(0x7f0000000040)='configfs\x00', 0x0, &(0x7f00000001c0)) chdir(&(0x7f0000000140)='./file0\x00') sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000317000), 0x0) unlink(&(0x7f0000000080)='./file0\x00') 06:20:20 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:20 executing program 4: socket$inet6(0xa, 0x803, 0x4) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) [ 1109.305383] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:20 executing program 4: socket$inet6(0xa, 0x803, 0x4) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:20 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:20 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000000c0)) 06:20:20 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1109.907456] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:21 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000001680)={0xa, 0x4e22, 0x0, @remote, 0x6}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) ioctl$EVIOCGPHYS(0xffffffffffffffff, 0x80404507, &(0x7f00000016c0)=""/108) sendmmsg(0xffffffffffffffff, &(0x7f0000001640), 0x0, 0x24000000) 06:20:21 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:21 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000040)=""/11, 0xffffff3a) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x5) 06:20:21 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000000040)='\'', 0x1}], 0x1, 0x81806) finit_module(r1, &(0x7f00000027c0)='/dev/loop#\x00', 0x0) 06:20:21 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:21 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:21 executing program 5: dup(0xffffffffffffffff) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000200)=0x5) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/netlink\x00') sendfile(r0, r0, &(0x7f0000000340)=0xffffffd, 0x7ffffffb) [ 1110.561296] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:21 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:21 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:21 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:22 executing program 3: [ 1111.093716] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:22 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:23 executing program 0: pipe(&(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) fallocate(r0, 0x0, 0x0, 0x8000) 06:20:23 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:23 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setpriority(0x2, 0x0, 0x0) 06:20:23 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x0, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:23 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) rt_sigprocmask(0x1, &(0x7f0000000040), &(0x7f0000000100), 0x8) 06:20:23 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) [ 1112.144394] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:23 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:23 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:23 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:23 executing program 0: truncate(&(0x7f00000001c0)='./file0\x00', 0xffffffffffff0000) 06:20:23 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x7f) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000440), 0xffffffffffffffba, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) recvfrom$inet6(r1, &(0x7f0000001840)=""/31, 0xfffffe0e, 0x0, &(0x7f0000001880), 0x1c) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000140)={"6c6f0000002400000000000008000011", 0xff}) r3 = accept4(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffefa, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14) setsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000180)={r4, @remote, @loopback}, 0xc) sendto$inet6(r3, &(0x7f00000000c0), 0x34debf3, 0x0, 0x0, 0x0) 06:20:23 executing program 5: [ 1112.657203] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:23 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:23 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:24 executing program 5: 06:20:24 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:24 executing program 0: 06:20:24 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:24 executing program 0: 06:20:24 executing program 5: 06:20:24 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:24 executing program 0: [ 1114.532285] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:25 executing program 3: 06:20:25 executing program 5: 06:20:25 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:25 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:25 executing program 0: 06:20:25 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:26 executing program 5: [ 1114.945971] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:26 executing program 0: 06:20:26 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:26 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:26 executing program 3: 06:20:26 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:26 executing program 5: 06:20:26 executing program 0: [ 1115.545003] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:26 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:26 executing program 3: 06:20:26 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:26 executing program 0: 06:20:26 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:27 executing program 5: [ 1116.038161] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:27 executing program 0: 06:20:27 executing program 3: perf_event_open(&(0x7f0000940000)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:20:27 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:27 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:27 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:27 executing program 5: getpgid(0xffffffffffffffff) bind$unix(0xffffffffffffffff, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) mknod$loop(&(0x7f0000000280)='./file1\x00', 0x6100, 0xffffffffffffffff) [ 1116.548196] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:27 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000440)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424ab9b3f8683ecf89dee901d2da75c01f0200f58d26d7a071fb35331ce39c5aeeff5083cf07dd46455c914d4aff1e7cf7ed57c0c2056f5ca9fcf03cbf82bd13534737339245d3c70641be6281d7e1b4b7099114c571872298dd7f2120e2b6fa2a2e2a2c9c6e0034750b7961fa2c1584c0b5a500ae0ac39bc76a78d9158266759f766a3e8c84c09cf3ad8882947ffa1fb4c050727beb12c57e06ff590000000000000000000000000000008924578ad49ea1144c7448d640aa88a66a71b77d73a924ff027fdcb550161653d4cb57088385248286f5be9d8766c70c29e6f5063dfe74a1b0b52079159048210b4d271ac94c889b063ca34a09579af03631f128e6dd2c966daecd7c6f7e0f4ebcaf80250cfab07184838078c71d809d06dc0bac75db814525d1d1acaf4cb6f4801d8bad82ae636697f688094e38db5c22770f53076c630df9bb4c149189ffa975f52087311c5baafc11c90bdc25fc803b71153ddc3995b2df49cdd784bc5bea40861070dadb395e85c93cdfa08e9be5a5dbb200696a2485c694df4ec2aab4a241553e5ca46bf0cefd88dfecce588c98749a5982cdb2d0e4d48375372f514ed8b8d4e03eca1588c914298b7df61aafd93ea96810925bff547402ec117780") mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000040)) 06:20:27 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:28 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:28 executing program 3: chdir(&(0x7f0000000000)='./file0\x00') lsetxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f00000000c0)='./file0\x00', 0x8, 0x0) prctl$PR_CAPBSET_READ(0x17, 0x0) symlinkat(&(0x7f0000000180)='./file0\x00', 0xffffffffffffffff, &(0x7f00000001c0)='./file0/file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000480)='security.selinux\x00', &(0x7f00000004c0)='system_u:object_r:semanage_store_t:s0\x00', 0x26, 0x0) prctl$PR_GET_ENDIAN(0x13, &(0x7f0000000540)) 06:20:28 executing program 5: open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000040), 0x10) ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f0000000080)) getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, &(0x7f00000000c0)=""/203, &(0x7f00000001c0)=0xcb) creat(&(0x7f0000000200)='./file0\x00', 0x0) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000240)='security.capability\x00', &(0x7f0000000280), 0xc, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)=@abs, 0x6e, &(0x7f00000003c0)}, 0x0) time(&(0x7f0000000440)) write$eventfd(0xffffffffffffffff, &(0x7f0000001200), 0x8) [ 1116.956520] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:28 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:28 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c12628571") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:28 executing program 0: capset(&(0x7f0000000040), &(0x7f0000000100)) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000040)) 06:20:28 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:28 executing program 5: removexattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@random={'user.', '\x00'}) bind(0xffffffffffffffff, &(0x7f00000004c0)=@ipx={0x4, 0x0, 0x0, "85e21cf3b7ed"}, 0x80) socket$nl_route(0x10, 0x3, 0x0) listen(0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$PIO_FONTRESET(0xffffffffffffffff, 0x4b6d, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f00000007c0)) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000900)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000a40)={&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000ff2000/0x2000)=nil, &(0x7f0000000940)}, 0x68) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000b40), 0xb) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) add_key$keyring(&(0x7f0000000b80)='keyring\x00', &(0x7f0000000bc0)={'syz'}, 0x0, 0x0, 0x0) keyctl$invalidate(0x15, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) connect$unix(0xffffffffffffffff, &(0x7f0000000c00)=@abs, 0x6e) setitimer(0x0, &(0x7f0000000d00)={{0x77359400}}, &(0x7f0000000d40)) [ 1117.514103] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:28 executing program 3: gettid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:20:28 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:28 executing program 0: creat(&(0x7f0000000000)='./file0\x00', 0x0) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000000040)='trusted.overlay.opaque\x00', &(0x7f0000000080)='y\x00', 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000100)) ppoll(&(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000180), 0x8) mknod(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000200)) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='fd/3\x00') ioctl$RNDZAPENTCNT(0xffffffffffffffff, 0x5204, &(0x7f0000000280)) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000340)) add_key$user(&(0x7f0000000380)='user\x00', &(0x7f00000003c0)={'syz', 0x1}, &(0x7f0000000400), 0x0, 0xfffffffffffffffb) keyctl$link(0x8, 0x0, 0x0) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000600)) ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, &(0x7f0000000400)) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x10, &(0x7f0000000440)) ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, &(0x7f0000000640)) write$P9_RREADLINK(r0, &(0x7f00000002c0)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) 06:20:29 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:29 executing program 3: r0 = socket(0x40000000000010, 0x80003, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[]}}, 0x0) 06:20:29 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:29 executing program 5: unshare(0x0) timer_create(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, @thr={&(0x7f0000000000), &(0x7f00000000c0)}}, &(0x7f0000000140)) clock_gettime(0x0, &(0x7f0000000540)) timer_settime(0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000200)) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f00000004c0), 0x10) socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) mknodat(0xffffffffffffffff, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f0000000280)) write$P9_RUNLINKAT(r0, &(0x7f0000000500)={0x7}, 0x7) [ 1118.239750] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:29 executing program 0: clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) gettid() wait4(0x0, &(0x7f0000000100), 0x80000000, &(0x7f0000000400)) clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) 06:20:29 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:29 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000340)='veth1\x00', 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") socket(0x0, 0x0, 0x0) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) 06:20:29 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:29 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:29 executing program 5: bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x140000}, 0xc) pipe(&(0x7f0000000100)={0xffffffffffffffff}) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000140)=@generic={0x0, 0x4bc7b0e2, 0x2}) read(r0, &(0x7f0000000200)=""/250, 0x50c7e3e3) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r1) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000000340)={0x18, 0x1, 0x0, {0x7f}}, 0x18) ioctl$FS_IOC_RESVSP(r2, 0x402c5828, &(0x7f0000000080)={0x0, 0x0, 0x100000000000000a}) ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80047601, &(0x7f0000000780)) syncfs(r2) getpgid(0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) [ 1118.814116] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:30 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:30 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c1262857180") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:30 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:30 executing program 3: clone(0x4080000, &(0x7f00000000c0), &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)='%') 06:20:30 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, &(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000040)) write$eventfd(r1, &(0x7f0000000100), 0x8) [ 1119.372625] netlink: 45 bytes leftover after parsing attributes in process `syz-executor4'. 06:20:30 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x0, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:30 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:30 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0xfffffffffffff000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c}, 0x1c}}, 0x0) 06:20:30 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:31 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") socket$inet6(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d40000000000000000000000009535", 0x55}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:31 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:31 executing program 5: select(0x40, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x62}, &(0x7f00000000c0)={0x0, 0x2710}) perf_event_open$cgroup(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x93b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syncfs(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0) clock_gettime(0x0, &(0x7f0000000240)) rt_sigtimedwait(&(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000280), 0x8) request_key(&(0x7f00000002c0)='dns_resolver\x00', &(0x7f0000000300)={'syz'}, &(0x7f0000000340)='eth1\x00', 0xffffffffffffffff) geteuid() creat(&(0x7f0000000380)='./file0\x00', 0x0) clock_gettime(0x0, &(0x7f0000000400)) utimensat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)={{0x77359400}}, 0x0) ioctl$TIOCCBRK(0xffffffffffffffff, 0x5428) gettid() fsync(0xffffffffffffffff) r0 = getgid() fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000540)='security.capability\x00', &(0x7f0000000580), 0xc, 0x0) lchown(&(0x7f00000005c0)='./file0\x00', 0x0, r0) shutdown(0xffffffffffffffff, 0x0) 06:20:31 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:31 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000140)) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:20:31 executing program 0: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x4207, r1) perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x859, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={"79616d300001178b000000000100", 0x4014}) ptrace$setregset(0x4209, r1, 0x20000004, &(0x7f0000000100)={&(0x7f0000000040)}) 06:20:31 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000180)}, 0x0) 06:20:31 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) [ 1120.658604] ptrace attach of "/root/syz-executor0"[6791] was attempted by "/root/syz-executor0"[32496] [ 1120.743429] ptrace attach of "/root/syz-executor0"[6791] was attempted by "/root/syz-executor0"[32496] 06:20:31 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @loopback}, {0x304, @remote}, 0x4, {0x2, 0x0, @rand_addr}, "00000080000001000000007000"}) 06:20:31 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:32 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000180)}, 0x0) 06:20:32 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_team\x00', 0x0}) sendto$packet(r0, &(0x7f0000000140)="9e78e99422259dfac6cf94cd68f3", 0xe, 0x0, &(0x7f0000000080)={0x11, 0x0, r1}, 0x14) 06:20:32 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:32 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @loopback}, {0x304, @remote}, 0x4, {0x2, 0x0, @rand_addr}, "00000080000001000000007000"}) 06:20:32 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000180)}, 0x0) 06:20:32 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:32 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x3a1, 0x20000000, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) 06:20:32 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$inet(0x2, 0x1, 0x0) mmap(&(0x7f000092d000/0x400000)=nil, 0x400000, 0xfffffffffffffffc, 0x8972, 0xffffffffffffffff, 0x0) bind$inet(r1, &(0x7f0000134000)={0x2, 0x4e23, @broadcast}, 0x10) connect$inet(r1, &(0x7f00000e5000)={0x2, 0x4e23, @loopback}, 0x10) connect$inet(r1, &(0x7f00009322c4)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @loopback}, 0x10) ppoll(&(0x7f0000000080)=[{r1}, {r0, 0x4202}], 0x2, &(0x7f0000000180)={0x77359400}, &(0x7f00000001c0), 0x8) 06:20:32 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:32 executing program 5: r0 = socket$inet6(0xa, 0x80002, 0x100000000000088) bind$inet6(r0, &(0x7f0000d85fe4)={0xa, 0x4e23}, 0x1c) r1 = socket$inet6(0xa, 0x802, 0x88) sendto$inet6(r1, &(0x7f00000001c0), 0x21d, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) readv(r0, &(0x7f0000000680)=[{&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000400)=""/8, 0x8}, {&(0x7f0000001480)=""/4096, 0x1000}], 0x3) 06:20:32 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:33 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:33 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:33 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r1) sendmsg$netlink(r2, &(0x7f0000028fc8)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="100000000100000001000000ba", @ANYRES32=r0], 0x11}, 0x0) 06:20:33 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:33 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:33 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:33 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:34 executing program 3: r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000780)={0x2, 0x4e23}, 0x10) sendto$inet(r0, &(0x7f0000000200)="96", 0x1, 0x3fff, &(0x7f0000000240), 0x10) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x1c9c380}, &(0x7f00000002c0), 0x8) 06:20:34 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="850000000800000007000000000e00009500004000000000"], &(0x7f0000014ff5)="73797a6b610000000500f3", 0x2, 0x1000, &(0x7f0000014000)=""/4096}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x0, 0xe, 0x9d, &(0x7f0000000200)="e46001923406080000000a9b86dd", &(0x7f0000000140)=""/157}, 0x28) 06:20:34 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400", 0x2b}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:34 executing program 5: eventfd(0x3) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[]}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setregid(0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) inotify_rm_watch(0xffffffffffffffff, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) keyctl$get_persistent(0x16, 0x0, 0x0) 06:20:34 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:34 executing program 5: eventfd(0x3) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[]}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setregid(0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) inotify_rm_watch(0xffffffffffffffff, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) keyctl$get_persistent(0x16, 0x0, 0x0) 06:20:34 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400", 0x2b}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:34 executing program 5: eventfd(0x3) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[]}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setregid(0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) inotify_rm_watch(0xffffffffffffffff, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) keyctl$get_persistent(0x16, 0x0, 0x0) 06:20:34 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200000d000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) socket$kcm(0x11, 0x0, 0x300) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x180000000000000a, 0xe, 0x29, &(0x7f0000000000)="b90703e69ebf08bb64879e106558", &(0x7f0000000140)=""/41, 0x69}, 0x28) mkdir(&(0x7f0000000240)='./file0\x00', 0xffffffffffffffff) mkdir(&(0x7f0000000200)='./file0/file0\x00', 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00'}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001800)={&(0x7f0000000400)=@generic, 0x80, &(0x7f0000001680)=[{&(0x7f0000000540)=""/195, 0xc3}], 0x1, &(0x7f0000001700)=""/207, 0xcf}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000002140)={&(0x7f0000001e80)=@hci, 0x80, &(0x7f0000002100)=[{&(0x7f0000001f00)=""/47, 0x2f}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002180)={0x0, 0x0, 0xfffffffffffffffd, &(0x7f0000001840)='syzkaller\x00'}, 0x48) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001880)={&(0x7f0000000280)=@vsock, 0x80, &(0x7f00000016c0), 0x1000000000000284}, 0x0) 06:20:34 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000040)={@remote}, 0x14) close(r1) 06:20:34 executing program 3: 06:20:34 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:35 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400", 0x2b}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:35 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) close(0xffffffffffffffff) 06:20:35 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f00000003c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) close(r0) 06:20:35 executing program 0: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000640)="0a5c2d023c126285718070") r1 = socket(0x40000000015, 0x5, 0x0) bind$inet(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r1, &(0x7f0000000a00), 0x0, 0x0, &(0x7f000069affb)={0x2, 0x0, @loopback}, 0x10) 06:20:35 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000040)={0x2, 0x3, 0x0, 0x0, 0x2}, 0x10}}, 0x0) recvmmsg(r1, &(0x7f0000000800)=[{{&(0x7f00000000c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000000680), 0x0, &(0x7f0000000740)=""/149, 0x95}}], 0x1, 0x20, &(0x7f0000000840)={0x77359400}) 06:20:35 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000", 0x40}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:35 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:35 executing program 2: r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00006dbffc), 0x4) bind$inet(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000a00)="ba", 0x1, 0x0, &(0x7f000069affb)={0x2, 0x0, @loopback}, 0x10) 06:20:35 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000640)="0a5c2d023c126285718070") r1 = socket(0x40000000015, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f0000000140), 0x4) 06:20:35 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000", 0x40}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:36 executing program 0: 06:20:36 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf000000000000000000000000000000000000000000000"], 0x38}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:36 executing program 2: 06:20:36 executing program 5: 06:20:36 executing program 3: 06:20:36 executing program 2: 06:20:36 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000", 0x40}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:36 executing program 0: 06:20:36 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf000000000000000000000000000000000000000000000"], 0x38}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:36 executing program 3: 06:20:36 executing program 5: 06:20:36 executing program 2: 06:20:37 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d400000000", 0x4b}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:37 executing program 0: 06:20:37 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf000000000000000000000000000000000000000000000"], 0x38}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:37 executing program 5: 06:20:37 executing program 3: 06:20:37 executing program 2: 06:20:37 executing program 0: 06:20:37 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d400000000", 0x4b}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:37 executing program 3: 06:20:37 executing program 5: 06:20:37 executing program 2: 06:20:37 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d400000000", 0x4b}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:37 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a000000"], 0x54}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:38 executing program 0: 06:20:38 executing program 3: 06:20:38 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d4000000000000000000", 0x50}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:38 executing program 5: 06:20:38 executing program 2: 06:20:38 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a000000"], 0x54}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:38 executing program 0: 06:20:38 executing program 3: 06:20:38 executing program 2: 06:20:38 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d4000000000000000000", 0x50}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:38 executing program 5: 06:20:39 executing program 3: 06:20:39 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a000000"], 0x54}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:39 executing program 2: 06:20:39 executing program 5: 06:20:39 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d4000000000000000000", 0x50}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:39 executing program 0: 06:20:39 executing program 3: 06:20:39 executing program 2: 06:20:39 executing program 5: 06:20:39 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d4000000000000000000000000", 0x53}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:39 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a0000000000001700000000000000000000"], 0x62}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:40 executing program 3: 06:20:40 executing program 0: 06:20:40 executing program 2: 06:20:40 executing program 5: 06:20:40 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d4000000000000000000000000", 0x53}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:40 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a0000000000001700000000000000000000"], 0x62}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:40 executing program 2: 06:20:40 executing program 0: 06:20:40 executing program 3: 06:20:40 executing program 5: 06:20:40 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d4000000000000000000000000", 0x53}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:40 executing program 2: 06:20:41 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a0000000000001700000000000000000000"], 0x62}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:41 executing program 3: 06:20:41 executing program 5: 06:20:41 executing program 0: 06:20:41 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d400000000000000000000000095", 0x54}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:41 executing program 2: 06:20:41 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a000000000000170000000000000000000000000000000000"], 0x69}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:41 executing program 5: 06:20:41 executing program 3: 06:20:41 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d400000000000000000000000095", 0x54}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:41 executing program 0: 06:20:41 executing program 2: 06:20:42 executing program 5: 06:20:42 executing program 2: 06:20:42 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a000000000000170000000000000000000000000000000000"], 0x69}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:42 executing program 0: 06:20:42 executing program 3: 06:20:42 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000240)=@nl=@kern={0x10, 0xf000000}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)="550000001e007f5300fe01b2a4a20006000000a8430891000000080009000a000c0000dc9b131338d54400009b84136ef75afb83de448daa7227c43ab8221000060cec4fab91d400000000000000000000000095", 0x54}], 0x1, &(0x7f0000000180)}, 0x0) 06:20:42 executing program 5: 06:20:42 executing program 0: 06:20:42 executing program 2: 06:20:42 executing program 3: 06:20:42 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a000000000000170000000000000000000000000000000000"], 0x69}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:43 executing program 5: 06:20:43 executing program 4: 06:20:43 executing program 2: 06:20:43 executing program 0: 06:20:43 executing program 5: 06:20:43 executing program 3: 06:20:43 executing program 4: 06:20:43 executing program 2: 06:20:43 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000"], 0x6d}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:43 executing program 0: 06:20:43 executing program 4: 06:20:43 executing program 3: 06:20:43 executing program 5: 06:20:44 executing program 2: 06:20:44 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000"], 0x6d}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:44 executing program 0: 06:20:44 executing program 5: 06:20:44 executing program 3: 06:20:44 executing program 4: 06:20:44 executing program 2: 06:20:44 executing program 0: 06:20:44 executing program 5: 06:20:44 executing program 4: 06:20:44 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000"], 0x6d}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:44 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_CAPBSET_DROP(0x18, 0x0) 06:20:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x30001, 0x0) ioctl$BLKSECTGET(r0, 0x1267, &(0x7f0000000280)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) ioctl$UI_END_FF_UPLOAD(0xffffffffffffffff, 0x406855c9, &(0x7f00000002c0)={0x0, 0x0, {0x56, 0x0, 0x0, {}, {0x0, 0x1}, @const={0xe40, {0x8285, 0xfffffffffffffffe, 0x22, 0x100000001}}}, {0x57, 0x40, 0x200, {0x9, 0x33f7}, {}, @cond=[{0x30e0112b, 0x489b7ea5, 0x31ad, 0x6, 0x4, 0xff}, {0x0, 0xfff, 0xff, 0x401, 0x3, 0x8000}]}}) r1 = open(&(0x7f0000000000)='./file0\x00', 0x40, 0x80) r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) lsetxattr$security_smack_entry(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='security.SMACK64MMAP\x00', &(0x7f0000000100)='\x00', 0x1, 0x2) setxattr$trusted_overlay_redirect(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='trusted.overlay.redirect\x00', &(0x7f0000000200)='./file0\x00', 0x8, 0x2) r3 = socket$inet6(0xa, 0x80000000000002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000007500)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(0xffffffffffffffff, &(0x7f0000009340)=[{{&(0x7f0000008800)=@pppol2tpin6, 0x80, &(0x7f0000008c80)=[{&(0x7f0000008880)=""/179, 0xb3}], 0x1, &(0x7f0000008d00)=""/9, 0x9}}], 0x1, 0x0, &(0x7f0000009400)) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendto$inet6(r3, &(0x7f0000000000), 0xffaa, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, 0x1c) ioctl$EXT4_IOC_RESIZE_FS(r1, 0x40086610, &(0x7f0000000040)=0x77) 06:20:45 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) dup2(r0, r2) 06:20:45 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) sendto$inet6(r0, &(0x7f0000000180)="0401000000c000ddb8460900ffb25b4202938207d9fb3780398d5375c5f73f939029298d7535352cd5a1f57590080053c0e385472da722a59a7a033b970720a42f2a2bb404e158ccdb0ac538d24c10d6afcc2f2dbbd632471727f63cd7bd96c3b5000029", 0x64, 0x0, &(0x7f0000000200)={0xa, 0x200000800, 0x20000000005, @ipv4={[], [], @local}}, 0x1c) 06:20:45 executing program 5: prctl$PR_SET_SECUREBITS(0x1c, 0x26) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:45 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000100)) 06:20:45 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a000000000000170000000000000000000000000000000000000000000000"], 0x6f}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_GET_KEEPCAPS(0x7) 06:20:45 executing program 0: socketpair$unix(0x1, 0x11000000000005, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000000040)) 06:20:45 executing program 5: prctl$PR_SET_SECUREBITS(0x1c, 0x26) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:45 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_MCE_KILL(0x21, 0x1, 0x0) 06:20:46 executing program 3: eventfd(0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz0\x00', 0x1ff) ioctl$KDDISABIO(r0, 0x4b37) write$binfmt_script(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="2321202e2f627573206367726f75e675736572535b70726f63656d3076626f786e657431657468302d40776c616e31207663616e3000207663616e300020a020207663616e30000ad96e7dd51040c7ddce6b88b25e672b507e8161056da71366eacc564bc827b69c6f1cce825b4a0d9482b4b533ef6a8a5da9e5959f914108e1019ad8061867dd33b744d200eb384d9a35548e5c1f5af2ef96f1a7180782d398b9e9c1c1d6ec8a5d9c83ecbc10ba33718ca51f6309b482b10000004a73000000000000000000819c281f9b5ad90dc3bf9e9b953942df8e16a68c06e0651ae8f60b29b0c24dbd593d7a2d76ed7f60d7136de265e2c481ead1c873169e91c0c701d63b762d746ec67b1e31b336632d53283e8eb53f51093a10ea78965be0b22bfda58c22f8de7ebc4a205d57d6000000000000000000000000"], 0x138) fallocate(r0, 0x1, 0x0, 0x10000101) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000140)={@empty, 0x71, r1}) bind$inet(0xffffffffffffffff, &(0x7f00001edff0)={0x2, 0x4e20, @multicast1}, 0x10) linkat(r0, &(0x7f0000000440)='./bus\x00', r0, &(0x7f0000000480)='./bus\x00', 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000340)='dummy0\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000400)=r2, 0x4) 06:20:46 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a000000000000170000000000000000000000000000000000000000000000"], 0x6f}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:46 executing program 0: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) 06:20:46 executing program 5: prctl$PR_SET_SECUREBITS(0x1c, 0x26) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:46 executing program 4: socketpair$unix(0x1, 0x2000000005, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_THP_DISABLE(0x29, 0x0) 06:20:46 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) writev(r0, &(0x7f0000000440)=[{&(0x7f0000000380)="db", 0x1}], 0x1) chmod(&(0x7f0000000080)='./file0/bus\x00', 0x0) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:46 executing program 3: clone(0xfffd, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) r0 = getpid() pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfffffef3) ptrace(0x4206, r0) tkill(r0, 0x29) waitid(0x0, 0x0, &(0x7f0000000000), 0x100000a, &(0x7f0000000080)) 06:20:46 executing program 5: prctl$PR_SET_SECUREBITS(0x1c, 0x26) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:46 executing program 4: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000000)='\v', 0x1) write(r1, &(0x7f00000012c0)="288738fce21783209d160bb964ad3b6c1a54d1779ea985ca5b24cf0e7b004a7982dd727cd7bb02e50ef2d6e45b090e2f63c4ec49f40ff2844a4e539658981ef58d387c6fe472c857ab5e840f3982b0d6f9dec37d3f53e3d0b627219665141e2755740c7af76b251f6b500fa82497abe18ba67a34b980015e7e67302c39ff29db622a38f72772699f01fff51891322507f0c053ecd4a8257116ccc3d5ee6fc21cf03ebbc6c98f8a2b4218aa41263f91b3c3118ed7ef855b7a399a7110890969183e56f06c6ffe8fccd5ca451364f914e6415dc3aa8a919a7e71fca02c0986ea9d1047a6f0dad4d907283d95719efeb86778fc0e737606a6ed05fa63338593c9b1169fd5a7fc0e15d50ed26667eeb0d7de6af90ecaeb1361a025ace3ba9cda624226821bef66e1c74ed3871b8ec37a54dd14da006782e149769b0630abde0ce7cc1e5e304f4292ee0a269a4dc1cd00fe90673abc7d39743214bd5e42cd2000736c6451af826f3ece67c9e8d3d391fb207796baf89f49cd2b999e84f0435c4bb76a9cef4a66b8e16bd1e953dc7c401754e9e4a82b7b1fc92bb5539b1dc654cc28a7dd874c1f68f251f8212a4f49d4962b59046d150326d07759e7f21d22c2478afd9ec81585e3dc0936734e45612e3156f5428382efb724836a6a88480fdf9e992173fc50aff8215805a5455ce84180ab2c74a9d228dec584e0c6b8308bf4c3213ff49bb9ff1a1d059053510b61fa873224020694a0e00a819f9940395c88d0ae207c11630cdb0364067dbb0eb4e3d1ad77fa5d24a180e30042c94057b2cee81547bef82b1a35a4ff8080d9dc2e8c52d5e252e4c092d3e9d0e35457f3239a9b3627189f369f95bc94cf2bc817a77a5b6d8ec036c84e2cf4082a8b98f64fd4dc74a3550836d05b4cb3398b74684b4c6a7a1b2f89383e76ab65b5203cea35155e0ce12161180feee820d613d7ab564804a32285a0048c724cc2082043c0b55ef2be81ce11e80c6e4cefe2aaf69a41b96e2815a319fdcf05e53a889da37b7f61570db9207a7baa6120c384695fa0da4205a58ae1c6e824571e926ed1691b4b57039d9c6a2f709cb768f1c7f971fa56ca8676e4518372a98475973e2ac461946a64a0707bf372049e70d6576adf549d569db6ef7d40bced9d7582d5031de8183ace6fbdbfa04dfe7559eb29805eb1f5b087508d43cd6ca221dc91057be40d61c25603ec82288cbda1e9bedeb5bbbfe1d37179a121276a22b2f65cb97c0e83b481dc9e9410dc262f2ff342dbb2a727baca28b9897d5570b8b1a4c34e3fbc204657343699795fd87ad064b68c506dfeb73514ee741cdedf518420fcde3556a4cc57bc710873352374ca41b38bf0f31652b07e69543bc7b032d999e58e669a3af68d70d9c504ee7fb5b071b624db7a20bb96b640f2614bf69a738dd516208625f4a76aac82112ee65017a917b39920b2efe2835da10a7f33966c2ec2d8b91693bd9d548315ad660856858eac0a8d70268fc6c159e2f4fee2292922da41dfb3ee333cf0be29eccdefb40ff67b271b60052999e6fae46792c92cc4fa3ab2e1b0eaa6b9d2c74429fdcd86bf266ce456864508e9f47b05f316c86cc72288571fef1748b28291f6b28433462517fcda758bc267862f5498f2357da61330350c1c0959f5a2df707781a970a65cb12544281bebad982d16897e3af1ab64a1480ae4439098526c3b0714527e740d19f027a64dfe1f27c54b313e3c834f68d36c3e24e743ea2e2522be5d71970c7f8dd37103cee68661088b084f3d2cf6601627d660c5af3519a3976254795be4829464e9eecbdd6ef94a8c322315ba599cd9b137f759d610e1a0042cb3f28ca2e35c106cce53574d2bc66a272eaa350e3bc0164aae08ef87e7d47a7a5d6fa8444aeca644a0808e3039e17aa0f0d4f247d2a1654c9036ac5d2d36826513d72e8095b5c13324dc06b52d30b718c89ba651fc576597a9b71aaf6c8965f6f9651b67dc9e7af336738d6de668720e366e72d1bca8ed00f85da3fc35f5ed14394034f300fe59b56bceff0a7cf26db445ee4b9182eeb6a028357dad039c1998b20af792942280fec5a4256409cc0d5c2e7f75306a6ad36d362a0180fcc5595c0e646cb243abae1ee64ba10d13e7af9f14ce2a48b042db122d23153dbb98a1056727b8fd5b16a378445e7ce54a0818b34134cbdf057f7299409397352b6a520068478a859b5065a22b0dac868f4bf53ff36424663bc8ea7706094ae5bd048c6e15ae5fe680f2e4f2c4cec4863d28c7dcc5540a1cd12003c6cac675359be5648bced62509f0ea55fe6d43268ee08bd88ce5476e9baf578e7a49b799a40ab046647fd0f12ce0a862f207cf47e171c66c5af5db8f4489b6df5aa625a7c95da4915edc252381c737cf0860fe863ce230da55a6026cf9ee3ab13b665574b9dc443796b112740bb8eed30d266d3d66a17ea20caf7a76bfb51d7a9feeddecd7e79bc2c0e162c59b48674448f8f89187af505e4b918c0a7fe379b7cb283f4144ec835f3149847486f9d586032d18d0ad6bd2211f4059d31c9fa42187bbd5f7cf5185102c06bfa8d8f9f6a718e63eb2bffa769c903ceb97f258078f8a896ef8daacb10a53b08b70a3f30f3aed45ed90abed490cdbac42a5c0fca7c945b77404dd29d58a1c5621398db0350af192a8356e7f281888a18930c2e3a2214c584354072fe5b78b7f71e952f7bfc35dcea104c56b74d7740fb4df2decf7f310fbf7572eb5eb40c9ca9d1fda3030fb80da3455e0aad7458232ce6df5232d84603f0c5bb4736595ee2dd58301afb06dd5176d0ba1e9935c0031586471631d857cc5411da9f007759b72cae2535d3010b0137b4bd23f59a9f82f5334824335673ca59bf5c67d9d65988bc6800a7e3c2f23992849be375a37a41f9515f675b075ae39abc6d44a856bd32937ec673e1fa2e72be039009c5fe23fac7cef1343cc63dd43e7bfae8554d2aaf5a89edb9e072575d62a7b0bc25b511e21dad320e5ce2167115b2b4b448e4f7402644000d79f200da434594ee64189cc5021013f0c22cf4a842add61d9d22881cf2b0ecb1249444c5a04cae4532524abefa3d7251be236ca661886c2c9f7e3ed236e9b5f20d1e9b7dfbf7d95567dc8061dd4b9f1fb34f6c5464f69f1c60f63145958d85de0782bf2a3659b3c3f4bf27b359b7032583d2bb78db11115522ff8dbd023854419c5108d4c0c238e705c616b76020e6b0a3d8ab6d5ba44a977d1b7861e52d5fcb9133ec83b2cd8d8f757f20c9bf8bf6e442f7795780de126026ff0e9b794a0cee549bd9c1b76126753ec921b4ea0f7a285b8be90c518b7209b5e20c3a17217387b88145cd6d46f6fffe49f64370028815455d24eb4186f688f218c9ba29661cdf66cd24f80e209961e65ae8fcdd680dfa4f827dbe29b04abd4f66e908bf9fafa35b33bb58937e9d8d87663656d671d67d3a1d3cdba53df77965d78d5365f47ca3455d07cb7f6c4740cd6d28f2fc82f9807ea16a12be49da66be1991e2757616a260525896e7cbee919df97049d891abbff01c58436f86dca21f7d771ec1eee68f21c9bf95892767c8929a40790af51723c0cd60b84a43bd97ab0262b0996dd3f9b05bd64eb2b9aef81bc53ea558b48f8293e737dd496e14c3d8d451fe11ff96e1fb2058f0284afcbb95e6f22421b0503eb6ac582de3920026ec98704e530f354d29569d10c10ebf77a45574f17d5f45b6de3c4baf7cb9bed0c657c2a2ab70aa7be84796c76fed6a6c2c7c6ac30b88dd77e6c1a0bfa46b6531b8a39d8c6ba3ebffe47df53bc1c9ca00bb6351a0c7b0c3dc699917e9d49e56f2cab21580e0c42bc6ff916aaf8365fa1d3e87b9ab00a802d9955bde2d7e24208035b4ad5f36fc8063827f7bbd6853383e8f5ade93f28966e8cf550aab34bde98bc42606730ac552d04444d208900dcc1f046a3c615c443094a29e60112df5440746d17c8762b0f724325c4b5cb0139925642b644ffc287d87392cb04b4541c60fee4d1ac422de92871553017e370d320972f087abb525152ac4a699241149901fbb13a4045c85f1fc9fcf7128f02c7915fd034fe07f49cfd925c4c3f8c50ba62c831cc76a1ecd1ae6eacab00e7d0a39245fe711823ea254fd73619f2795724d815b2b17d40d18672203b0836820dae093fada58879be5cc378bdd8a46b743d38ff2b7ad78d24b388c5dbf567520db8e453cb0f5859368d97124247cbc2679eefc360831e3012d876996ca43ec4e079606eb1ea18ab744e6dfe5f03da56da30077a578539e33a22cc22c7abdae19d23b60e1fa7cdce4e1428ced81108736878721e681bda265d8f775f1ba69ef8d754601646fc4690a5c3165c5ac7f09a68a8a573ef60de9b612caedd991b3981723e364095e96e355de9e92937d9660f513bf5186fa1f599a9ba446f4744c224b891232ba0b9caef973a9b2c9f077cb6cadb424185fb3d94e43338034fc1376a26403b1f1c1c2102e9e5fbece12a7f96c81ce01f8a1e53371c584402dcc61c762823de3785d4f39846d572dce6bee76fa3101dd2c6b28bb96c132f58e18fe4b5566bb77e567a91ad817f216b8a95ed32edfac449cff63a0f64de4c1b8baebdc9980d60b68a0cb3d6bde956e2b4789f847a3494eaa88ab1d2ea344db4deb2bff7f27b3bbeb07292b4f078e965b3454823c60c4f612f78b6d9110a8321e582093ed30a4b5a9a03cbe5a68a28cd1cfd7d813be057bb601cf0b559abfb3e53159d75cdec909a21d9a00632d0b9a42d43cf845f0bfa79a0fc191b8a8aed2d77576367eb122b3bbc36b6b9dcb3056d564957a179f9059042682ff6ff097ec1f055d27df05c3184f8cafb001bbda7cbce54758b87873e1ff0c95f4fec1157501df90df06ae9b4102805d9a5886f058f6b6e07310f2a1e9072c51abbf8659e6ed4f94de937346fed06c4ba7f566aa58ca4211c356fb934e94acd1c7e7e30edcd168a7dbed6803fc3bbe8192435b3b582357d2715ee71231267084d845c300a91ebebfaac338473429030036f2fadac0b8d831e33352b7a673987ffb667783ec45b1b9856dbab601b7188d1ed67a91cc568b04570dcc2cdabddb834debd1c2495715ac15efa9c4e08a679c86404c7aa5b412e6c78a5d567e81f5abcdb29fef3804f07246ca815191a216ecb672fb359c53f7fcbcbdf5e319456965c134854122013f4422ef5da0f4c8c88f8d4ba1565d888e1ef3b2595d020e5d6655d2dc99a40e607d5e8cabec8d4095ffebc38d53b8e2a83085f2b5f0124b11d9f8360cdde4cd32d93c0c23255bf493db5b2f694913d7551b018c57976f5e944599eb38e6df54ddb8c4375aad951066ccf0564791dcff7962145dbb7a0cae10f1f367d7ab6924852f35039cda9a8e75ba09359cf0df050d25a9ebc50573af41be96f825f058e9b7139759feca9d1e1cb34813589e3c95a494e85509ff52f11ac9735cbb4c5a773267add7e3d7858b7918ef2c713fed90d11df3c928f87f693574bb299527b890d00265ff3e193175ab20fac531264a7c6982beb79f8774993d748dd71b2d43e4848be9fd52bb8cb97227b039e71212e1d91767d0e4d9570687d3e5280b654b9ee2656bc28b630f2fa86dd972ee66dc884b68c34f3c43768d1227a89472603b2e68debf471569abe5a68d67b37653a35962acf0cb9c7c297277933b4bb7456829248cea075f6fe6ec0e444745c5a5a3c49c26713cab4cac91a65bbbb17bbca3ac805868c2e90c7c8d0bbb5a8a5820921015083037a585e1b6d0216", 0x1000) close(r1) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) splice(r0, 0x0, r1, 0x0, 0x10000, 0x0) 06:20:46 executing program 0: socketpair$unix(0x1, 0x2000000005, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fremovexattr(r0, &(0x7f0000000040)=@known='com.apple.system.Security\x00') 06:20:46 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a000000000000170000000000000000000000000000000000000000000000"], 0x6f}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1135.812519] ptrace attach of "/root/syz-executor3"[487] was attempted by "/root/syz-executor3"[492] 06:20:47 executing program 3: prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) 06:20:47 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) writev(r0, &(0x7f0000000440)=[{&(0x7f0000000380)="db", 0x1}], 0x1) chmod(&(0x7f0000000080)='./file0/bus\x00', 0x0) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:47 executing program 5: prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:47 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0xfffffffffffffdc3, &(0x7f0000000080)=""/251}, 0x48) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 06:20:47 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x0, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:47 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff}) perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg(r0, &(0x7f0000003040)=[{{&(0x7f00000018c0)=@ipx={0x4, 0x0, 0x0, "982a5c276750"}, 0x80, &(0x7f0000002f80)}}], 0x3ac, 0x0) 06:20:47 executing program 3: iopl(0x1) 06:20:47 executing program 5: prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:47 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) writev(r0, &(0x7f0000000440)=[{&(0x7f0000000380)="db", 0x1}], 0x1) chmod(&(0x7f0000000080)='./file0/bus\x00', 0x0) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:47 executing program 1: socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300090e000000000000f1b30e2d0005000600000000000a00000000000e2c2cf0000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000017000000000000000000000000000000000000000000000000"], 0x70}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x400000000000117, 0x0) 06:20:47 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_MCE_KILL(0x21, 0x1, 0x2) 06:20:48 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_SECUREBITS(0x1c, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:48 executing program 5: prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:48 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) writev(r0, &(0x7f0000000440)=[{&(0x7f0000000380)="db", 0x1}], 0x1) chmod(&(0x7f0000000080)='./file0/bus\x00', 0x0) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:48 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f00000000c0)='threaded\x00', 0x9) perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 06:20:48 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) close(r1) 06:20:48 executing program 5: prctl$PR_SET_SECUREBITS(0x1c, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:48 executing program 4: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0xdf}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) 06:20:48 executing program 0: r0 = open(&(0x7f0000000040)='./file0\x00', 0x1000000000141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) mremap(&(0x7f0000008000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000005000/0x1000)=nil) msync(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x6) 06:20:48 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) writev(r0, &(0x7f0000000440)=[{&(0x7f0000000380)="db", 0x1}], 0x1) chmod(&(0x7f0000000080)='./file0/bus\x00', 0x0) dup2(r0, 0xffffffffffffffff) 06:20:48 executing program 3: add_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000280)={'syz'}, &(0x7f00000002c0), 0x0, 0xfffffffffffffffd) 06:20:48 executing program 5: prctl$PR_SET_SECUREBITS(0x1c, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:48 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x0) 06:20:49 executing program 3: eventfd(0x0) mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000ffd000/0x3000)=nil) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x1, 0x0, 0x10000101) r1 = socket(0x0, 0x0, 0x0) write(r1, &(0x7f0000000040)="240000001a0025f0006bb404feff141c020b5aff6e10b500000780cc08000200ac141410", 0x24) 06:20:49 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) writev(r0, &(0x7f0000000440)=[{&(0x7f0000000380)="db", 0x1}], 0x1) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:49 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) io_setup(0x0, &(0x7f00000000c0)) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:49 executing program 0: seccomp(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xffffffff}]}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) 06:20:49 executing program 5: prctl$PR_SET_SECUREBITS(0x1c, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:49 executing program 1: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0x1, 0x8, 0x81, 0x20000000000001, 0x0, 0x0}, 0x13) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000010c0)={r0, &(0x7f0000000000), &(0x7f00000000c0)}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r0}, 0x10) 06:20:49 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) io_setup(0x0, &(0x7f00000000c0)) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:49 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff}) fcntl$setstatus(r0, 0x4, 0x2800) perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg(r0, &(0x7f0000003040)=[{{&(0x7f00000018c0)=@ipx={0x4, 0x0, 0x0, "982a5c276750"}, 0x80, &(0x7f0000002f80)}}], 0x3ac, 0x0) 06:20:49 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_SECUREBITS(0x1c, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x1) 06:20:49 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:49 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) io_setup(0x0, &(0x7f00000000c0)) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:50 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) io_setup(0x0, &(0x7f00000000c0)) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 06:20:50 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000080), 0x4) [ 1139.134474] audit: type=1326 audit(1542694850.198:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=594 comm="syz-executor0" exe="/root/syz-executor0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0xffff0000 06:20:50 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:50 executing program 3: prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) seccomp(0x1, 0x1, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xffffffff}]}) [ 1139.476001] audit: type=1326 audit(1542694850.538:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=594 comm="syz-executor0" exe="/root/syz-executor0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0xffff0000 [ 1139.643932] audit: type=1326 audit(1542694850.688:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=640 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0xffff0000 [ 1139.665706] audit: type=1326 audit(1542694850.698:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=640 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0xffff0000 06:20:50 executing program 0: r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f00000002c0)) 06:20:50 executing program 5: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev}, 0x1c) sendmmsg(0xffffffffffffffff, &(0x7f00000092c0), 0x4ff, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(0xffffffffffffffff, 0x7003, &(0x7f0000000100)) r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0, 0x2) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0xfffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) write$P9_RFSYNC(r1, &(0x7f0000000240)={0x7, 0x33, 0x2}, 0x7) exit_group(0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) syncfs(r0) r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r3) 06:20:50 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) io_setup(0x0, &(0x7f00000000c0)) 06:20:50 executing program 1: ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f00000023c0)) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)='cgroup.subtree_control\x00', 0x2, 0x0) clone(0x100002102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000280), 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EVIOCGID(0xffffffffffffffff, 0x80084502, &(0x7f0000000400)=""/154) write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[], 0x7fffffff) recvfrom(r1, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) 06:20:50 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:50 executing program 1: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6tnl0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmmsg(r0, &(0x7f0000006ec0)=[{{0x0, 0x0, &(0x7f0000000580), 0x0, &(0x7f0000000600)=[{0x10}], 0x10}, 0x4}], 0x1, 0x0) 06:20:50 executing program 3: perf_event_open(&(0x7f0000000500)={0x2, 0x70, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) 06:20:51 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:51 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:51 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f0000004dc0)=[{{0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB="d0000000000000008400000006000000"], 0x10}}], 0x1, 0x0) 06:20:51 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[], 0x7fffffff) recvfrom(r1, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x0, 0x0, 0xfffffffffffffd51) 06:20:51 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x8000000000009, &(0x7f0000000140)=""/4, &(0x7f0000000000)=0x4) 06:20:51 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:51 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:51 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000dfdfee)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000000580)=[{{}, 0x0, 0x1}], 0x283) 06:20:51 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001480)='/dev/snd/timer\x00', 0x0, 0x0) close(r0) 06:20:51 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:52 executing program 3: r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000100)={0xffffffffffffffff}) 06:20:52 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:52 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[], 0x7fffffff) recvfrom(r1, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) 06:20:52 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:52 executing program 1: symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') 06:20:52 executing program 0: timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000040), &(0x7f0000000140)}}, &(0x7f0000044000)=0x0) r1 = gettid() clock_nanosleep(0x2, 0x0, &(0x7f0000000180)={0x0, 0x989680}, 0x0) ioperm(0x0, 0x0, 0x0) r2 = gettid() timer_settime(r0, 0x3, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r2, 0x1000000000016) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) tkill(r1, 0x14) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000100)) ptrace$setopts(0xffffffffffffffff, 0x0, 0x7, 0x0) 06:20:52 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='veth1_to_bond\x00', 0x10) 06:20:52 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:52 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000200)=0x80) sendto$inet6(r0, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r1, &(0x7f0000009040)=[{{&(0x7f0000007880)=@xdp, 0x80, &(0x7f0000008940)=[{&(0x7f0000000740)=""/4096, 0x1000}], 0x1, 0x0, 0xfffffffffffffe35}}, {{0x0, 0x0, &(0x7f0000008f00), 0x18761bb075d6ebc, &(0x7f0000008f80)=""/165, 0xa5}}], 0x40001a9, 0x100, &(0x7f00000090c0)={0x77359400}) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) write(r2, &(0x7f0000000080)="a4baf6f2696dbb", 0x7) lsetxattr$security_selinux(&(0x7f0000000180)='./bus\x00', &(0x7f00000005c0)='security.selinux\x00', &(0x7f0000000600)='system_u:object_r:devicekit_exec_t:s0\x00', 0xfffffffffffffe7e, 0x7) recvmsg(r1, &(0x7f0000000140)={&(0x7f00000000c0)=@alg, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000240)=""/92, 0x5c}, {&(0x7f0000000440)=""/77, 0x1e1}], 0x2, &(0x7f0000000540)=""/32, 0x20}, 0x4) ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000002c0)="4a36bc1b6140528319946cefcea1d222605db32d63142f83a390e2231f2e7f16bd8250f15096b4ff6d473f1f06c96ccdd64d412c6e48a3d167acabb9ceea03f8fe78f652bde75f10ad63fdef290e7e2d8f4dc9e3cf8a1c40034a844213b40e258373efccc4473f9d79992239bcbc2f776b09604bab7b66f3742cbaebab34b1157ae7f16320f88d216e8db78aafa39d86c762a7682a6be2a579df36b64894cebd1725e2483fa6e93b55a426a40130b23b987b8be6bce7a78e1878dcd4b1777e862df56a8a4999178cba6b3de649a8f9811a571c3eb88b096f0075ed0e15204bb452eba42bc54f2d3c2ef29acb05e496be59c207") ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000400)={0x0, @aes256}) getsockname$inet6(r1, &(0x7f00000004c0)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000500)=0x1c) sched_yield() ioctl$BLKRAGET(r2, 0x1263, &(0x7f00000003c0)) sendmmsg(r0, &(0x7f0000003540)=[{{&(0x7f0000001740)=@nl=@kern={0x10, 0x0, 0x0, 0x40020840}, 0x80, &(0x7f00000018c0)=[{&(0x7f0000001840)="4be1e9c88b552102d1705625989823d8338f8376eb35b6a4e0ba1050330790ac68543d28a29e0b1eb79b039a775487d88387f43de6c281676332edcea885c7a8fbb18926f63562caec975d827342299961ec8793b107e92d85e4ab9fb5b26d9f57bf4b6eb0ae5833237d1bbc3783872de6b4aecd54", 0x75}], 0x1, &(0x7f0000001900)}, 0x7fffffff}], 0x1, 0x0) getpeername(r2, &(0x7f0000000640)=@sco, &(0x7f0000000580)=0x80) ftruncate(r2, 0x99b3) 06:20:52 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) rt_tgsigqueueinfo(0x0, 0x0, 0x16, &(0x7f0000000100)) ptrace(0x10, 0x0) ptrace$pokeuser(0x6, 0x0, 0x388, 0xffffffffffffffff) 06:20:53 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:53 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) rt_tgsigqueueinfo(0x0, 0x0, 0x16, &(0x7f0000000100)) ptrace(0x10, 0x0) ptrace$pokeuser(0x6, 0x0, 0x388, 0xffffffffffffffff) 06:20:53 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) dup(0xffffffffffffffff) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)) ioctl$int_in(r0, 0x0, &(0x7f0000000200)=0x5) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) futex(&(0x7f0000000940)=0x2, 0x0, 0x1, &(0x7f00000009c0)={0x77359400}, &(0x7f0000000a00)=0x1, 0x0) fsync(r1) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/netlink\x00') sendfile(r2, r2, &(0x7f0000000340)=0xffffffd, 0x7ffffffb) 06:20:53 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) rt_tgsigqueueinfo(0x0, 0x0, 0x16, &(0x7f0000000100)) ptrace(0x10, 0x0) ptrace$pokeuser(0x6, 0x0, 0x388, 0xffffffffffffffff) 06:20:53 executing program 5: 06:20:53 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000e95fe0)={@remote={0xfe, 0x80, [], 0xffffffffffffffff}}, 0x20) 06:20:53 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:53 executing program 0: 06:20:53 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) r0 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(0xffffffffffffffff, r0) 06:20:53 executing program 3: 06:20:53 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:53 executing program 5: 06:20:54 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:54 executing program 1: 06:20:54 executing program 3: 06:20:54 executing program 0: 06:20:54 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:54 executing program 5: 06:20:54 executing program 2: r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:54 executing program 1: 06:20:54 executing program 0: 06:20:54 executing program 5: 06:20:54 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:54 executing program 3: 06:20:55 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:55 executing program 0: 06:20:55 executing program 1: 06:20:55 executing program 3: 06:20:55 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:55 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:55 executing program 5: 06:20:55 executing program 0: 06:20:55 executing program 3: 06:20:55 executing program 1: 06:20:55 executing program 0: 06:20:55 executing program 5: 06:20:55 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:56 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xffffffffffffffff) 06:20:56 executing program 3: 06:20:56 executing program 1: 06:20:56 executing program 0: 06:20:56 executing program 4: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xffffffffffffffff) 06:20:56 executing program 5: 06:20:56 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:56 executing program 0: 06:20:56 executing program 3: 06:20:56 executing program 4: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xffffffffffffffff) 06:20:56 executing program 1: 06:20:56 executing program 5: 06:20:57 executing program 4: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xffffffffffffffff) 06:20:57 executing program 3: 06:20:57 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x0, &(0x7f0000027000)={0x1}) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:57 executing program 5: 06:20:57 executing program 0: 06:20:57 executing program 1: 06:20:57 executing program 3: 06:20:57 executing program 5: 06:20:57 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:57 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x0, &(0x7f0000027000)={0x1}) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:57 executing program 0: 06:20:57 executing program 1: 06:20:58 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:58 executing program 3: 06:20:58 executing program 5: 06:20:58 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:58 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x0, &(0x7f0000027000)={0x1}) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:58 executing program 1: 06:20:58 executing program 0: 06:20:58 executing program 3: 06:20:58 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xffffffffffffffff) 06:20:58 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0xc008ae88, &(0x7f00000001c0)={0x7b, 0x0, [0x10a]}) open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) 06:20:58 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xffffffffffffffff) 06:20:58 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @loopback}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x1}) 06:20:59 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:59 executing program 3: clone(0x802102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000001000)={{}, {0xa, 0x0, 0x800000200000, @loopback}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0xbf5]}, 0x5c) setsockopt$inet_int(r0, 0x0, 0x40, &(0x7f0000000ffc), 0x4) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440)) 06:20:59 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000300)=0x1, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='veth1\x00', 0x10) connect$inet(r0, &(0x7f0000000380)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000014, &(0x7f0000000180)=0x1, 0x4) write$binfmt_elf64(r0, &(0x7f0000000500)=ANY=[], 0xffffffa9) sendmmsg(r0, &(0x7f0000005280)=[{{&(0x7f0000000840)=@hci, 0x80, &(0x7f0000001d40)=[{&(0x7f00000008c0)='P', 0x1}], 0x1, &(0x7f0000001dc0)}}], 0x1, 0x0) 06:20:59 executing program 5: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x4207, r1) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)) ptrace$setregset(0x4209, r1, 0x20000004, &(0x7f0000000100)={&(0x7f0000000040)}) [ 1148.358324] ptrace attach of "/root/syz-executor5"[19892] was attempted by "/root/syz-executor5"[961] 06:20:59 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:20:59 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:20:59 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:20:59 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r1, &(0x7f0000dddfc8)={&(0x7f0000000080), 0xc, &(0x7f00008a7000)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000003060501ff0080fffdffff2e0a0000000c0001000600000ce001ec000022ff02f10000"], 0x27}}, 0x0) 06:20:59 executing program 5: shmctl$IPC_SET(0x0, 0x1, &(0x7f00000003c0)) 06:21:00 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:00 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0xda5bf1556c3ca92c, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0), 0x0, r0}, 0x68) 06:21:00 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:21:00 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:00 executing program 3: seccomp(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x800000006, 0x0, 0x0, 0xfffffffffffffffe}]}) r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) fchmodat(r0, &(0x7f0000000180)='./file0\x00', 0x0) 06:21:00 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) io_setup(0x5, &(0x7f0000000000)=0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/udplite6\x00') io_submit(r1, 0x1, &(0x7f00000017c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x1, r2}]) 06:21:00 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:00 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0xda5bf1556c3ca92c, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0), 0x0, r0}, 0x68) 06:21:00 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:00 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x0) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:21:01 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:01 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0xda5bf1556c3ca92c, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0), 0x0, r0}, 0x68) 06:21:01 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:01 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) 06:21:01 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x0) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) [ 1150.377691] audit: type=1326 audit(1542694861.438:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=1022 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0xffff0000 06:21:01 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:02 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') lseek(r0, 0xffffffffffffffff, 0x4) 06:21:02 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0xda5bf1556c3ca92c, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0), 0x0, r0}, 0x68) 06:21:02 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x0) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, r1) 06:21:02 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) lseek(r0, 0x0, 0x4) 06:21:02 executing program 0: socketpair(0x0, 0x0, 0x0, &(0x7f0000000600)={0x0, 0x0}) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180), 0xfffffefa) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000480), 0x12) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={"6e72300100"}) openat$tun(0xffffffffffffff9c, &(0x7f0000000400)='/dev/net/tun\x00', 0x10f482, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r0) close(0xffffffffffffffff) recvmsg(0xffffffffffffffff, &(0x7f000000c740)={&(0x7f0000000240)=@hci, 0x80, &(0x7f000000c600), 0x0, &(0x7f000000c640)=""/251, 0xfb}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000c780)={0x3, 0x2, &(0x7f00000000c0)=@raw=[@map], &(0x7f0000000000)='GPL\x00', 0x0, 0x26, &(0x7f0000000100)=""/38}, 0x48) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001800)={&(0x7f0000000180)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e21}, 0x2, 0x2, 0x2, 0x1}}, 0x80, &(0x7f0000000380), 0x0, &(0x7f00000003c0)=[{0x10, 0x0, 0x8}], 0x10}, 0x20000000) r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)="6c6f00966fd651b959a9c84a2c00d2970600dc0d") openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_REFRESH(r1, 0x2402, 0x1000) [ 1150.890047] cgroup: fork rejected by pids controller in /syz4 06:21:02 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:02 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) r1 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(0xffffffffffffffff, r1) 06:21:02 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') lseek(r0, 0x0, 0x4) 06:21:02 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) socket$inet_udp(0x2, 0x2, 0x0) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:02 executing program 5: prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0)}, 0x68) 06:21:02 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000300)=0x1, 0x4) connect$inet(r0, &(0x7f0000000380)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000014, &(0x7f0000000180)=0x1, 0x4) write$binfmt_elf64(r0, &(0x7f0000000500)=ANY=[], 0xffffffa9) 06:21:02 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) socket$inet_udp(0x2, 0x2, 0x0) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:02 executing program 5: prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0)}, 0x68) 06:21:03 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) dup2(r0, 0xffffffffffffffff) 06:21:03 executing program 3: r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) fchmodat(r0, &(0x7f0000000180)='./file0\x00', 0x0) 06:21:03 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) socket$inet_udp(0x2, 0x2, 0x0) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:04 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x6, 0x0) write(r1, &(0x7f0000c34fff), 0xffffff0b) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r2 = dup2(r1, r1) write$P9_RSTATFS(r2, &(0x7f0000000080)={0xfffffffffffffdf9}, 0x43) tkill(r0, 0x1000000000016) 06:21:04 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(0x0, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:04 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000348, 0x8000) 06:21:04 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:04 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000348, 0x0) 06:21:04 executing program 5: prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0)}, 0x68) 06:21:04 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:04 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0), 0x0, r0}, 0x68) 06:21:04 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(0x0, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:04 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000348, 0x8000) 06:21:05 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0), 0x0, r0}, 0x68) 06:21:05 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(0x0, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:05 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:05 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000348, 0x8000) 06:21:05 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, 0x0, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:05 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(0xffffffffffffffff, 0x0, 0x4) 06:21:06 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000348, 0x0) 06:21:06 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0), 0x0, r0}, 0x68) 06:21:06 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000300)) 06:21:06 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, 0x0, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:06 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:06 executing program 0: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_group_source_req(r0, 0x0, 0x2f, &(0x7f0000000100)={0x3f, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @remote}}}, 0x108) 06:21:06 executing program 3: r0 = memfd_create(&(0x7f0000000280)='[\'posix_acl_access\x00', 0x0) preadv(r0, &(0x7f0000000840)=[{&(0x7f00000006c0)=""/105, 0x69}], 0x1, 0x0) 06:21:06 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, 0x0, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:06 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:06 executing program 5: openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0xda5bf1556c3ca92c, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0)}, 0x68) 06:21:06 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x10000101) pwrite64(0xffffffffffffffff, &(0x7f0000000280)="8fa222b1bffe12d977baec052cd71c40e0f14c7e49a8412c0f82e0ac09c020ca1e08524cb543c7671c8fe1353eea72d751f76df13758e4c68101c00d48fc89c17bceefd13d46812a08bc6e7999d54b7b788a558c204ef93faf389002be7a4697fed3ba1c8cc415e9d73e73c20afa21c8f55aa1", 0x73, 0x0) 06:21:07 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000348, 0x0) 06:21:07 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, &(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_inet6_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000040)) write$eventfd(r2, &(0x7f0000000100), 0x8) 06:21:07 executing program 5: openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0xda5bf1556c3ca92c, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0)}, 0x68) 06:21:07 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:07 executing program 0: futex(&(0x7f0000000940), 0x0, 0x1, &(0x7f00000009c0)={0x77359400}, &(0x7f0000000a00), 0x0) 06:21:07 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x0, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:08 executing program 5: openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0xda5bf1556c3ca92c, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000005000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000009000/0x2000)=nil, &(0x7f000000b000/0x1000)=nil, &(0x7f000000d000/0x1000)=nil, &(0x7f00000000c0)}, 0x68) 06:21:08 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:08 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x0, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:08 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x7f, 0x7, 0x5, 0x1}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r0, &(0x7f0000000180)="06", &(0x7f0000000300)}, 0x20) 06:21:08 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000880)={@remote, 0x800, 0x0, 0x3, 0x1}, 0x20) 06:21:08 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:08 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000348, 0x0) 06:21:09 executing program 2: 06:21:09 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x0, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:09 executing program 0: 06:21:09 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6gretap0\x00'}) sendmsg$nl_route(r0, &(0x7f0000000340)={&(0x7f0000000040), 0xc, &(0x7f00000002c0)={&(0x7f0000003c00)=ANY=[@ANYBLOB="00001a0014000100ff02000000007eb0000000000000148d"], 0x1}}, 0x0) 06:21:09 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:09 executing program 0: r0 = socket$packet(0x11, 0x1000000000002, 0x300) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000280)={@loopback, @ipv4={[], [], @remote}, @local}) 06:21:09 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0xffffffffffffffff, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:09 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") syz_emit_ethernet(0xff27, &(0x7f000000a000)={@broadcast=[0xff, 0xe0], @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0xfec3, 0x0, 0x0, 0x0, 0x0, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @udp={0x0, 0x0, 0x8}}}}}, 0x0) 06:21:09 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x4) 06:21:09 executing program 5: r0 = socket(0x8000000000000010, 0x3, 0x0) r1 = socket$inet6(0xa, 0x803, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x14}, 0x14}}, 0x0) splice(0xffffffffffffffff, &(0x7f0000000240), 0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x0) write(r0, &(0x7f0000000100)="3e0000004e001f00ff03f4f9002304000a04f51108000100050000020800768511579131f4941fd41109028001cba80054de5a03df7f0ba362969c8f849c", 0x3e) 06:21:09 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0xffffffffffffffff, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) [ 1158.815761] netlink: 26 bytes leftover after parsing attributes in process `syz-executor5'. 06:21:10 executing program 3: 06:21:10 executing program 0: 06:21:10 executing program 2: 06:21:10 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000), 0x0, 0x40000) lseek(r0, 0x0, 0x4) 06:21:10 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0xffffffffffffffff, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:10 executing program 5: 06:21:10 executing program 5: 06:21:10 executing program 2: 06:21:10 executing program 3: 06:21:10 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, 0x0) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) 06:21:10 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x0) lseek(r0, 0x0, 0x4) 06:21:11 executing program 0: 06:21:11 executing program 5: 06:21:11 executing program 3: 06:21:11 executing program 2: 06:21:11 executing program 0: 06:21:11 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, 0x0, 0x388, 0xffffffffffffffff) 06:21:11 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x0) lseek(r0, 0x0, 0x4) 06:21:11 executing program 3: 06:21:11 executing program 5: 06:21:11 executing program 2: 06:21:11 executing program 0: 06:21:11 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x0) lseek(r0, 0x0, 0x4) 06:21:12 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, 0x0, 0x388, 0xffffffffffffffff) 06:21:12 executing program 3: 06:21:12 executing program 5: 06:21:12 executing program 2: 06:21:12 executing program 0: 06:21:12 executing program 2: 06:21:12 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, 0x0, 0x388, 0xffffffffffffffff) 06:21:12 executing program 5: 06:21:12 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(0xffffffffffffffff, 0x0, 0x4) 06:21:12 executing program 3: 06:21:12 executing program 0: 06:21:12 executing program 2: 06:21:13 executing program 5: 06:21:13 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x0, 0xffffffffffffffff) 06:21:13 executing program 0: 06:21:13 executing program 3: 06:21:13 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x0) 06:21:13 executing program 2: 06:21:13 executing program 5: 06:21:13 executing program 3: 06:21:13 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x0, 0xffffffffffffffff) 06:21:13 executing program 2: 06:21:13 executing program 0: 06:21:13 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x0) 06:21:14 executing program 5: 06:21:14 executing program 3: 06:21:14 executing program 2: 06:21:14 executing program 0: 06:21:14 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x0, 0xffffffffffffffff) 06:21:14 executing program 1: r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000000)='?', 0x1, 0x40000) lseek(r0, 0x0, 0x0) 06:21:14 executing program 3: 06:21:14 executing program 5: 06:21:14 executing program 2: 06:21:14 executing program 0: 06:21:14 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0x0) 06:21:14 executing program 1: 06:21:15 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)="636c6561725f7265667300b04978e60c4ba32fd7b949714bcbe80c57af59747c61a31619cbafea034f5b6bb15332860b9f14c654d1012484f5c9d8edcad2f073e0ca5078fc64d38d1e297b9d66a71452b92cae675696216e08f21e87b8b54da0d1b5f3b4d6f8caf34a15ed2b2c98fcbf581297b31beaeaffb76778a196ad93aa3d2d7a06720827") r1 = syz_open_procfs(0x0, &(0x7f0000000bc0)="6c6f67696e7569640039dad3c444de4a35f0fd223db6aa1e2fdd63c9f35f389e4669e0af6522c225bbb645ae9e0f46c87cd44db4919c1a34ab1d00bb4157f79b23912e9b96566ebf938974f48d420c49e5b30900000000000000192f3f47c7ea9a2b9c35bf253332e8833efab84cdec63c1f73e1df14a25ed1d955c099248a270c78a2b1c92fb4fd7034c322ea95ce1052a870c6dfc87c7814b8a2bbca47eb4c90f550c57fe2971c7284c7ba86966b3176177a7b912be572300e7a341245b25bb59400058b83526cd1ec89295864696722322a5ecd3ddfda832534e55f7120412149bb7f9c13ff3047c99241cf03aac047ae726411e6000000007c3bb14032db738b34506bc2536cc190d90732654cef8e47588cbb41a6") sendfile(r0, r1, &(0x7f0000000040), 0x1) fstat(r0, &(0x7f0000000080)) 06:21:15 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000600)={'ip_vti0\x00', 0x201e}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip_vti0\x00\x00\x00\x00\x00\a\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000080)={@dev, 0x0, r2}) sendto(r0, &(0x7f0000000040), 0x0, 0x0, &(0x7f00000000c0)=@generic={0xa, "a268d051afbb30b9923e133c4f56259c85a08979aa34c5e1f0eb820d62d5b0cc4faf74f741cba4496bcce0b430f1a59cf4b0969164bfc3019718e2cecf7aea450e50c1f6c3411889c8b9aefdcf069642a4897d1ae6f8749697df253a8bcfae046f8b9741ca762548255274875d3f737894f8e5c23221b0087c41ad03467a"}, 0x80) setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)={'security\x00', 0x2, [{}, {}]}, 0x48) 06:21:15 executing program 2: 06:21:15 executing program 0: 06:21:15 executing program 1: 06:21:15 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0x0) 06:21:15 executing program 3: 06:21:15 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)="636c6561725f7265667300b04978e60c4ba32fd7b949714bcbe80c57af59747c61a31619cbafea034f5b6bb15332860b9f14c654d1012484f5c9d8edcad2f073e0ca5078fc64d38d1e297b9d66a71452b92cae675696216e08f21e87b8b54da0d1b5f3b4d6f8caf34a15ed2b2c98fcbf581297b31beaeaffb76778a196ad93aa3d2d7a06720827") r1 = syz_open_procfs(0x0, &(0x7f0000000bc0)="6c6f67696e7569640039dad3c444de4a35f0fd223db6aa1e2fdd63c9f35f389e4669e0af6522c225bbb645ae9e0f46c87cd44db4919c1a34ab1d00bb4157f79b23912e9b96566ebf938974f48d420c49e5b30900000000000000192f3f47c7ea9a2b9c35bf253332e8833efab84cdec63c1f73e1df14a25ed1d955c099248a270c78a2b1c92fb4fd7034c322ea95ce1052a870c6dfc87c7814b8a2bbca47eb4c90f550c57fe2971c7284c7ba86966b3176177a7b912be572300e7a341245b25bb59400058b83526cd1ec89295864696722322a5ecd3ddfda832534e55f7120412149bb7f9c13ff3047c99241cf03aac047ae726411e6000000007c3bb14032db738b34506bc2536cc190d90732654cef8e47588cbb41a6") sendfile(r0, r1, &(0x7f0000000040), 0x1) faccessat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) 06:21:15 executing program 0: r0 = socket$inet6(0xa, 0x80002, 0x100000000000088) bind$inet6(r0, &(0x7f0000d85fe4)={0xa, 0x4e23}, 0x1c) r1 = socket$inet6(0xa, 0x802, 0x88) sendto$inet6(r1, &(0x7f00000001c0), 0x21d, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) readv(r0, &(0x7f0000000680)=[{&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000400)=""/8, 0x8}, {&(0x7f00000005c0)=""/5, 0x5}, {&(0x7f0000001480)=""/4096, 0x1000}], 0x4) 06:21:15 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)="636c6561725f7265667300b04978e60c4ba32fd7b949714bcbe80c57af59747c61a31619cbafea034f5b6bb15332860b9f14c654d1012484f5c9d8edcad2f073e0ca5078fc64d38d1e297b9d66a71452b92cae675696216e08f21e87b8b54da0d1b5f3b4d6f8caf34a15ed2b2c98fcbf581297b31beaeaffb76778a196ad93aa3d2d7a06720827") r1 = syz_open_procfs(0x0, &(0x7f0000000bc0)="6c6f67696e7569640039dad3c444de4a35f0fd223db6aa1e2fdd63c9f35f389e4669e0af6522c225bbb645ae9e0f46c87cd44db4919c1a34ab1d00bb4157f79b23912e9b96566ebf938974f48d420c49e5b30900000000000000192f3f47c7ea9a2b9c35bf253332e8833efab84cdec63c1f73e1df14a25ed1d955c099248a270c78a2b1c92fb4fd7034c322ea95ce1052a870c6dfc87c7814b8a2bbca47eb4c90f550c57fe2971c7284c7ba86966b3176177a7b912be572300e7a341245b25bb59400058b83526cd1ec89295864696722322a5ecd3ddfda832534e55f7120412149bb7f9c13ff3047c99241cf03aac047ae726411e6000000007c3bb14032db738b34506bc2536cc190d90732654cef8e47588cbb41a6") sendfile(r0, r1, &(0x7f0000000040), 0x1) sigaltstack(&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000000)) 06:21:15 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x85a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x300600, &(0x7f0000000000)={@local, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "b40900", 0x30, 0x0, 0x0, @ipv4={[], [], @multicast2}, @mcast2, {[], @icmpv6=@time_exceed={0xffffff83, 0x0, 0x0, 0x0, [0x0, 0x4], {0x0, 0x6, "b680fa", 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0) 06:21:15 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2902001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0x0) 06:21:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xc, 0x31, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb, 0x9, 0x3f, 0xfffffffffffffffd, 0xc, 0x7, 0xe7f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb4}], 0xffffffff}) 06:21:16 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)="636c6561725f7265667300b04978e60c4ba32fd7b949714bcbe80c57af59747c61a31619cbafea034f5b6bb15332860b9f14c654d1012484f5c9d8edcad2f073e0ca5078fc64d38d1e297b9d66a71452b92cae675696216e08f21e87b8b54da0d1b5f3b4d6f8caf34a15ed2b2c98fcbf581297b31beaeaffb76778a196ad93aa3d2d7a06720827") r1 = syz_open_procfs(0x0, &(0x7f0000000bc0)="6c6f67696e7569640039dad3c444de4a35f0fd223db6aa1e2fdd63c9f35f389e4669e0af6522c225bbb645ae9e0f46c87cd44db4919c1a34ab1d00bb4157f79b23912e9b96566ebf938974f48d420c49e5b30900000000000000192f3f47c7ea9a2b9c35bf253332e8833efab84cdec63c1f73e1df14a25ed1d955c099248a270c78a2b1c92fb4fd7034c322ea95ce1052a870c6dfc87c7814b8a2bbca47eb4c90f550c57fe2971c7284c7ba86966b3176177a7b912be572300e7a341245b25bb59400058b83526cd1ec89295864696722322a5ecd3ddfda832534e55f7120412149bb7f9c13ff3047c99241cf03aac047ae726411e6000000007c3bb14032db738b34506bc2536cc190d90732654cef8e47588cbb41a6") sendfile(r0, r1, &(0x7f0000000040), 0x1) sigaltstack(&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000000)) 06:21:16 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)="636c6561725f7265667300b04978e60c4ba32fd7b949714bcbe80c57af59747c61a31619cbafea034f5b6bb15332860b9f14c654d1012484f5c9d8edcad2f073e0ca5078fc64d38d1e297b9d66a71452b92cae675696216e08f21e87b8b54da0d1b5f3b4d6f8caf34a15ed2b2c98fcbf581297b31beaeaffb76778a196ad93aa3d2d7a06720827") r1 = syz_open_procfs(0x0, &(0x7f0000000bc0)="6c6f67696e7569640039dad3c444de4a35f0fd223db6aa1e2fdd63c9f35f389e4669e0af6522c225bbb645ae9e0f46c87cd44db4919c1a34ab1d00bb4157f79b23912e9b96566ebf938974f48d420c49e5b30900000000000000192f3f47c7ea9a2b9c35bf253332e8833efab84cdec63c1f73e1df14a25ed1d955c099248a270c78a2b1c92fb4fd7034c322ea95ce1052a870c6dfc87c7814b8a2bbca47eb4c90f550c57fe2971c7284c7ba86966b3176177a7b912be572300e7a341245b25bb59400058b83526cd1ec89295864696722322a5ecd3ddfda832534e55f7120412149bb7f9c13ff3047c99241cf03aac047ae726411e6000000007c3bb14032db738b34506bc2536cc190d90732654cef8e47588cbb41a6") sendfile(r0, r1, &(0x7f0000000040), 0x1) linkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0) 06:21:16 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mlockall(0x2) 06:21:16 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x85a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x300600, &(0x7f0000000000)={@local, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "b40900", 0x30, 0x0, 0x0, @ipv4={[], [], @multicast2}, @mcast2, {[], @icmpv6=@time_exceed={0xffffff83, 0x0, 0x0, 0x0, [0x0, 0x4], {0x0, 0x6, "b680fa", 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0) 06:21:16 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xfffffef6) rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file1/file0\x00') 06:21:16 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r1) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:17 executing program 4: r0 = timerfd_create(0x7, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) timerfd_settime(r0, 0x0, &(0x7f0000000000), &(0x7f0000000080)) 06:21:17 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, @udp={0x0, 0x0, 0x8}}}}}, 0x0) 06:21:17 executing program 1: socketpair(0x1a, 0x0, 0x2, &(0x7f0000000100)) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)="2f02726f75702e7374617000", 0x2761, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='\a\x00'}, 0x10) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='/group.stat\x00', 0x2761, 0x0) perf_event_open$cgroup(&(0x7f0000000280)={0x0, 0x70, 0x8000000000000000, 0x0, 0x0, 0x8000, 0x0, 0x1, 0x10, 0x0, 0x9, 0x4, 0x0, 0x7ff, 0xfffffffffffffff8, 0x0, 0x0, 0x1, 0x0, 0x80, 0x8, 0x3, 0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x3, 0xfff, 0x8, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x0, r0, 0x0) r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) close(r1) socketpair(0xb, 0x0, 0x0, &(0x7f0000000140)) 06:21:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r1) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:17 executing program 4: r0 = socket$kcm(0x2, 0x5, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000001c0)=@generic={0x0, "3767b4818fa51940a75a64ff601bed813ca4a744c0b30776cbb54beba33938bf9ccf422347bed9adea3ea7b2af4dc38251de34ee1983e9f78ee47cdbc9f40f1c533e017a6210f8b1ae7433ba79ea888efd4d2ca875816bb74e7216bf0a3da8b1dbb6bd851d93d102318daaf0f7c44c2c16d06122e97f68275e698782a0a1"}, 0x80, &(0x7f0000000400), 0x2d6, &(0x7f0000000100)=ANY=[]}, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0xb, &(0x7f0000000080), 0x4) sendmsg$kcm(r0, &(0x7f0000001d40)={&(0x7f0000000740)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000001bc0)="01", 0x1}], 0x1, &(0x7f0000001c80)}, 0x0) 06:21:17 executing program 2: r0 = socket$kcm(0x2, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000580)={&(0x7f00000001c0)=@generic={0x2, "3767b4818fa51940a75a64ff601bed813ca4a744c0b30776cbb54beba33938bf9ccf422347bed9adea3ea7b2af4dc38251de34ee1983e9f78ee47cdbc9f40f1c533e017a6210f8b1ae7433ba79ea888efd4d2ca875816bb74e7216bf0a3da8b1dbb6bd851d93d102318daaf0f7c44c2c16d06122e97f68275e698782a0a1"}, 0x80, &(0x7f0000000400), 0x2d6, &(0x7f0000000100)=ANY=[]}, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0xb, &(0x7f0000000080), 0x4) sendmsg$kcm(r0, &(0x7f0000001d40)={&(0x7f0000000740)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000001bc0)="01", 0x1}], 0x1, &(0x7f0000001c80)}, 0x0) 06:21:18 executing program 1: socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev}, 0x1c) ioctl$sock_inet_tcp_SIOCATMARK(0xffffffffffffffff, 0x7003, &(0x7f0000000100)) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000380)) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0xfffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) exit_group(0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 06:21:18 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r1) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:18 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='wchan\x00') pread64(r0, &(0x7f00000000c0)=""/12, 0xffffff58, 0x0) 06:21:18 executing program 5: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000100)="2300000052008152915a655067d7aee4050c0000136017edcaa30000000000008b1832", 0x23}], 0x1, &(0x7f0000000040)}, 0x0) recvmsg$kcm(r0, &(0x7f0000003840)={&(0x7f00000026c0)=@alg, 0x80, &(0x7f0000003740), 0x0, &(0x7f0000003780)=""/133, 0x85}, 0x0) 06:21:18 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:18 executing program 1: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) 06:21:18 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r1) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:18 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") sendmmsg(0xffffffffffffffff, &(0x7f00000092c0), 0x4ff, 0xffffff8d) 06:21:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getpid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:19 executing program 1: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000640)="0a5c2d023c126285718070") ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000180)=@generic={0x1, 0x0, 0x2}) 06:21:19 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070") mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3605, 0x100000002072, 0xffffffffffffffff, 0x0) 06:21:19 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000000)={'raw\x00', 0x4, [{}, {}, {}, {}]}, 0x68) 06:21:19 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000140)={@mcast1}) 06:21:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getpid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:19 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000880)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f0000000040)) ioctl$UI_DEV_CREATE(r1, 0x5501) 06:21:19 executing program 1: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000640)="0a5c2d023c126285718070") getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, &(0x7f00000000c0)=0x80) write$nbd(r1, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x1) 06:21:19 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:19 executing program 4: r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") sendto(r0, &(0x7f0000000140)="120000001200e7ef007b1a3fcd0000f5ffa1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000002400)=""/191, 0xbf}}], 0x1, 0x6, &(0x7f0000003700)={0x77359400}) 06:21:19 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x34000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x2c, 0x32, 0x829, 0x0, 0x0, {0x2}, [@nested={0x18, 0x0, [@typed={0x14, 0x1, @ipv6=@loopback={0xfeffffff00000000}}]}]}, 0x2c}}, 0x0) 06:21:20 executing program 1: r0 = socket$inet6(0xa, 0x803, 0xa) ioctl(r0, 0x1000008912, &(0x7f0000000640)="0a5c2d023c126285718070") r1 = socket$packet(0x11, 0x3, 0x300) bind$packet(r1, &(0x7f0000000180)={0x11, 0x7, 0x0, 0x1, 0x0, 0x6, @random="455f2db1ca0b"}, 0x14) 06:21:20 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getpid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:20 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000640)="0a5c2d023c126285718070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x34000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x18, 0x32, 0x829, 0x0, 0x0, {0x2}, [@nested={0x4}]}, 0x18}}, 0x0) 06:21:20 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000340)=""/246) 06:21:20 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCGETS(r0, 0x5401, &(0x7f0000001800)) 06:21:20 executing program 2: getrusage(0x1, &(0x7f0000000340)) 06:21:20 executing program 1: r0 = socket$inet6(0x10, 0x3, 0x0) getsockname(r0, &(0x7f0000000200)=@can, &(0x7f0000000140)=0x80) 06:21:20 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:20 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCGETS(r0, 0x5401, &(0x7f0000001800)) 06:21:20 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:20 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_snmp6\x00') getdents(r0, &(0x7f0000000100)=""/63, 0x3f) 06:21:20 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000040)) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000080)) 06:21:21 executing program 1: syz_emit_ethernet(0x46, &(0x7f0000000100)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "ae6c45", 0x10, 0x0, 0x0, @local, @ipv4, {[], @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "8a1bd1", 0x0, "c1c98f"}}}}}}}, &(0x7f0000000240)) 06:21:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCGETS(r0, 0x5401, &(0x7f0000001800)) 06:21:21 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x5, 0x3, &(0x7f0000346fc8)=ANY=[@ANYBLOB="18000000fa00000000000000000000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0xfffffffffffffffc, 0xfb, &(0x7f0000000200)=""/251}, 0x48) fcntl$setown(r0, 0x8, 0x0) 06:21:21 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x0, 0x84}}) 06:21:21 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) 06:21:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:21 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCGETS(r0, 0x5401, &(0x7f0000001800)) 06:21:21 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000340)=""/246) ioctl$EVIOCGREP(r0, 0x40047451, &(0x7f0000000100)=""/174) 06:21:22 executing program 3: gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) read(r0, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000140)) dup3(r2, r1, 0x0) poll(&(0x7f00000007c0)=[{r1}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) 06:21:22 executing program 4: r0 = getpgrp(0x0) r1 = gettid() rt_sigprocmask(0x0, &(0x7f00000000c0)={0xfffffffffffffffe}, 0x0, 0x8) rt_tgsigqueueinfo(r0, r1, 0x1e, &(0x7f0000000180)) rt_sigtimedwait(&(0x7f0000a70000)={0x7fffffffffffff66}, &(0x7f0000a72ff0), &(0x7f0000000100)={0x77359400}, 0x8) 06:21:22 executing program 2: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58) r3 = accept4(r2, 0x0, &(0x7f0000000180), 0x0) write$binfmt_script(r1, &(0x7f00000017c0)=ANY=[@ANYBLOB], 0xffffffbb) splice(r0, 0x0, r3, 0x0, 0x20000000003, 0x0) 06:21:22 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:22 executing program 5: ioctl$TCGETS(0xffffffffffffffff, 0x5401, &(0x7f0000001800)) 06:21:22 executing program 4: socket$inet_udp(0x2, 0x2, 0x0) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000001240)='/dev/urandom\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x31, 0xffffffffffffffff, 0x0) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000000)) 06:21:22 executing program 1: futex(&(0x7f000000cffc)=0x4, 0x0, 0x0, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x8, 0x1, &(0x7f0000000080)={0x0, 0x989680}, &(0x7f0000048000), 0x0) 06:21:22 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:22 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCGETS(0xffffffffffffffff, 0x5401, &(0x7f0000001800)) 06:21:22 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0xfffffefffffffffe, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) 06:21:23 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:23 executing program 1: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xfffffef6) rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file1/file0\x00') mkdir(&(0x7f0000000000)='./file0\x00', 0x0) 06:21:23 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) tkill(r0, 0x1000000000016) 06:21:23 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f0000000080)=0xffffffff) r2 = epoll_create1(0x0) r3 = epoll_create1(0x0) r4 = timerfd_create(0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000000c0)={0xc0000001}) timerfd_settime(r4, 0x0, &(0x7f0000005000)={{}, {0x0, 0x989680}}, &(0x7f0000000fe0)) epoll_pwait(r3, &(0x7f00008c9fc4)=[{}], 0x16d, 0xfffffffffffffff7, &(0x7f00009d2000), 0x8) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000021ff4)={0x2001}) 06:21:23 executing program 2: 06:21:23 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:23 executing program 4: 06:21:23 executing program 4: 06:21:23 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:23 executing program 2: 06:21:23 executing program 5: 06:21:24 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:24 executing program 4: 06:21:24 executing program 1: 06:21:26 executing program 5: 06:21:26 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) tkill(r0, 0x1000000000016) 06:21:26 executing program 4: 06:21:26 executing program 2: 06:21:26 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r1) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:26 executing program 1: 06:21:26 executing program 1: 06:21:26 executing program 2: 06:21:26 executing program 5: 06:21:26 executing program 4: 06:21:26 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r1) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:27 executing program 4: 06:21:27 executing program 1: 06:21:29 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) tkill(r0, 0x1000000000016) 06:21:29 executing program 2: 06:21:29 executing program 5: 06:21:29 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r1) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:29 executing program 4: 06:21:29 executing program 1: 06:21:29 executing program 4: 06:21:29 executing program 2: 06:21:30 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:30 executing program 1: 06:21:30 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) 06:21:30 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x0, &(0x7f0000000040)}) [ 1179.438610] audit: type=1326 audit(1542694890.498:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=1882 comm="syz-executor4" exe="/root/syz-executor4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x0 [ 1180.221091] audit: type=1326 audit(1542694891.278:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=1882 comm="syz-executor4" exe="/root/syz-executor4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x0 06:21:32 executing program 2: mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) io_setup(0x0, &(0x7f0000000040)) 06:21:32 executing program 4: syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0xffffffffffffffff, 0x802) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000080)=[@mss, @mss], 0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f00000002c0)=""/4096) read$FUSE(0xffffffffffffffff, &(0x7f0000002500), 0x1000) writev(0xffffffffffffffff, &(0x7f0000000080), 0x100000000000012e) read$FUSE(0xffffffffffffffff, &(0x7f0000001340), 0x1000) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000002340)) perf_event_open$cgroup(&(0x7f00000049c0)={0x0, 0x70, 0x7, 0x6, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7, 0x0, 0x0, 0xb7ec, 0x0, 0x0, 0xfffffffffffffc89, 0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1f, 0x0, @perf_config_ext={0x55}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x4) syz_open_dev$evdev(0xfffffffffffffffd, 0x0, 0x0) 06:21:32 executing program 1: openat$random(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x0, 0x0) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f0000000480)="f32b2b74f567f585198d28220e940f7d9774b2e18c") syz_open_dev$binder(&(0x7f00000001c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000000)='/dev/binder#\x00', 0x2) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000200)={0x0, &(0x7f00000001c0)}, 0xfffffffffffffe89) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000540)=0xc) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000280)=[@mss, @mss, @mss, @mss, @mss], 0x5) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) r3 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(r2, &(0x7f00000004c0)=""/39, 0xfffffd88, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000580)={0x2, 0x40, 0x5}) sendmsg$nl_route(r3, &(0x7f0000000140)={&(0x7f00000000c0), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) dup2(r1, r2) 06:21:32 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:32 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:32 executing program 5: prctl$PR_SET_PDEATHSIG(0x1, 0xfffffffffffffffd) 06:21:33 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) [ 1182.053372] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 06:21:33 executing program 2: prctl$PR_GET_TSC(0x19, &(0x7f0000000080)) 06:21:33 executing program 5: prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x200002) [ 1182.178115] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! 06:21:33 executing program 4: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000004000/0x1000)=nil) 06:21:33 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:33 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r1) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:33 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x0) 06:21:33 executing program 5: prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000002000/0x3000)=nil) [ 1182.758379] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1182.806307] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! 06:21:34 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmmsg(r0, &(0x7f0000007e00), 0x3ffffeb, 0x0) sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0) [ 1183.072509] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! 06:21:34 executing program 1: openat$random(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x0, 0x0) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f0000000480)="f32b2b74f567f585198d28220e940f7d9774b2e18c") syz_open_dev$binder(&(0x7f00000001c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000000)='/dev/binder#\x00', 0x2) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000200)={0x0, &(0x7f00000001c0)}, 0xfffffffffffffe89) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000540)=0xc) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000280)=[@mss, @mss, @mss, @mss, @mss], 0x5) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) r3 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(r2, &(0x7f00000004c0)=""/39, 0xfffffd88, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000580)={0x2, 0x40, 0x5}) sendmsg$nl_route(r3, &(0x7f0000000140)={&(0x7f00000000c0), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) dup2(r1, r2) 06:21:34 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r1) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:34 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5, 0x5f, 0x800, 0x20000000000001, 0x0, 0x0}, 0x2c) r1 = dup(r0) write$P9_RFSYNC(r1, &(0x7f00000000c0)={0x7}, 0x7) 06:21:34 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:34 executing program 2: mremap(&(0x7f0000001000/0x1000)=nil, 0x7ffffffff000, 0x1000, 0x3, &(0x7f0000000000/0x1000)=nil) memfd_create(&(0x7f0000000080)='\x00', 0x0) 06:21:34 executing program 4: prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000240)='\f', 0x1) 06:21:35 executing program 2: openat$random(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x0, 0x0) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f0000000480)="f32b2b74f567f585198d28220e940f7d9774b2e18c") syz_open_dev$binder(&(0x7f00000001c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000000)='/dev/binder#\x00', 0x2) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000200)={0x0, &(0x7f00000001c0)}, 0xfffffffffffffe89) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000540)=0xc) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000280)=[@mss, @mss, @mss, @mss, @mss], 0x5) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) r3 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(r2, &(0x7f00000004c0)=""/39, 0xfffffd88, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000580)={0x2, 0x40, 0x5}) sendmsg$nl_route(r3, &(0x7f0000000140)={&(0x7f00000000c0), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) dup2(r1, r2) [ 1184.122760] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1184.241216] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! 06:21:35 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, &(0x7f0000000180), 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000000)=[@mss], 0x1) ioctl$sock_inet6_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000040)) write$eventfd(r2, &(0x7f0000000100), 0x8) 06:21:35 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r1) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:35 executing program 5: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) fcntl$getown(r0, 0x9) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x18f040, 0x0) write$P9_RXATTRCREATE(r1, &(0x7f0000000200)={0x7, 0x21, 0x1}, 0x7) ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000240)=0x7) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rmdir(&(0x7f0000000040)='./bus\x00') fcntl$getown(0xffffffffffffffff, 0x9) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000640)="06ff021f1d6541ba5c432b5be6f9608c07ac743d4d9026083f63c94ac72d199faf22dbad611b5e19fa22e193200dab8b10af226e1bbb44a6c246e50cc413c5cb8da91351a709a5ce99ea5b2303bdb196d82a843b6954132ba847c33cc8313d09237f6fe3fdebfa3585687341b1b6814446998e9b39f655eb348deb61144b496b4bb5af39988ab82970f7f040bf6fc09f92aec8472b1d37e0000000000000000000000000") r2 = creat(&(0x7f00000002c0)='./bus\x00', 0x4) rmdir(&(0x7f0000000580)='./bus\x00') readlinkat(r2, &(0x7f0000000180)='./bus\x00', &(0x7f0000000440)=""/12, 0xc) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000500)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000280)="4e55ee5331d9713546fd93c7867c", 0xe}], 0x1, 0x0, 0x0, 0x800}, 0x800) ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000880)="31d96da88b0cce5062747ce237ca24f05b05df66b34814c1cdb2db3642a7c880224c03d6cffd67b36c7f1a51ae9aeaa3892b040ba2105d77d4e4579d745ad601f19c26d1260bcd5435ae4ad35d123f7e809a7b0576431fde9f78c3260a3837b52ef6437c404147add96892a9d3a67dcf93c198c3b7727cd266c20c5e584c28ae0843064b8f7f199db8641f71a407775e0090bbedee63a4640e1f012e5ca95bd14b5aa0da642b552ae4aa2b869458dec283c16f25c67068fc528a793f75c81acac8ee6596d79c449ade5eeee332c460ebc0d46c076e871b6426d521c571a95d0fa800de30a110e719ffde8f103773daaaec8c313aa3be0bdaa6e7e796df3975a8e37aee6d10579f8afe6552f187c262b32eced8b5f01e40ab8904400f00000000000000000000000000000058b4721949da012002cb7f4ac8fe195c1388861be8cd45020083b0089b23f86603321faf83e794bea1ece8051e9996306347bd562aa2437fa6bdb57086302926b8af069b8d331ebf5c0e1a7f163e6d711af330efdfae413fafef9acf1d53e6aaf4f2dec9ddfb4ca321583e35a14a92e82bdbea3c127a033b32059fbadce23a3e87957f8238886aa9380000000018888c4c20ba104342e8c9d85a9dcf06abbb7a2905d37839bff6f8641ebce172c60a8d368cd4a94af484749dc4ccdd380bbf5d501302d50e79d3536eab5a12abdd347dac985c4349ec712661df947315514e45a515417e6b00000000000000002bdacdb2631c83a90dbca3aa7e5936f8aa413a75c7780309e1c178bce65ed205154ab4f55241cd2b6e83b29fc6cefe050d7d562360718e25bbdb2d34264d6a741cbbed50422f5d") r3 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./bus/file0\x00', &(0x7f0000000140)='trusted.overlay.upper\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="f7fd3ab1296c53af3218e27037919fcb16890b99179a"], 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000400)=[@mss, @mss, @mss, @mss, @mss, @mss, @mss, @mss], 0x8) openat$pfkey(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/self/net/pfkey\x00', 0x40040, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0x0, 0x0, 0x1, 0x3}, 0x20) r4 = syz_open_procfs(0x0, &(0x7f0000000340)="6e65742f6970365f666c6f776c6162656c006ec03114893458edc1c9d8dc4b0d8dae982640d0e6bb51d7ff596e1c92de0eaa319198e91f0a4d43697c2bcd77f017365af160acf33bd66432ebe50c0e8bdaf7fc39feff34ef27a1397193227f4733c145e66536c6c275112520e72b3097843b5cdac480c3b1384ebf592505f88589fcd2d7") sendfile(r4, r4, &(0x7f00000000c0)=0x202, 0x5a) [ 1184.362307] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! 06:21:35 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getpid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:35 executing program 5: mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='keyring\x00') [ 1185.668329] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 06:21:37 executing program 1: syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0xffffffffffffffff, 0x802) r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000080)=[@mss, @mss], 0x2) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000100)={0xffffffff, 0x5, 0x9, 0x0, 0x9}) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='comm\x00') fgetxattr(r0, &(0x7f0000000340)=@random={'security.', "5d755d73656c696e7578db707070312300"}, &(0x7f0000000380)=""/91, 0x5b) syz_open_dev$evdev(0xfffffffffffffffd, 0x0, 0x0) 06:21:37 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:37 executing program 5: mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='keyring\x00') 06:21:37 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = dup(r0) setsockopt$sock_int(r1, 0x1, 0x4, &(0x7f0000000540)=0x1, 0x37e) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)) ioctl$int_in(r0, 0x5452, &(0x7f0000000200)=0x5) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f00000002c0)={0x2, 0x0, 0x100000000, 0x8, 0x4, 0x8}) r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) futex(&(0x7f0000000940)=0x2, 0x0, 0x1, &(0x7f00000009c0)={0x77359400}, &(0x7f0000000a00)=0x1, 0x0) fsync(r2) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000240)=0x4, 0x4) ioctl$EVIOCSABS3F(r1, 0x401845ff, &(0x7f0000000640)={0x7, 0x53, 0x100, 0xffffffff, 0x7, 0x8001}) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/netlink\x00') sendfile(r3, r3, &(0x7f0000000340)=0xffffffd, 0x7ffffffb) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000900)=[@mss, @mss, @mss, @mss, @mss], 0x5) ioctl$SNDRV_TIMER_IOCTL_TREAD(0xffffffffffffffff, 0x40045402, &(0x7f0000000280)) fcntl$notify(0xffffffffffffffff, 0x402, 0x0) ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000400)=""/45) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000a40)=ANY=[], 0x0) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20}, 0x1c) getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, &(0x7f0000000580)={'filter\x00', 0x65, "5cbf856813fd8f935b508eff024c249330f47dc0170016cecdc9842b27a8c59a3fe3ee0e7f400083c7198be4a56ad4711aad95c9bdee8ffc48ea6965e3021133137bfdfba94e086c07d45216804a6927fd5ed3b9bfd43ef603c0cd1ec688a61bd33f3c9d51"}, &(0x7f0000000380)=0x89) sendto$inet6(r1, &(0x7f00000007c0), 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$KDSKBLED(0xffffffffffffffff, 0x4b65, 0x0) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000500)={0x2, &(0x7f0000000300)=[{}, {}]}, 0x10) request_key(&(0x7f0000000440)='syzkaller\x00', &(0x7f0000000480), &(0x7f00000004c0)='net/netlink\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f00000003c0)) ftruncate(0xffffffffffffffff, 0x80080) 06:21:37 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getpid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:37 executing program 2: openat$random(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x0, 0x0) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f0000000480)="f32b2b74f567f585198d28220e940f7d9774b2e18c") syz_open_dev$binder(&(0x7f00000001c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000000)='/dev/binder#\x00', 0x2) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000200)={0x0, &(0x7f00000001c0)}, 0xfffffffffffffe89) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000540)=0xc) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000280)=[@mss, @mss, @mss, @mss, @mss], 0x5) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) r3 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(r2, &(0x7f00000004c0)=""/39, 0xfffffd88, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000580)={0x2, 0x40, 0x5}) sendmsg$nl_route(r3, &(0x7f0000000140)={&(0x7f00000000c0), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) dup2(r1, r2) 06:21:37 executing program 1: syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0xffffffffffffffff, 0x802) r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = memfd_create(&(0x7f0000000040)="5d755d73656c696e7578db707070312300", 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000080)=[@mss, @mss, @mss], 0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0}, &(0x7f0000000280)=0xc) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x4e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getegid() r5 = request_key(&(0x7f00000001c0)='keyring\x00', &(0x7f0000002480)={'syz'}, &(0x7f00000024c0)="2302", 0xfffffffffffffffe) keyctl$revoke(0x3, r5) write$FUSE_INIT(r0, &(0x7f00000012c0)={0x248, 0xfffffffffff7fffe, 0x1, {0x7, 0x1b, 0x9, 0x0, 0x80, 0x98a, 0x1002, 0x8}}, 0xffffffffffffff89) ioctl$GIO_FONT(r2, 0x4b60, &(0x7f00000002c0)=""/4096) ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f0000000180)=@generic={0x0, 0x3, 0x9}) ioctl$EXT4_IOC_GROUP_ADD(r4, 0x40286608, &(0x7f0000000100)={0xffffffff, 0x5, 0x0, 0x0, 0x9}) read$FUSE(r2, &(0x7f0000002500), 0x1000) ioctl$IOC_PR_RELEASE(r2, 0x401070ca, &(0x7f00000023c0)={0xffffffffffffdf01, 0x5}) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='comm\x00') writev(r6, &(0x7f0000000080), 0x100000000000012e) read$FUSE(r6, &(0x7f0000001340), 0x1000) getsockname$packet(r2, &(0x7f0000002400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000002440)=0x14) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000003500)={'ipddp0\x00', r7}) fdatasync(r0) vmsplice(r2, &(0x7f0000004900)=[{&(0x7f0000004880)="eece61e595e849823d56fc2201defb89848006691910f33ba7563642c09f1a5c4411bab4c41cad5363819e97870af532d5991385e94f28c60f7a18aba064c3662f9f46e16a5e1178e9d25028bf3e0a35764ca0ef4eeff9200bb04d57385995314be257c2c713", 0x66}], 0x1, 0xe) ioctl$PIO_UNISCRNMAP(r6, 0x4b6a, &(0x7f0000000180)) perf_event_open$cgroup(&(0x7f00000049c0)={0x0, 0x70, 0x7, 0x6, 0xffffffffffffffff, 0x20, 0x0, 0x9f, 0x8000, 0xa, 0xeb, 0x5, 0x2, 0x7f, 0x0, 0x0, 0x3, 0x4, 0x0, 0x7, 0x9, 0x6, 0xb7ec, 0x75d4, 0x2f, 0xfffffffffffffc89, 0x3ff, 0x0, 0x48, 0x3, 0x2, 0x7, 0x7fffffff, 0x2, 0x7, 0x3, 0x3, 0xfffffffffffffff7, 0x0, 0x1f, 0x4, @perf_config_ext={0x55, 0x5}, 0x400, 0x400, 0x0, 0x6, 0x1f, 0x7, 0x2d}, r2, 0xe, r2, 0x4) perf_event_open(&(0x7f0000004a80)={0x3, 0x70, 0xff, 0x4, 0x1a9b, 0x100000000, 0x0, 0xffffffff, 0x8055, 0x8, 0x100000001, 0x0, 0x1, 0x0, 0x1ff, 0xb6, 0x9, 0x90, 0xfffffffffffffff8, 0x8, 0x8, 0x6, 0x7, 0x1, 0x7, 0x1, 0xffffffff, 0x1ff, 0x5d2, 0x7, 0x401, 0x291, 0x4, 0x0, 0xe19, 0xffffffff80000001, 0x1215ec8b, 0x0, 0x0, 0x6, 0x3, @perf_bp={&(0x7f0000004a40), 0x1}, 0x4, 0x4226, 0x5, 0x7, 0x4, 0x1, 0x95d5}, r3, 0xc, r0, 0x1) syz_open_dev$evdev(0xfffffffffffffffd, 0x0, 0xffffffffffffffff) 06:21:37 executing program 5: mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='keyring\x00') 06:21:37 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getpid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 06:21:37 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x8, 0x6, &(0x7f0000000240)=@framed={{}, [@map={0x18, 0x3}, @exit]}, &(0x7f0000000080)="73797a6b584e3e2f9afed6d0ee3d5d5de2f791e4545b69c564e359a02949ab0c0ab275caa665b968d2f1a32e3febe4189befa5f044722bae83e5b6959eba6d6229a759cda6b72a392e8d24e41b4ce153c97b5a23e135e3fafbe6c978122c8d3b1d14ad7a9eeb70696d380d6604e03f92d052ddc9a2c1bd01f5790c2d642ac3b88f15165077ff0fba93e8a5d6dfad631dd110d6ebe7c1748b98ba15234ec9c8d3fe3726a29d14e7770803d85cb7e90bfb4f73d32323d8157f84b0ca590b95064bd4bfd4da293c424c25a422f279", 0x80000024, 0xbb, &(0x7f0000000180)=""/187}, 0x48) [ 1187.109285] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1187.135215] not chained 590000 origins [ 1187.139129] CPU: 1 PID: 2017 Comm: syz-executor2 Not tainted 4.20.0-rc3+ #89 [ 1187.141827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1187.141827] Call Trace: [ 1187.141827] [ 1187.141827] dump_stack+0x32d/0x480 [ 1187.141827] ? save_stack_trace+0xc6/0x110 [ 1187.141827] kmsan_internal_chain_origin+0x222/0x240 [ 1187.141827] ? kmsan_internal_chain_origin+0x136/0x240 [ 1187.141827] ? __msan_chain_origin+0x6d/0xb0 [ 1187.141827] ? __save_stack_trace+0x833/0xc60 [ 1187.141827] ? save_stack_trace+0xc6/0x110 [ 1187.141827] ? kmsan_internal_chain_origin+0x136/0x240 [ 1187.141827] ? kmsan_memcpy_origins+0x13d/0x190 [ 1187.141827] ? __msan_memcpy+0x6f/0x80 06:21:38 executing program 5: mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='keyring\x00') 06:21:38 executing program 4: socketpair$unix(0x1, 0x2000000005, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_TSC(0x1a, 0x1) [ 1187.141827] ? pskb_expand_head+0x436/0x1d20 [ 1187.141827] ? erspan_xmit+0x618/0x35d0 [ 1187.141827] ? dev_hard_start_xmit+0x6dc/0xde0 [ 1187.141827] ? sch_direct_xmit+0x59b/0x890 [ 1187.141827] ? __qdisc_run+0x1bac/0x3600 [ 1187.227482] ? __dev_queue_xmit+0x2131/0x3e00 [ 1187.227482] ? dev_queue_xmit+0x4b/0x60 [ 1187.227482] ? ip6_finish_output2+0x1a5b/0x22d0 [ 1187.227482] ? ip6_finish_output+0xc13/0xca0 [ 1187.227482] ? ip6_output+0x5e4/0x720 [ 1187.227482] ? mld_sendpack+0xf2e/0x17b0 [ 1187.227482] ? mld_ifc_timer_expire+0x115c/0x1680 [ 1187.227482] ? call_timer_fn+0x356/0x7c0 [ 1187.227482] ? __run_timers+0xe95/0x1300 [ 1187.227482] ? run_timer_softirq+0x55/0xa0 [ 1187.227482] ? __do_softirq+0x721/0xc7f [ 1187.227482] ? irq_exit+0x305/0x340 [ 1187.227482] ? exiting_irq+0xe/0x10 [ 1187.280626] ? smp_apic_timer_interrupt+0x64/0x90 [ 1187.280626] ? apic_timer_interrupt+0xf/0x20 [ 1187.280626] ? _raw_spin_unlock_irqrestore+0x4b/0x70 [ 1187.295504] ? pcpu_alloc+0x10c1/0x2610 [ 1187.295504] ? __alloc_percpu+0x7a/0x90 [ 1187.295504] ? qdisc_alloc+0x716/0xf40 [ 1187.295504] ? qdisc_create_dflt+0x115/0x480 [ 1187.295504] ? mq_init+0x42c/0x970 [ 1187.295504] ? qdisc_create_dflt+0x2c5/0x480 [ 1187.295504] ? dev_activate+0x1b1/0x1080 [ 1187.295504] ? __dev_open+0x7aa/0x8a0 [ 1187.295504] ? __dev_change_flags+0x359/0xb50 [ 1187.295504] ? dev_change_flags+0xc7/0x230 [ 1187.295504] ? do_setlink+0x165f/0x5ea0 [ 1187.295504] ? rtnl_newlink+0x204a/0x35a0 [ 1187.295504] ? rtnetlink_rcv_msg+0x1148/0x1540 [ 1187.295504] ? netlink_rcv_skb+0x394/0x640 [ 1187.295504] ? rtnetlink_rcv+0x50/0x60 [ 1187.295504] ? netlink_unicast+0x1699/0x1740 [ 1187.295504] ? netlink_sendmsg+0x13c7/0x1440 [ 1187.295504] ? ___sys_sendmsg+0xe3b/0x1240 [ 1187.295504] ? __se_sys_sendmsg+0x305/0x460 [ 1187.295504] ? __x64_sys_sendmsg+0x4a/0x70 [ 1187.295504] ? do_syscall_64+0xcf/0x110 [ 1187.295504] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1187.295504] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1187.295504] __msan_chain_origin+0x6d/0xb0 [ 1187.295504] ? exiting_irq+0xe/0x10 [ 1187.295504] __save_stack_trace+0x8be/0xc60 [ 1187.295504] ? netlink_sendmsg+0x13c7/0x1440 [ 1187.295504] ? ___sys_sendmsg+0xe3b/0x1240 [ 1187.295504] ? __x64_sys_sendmsg+0x4a/0x70 [ 1187.295504] ? exiting_irq+0xe/0x10 [ 1187.295504] save_stack_trace+0xc6/0x110 [ 1187.295504] kmsan_internal_chain_origin+0x136/0x240 [ 1187.295504] ? run_timer_softirq+0x55/0xa0 [ 1187.295504] ? dev_activate+0x1b1/0x1080 [ 1187.295504] ? kmsan_internal_chain_origin+0x136/0x240 [ 1187.295504] ? kmsan_memcpy_origins+0x13d/0x190 [ 1187.295504] ? __msan_memcpy+0x6f/0x80 [ 1187.295504] ? pskb_expand_head+0x436/0x1d20 [ 1187.295504] ? erspan_xmit+0x618/0x35d0 [ 1187.295504] ? dev_hard_start_xmit+0x6dc/0xde0 [ 1187.295504] ? sch_direct_xmit+0x59b/0x890 [ 1187.295504] ? __qdisc_run+0x1bac/0x3600 [ 1187.295504] ? __dev_queue_xmit+0x2131/0x3e00 [ 1187.480638] ? dev_queue_xmit+0x4b/0x60 [ 1187.480638] ? ip6_finish_output2+0x1a5b/0x22d0 [ 1187.480638] ? ip6_finish_output+0xc13/0xca0 [ 1187.480638] ? ip6_output+0x5e4/0x720 [ 1187.480638] ? mld_sendpack+0xf2e/0x17b0 [ 1187.480638] ? mld_ifc_timer_expire+0x115c/0x1680 06:21:38 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvfrom$inet(0xffffffffffffffff, &(0x7f0000000200)=""/102, 0x66, 0x0, &(0x7f0000000280)={0x2, 0x0, @rand_addr}, 0x10) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000180)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001a00)=[{{&(0x7f0000000380)=@generic, 0x80, &(0x7f0000000240), 0x0, &(0x7f00000019c0)=""/61, 0x3d}}], 0x0, 0x0, &(0x7f0000001ac0)) ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, &(0x7f0000000400)) socket$packet(0x11, 0x0, 0x300) readv(0xffffffffffffffff, &(0x7f00000002c0), 0x1f3) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440)=[@mss, @mss, @mss, @mss, @mss, @mss], 0x6) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000300)={0x0, @speck128}) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) [ 1187.480638] ? call_timer_fn+0x356/0x7c0 [ 1187.480638] ? __run_timers+0xe95/0x1300 [ 1187.480638] ? run_timer_softirq+0x55/0xa0 [ 1187.480638] ? __do_softirq+0x721/0xc7f [ 1187.480638] ? irq_exit+0x305/0x340 [ 1187.480638] ? exiting_irq+0xe/0x10 [ 1187.480638] ? smp_apic_timer_interrupt+0x64/0x90 [ 1187.480638] ? apic_timer_interrupt+0xf/0x20 [ 1187.480638] ? _raw_spin_unlock_irqrestore+0x4b/0x70 [ 1187.480638] ? pcpu_alloc+0x10c1/0x2610 [ 1187.480638] ? __alloc_percpu+0x7a/0x90 [ 1187.480638] ? qdisc_alloc+0x716/0xf40 [ 1187.480638] ? qdisc_create_dflt+0x115/0x480 [ 1187.480638] ? mq_init+0x42c/0x970 [ 1187.480638] ? qdisc_create_dflt+0x2c5/0x480 [ 1187.480638] ? dev_activate+0x1b1/0x1080 [ 1187.480638] ? __dev_open+0x7aa/0x8a0 [ 1187.480638] ? __dev_change_flags+0x359/0xb50 [ 1187.480638] ? dev_change_flags+0xc7/0x230 [ 1187.480638] ? do_setlink+0x165f/0x5ea0 [ 1187.480638] ? rtnl_newlink+0x204a/0x35a0 [ 1187.480638] ? rtnetlink_rcv_msg+0x1148/0x1540 [ 1187.480638] ? netlink_rcv_skb+0x394/0x640 [ 1187.480638] ? rtnetlink_rcv+0x50/0x60 [ 1187.480638] ? netlink_unicast+0x1699/0x1740 [ 1187.480638] ? netlink_sendmsg+0x13c7/0x1440 [ 1187.480638] ? ___sys_sendmsg+0xe3b/0x1240 [ 1187.480638] ? __se_sys_sendmsg+0x305/0x460 [ 1187.480638] ? __x64_sys_sendmsg+0x4a/0x70 [ 1187.480638] ? do_syscall_64+0xcf/0x110 [ 1187.480638] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1187.480638] ? __msan_get_context_state+0x9/0x20 [ 1187.480638] ? INIT_INT+0xc/0x30 [ 1187.480638] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1187.480638] kmsan_memcpy_origins+0x13d/0x190 [ 1187.480638] __msan_memcpy+0x6f/0x80 [ 1187.480638] pskb_expand_head+0x436/0x1d20 [ 1187.480638] erspan_xmit+0x618/0x35d0 [ 1187.480638] ? packet_sock_destruct+0x3b0/0x3b0 [ 1187.480638] ? dev_queue_xmit_nit+0x1222/0x1320 [ 1187.480638] ? erspan_tunnel_init+0x370/0x370 [ 1187.480638] dev_hard_start_xmit+0x6dc/0xde0 [ 1187.480638] sch_direct_xmit+0x59b/0x890 [ 1187.480638] __qdisc_run+0x1bac/0x3600 [ 1187.480638] ? INIT_BOOL+0xc/0x30 [ 1187.480638] ? do_raw_spin_trylock+0x378/0x4d0 [ 1187.480638] __dev_queue_xmit+0x2131/0x3e00 [ 1187.480638] dev_queue_xmit+0x4b/0x60 [ 1187.480638] ip6_finish_output2+0x1a5b/0x22d0 [ 1187.480638] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1187.480638] ? ip6_mtu+0x289/0x330 [ 1187.480638] ip6_finish_output+0xc13/0xca0 [ 1187.480638] ip6_output+0x5e4/0x720 [ 1187.480638] ? ip6_output+0x720/0x720 [ 1187.480638] ? ac6_seq_show+0x200/0x200 [ 1187.480638] mld_sendpack+0xf2e/0x17b0 [ 1187.480638] ? mld_send_report+0x4b0/0x4b0 [ 1187.480638] mld_ifc_timer_expire+0x115c/0x1680 [ 1187.480638] ? __msan_poison_alloca+0x1e0/0x270 [ 1187.480638] call_timer_fn+0x356/0x7c0 [ 1187.480638] ? mld_gq_timer_expire+0xf0/0xf0 [ 1187.480638] __run_timers+0xe95/0x1300 [ 1187.770374] ? mld_gq_timer_expire+0xf0/0xf0 [ 1187.770374] ? irqtime_account_irq+0x73/0x3c0 [ 1187.770374] run_timer_softirq+0x55/0xa0 [ 1187.770374] ? timers_dead_cpu+0xb70/0xb70 [ 1187.770374] __do_softirq+0x721/0xc7f [ 1187.770374] irq_exit+0x305/0x340 [ 1187.770374] exiting_irq+0xe/0x10 [ 1187.770374] smp_apic_timer_interrupt+0x64/0x90 [ 1187.770374] apic_timer_interrupt+0xf/0x20 [ 1187.770374] [ 1187.770374] RIP: 0010:_raw_spin_unlock_irqrestore+0x4b/0x70 [ 1187.770374] Code: 00 8b b8 88 0c 00 00 48 8b 00 48 85 c0 75 28 48 89 df e8 58 23 0e f7 c6 00 00 c6 03 00 4d 85 e4 75 1c 4c 89 7d d8 ff 75 d8 9d <48> 83 c4 08 5b 41 5c 41 5e 41 5f 5d c3 e8 f3 2c 0e f7 eb d1 44 89 [ 1187.770374] RSP: 0018:ffff88805f0ee630 EFLAGS: 00000292 ORIG_RAX: ffffffffffffff13 [ 1187.770374] RAX: ffff8881fad14408 RBX: ffffffff8c914408 RCX: ffff8881fad14408 [ 1187.770374] RDX: ffff8881fa914408 RSI: 0000160000000000 RDI: aaaaaaaaaaaab000 [ 1187.770374] RBP: ffff88805f0ee658 R08: ffff888000000000 R09: 0000000000000000 [ 1187.770374] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1187.770374] R13: 0000000000001318 R14: 0000000000000000 R15: 0000000000000292 [ 1187.770374] pcpu_alloc+0x10c1/0x2610 [ 1187.770374] __alloc_percpu+0x7a/0x90 [ 1187.770374] qdisc_alloc+0x716/0xf40 [ 1187.770374] qdisc_create_dflt+0x115/0x480 [ 1187.770374] mq_init+0x42c/0x970 [ 1187.770374] ? local_bh_enable+0x40/0x40 [ 1187.770374] qdisc_create_dflt+0x2c5/0x480 [ 1187.770374] dev_activate+0x1b1/0x1080 [ 1187.770374] __dev_open+0x7aa/0x8a0 [ 1187.770374] __dev_change_flags+0x359/0xb50 [ 1187.770374] dev_change_flags+0xc7/0x230 [ 1187.770374] do_setlink+0x165f/0x5ea0 [ 1187.770374] ? __nla_parse+0x532/0x7f0 [ 1187.770374] ? kmsan_set_origin+0x7f/0x100 [ 1187.770374] rtnl_newlink+0x204a/0x35a0 [ 1187.770374] ? kmsan_set_origin+0x7f/0x100 [ 1187.770374] ? kmsan_set_origin+0x7f/0x100 [ 1187.770374] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1187.770374] ? __msan_get_context_state+0x9/0x20 [ 1187.770374] ? INIT_BOOL+0x17/0x30 [ 1187.770374] ? refcount_sub_and_test_checked+0x5ef/0x710 [ 1187.770374] ? rtnl_setlink+0x780/0x780 [ 1187.770374] rtnetlink_rcv_msg+0x1148/0x1540 [ 1187.770374] ? ___sys_sendmsg+0xe3b/0x1240 [ 1187.770374] ? __msan_poison_alloca+0x1e0/0x270 [ 1187.770374] ? should_fail+0x162/0x13c0 [ 1187.770374] ? kmsan_set_origin+0x7f/0x100 [ 1187.770374] netlink_rcv_skb+0x394/0x640 [ 1187.770374] ? rtnetlink_bind+0x120/0x120 [ 1187.770374] rtnetlink_rcv+0x50/0x60 [ 1187.770374] netlink_unicast+0x1699/0x1740 [ 1187.770374] ? rtnetlink_net_exit+0x90/0x90 [ 1187.770374] netlink_sendmsg+0x13c7/0x1440 [ 1187.770374] ___sys_sendmsg+0xe3b/0x1240 [ 1187.770374] ? netlink_getsockopt+0x1910/0x1910 [ 1187.770374] ? __fdget+0x329/0x440 [ 1187.770374] __se_sys_sendmsg+0x305/0x460 [ 1187.770374] __x64_sys_sendmsg+0x4a/0x70 [ 1187.770374] do_syscall_64+0xcf/0x110 [ 1187.770374] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1187.770374] RIP: 0033:0x457569 [ 1187.770374] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1187.770374] RSP: 002b:00007f93d5de0c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1187.770374] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1187.770374] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000008 [ 1187.770374] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1187.770374] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f93d5de16d4 [ 1187.770374] R13: 00000000004c3fff R14: 00000000004d6838 R15: 00000000ffffffff [ 1187.770374] Uninit was stored to memory at: [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] __msan_chain_origin+0x6d/0xb0 [ 1187.770374] __save_stack_trace+0x8be/0xc60 [ 1187.770374] save_stack_trace+0xc6/0x110 [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] kmsan_memcpy_origins+0x13d/0x190 [ 1187.770374] __msan_memcpy+0x6f/0x80 [ 1187.770374] pskb_expand_head+0x436/0x1d20 [ 1187.770374] erspan_xmit+0x618/0x35d0 [ 1187.770374] dev_hard_start_xmit+0x6dc/0xde0 [ 1187.770374] sch_direct_xmit+0x59b/0x890 [ 1187.770374] __qdisc_run+0x1bac/0x3600 [ 1187.770374] __dev_queue_xmit+0x2131/0x3e00 [ 1187.770374] dev_queue_xmit+0x4b/0x60 [ 1187.770374] ip6_finish_output2+0x1a5b/0x22d0 [ 1187.770374] ip6_finish_output+0xc13/0xca0 [ 1187.770374] ip6_output+0x5e4/0x720 [ 1187.770374] mld_sendpack+0xf2e/0x17b0 [ 1187.770374] mld_ifc_timer_expire+0x115c/0x1680 [ 1187.770374] call_timer_fn+0x356/0x7c0 [ 1187.770374] __run_timers+0xe95/0x1300 [ 1187.770374] run_timer_softirq+0x55/0xa0 [ 1187.770374] __do_softirq+0x721/0xc7f [ 1187.770374] [ 1187.770374] Uninit was stored to memory at: [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] __msan_chain_origin+0x6d/0xb0 [ 1187.770374] __save_stack_trace+0x8be/0xc60 [ 1187.770374] save_stack_trace+0xc6/0x110 [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] kmsan_memcpy_origins+0x13d/0x190 [ 1187.770374] __msan_memcpy+0x6f/0x80 [ 1187.770374] pskb_expand_head+0x436/0x1d20 [ 1187.770374] erspan_xmit+0x618/0x35d0 [ 1187.770374] dev_hard_start_xmit+0x6dc/0xde0 [ 1187.770374] sch_direct_xmit+0x59b/0x890 [ 1187.770374] __qdisc_run+0x1bac/0x3600 [ 1187.770374] __dev_queue_xmit+0x2131/0x3e00 [ 1187.770374] dev_queue_xmit+0x4b/0x60 [ 1187.770374] ip6_finish_output2+0x1a5b/0x22d0 [ 1187.770374] ip6_finish_output+0xc13/0xca0 [ 1187.770374] ip6_output+0x5e4/0x720 [ 1187.770374] mld_sendpack+0xf2e/0x17b0 [ 1187.770374] mld_ifc_timer_expire+0x115c/0x1680 [ 1187.770374] call_timer_fn+0x356/0x7c0 [ 1187.770374] __run_timers+0xe95/0x1300 [ 1187.770374] run_timer_softirq+0x55/0xa0 [ 1187.770374] __do_softirq+0x721/0xc7f [ 1187.770374] [ 1187.770374] Uninit was stored to memory at: [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] __msan_chain_origin+0x6d/0xb0 [ 1187.770374] __save_stack_trace+0x8be/0xc60 [ 1187.770374] save_stack_trace+0xc6/0x110 [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] kmsan_memcpy_origins+0x13d/0x190 [ 1187.770374] __msan_memcpy+0x6f/0x80 [ 1187.770374] pskb_expand_head+0x436/0x1d20 [ 1187.770374] erspan_xmit+0x618/0x35d0 [ 1187.770374] dev_hard_start_xmit+0x6dc/0xde0 [ 1187.770374] sch_direct_xmit+0x59b/0x890 [ 1187.770374] __qdisc_run+0x1bac/0x3600 [ 1187.770374] __dev_queue_xmit+0x2131/0x3e00 [ 1187.770374] dev_queue_xmit+0x4b/0x60 [ 1187.770374] ip6_finish_output2+0x1a5b/0x22d0 [ 1187.770374] ip6_finish_output+0xc13/0xca0 [ 1187.770374] ip6_output+0x5e4/0x720 [ 1187.770374] mld_sendpack+0xf2e/0x17b0 [ 1187.770374] mld_ifc_timer_expire+0x115c/0x1680 [ 1187.770374] call_timer_fn+0x356/0x7c0 [ 1187.770374] __run_timers+0xe95/0x1300 [ 1187.770374] run_timer_softirq+0x55/0xa0 [ 1187.770374] __do_softirq+0x721/0xc7f [ 1187.770374] [ 1187.770374] Uninit was stored to memory at: [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] __msan_chain_origin+0x6d/0xb0 [ 1187.770374] __save_stack_trace+0x8be/0xc60 [ 1187.770374] save_stack_trace+0xc6/0x110 [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] kmsan_memcpy_origins+0x13d/0x190 [ 1187.770374] __msan_memcpy+0x6f/0x80 [ 1187.770374] pskb_expand_head+0x436/0x1d20 [ 1187.770374] erspan_xmit+0x618/0x35d0 [ 1187.770374] dev_hard_start_xmit+0x6dc/0xde0 [ 1187.770374] sch_direct_xmit+0x59b/0x890 [ 1187.770374] __qdisc_run+0x1bac/0x3600 [ 1187.770374] __dev_queue_xmit+0x2131/0x3e00 [ 1187.770374] dev_queue_xmit+0x4b/0x60 [ 1187.770374] ip6_finish_output2+0x1a5b/0x22d0 [ 1187.770374] ip6_finish_output+0xc13/0xca0 [ 1187.770374] ip6_output+0x5e4/0x720 [ 1187.770374] mld_sendpack+0xf2e/0x17b0 [ 1187.770374] mld_ifc_timer_expire+0x115c/0x1680 [ 1187.770374] call_timer_fn+0x356/0x7c0 [ 1187.770374] __run_timers+0xe95/0x1300 [ 1187.770374] run_timer_softirq+0x55/0xa0 [ 1187.770374] __do_softirq+0x721/0xc7f [ 1187.770374] [ 1187.770374] Uninit was stored to memory at: [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] __msan_chain_origin+0x6d/0xb0 [ 1187.770374] __save_stack_trace+0x8be/0xc60 [ 1187.770374] save_stack_trace+0xc6/0x110 [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] kmsan_memcpy_origins+0x13d/0x190 [ 1187.770374] __msan_memcpy+0x6f/0x80 [ 1187.770374] pskb_expand_head+0x436/0x1d20 [ 1187.770374] erspan_xmit+0x618/0x35d0 [ 1187.770374] dev_hard_start_xmit+0x6dc/0xde0 [ 1187.770374] sch_direct_xmit+0x59b/0x890 [ 1187.770374] __qdisc_run+0x1bac/0x3600 [ 1187.770374] __dev_queue_xmit+0x2131/0x3e00 [ 1187.770374] dev_queue_xmit+0x4b/0x60 [ 1187.770374] ip6_finish_output2+0x1a5b/0x22d0 [ 1187.770374] ip6_finish_output+0xc13/0xca0 [ 1187.770374] ip6_output+0x5e4/0x720 [ 1187.770374] mld_sendpack+0xf2e/0x17b0 [ 1187.770374] mld_ifc_timer_expire+0x115c/0x1680 [ 1187.770374] call_timer_fn+0x356/0x7c0 [ 1187.770374] __run_timers+0xe95/0x1300 [ 1187.770374] run_timer_softirq+0x55/0xa0 [ 1187.770374] __do_softirq+0x721/0xc7f [ 1187.770374] [ 1187.770374] Uninit was stored to memory at: [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] __msan_chain_origin+0x6d/0xb0 [ 1187.770374] __save_stack_trace+0x8be/0xc60 [ 1187.770374] save_stack_trace+0xc6/0x110 [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] kmsan_memcpy_origins+0x13d/0x190 [ 1187.770374] __msan_memcpy+0x6f/0x80 [ 1187.770374] pskb_expand_head+0x436/0x1d20 [ 1187.770374] erspan_xmit+0x618/0x35d0 [ 1187.770374] dev_hard_start_xmit+0x6dc/0xde0 [ 1187.770374] sch_direct_xmit+0x59b/0x890 [ 1187.770374] __qdisc_run+0x1bac/0x3600 [ 1187.770374] __dev_queue_xmit+0x2131/0x3e00 [ 1187.770374] dev_queue_xmit+0x4b/0x60 [ 1187.770374] ip6_finish_output2+0x1a5b/0x22d0 [ 1187.770374] ip6_finish_output+0xc13/0xca0 [ 1187.770374] ip6_output+0x5e4/0x720 [ 1187.770374] mld_sendpack+0xf2e/0x17b0 [ 1187.770374] mld_ifc_timer_expire+0x115c/0x1680 [ 1187.770374] call_timer_fn+0x356/0x7c0 [ 1187.770374] __run_timers+0xe95/0x1300 [ 1187.770374] run_timer_softirq+0x55/0xa0 [ 1187.770374] __do_softirq+0x721/0xc7f [ 1187.770374] [ 1187.770374] Uninit was stored to memory at: [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] __msan_chain_origin+0x6d/0xb0 [ 1187.770374] __save_stack_trace+0x8be/0xc60 [ 1187.770374] save_stack_trace+0xc6/0x110 [ 1187.770374] kmsan_internal_chain_origin+0x136/0x240 [ 1187.770374] kmsan_memcpy_origins+0x13d/0x190 [ 1187.770374] __msan_memcpy+0x6f/0x80 [ 1187.770374] pskb_expand_head+0x436/0x1d20 [ 1187.770374] erspan_xmit+0x618/0x35d0 [ 1187.770374] dev_hard_start_xmit+0x6dc/0xde0 [ 1187.770374] sch_direct_xmit+0x59b/0x890 [ 1187.770374] __qdisc_run+0x1bac/0x3600 [ 1187.770374] __dev_queue_xmit+0x2131/0x3e00 [ 1187.770374] dev_queue_xmit+0x4b/0x60 [ 1187.770374] ip6_finish_output2+0x1a5b/0x22d0 [ 1187.770374] ip6_finish_output+0xc13/0xca0 [ 1187.770374] ip6_output+0x5e4/0x720 [ 1187.770374] mld_sendpack+0xf2e/0x17b0 [ 1187.770374] mld_ifc_timer_expire+0x115c/0x1680 [ 1187.770374] call_timer_fn+0x356/0x7c0 [ 1187.770374] __run_timers+0xe95/0x1300 [ 1187.770374] run_timer_softirq+0x55/0xa0 [ 1187.770374] __do_softirq+0x721/0xc7f [ 1187.770374] [ 1187.770374] Local variable description: ----__ai_o1.i.i.i.i@kmem_cache_free [ 1187.770374] Variable was created at: [ 1187.770374] kmem_cache_free+0x12e/0x3370 [ 1187.770374] __kfree_skb+0x2cc/0x310 06:21:40 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:40 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f00000000c0), 0xc, &(0x7f00000001c0)={&(0x7f0000000500)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'ip6_vti0\x00'}, @IFLA_ADDRESS={0xc, 0x1, @dev}]}, 0x40}}, 0x0) 06:21:40 executing program 0: 06:21:40 executing program 5: prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='keyring\x00') 06:21:41 executing program 2: openat$random(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x0, 0x0) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f0000000480)="f32b2b74f567f585198d28220e940f7d9774b2e18c") syz_open_dev$binder(&(0x7f00000001c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000000)='/dev/binder#\x00', 0x2) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000200)={0x0, &(0x7f00000001c0)}, 0xfffffffffffffe89) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000540)=0xc) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000280)=[@mss, @mss, @mss, @mss, @mss], 0x5) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) r3 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(r2, &(0x7f00000004c0)=""/39, 0xfffffd88, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000580)={0x2, 0x40, 0x5}) sendmsg$nl_route(r3, &(0x7f0000000140)={&(0x7f00000000c0), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) dup2(r1, r2) 06:21:41 executing program 0: 06:21:41 executing program 1: 06:21:41 executing program 5: prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='keyring\x00') 06:21:41 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:42 executing program 0: [ 1191.154791] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 06:21:42 executing program 5: prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='keyring\x00') 06:21:42 executing program 1: 06:21:42 executing program 4: 06:21:42 executing program 0: 06:21:42 executing program 5: 06:21:42 executing program 1: [ 1193.371588] IPVS: ftp: loaded support on port[0] = 21 06:21:45 executing program 0: 06:21:45 executing program 1: 06:21:45 executing program 5: 06:21:45 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:21:45 executing program 2: 06:21:45 executing program 2: 06:21:45 executing program 0: 06:21:45 executing program 5: [ 1195.942200] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 1197.337739] device bridge_slave_1 left promiscuous mode [ 1197.343702] bridge0: port 2(bridge_slave_1) entered disabled state [ 1197.413679] device bridge_slave_0 left promiscuous mode [ 1197.419275] bridge0: port 1(bridge_slave_0) entered disabled state [ 1201.677015] team0 (unregistering): Port device team_slave_1 removed [ 1201.689672] team0 (unregistering): Port device team_slave_0 removed [ 1201.702910] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 1201.749059] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 1201.842693] bond0 (unregistering): Released all slaves [ 1202.087760] bridge0: port 1(bridge_slave_0) entered blocking state [ 1202.094434] bridge0: port 1(bridge_slave_0) entered disabled state [ 1202.103057] device bridge_slave_0 entered promiscuous mode [ 1202.229631] bridge0: port 2(bridge_slave_1) entered blocking state [ 1202.236225] bridge0: port 2(bridge_slave_1) entered disabled state [ 1202.244876] device bridge_slave_1 entered promiscuous mode [ 1202.373173] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 1202.500787] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 1202.858510] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 1202.970742] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 1203.097411] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 1203.104546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1203.221289] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 1203.228394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1203.503959] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 1203.511573] team0: Port device team_slave_0 added [ 1203.584073] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 1203.591957] team0: Port device team_slave_1 added [ 1203.667663] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1203.745248] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1203.821574] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 1203.829039] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1203.838099] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1203.908038] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 1203.915468] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1203.924616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1204.752319] bridge0: port 2(bridge_slave_1) entered blocking state [ 1204.758794] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1204.765846] bridge0: port 1(bridge_slave_0) entered blocking state [ 1204.772370] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1204.779983] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 1204.992131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1207.776172] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1208.056285] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 1208.326425] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 1208.332846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1208.340398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1208.622569] 8021q: adding VLAN 0 to HW filter on device team0 06:22:01 executing program 4: linkat(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000480)='./file0/file0\x00', 0x3ff) 06:22:01 executing program 1: 06:22:01 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") poll(&(0x7f0000000000)=[{r0, 0x4}], 0x1, 0xfffffffffffffffa) 06:22:01 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1ddedf", 0x8, 0xff, 0x0, @remote, @remote={0xfe, 0x80, [0xf0ffffffffffff]}, {[], @icmpv6=@echo_request}}}}}, &(0x7f0000000100)) 06:22:01 executing program 0: r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file0\x00', 0x400) 06:22:01 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:22:01 executing program 1: r0 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz'}, 0x0, 0x0, r0) 06:22:01 executing program 0: socketpair(0x0, 0x0, 0x0, &(0x7f0000000600)={0x0, 0x0}) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180), 0xfffffefa) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000480), 0x12) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={"6e72300100"}) openat$tun(0xffffffffffffff9c, &(0x7f0000000400)='/dev/net/tun\x00', 0x10f482, 0x0) socket$kcm(0x2b, 0x0, 0x0) 06:22:01 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) 06:22:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f00000000c0)="f466b9300800000f3266b8070000000f23d80f21f86635800000b00f23f865de5eb5baf80c66b8461a238366efbafc0cec0f01df670f01cf66b9800000c00f326635000800000f300fc72a0f20c06635000001000f22c0", 0x57}], 0x1, 0x0, &(0x7f0000000140), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000280)={0x7b, 0x0, [0x48b, 0x0, 0x200]}) 06:22:01 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000240)=0x7, 0x4) setsockopt$packet_int(r0, 0x107, 0x2040000000f, &(0x7f0000000040)=0x100, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040400000700000000000000fff55b4202938207d9fb3780", 0x18, 0x0, &(0x7f0000000280)={0xa, 0x0, 0x20000000003}, 0x1c) 06:22:02 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000001400)={&(0x7f00000003c0), 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001200050100000000000000000a00000029dff239c50e597899012cdd4adc39defb24abf30597212698817b18530bcda48156c4c45a03149923c24d96cd47d9c63f76ab397ad02aaadb0573726ef8a5506e4c1713bd4a6af9f20fc9534e9e48ca91b2770534e21d59e1c081c6db4ef6cdace6890ce5043cae76eab67d970faaff982994805048a561e92367fe2572c2a19c505602241804fbf679e279be"], 0x1}}, 0x0) read(r0, &(0x7f0000000100)=""/104, 0xffffffa9) read(r0, &(0x7f0000000600)=""/234, 0x58493a71) 06:22:02 executing program 2: r0 = socket(0x10, 0x803, 0x0) ioctl(r0, 0x1000008912, &(0x7f00000004c0)="0a5c1f023c126285719070") sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_getnetconf={0x14, 0x52, 0xb54453076a37b6d9}, 0x14}}, 0x0) pipe(&(0x7f0000000080)) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={&(0x7f0000000340), 0xc, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000000140012000c000100626f6e640000000004000200adb6e61b7b02db4d0ac3ba7301986b20cd47effb39302908b588ca1a29621fbea01748d81ef4ad3c446aca503d47078655fa63ab0ad75a20cebae66a20ddcdded89afbf5f70a67120a6b389be108d9b8ac7891e5bf7b916730d7330e6647ea0dbc0cb199c3a1962bfa70458621f0b69a3fd3bbcd6784f4ba4d75bbea5891491c88a253e1511cc0feef7d191cb817433051cf650b280219629c04bd2d07b63723c37d62d5d7026639c672980a9faec2f8c34d5aeb136e999b22c5f187a4e16fb329b57abb754ef6a89e16a896b91140fa9f96ed998197626d2bd4fd315ef1baeecc687c96129300fc48f118d21a98ae6a55adc0ad556030ff136eb08246fea1fe111ff9a91a0acc942163b5bac179405346dc22a57cfaa06228dcaa2a7b8621e4acea50a7c4f5768890427e56e02c3ed8a032e7148687518ee317fcb7982bceaaa971dbcc9d3ba8f3"], 0x1}}, 0x0) read(r0, &(0x7f00000001c0)=""/129, 0xfffffeb0) 06:22:02 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='wchan\x00') pread64(r1, &(0x7f00000000c0)=""/12, 0xffffff58, 0x0) 06:22:02 executing program 4: perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x85a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.net/syz0\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) flistxattr(r1, &(0x7f0000000300)=""/247, 0xf7) 06:22:02 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000140)) dup3(r3, r2, 0x0) poll(&(0x7f00000007c0)=[{r2}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) tkill(r0, 0x1000000000016) 06:22:02 executing program 5: syslog(0x3, &(0x7f00000000c0)=""/147, 0x93) 06:22:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x2, 0x0, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a790150eff57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cgroup\x00') sendmsg$nl_generic(r1, &(0x7f0000001900)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2030}, 0xc, &(0x7f00000003c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c0000002d0000002b007d0004009100000000000000000000000000"], 0x1}}, 0x0) 06:22:03 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r1) r2 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r3 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$P9_RREMOVE(r3, &(0x7f0000000280)={0x1}, 0x10021) creat(&(0x7f0000000180)='./file0\x00', 0x0) write$P9_RMKNOD(r3, &(0x7f00000000c0)={0x26b}, 0x3f) fdatasync(r3) write$cgroup_type(r2, &(0x7f00000003c0)='threaded\x00', 0xfdb1) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000200)={0x0, r3}) 06:22:03 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl$SG_GET_SCSI_ID(r0, 0x2276, &(0x7f0000000000)) 06:22:03 executing program 2: r0 = socket(0x200000000000011, 0x4000000000080002, 0xdd86) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x0) 06:22:03 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f00000000c0)="f466b9300800000f3266b8070000000f23d80f21f86635800000b00f23f865de5eb5baf80c66b8461a238366efbafc0cec0f01df670f01cf66b9800000c00f326635000800000f300fc72a0f20c06635000001000f22c0", 0x57}], 0x1, 0x0, &(0x7f0000000140), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0xc008ae88, &(0x7f0000000280)={0x7b, 0x0, [0x0, 0x0, 0x200]}) [ 1212.453191] ================================================================== [ 1212.460622] BUG: KMSAN: uninit-value in sit_tunnel_xmit+0x1b7e/0x3d40 [ 1212.461787] CPU: 1 PID: 2446 Comm: syz-executor2 Not tainted 4.20.0-rc3+ #89 [ 1212.461787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1212.475627] Call Trace: [ 1212.475627] dump_stack+0x32d/0x480 [ 1212.475627] ? sit_tunnel_xmit+0x1b7e/0x3d40 [ 1212.475627] kmsan_report+0x19f/0x300 [ 1212.475627] __msan_warning+0x76/0xc0 [ 1212.475627] sit_tunnel_xmit+0x1b7e/0x3d40 [ 1212.475627] ? packet_sock_destruct+0x3b0/0x3b0 [ 1212.475627] ? dev_queue_xmit_nit+0x1222/0x1320 [ 1212.475627] ? ipip6_tunnel_uninit+0x800/0x800 [ 1212.475627] dev_hard_start_xmit+0x6dc/0xde0 [ 1212.475627] __dev_queue_xmit+0x2d9e/0x3e00 [ 1212.475627] dev_queue_xmit+0x4b/0x60 [ 1212.475627] ? __netdev_pick_tx+0x14d0/0x14d0 [ 1212.475627] packet_sendmsg+0x797f/0x9180 [ 1212.475627] ? futex_wait+0x92b/0xc50 [ 1212.475627] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1212.475627] ? drop_futex_key_refs+0x232/0x330 [ 1212.475627] ? do_futex+0x55d6/0x5e80 [ 1212.475627] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1212.475627] ? aa_sk_perm+0x7ab/0x9e0 [ 1212.475627] ? compat_packet_setsockopt+0x360/0x360 [ 1212.475627] sock_write_iter+0x3f4/0x4f0 [ 1212.475627] ? sock_read_iter+0x4e0/0x4e0 [ 1212.475627] __vfs_write+0x888/0xb80 [ 1212.475627] vfs_write+0x4a3/0x8f0 [ 1212.475627] __se_sys_write+0x17a/0x370 [ 1212.475627] __x64_sys_write+0x4a/0x70 [ 1212.475627] do_syscall_64+0xcf/0x110 [ 1212.475627] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1212.475627] RIP: 0033:0x457569 [ 1212.475627] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1212.475627] RSP: 002b:00007f93d5e01c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1212.475627] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1212.475627] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1212.475627] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1212.475627] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f93d5e026d4 [ 1212.475627] R13: 00000000004c5cf1 R14: 00000000004da0a8 R15: 00000000ffffffff [ 1212.669678] [ 1212.669678] Uninit was created at: [ 1212.676204] kmsan_internal_poison_shadow+0xc8/0x1c0 [ 1212.676204] kmsan_kmalloc+0x98/0xf0 [ 1212.676204] kmsan_slab_alloc+0xe/0x10 [ 1212.676204] __kmalloc_node_track_caller+0xf62/0x14e0 [ 1212.676204] __alloc_skb+0x42b/0xeb0 [ 1212.676204] alloc_skb_with_frags+0x1c9/0xa80 [ 1212.676204] sock_alloc_send_pskb+0xeb3/0x14c0 [ 1212.676204] packet_sendmsg+0x6719/0x9180 [ 1212.676204] sock_write_iter+0x3f4/0x4f0 [ 1212.676204] __vfs_write+0x888/0xb80 [ 1212.676204] vfs_write+0x4a3/0x8f0 [ 1212.676204] __se_sys_write+0x17a/0x370 [ 1212.676204] __x64_sys_write+0x4a/0x70 [ 1212.676204] do_syscall_64+0xcf/0x110 [ 1212.676204] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1212.676204] ================================================================== [ 1212.676204] Disabling lock debugging due to kernel taint [ 1212.751307] Kernel panic - not syncing: panic_on_warn set ... [ 1212.751307] CPU: 1 PID: 2446 Comm: syz-executor2 Tainted: G B 4.20.0-rc3+ #89 [ 1212.751307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1212.751307] Call Trace: [ 1212.751307] dump_stack+0x32d/0x480 [ 1212.784314] panic+0x624/0xc08 [ 1212.784314] kmsan_report+0x300/0x300 [ 1212.791722] __msan_warning+0x76/0xc0 [ 1212.791722] sit_tunnel_xmit+0x1b7e/0x3d40 [ 1212.791722] ? packet_sock_destruct+0x3b0/0x3b0 [ 1212.791722] ? dev_queue_xmit_nit+0x1222/0x1320 [ 1212.791722] ? ipip6_tunnel_uninit+0x800/0x800 [ 1212.791722] dev_hard_start_xmit+0x6dc/0xde0 [ 1212.791722] __dev_queue_xmit+0x2d9e/0x3e00 [ 1212.819923] dev_queue_xmit+0x4b/0x60 [ 1212.819923] ? __netdev_pick_tx+0x14d0/0x14d0 [ 1212.819923] packet_sendmsg+0x797f/0x9180 [ 1212.819923] ? futex_wait+0x92b/0xc50 [ 1212.819923] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1212.819923] ? drop_futex_key_refs+0x232/0x330 [ 1212.819923] ? do_futex+0x55d6/0x5e80 [ 1212.819923] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1212.819923] ? aa_sk_perm+0x7ab/0x9e0 [ 1212.819923] ? compat_packet_setsockopt+0x360/0x360 [ 1212.867923] sock_write_iter+0x3f4/0x4f0 [ 1212.867923] ? sock_read_iter+0x4e0/0x4e0 [ 1212.872631] __vfs_write+0x888/0xb80 [ 1212.872631] vfs_write+0x4a3/0x8f0 [ 1212.872631] __se_sys_write+0x17a/0x370 [ 1212.872631] __x64_sys_write+0x4a/0x70 [ 1212.872631] do_syscall_64+0xcf/0x110 [ 1212.872631] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1212.872631] RIP: 0033:0x457569 [ 1212.872631] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1212.872631] RSP: 002b:00007f93d5e01c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1212.872631] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1212.872631] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1212.872631] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1212.872631] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f93d5e026d4 [ 1212.872631] R13: 00000000004c5cf1 R14: 00000000004da0a8 R15: 00000000ffffffff [ 1212.872631] Kernel Offset: disabled [ 1212.872631] Rebooting in 86400 seconds..