][T24666] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1263.024441][T24666] [ 1263.026965][T24666] Uninit was stored to memory at: [ 1263.032062][T24666] __get_compat_msghdr+0x6e1/0x9d0 [ 1263.037410][T24666] get_compat_msghdr+0x108/0x2c0 [ 1263.042397][T24666] do_recvmmsg+0x1063/0x2120 [ 1263.047214][T24666] __sys_recvmmsg+0x51c/0x6f0 [ 1263.051930][T24666] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1263.058507][T24666] __do_fast_syscall_32+0x96/0xf0 [ 1263.063580][T24666] do_fast_syscall_32+0x34/0x70 [ 1263.068672][T24666] do_SYSENTER_32+0x1b/0x20 [ 1263.073220][T24666] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1263.079743][T24666] [ 1263.082079][T24666] Local variable msg_sys created at: [ 1263.087563][T24666] do_recvmmsg+0xc1/0x2120 [ 1263.092017][T24666] __sys_recvmmsg+0x51c/0x6f0 12:53:57 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x7, &(0x7f0000000080)=@framed={{}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, @initr0]}, &(0x7f0000000040)='GPL\x00', 0x4, 0xfe, &(0x7f0000000280)=""/254, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:53:57 executing program 5: socket(0x1, 0x4, 0x3) 12:53:57 executing program 4: sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0) 12:53:57 executing program 2: syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff) 12:53:57 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r1}, 0x14}}, 0x0) 12:53:57 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) recvmmsg(r0, &(0x7f00000053c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 12:53:57 executing program 4: sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0) 12:53:57 executing program 5: remap_file_pages(&(0x7f0000ff6000/0x4000)=nil, 0x4000, 0x8, 0x0, 0x0) 12:53:57 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000003800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003780)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01, 0xee01}}}], 0x20}, 0x0) 12:53:57 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newaddrlabel={0x38, 0x48, 0xe914f2be1f57f2f1, 0x0, 0x0, {}, [@IFAL_ADDRESS={0x14, 0x1, @mcast2}, @IFAL_LABEL={0x8}]}, 0x38}}, 0x0) 12:53:57 executing program 1: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/net\x00') ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0xb702, 0x0) 12:53:58 executing program 5: syz_emit_ethernet(0x32, &(0x7f0000000000)={@multicast, @empty, @void, {@mpls_uc={0x8847, {[], @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @local}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0) syz_emit_ethernet(0x56, &(0x7f0000000040)={@dev, @empty, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "d15baaac82deb08524592ebf11626e5b3bda3b476bbe7b17343c675bfe4e23a32bb374b48b15cf5557801d5ce4c7f23d0adbd3366abc49b28f63da281dbb7a1c"}}}}, 0x0) 12:53:58 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, &(0x7f00000002c0), 0x10) 12:53:58 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0) 12:53:58 executing program 2: socketpair(0x2a, 0x0, 0x0, &(0x7f0000006700)) 12:53:58 executing program 1: mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0xae38bdc6bdd52578, 0xffffffffffffffff, 0x0) 12:53:58 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newaddrlabel={0x38, 0x1d, 0xe914f2be1f57f2f1, 0x0, 0x0, {}, [@IFAL_LABEL={0x4}, @IFAL_ADDRESS={0x14, 0x1, @loopback={0xfe80ffff00000000}}]}, 0x38}}, 0x0) 12:53:59 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB="840100001d"], 0x184}}, 0x0) 12:53:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0) 12:53:59 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x9, 0x3, 0x2c0, 0xd8, 0xffffffff, 0xffffffff, 0xd8, 0xffffffff, 0x1f0, 0xffffffff, 0xffffffff, 0x220, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@local, @mcast1, [], [], 'team0\x00', 'caif0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ef55a0a36c09ca93108b6fd5c1e73ba86fa057fb8c94e06b559b472d98b49687e33605773832e63cb17eccf520ad13014b5399cdd78a27575d7524d0d7e35e5c"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x320) 12:53:59 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000580)={@link_local, @random="05367274575b", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "5ff3da", 0x8, 0x3a, 0x0, @remote, @local, {[], @echo_reply}}}}}, 0x0) 12:53:59 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newaddrlabel={0x30, 0x48, 0xe914f2be1f57f2f1, 0x0, 0x0, {}, [@IFAL_ADDRESS={0x14, 0x1, @private1}]}, 0x30}}, 0x0) 12:53:59 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={&(0x7f0000000300), 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x0, 0x0, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}, @BATADV_ATTR_ORIG_INTERVAL={0x8}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8}]}, 0x4c}}, 0x0) 12:53:59 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) getpeername(r0, &(0x7f0000000600)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, &(0x7f0000000680)=0x80) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r1, 0x89f5, 0x0) 12:53:59 executing program 2: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid_for_children\x00') ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0xb703, 0x0) 12:53:59 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'erspan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newaddrlabel={0x30, 0x1d, 0xe914f2be1f57f2f1, 0x0, 0x0, {0xc, 0x0, 0x0, 0x0, r2}, [@IFAL_ADDRESS={0x14, 0x1, @dev}]}, 0x30}}, 0x0) 12:53:59 executing program 1: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) sendmsg$TIPC_NL_MON_SET(r0, 0x0, 0x0) 12:53:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0) 12:53:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000002080)) r1 = syz_open_dev$vcsn(&(0x7f0000000040), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0x1ffff000, 0x0, 0x12, r1, 0x0) 12:54:00 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000380)=@security={'security\x00', 0xe, 0x4, 0x348, 0xffffffff, 0x1d0, 0x0, 0x1d0, 0xffffffff, 0xffffffff, 0x398, 0x398, 0x398, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30}}, {{@ipv6={@private2, @loopback, [], [], 'sit0\x00', 'erspan0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3a8) 12:54:00 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, 0x0, 0x0) 12:54:00 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@ipv4_getnexthop={0x18, 0x68, 0x1}, 0x18}}, 0x0) 12:54:00 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@ipv4_getnexthop={0x20, 0x6a, 0x1, 0x0, 0x0, {}, [@NHA_MASTER={0x4}]}, 0x20}}, 0x0) 12:54:00 executing program 3: syz_emit_ethernet(0x1197, 0x0, 0x0) 12:54:00 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000002a0001"], 0x34}}, 0x0) [ 1266.666109][T24749] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. 12:54:00 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, 0x0, 0x0) 12:54:00 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001d00f1f20000e6b49e75d5d0eef50000", @ANYRES32=0x0, @ANYBLOB="000000000800020000000000140001"], 0x38}}, 0x0) 12:54:00 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newaddrlabel={0x1c, 0x1e, 0xe914f2be1f57f2f1}, 0x1c}}, 0x0) 12:54:00 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x8, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffffff}, [@alu={0x7, 0x1}]}, &(0x7f0000000080)='GPL\x00', 0x6, 0xfe, &(0x7f0000000280)=""/254, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={&(0x7f0000000300), 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x4c, 0x0, 0x0, 0x0, 0x0, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}, @BATADV_ATTR_ORIG_INTERVAL={0x8}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8}]}, 0xe80}}, 0x0) 12:54:01 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, 0x0, 0x0) 12:54:01 executing program 0: openat$vsock(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) mlock2(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) 12:54:01 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x14}, 0x14}}, 0x4) 12:54:01 executing program 5: getresgid(&(0x7f0000000040), 0x0, 0x0) 12:54:01 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x25}, 0x0) 12:54:01 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000040), 0x0, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x12, r0, 0x0) syz_io_uring_submit(r1, 0x0, 0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f0000000040), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x100010, r2, 0x0) 12:54:01 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 12:54:02 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x8, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x7, 0x1, 0x7}]}, &(0x7f0000000080)='GPL\x00', 0x6, 0xfe, &(0x7f0000000280)=""/254, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:02 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x8, 0x4, &(0x7f0000000000)=@framed={{}, [@jmp={0x5, 0x0, 0x7, 0x0, 0x1}]}, &(0x7f0000000040)='GPL\x00', 0x6, 0xfe, &(0x7f0000000280)=""/254, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:02 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x8, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x7, 0x1, 0x9}]}, &(0x7f0000000080)='GPL\x00', 0x6, 0xfe, &(0x7f0000000280)=""/254, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:02 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 12:54:02 executing program 3: r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0x18b041, 0x0) write$P9_RFSYNC(r0, &(0x7f0000000080)={0x7}, 0x7) write$P9_RSETATTR(r0, &(0x7f00000001c0)={0x7}, 0x7) 12:54:02 executing program 1: openat$vsock(0xffffffffffffff9c, &(0x7f0000000a80), 0x200000, 0x0) 12:54:03 executing program 0: sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, 0x0, 0x0) 12:54:03 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 12:54:03 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x2, &(0x7f0000000040)=@raw={'raw\x00', 0x9, 0x3, 0x2c0, 0xd8, 0xffffffff, 0xffffffff, 0xd8, 0xffffffff, 0x220, 0xffffffff, 0xffffffff, 0x220, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@local, @mcast1, [], [], 'team0\x00', 'caif0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ef55a0a36c09ca93108b6fd5c1e73ba86fa057fb8c94e06b559b472d98b49687e33605773832e63cb17eccf520ad13014b5399cdd78a27575d7524d0d7e35e5c"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x320) 12:54:03 executing program 2: clone3(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000001c0)}, 0x58) 12:54:03 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x4d, 0x0, 0x0) 12:54:03 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@ipv4_newnexthop={0x28, 0x10, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x300}, [@NHA_ENCAP_TYPE={0x6}, @NHA_GROUP_TYPE={0x6}]}, 0x28}}, 0x0) 12:54:03 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 12:54:03 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x30, &(0x7f0000000040)=@raw={'raw\x00', 0x9, 0x3, 0x2c0, 0xd8, 0xffffffff, 0xffffffff, 0xd8, 0xffffffff, 0x220, 0xffffffff, 0xffffffff, 0x220, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@local, @mcast1, [], [], 'team0\x00', 'caif0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ef55a0a36c09ca93108b6fd5c1e73ba86fa057fb8c94e06b559b472d98b49687e33605773832e63cb17eccf520ad13014b5399cdd78a27575d7524d0d7e35e5c"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x320) 12:54:03 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000003f00eaff0000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0xfe, &(0x7f0000000280)=""/254, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:04 executing program 3: clone3(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2}, 0xfffffc72) 12:54:04 executing program 5: mlock2(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) 12:54:04 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@ipv4_newnexthop={0x20, 0x11, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x300}, [@NHA_ENCAP_TYPE={0x69}]}, 0x20}}, 0x0) 12:54:05 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000001300)=@ipv6_delrule={0x1c, 0x21, 0x1}, 0x1c}}, 0x0) 12:54:05 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 12:54:05 executing program 3: socketpair(0xa, 0x1, 0x0, &(0x7f0000000400)) 12:54:05 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x14}, 0x14}, 0x300}, 0x0) 12:54:05 executing program 5: r0 = syz_open_dev$vcsn(&(0x7f00000020c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000040), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x12, r1, 0x0) 12:54:05 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x8, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0xffffffffffffffff}]}, &(0x7f0000000080)='GPL\x00', 0x6, 0xfe, &(0x7f0000000280)=""/254, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:05 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 12:54:05 executing program 1: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) write$binfmt_script(r0, 0x0, 0x0) 12:54:05 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x0, 0xf4240, &(0x7f00000002c0)=@raw=[@map_val], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:05 executing program 5: ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000200)={'syztnl0\x00', 0x0}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) 12:54:05 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000800)={0x14, r1, 0xdfaf01f17e3b47f9}, 0x14}}, 0x0) 12:54:06 executing program 1: r0 = socket$xdp(0x2c, 0x3, 0x0) recvmmsg(r0, &(0x7f0000005580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 12:54:06 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x301, 0x0, 0x0, {0xa}, [@NFTA_TABLE_HANDLE={0xc}]}], {0x14}}, 0x48}}, 0x0) 12:54:06 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x301, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0x68}}, 0x0) 12:54:06 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0xc, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0) 12:54:06 executing program 5: pselect6(0x40, &(0x7f0000003a40), &(0x7f0000003a80)={0x7fffffff}, 0x0, 0x0, 0x0) 12:54:06 executing program 3: r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000700)={'filter\x00'}, &(0x7f0000000780)=0x78) 12:54:06 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)={0x14, 0x5, 0x1, 0x5}, 0x14}}, 0x0) 12:54:06 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)={0x14, 0x5, 0x1, 0x5}, 0x14}}, 0x0) 12:54:06 executing program 2: socketpair(0x37, 0x0, 0x0, &(0x7f0000000080)) 12:54:06 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0xc, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0) 12:54:07 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xb1}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0xb8, &(0x7f00000000c0)=""/184, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:07 executing program 2: clock_gettime(0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000003c80), 0xffffffffffffffff) 12:54:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0xa, 0x2, 0x11) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)={0x3c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x1f1}]}, 0x3c}}, 0x0) 12:54:08 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:08 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0xc, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0) 12:54:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @loopback}, {0x1}, 0x8, {0x2, 0x0, @empty}, 'veth0_macvtap\x00'}) 12:54:08 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000001940)={0x0, 0x0, 0x100}, 0xc) 12:54:08 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x0, 0x2, &(0x7f00000002c0)=@raw=[@map_val], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x32}, 0x78) 12:54:08 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x6d00, &(0x7f0000000040)=@raw=[@jmp], &(0x7f0000000080)='GPL\x00', 0x3, 0xb8, &(0x7f00000000c0)=""/184, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:08 executing program 5: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_ENCAP(r0, 0x113, 0x1, &(0x7f0000000280)=0x1, 0x4) 12:54:08 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x18, 0x1, 0x2, 0x3, 0x0, 0x0, {}, [@NFCTH_TUPLE={0x4}]}, 0x18}}, 0x0) 12:54:08 executing program 2: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCDELRT(r0, 0x890c, &(0x7f0000000040)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, @default, @netrom={'nr', 0x0}, 0x0, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}) 12:54:08 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 12:54:08 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000002800)=[{&(0x7f0000000000)=@in={0x2, 0x0, @dev}, 0x10, &(0x7f0000001340)=[{&(0x7f0000000040)="f9", 0x1}], 0x1}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f00000059c0)={0x0, 0x10, "18fe7d14b477ace40b3e08607515a5af"}, &(0x7f0000006a00)=0x18) 12:54:09 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000001500)) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) 12:54:10 executing program 0: r0 = socket(0x10, 0x2, 0x0) accept4$unix(r0, 0x0, 0x0, 0xc0000) 12:54:10 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2c, 0xa, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x4}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}}, 0x0) 12:54:10 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 12:54:10 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000640)) 12:54:10 executing program 1: r0 = socket$l2tp(0x2, 0x2, 0x73) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000240)={'NETMAP\x00'}, &(0x7f0000000280)=0x1e) 12:54:10 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f00000000c0)={0x0, {0x2, 0x0, @local}, {0x2, 0x0, @remote}, {0x2, 0x0, @empty}}) 12:54:10 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 12:54:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @private}, {0x0, @broadcast}, 0x0, {0x2, 0x0, @local}, 'veth0_vlan\x00'}) 12:54:10 executing program 2: r0 = socket(0x10, 0x2, 0x0) ioctl$SIOCRSSCAUSE(r0, 0x8940, &(0x7f00000000c0)) 12:54:10 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_PAN_ID(r0, &(0x7f0000000740)={&(0x7f0000000600), 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_PAN_ID={0x6}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}}, 0x10) 12:54:10 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x4, 0x1}, 0x40) 12:54:11 executing program 1: sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x29}}}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0xa, 0x0, @empty=0xa}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878255}, 0x9c) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000100), 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$cgroup_devices(r1, 0x0, 0x2, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3000080e) 12:54:12 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x30, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_LNS_MODE={0x5}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x30}}, 0x0) 12:54:12 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x14, 0x2, 0x9, 0x3}, 0x14}}, 0x0) 12:54:12 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) sendfile(r1, r2, 0x0, 0xf03b2a00) sendfile(r1, r0, 0x0, 0x8000000000004) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000080)) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r3, 0x40305828, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) write$binfmt_misc(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="73797a300a48a8fd88622d8b88a332c982efbb36030e6431a300000000000000000000000000000000e64cf95cec8707f02e88176b4cca4442c79337893af7ae1bbf9c68786e3f385efd719fcde9da5874c165992df6ee196697786b2eb4b6594d0518bbe6ff7998341d017da613264146e2aab2cf6144de3f33ddeaa1ec857e72e2de2d6d58f3923f5d75ced8da3dd22d76f4751d9428b6109f45fa4b16c383c37fa4534d23263b6e5408fa17fd4c52a15f93e3787299998ced1bb90a9b6aa3c4bd89d8b497ad8e5c52be65c845dac66ad0c8a72c44d2e8f1ba4c596ac6de6f41216ca3"], 0x5) r4 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r4, &(0x7f0000000540)={0x18, 0x0, {0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) sendmmsg(r4, &(0x7f0000005980)=[{{0x0, 0x3f00, &(0x7f0000000500)=[{&(0x7f00000007c0)='6', 0x1}], 0x1, 0x0, 0x0, 0xc304}, 0xe}], 0x300, 0x0) 12:54:12 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x24, 0x1, 0x9, 0x3, 0x0, 0x0, {}, [@NFCTH_TUPLE={0x5, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x24}}, 0x0) 12:54:12 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x20}}, 0x0) 12:54:12 executing program 1: r0 = socket$l2tp(0x2, 0x2, 0x73) connect$l2tp(r0, 0x0, 0x0) [ 1278.477941][T24972] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.3'. 12:54:12 executing program 1: r0 = socket$phonet(0x23, 0x2, 0x1) ioctl$sock_ifreq(r0, 0x541b, &(0x7f0000000100)={'veth1_to_bridge\x00', @ifru_settings={0x0, 0x0, @fr_pvc=0x0}}) 12:54:12 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x20}}, 0x0) 12:54:12 executing program 2: r0 = socket(0x18, 0x0, 0x0) recvfrom$ax25(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:54:12 executing program 3: pselect6(0x0, 0x0, 0x0, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000180)={&(0x7f0000000140)={[0x7]}, 0x8}) 12:54:12 executing program 5: openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60040, 0x0) 12:54:13 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0xc, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x20}}, 0x0) 12:54:13 executing program 1: r0 = socket(0x10, 0x2, 0x0) sendmsg$alg(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000001440)=[{0x0}, {&(0x7f0000000100)='1', 0x1}], 0x2}, 0x0) 12:54:13 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)={@multicast1, @private}, 0x10) 12:54:13 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000900)={0x14}, 0x14}}, 0x0) 12:54:13 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @loopback}, {}, 0x8, {0x2, 0x0, @empty}, 'veth0_macvtap\x00'}) 12:54:13 executing program 4: r0 = socket$phonet(0x23, 0x2, 0x1) ioctl$sock_ifreq(r0, 0x8906, 0x0) 12:54:13 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x83}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0xb8, &(0x7f00000000c0)=""/184, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:14 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x44, 0x1, 0x9, 0x3, 0x0, 0x0, {}, [@NFCTH_TUPLE={0x30, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev}, {0x14, 0x4, @empty}}}]}]}, 0x44}}, 0x0) 12:54:14 executing program 3: r0 = socket$qrtr(0x2a, 0x2, 0x0) recvmsg$qrtr(r0, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x130}, 0x38, 0x0) 12:54:14 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)={0x14, 0x2, 0x1, 0x5}, 0x14}}, 0x0) 12:54:14 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x1, &(0x7f0000000000)=@raw=[@jmp={0x5, 0x0, 0x9, 0x0, 0x0, 0x0, 0x10}], &(0x7f0000000080)='GPL\x00', 0x5, 0xb1, &(0x7f00000000c0)=""/177, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:14 executing program 2: r0 = socket(0x10, 0x2, 0x0) connect$pptp(r0, 0x0, 0x0) [ 1280.530141][T25011] netlink: 'syz-executor.5': attribute type 1 has an invalid length. 12:54:14 executing program 5: openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0) 12:54:14 executing program 3: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000040)={0xec4, 0x12, 0x4, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x1e, {0x0, 0x0, [0x2], [], 0x0, [0x8]}, 0x1}, [@INET_DIAG_REQ_BYTECODE={0xf2, 0x1, "c38412906b29978ecc37b7011f1daa16e8d87565405464c3fa6023e8d0593b9a9c8045ab365811b17572c9d56943c2df9ad0d6824bad9ecba5fb56f8a41a2e4abbfb29f02cc57a68e3e9e8df0cb4a1e6d149cc49a8fba525fe4e1cc039eeaa5bc905516e8160176b0fba343cfe2deda520d4bae415cc9669190958c4832be8840bb2632907843b0f955e4abf3ff27c3faffb9ec68eb4955c77ebae00cfab94c4aec6fcf2d17e829495d329b0a946081f09fd4263078d2d294f9106d324fbdbe57f8db9d1fbeb0f3704981fd4699e93879a2e297feec92237dc68db7e8e12a3d87760ede9346ea3775ca871a05e41"}, @INET_DIAG_REQ_BYTECODE={0xd7d, 0x1, "9a460f7172e107e700646f7b5c952e7b1a022977fe3df1b5a68415630f201042d5d876dd7f44028c8ba6c66e2b30f735e781e7fee52d7fbc94e1d00caab4e55742ab1f7146acb843a76f91863979bcba166c8d3499ae83c8fcc0bb94fa93c6ba20e5e73b485826afcb0967405e10ce19073a082392a794d82613d4e48db24f3a5a412e387b88bfadca0e4f69b8610c3e98f990b23913b83b12968647c1e935629b1ee3002c6bd85a4d24336074f2699e5c5ba752c05827354a88c91f3f2bd62aa33deb8e09b997846f27a5b013517e019b0efa9db7e7c69ec5c7ae6583234791f70fc525d1fb2f40402965fe517b8b9694c31d741f197437fe1526d0a1d2560b81c454d587e362e79594f43fefa8d79ca5fd57c5d32a95ffcf214ac44cc223da7acb40d9ed0dd6786795479a76a08b3ad964a5ad9581631f36a18e9ee491714b99aa7c4822cdfed9f72f7e505155ea3d69f421923b1b16fb05860a615dbcc56958e211898b91529df7477cb6bdeac08b3489c9d1232765da51b1dab10da8b8c9bf2c38564053e1838282ddda35fc33af51c650e86cb886ec9a6f2e23239c76d8d402129a0bfe97e42497a138aaebf0b99dabb3414aebabcbd78dd32eff3a811d33b8d39301c027d3ca0f36901b32fd54ad38d3beb8b963dd8c8e31a3f277580c2ec45e8ca38a0bc279ab473c1e541f32a12e135d45a665ced4c7c39427d16954b9cc9f86509ea886dad78d86bd8b06c4aff820fc462742a35d8d838ab92afe92342cc8655cef1b0de5c00e2c991e25199d1b650f3d582a135cd331e5de03a391508fc5cabb8dc59209e4ee2cfdcc14ffd94fcc2da102fde594e778c298d0b084847965937343031760750166f78c38df6c82590fc67d47f9220daa8cd6cd2d9664aa67481526b3f181171f06e104dd9f4ba72b1e83bf0f7665538e878e1b54765b7137979525fc2e5c2cf6689cdf578d446237ac498ec693a5df2b9ccc70a5119e85e7fb99719b76d43ecd313ecd5488573bdb663a95994ee79ef4c4426a6c5896db714f4777672decdbf7e904feb6f106bf76979f5cc61e59fff2082553b6ba50842e3fc81d01b2f207283886916fc5b0611f5fde78d3f30fa4f6ccb294b5aa029b872ab6ddabb1cb033d97db372c99a12ec97f4d238ee1d593269250e1b01c286240360b6d996b3dc1d183616a9a38546d03e5e430c4c4a830b590ff53d896c32d24531103e992798927686b6f6d5682db3f38be0942d338ab394e281b67b2abad5b471c9df5af8e6aa7202c620806fb0958fcca7845ea920fb504975250774ac8f04deb819907a5e3a4e0dc7958bd6b7d0473b3ab2101b4668e54246149af6f55ebc23d9b2cbedb2295e8878dfcd99a67570a23ff4cec27aef0dadaf69714b590921cb91b191cd0c4792ac0761abe1ee6c3de08ce64029d1afe1b867bd78af4185981953641eab6fa389df4160d546604c5792b73e8d83fc635277208aea37e83f42020064c9d02463411ffb0e962e2d65a40e319bb383ffca6300f34445b5dffba6d0a59e5078d1ccf44e66f13514a3bbf85dc703b6d320155f954cabe5304f3f354838db69f9b35b6731b0618878fe42a6a7b53a74720fc13e0936902a1824a419b28d917279447d8d36c4e3404ce10bc99a047b05182bf4f8624d0f35895c1d41389900b4fce813cb3d1ac512ac617f6914fe9662def1ea53cb08dfddd37d01078b6b6c28177b6cd85e05d41b632c865b24085944ecb86ae6cb6b423608401b06c30d7f0cd0447b5d1dfb795e2bce1af15dbc9917e6f5e4b084514ed7630567d580304fcc12e94839bfbdd081bec2bc5a2105ccae6c9e297050e9927abd94d005feac7e9bd170df873f5c79006df5ae92eb6ba54333bf70a767c6c087f3d5326a1b84b47a71437e6ab2fc5264a1bd4965acad0783e077f25f5989d2964d6797a88a3dd232e745b39dc8ac48f6eb52453d2cd5680c54491026908d0b01b22170ee1482704734a5e94ef18c002a4d04cca8ebfb7bbecbbbad928b41d6a5c660e47c8073ab3ed135442b0f1be0848c699a6b9434e54b37f84113c07a9431558eb6a0795397be0b6168610ac1de380b87609ce81f889fb2db004f6a04810ec638e10824f363423b873a7dbcebfbb1f6adcfe7be576c183ddba4c4d242f2fe0abac2e9a9775d03761143f28819ed258f334c930042406b128bce8a8fd448d7771d8ee023e3c1aa6085fcb1e920a73c2133058245e36b4116c07e8d2698cdb46977276a34acfd624f7b521cbed962b276601312e701c4de5c212536c26064f1a6375562c910bbb2e39401c190ca5f190699cf2a6fb8cb663f4aa82abe439680ef1a94474d819f4830c78a3011af13392f27c57f2fb035f4470f18ea3245c1c60a38ab9d4e7a4be48088bfec097c86eb5972694233943a7e5ee694e977baf120c3bb9ee2946faeef0e936f82d421f31d2fa8256e55a3d819cddcaf61a79afbf66cafa1232a898201d4305837144d44cdefd2028b1caff88b7e208facbabc21751e03ff0870bf1c690041a6d1df97659f5f7a13e7e84fea2c0550751efb57e7b0a2904ac7fe7c6a67d67f542c9053efbbf40d78a2f88d38be52cb7cc82d2b56bf8c4c49d89fb4e04b85921d8c78aff6f98274687526cdc4d468342bd67e0da0d5b7de35a34326cde7b7945ae4e492f223c46281866885cf28511d0452ab33451cadd69fbdd6de549cd70ec1d777375404768dbd8fa2e2c4c307a16ef206d227071e6181e0f3d43aa737c569dbe684aa737343ae584a55fe3c6c82d80975dc12d452e12ae38015c711c402746d85b0b1dc7308f8bbb80c6c03282eb9f00fef33b54ea09649e0d5fb0ccfa71ba0eda7c538fb29588d1e96485dbd81c2d378eae30b3ed44e82feb7ded9b0c25b9eb8ab30addeb86f933d660a54515155674c73c8bb1e162a8d4b800de59d6db18fd0d99fe348133d32e7871c2d32d6cece211152b5e4e505ada65bdf64358d3929b418dd4d6d4c23f8300bdd1e172a56efcf6b9e01a4456e11fc73d13af5ac36a3e05b333019047145e59381e063762edab93d7a69314352b57a2a202fae5dceed73527f665fb358d5a1421f7b6d458be87034fbcd8b9de7f22ca055143e59ce2ddb7984ad67217468e2c8a286c86cfc2c4c4b8650bad8b66768f618e1d06e4478c3d4e5196e121b8aac5b7bf66c6c3d32a12c3190f71750464d47449ccab26ecbaf131852dd042fb60a16ca320bd8915de6bf6dcf71a6c6a7076a8ad8e66d7dcc5fffd64c8d9816822729263db045abc349a9dc04697d9b03f2ec4508e7b0d439994f80f863437480311399cbb24cdf692adcc00c92e93657cc7998f05d9b0dd30b75ef3287f760224d9ed75d94c529f3e5e59dfb415c44a4b74c64dd6fbdfc2687350afd8bc82d4661d69fe69b7abb220bd81bd5d053cc7fc2500b686fc7a2bf2ea8e96e76b9f64b42a2d872fb2b15ec18ca01fba2998bf89a818d950d7ac1f498773e7e41f4130ecff174bd585a203c2b7c4f4c7bacc4c79fb0a06a2b2351d0cf3e6f5ac34c5f1eed382e69fee4b0ffac18f182fffdcff258f0e842f53e33b47a0520b81eb4970339021a4c4e39a465adc62a26b46ef5139a34ce01f775b477d29132e1131fff110d05a6e75bce76e39862d4293da88ba6a7ee4afa4034b33173fb865f1d623953006eef7d2791b0d418ccf4cfa8f99d55562c205962ddedcd00e015cb25fb7654fe04c74672206e86bdfe811e06d68a5eda2c78981ff063d2af26837ca3b0ef820ab190b63ec52548aa5fe02903a65568c66fcc3d445cfa9bfb9bcb63e90d96a3f6ee7d3e3f2e85c3c0715ede538c579ca712171e003454da04f6176f37c691bbf467afa4cf646a91602678d2b3a0061f72912c7a598f0e10975ebc5840fcf2ba6b219113e049fe0b1e39a7a09e15f1c9490d57ccb7cdc224422b7f413658d36134787c55988116b3f965c2ac45f6a6c3a38e1648960c577fdf3273915838d7d7ec4ccb966ee391f0b368f1edb9d987681715e77755a0374ac87d7c323b493327f223e4a7568d77545db59c8d767da876aa550bba2f966d5ff7212fd1d3c8af977c206e3c31f42bd48c7ebf8761fc927dcf88ddbdb3effcbe86843b1eb62d68a188006a38edcbb3bd8c8b2afcea3eb4e26e5fca787702febe882b48436c7826868c602b8e7a23b62568cb986e4d2f65532d8fdedac93d018149bfb3e6d5b3aea53b7e7fbbe33a283abf92e158cb7c6b490859451f52cb9ae1c67b14049ae0f677e61287b7e514b109e8a3348cbc1d6cc50a668a00db82f91cb407a81e5a9461447c218042f7dda9eafe541721eac2416df2c21d89c05a75bf2b27d4149068f566b5284b7ea2c63882fc2e8eff4e2d0067889cb6e6b9b0c4613f12b3b53a18f864a0357fe65c069fe353ba007c200b4b9c28ea76e9d59a31e1697e6dab320d70d188b4a149f3d3fc1b262157e430c8dc49cc4a2255a1e66bfe65bf5fd2a7611d9f836670397c3ad385215abd68b731d4009fd2faba6d90fd37b902da486f2381c5415dccf21a37e7078b8cfae14cf9dd8cb2acb99e5c67e0b7058e86ce59b3846367e4d650fb37b3bf7fdacdcabd501278d1a4068fac471cd751430f8519bb0e760a991f73d488043531b69427aae059bcd7b25fdc04efa0bca5b4071d9a42c153a38794b92f5156c99e02d5fb9aa2310866934f90774ca7bee105c34ef88c8e35d5a266dcee2afbe5d5a3fa97b4a6787807e192a4fda0d6dfe1b876cfec30d76b8929a09730b7cbd2aad6c351db2bd23171f80237a42e3ae20ed30b46c4f37c800495300f6afc5e2b473c2ab391d8c1146faefd47564b43cb5d99b2a01d08a0c89697e081494"}, @INET_DIAG_REQ_BYTECODE={0x4}]}, 0xec4}}, 0x0) 12:54:15 executing program 0: r0 = socket$l2tp(0x2, 0x2, 0x73) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, 0x0, &(0x7f0000000200)) 12:54:15 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x30, r1, 0x21, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8}]}]}, 0x30}}, 0x0) 12:54:15 executing program 2: r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000480)={'sit0\x00', &(0x7f0000000400)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0, @loopback}}) 12:54:15 executing program 1: r0 = socket$rds(0x15, 0x5, 0x0) sendmmsg$inet(r0, &(0x7f0000002180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 12:54:15 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x14, 0x1, 0x5, 0x3}, 0x14}}, 0x0) 12:54:15 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x2, &(0x7f00000002c0)=@raw=[@map_val], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:16 executing program 2: sendto$rose(0xffffffffffffffff, &(0x7f0000000000)="ad0cba453b536e29d80a900b90f8af09ce88802c4ffb39b72b8c6ff42fdacb101df5f7cfced9172fd604c4022f75fa80056fa3a1d0c24e0df3a3cea6288e68c91eb028adbac8c288330bd68cc4754017439dd5f7c3a83a4a4b9ed9209e5e6f8ea1ed7f736bd72cd8b3f42ed3b5e42abc5c18b48632eb43bda2b238a96c6e1f52302213c8db594907e6367a5cf202f8afe3933f91a16be208b969bbc62994cfb1ae81e90fd83473f2a1517dcecc12c3aac39d0166", 0xb4, 0x0, 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, 0x0, 0x0) 12:54:16 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f00000000c0), 0xe) 12:54:16 executing program 5: socket(0x22, 0x0, 0xfffffffe) 12:54:16 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x44, 0x6, 0x518, 0x3b8, 0x0, 0x0, 0x2c8, 0x2c8, 0x480, 0x480, 0x480, 0x480, 0x480, 0x6, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:var_log_t:s0\x00'}}}, {{@ip={@multicast2, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00'}, 0x0, 0x70, 0x98}, @TTL={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @TTL={0x28}}, {{@ip={@rand_addr, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'bond0\x00'}, 0x0, 0xc8, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@dccp={{0x30}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@dccp={{0x30}}]}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x578) 12:54:16 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000ffdbdf25050000000e0001006e6574646519c0dfb731"], 0x3c}}, 0x0) 12:54:16 executing program 5: io_setup(0x3, &(0x7f0000000000)=0x0) r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000c00), 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000400)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x7fff, r1, 0x0, 0x0, 0x0, 0x0, 0x2}]) 12:54:17 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:17 executing program 2: mq_notify(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x80000, 0x0, @tid=0xffffffffffffffff}) 12:54:17 executing program 4: openat$uhid(0xffffffffffffff9c, &(0x7f0000000c00), 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, &(0x7f00000000c0), 0x0) 12:54:17 executing program 3: r0 = shmget$private(0x0, 0x11000, 0x0, &(0x7f0000fef000/0x11000)=nil) shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x4000) shmat(r0, &(0x7f0000ffc000/0x3000)=nil, 0x4000) 12:54:17 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) io_setup(0x81, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x200}]) 12:54:17 executing program 1: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x4000) 12:54:17 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x40, r1, 0xc29bf272469f17fb, 0x0, 0x0, {}, [{@pci={{0x8, 0x7}, {0x11}}, {0xd}}]}, 0x40}}, 0x0) 12:54:17 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0xc29bf272469f17fb, 0x0, 0x0, {0x38}}, 0x14}}, 0x0) 12:54:18 executing program 2: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x5000) shmat(r0, &(0x7f0000ffc000/0x3000)=nil, 0x4000) 12:54:18 executing program 1: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0xc) 12:54:18 executing program 5: r0 = socket$inet(0x2, 0xa, 0x0) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, 0x0, 0x0) 12:54:18 executing program 3: shmget$private(0x2, 0x10000, 0x0, &(0x7f0000fed000/0x10000)=nil) [ 1284.576637][ T26] Bluetooth: hci5: command 0x0405 tx timeout 12:54:19 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:19 executing program 2: setresuid(0xffffffffffffffff, 0xee00, 0x0) r0 = getpid() syz_open_procfs$userns(r0, 0x0) 12:54:19 executing program 4: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ff9000/0x4000)=nil) r1 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmat(r1, &(0x7f0000ffe000/0x2000)=nil, 0x5000) shmat(r0, &(0x7f0000ffd000/0x3000)=nil, 0x4000) 12:54:19 executing program 1: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) setresuid(0x0, 0xee01, 0x0) shmctl$IPC_RMID(r0, 0xc) 12:54:19 executing program 5: syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r0 = socket$inet(0x2, 0x8000a, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000480)) 12:54:19 executing program 3: openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/block/nbd14', 0x3c3641, 0x0) pselect6(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0) 12:54:20 executing program 4: inotify_init() pselect6(0x40, &(0x7f0000000340)={0x9}, 0x0, 0x0, 0x0, 0x0) 12:54:20 executing program 3: shmctl$IPC_STAT(0x0, 0xe, &(0x7f0000000100)=""/95) 12:54:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000ffdbdf25050000000e0001"], 0x3c}}, 0x0) 12:54:20 executing program 2: setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) mq_getsetattr(0xffffffffffffffff, 0x0, 0x0) socket$inet(0x2, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) recvfrom(r0, &(0x7f0000000640)=""/20, 0x14, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r0) 12:54:20 executing program 5: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f00000000c0)=""/39) r1 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil) shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x4000) shmat(r1, &(0x7f0000ffa000/0x2000)=nil, 0x7000) 12:54:20 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0xc29bf272469f17fb, 0x0, 0x0, {0x34}}, 0x14}}, 0x0) [ 1286.504859][T25118] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1286.603081][T25123] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 12:54:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:21 executing program 5: io_uring_setup(0x2eb7, &(0x7f0000000400)) io_setup(0x4, &(0x7f0000000040)=0x0) io_destroy(r0) 12:54:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0xc29bf272469f17fb, 0x0, 0x0, {0x5}}, 0x14}}, 0x0) 12:54:21 executing program 3: io_setup(0x3, &(0x7f0000000000)=0x0) r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000c00), 0x0, 0x0) io_submit(r0, 0x2, &(0x7f0000000180)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x8000000000000000}]) 12:54:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_DISASSOCIATE_REQ(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}}, 0x0) 12:54:21 executing program 4: io_setup(0x0, &(0x7f0000000000)) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$uhid(0xffffffffffffff9c, &(0x7f0000000c00), 0x0, 0x0) recvfrom(r0, &(0x7f0000000640)=""/20, 0x14, 0x40000000, 0x0, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r0) 12:54:21 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x1c, 0x2, 0x1, 0x101, 0x0, 0x0, {}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x402}]}, 0x1c}, 0x1, 0x0, 0x0, 0x200008c4}, 0x0) 12:54:21 executing program 1: socketpair(0x10, 0x80802, 0x8, &(0x7f0000000000)) 12:54:22 executing program 3: syz_io_uring_setup(0x4, &(0x7f0000000140), &(0x7f0000bff000/0x400000)=nil, &(0x7f0000cf0000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) 12:54:22 executing program 5: r0 = socket$caif_seqpacket(0x25, 0x5, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, 0x0) 12:54:22 executing program 4: syz_io_uring_setup(0x0, &(0x7f0000000000), &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0, 0x0) mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f000099a000/0x1000)=nil) 12:54:22 executing program 2: syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000100), 0xfffffffffffffffe) 12:54:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:23 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3400000024000b0f000003000000000000000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000900010063616b65"], 0x34}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0x5}}, [@filter_kind_options=@f_rsvp={{0x9}, {0x14, 0x2, [@TCA_RSVP_SRC={0x8, 0x3, @multicast1}, @TCA_RSVP_DST={0x8, 0x2, @private}]}}]}, 0x44}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) 12:54:23 executing program 3: madvise(&(0x7f0000ff8000/0x3000)=nil, 0x3000, 0x13) 12:54:23 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000580)={'wpan3\x00'}) syz_io_uring_setup(0x4914, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) syz_io_uring_setup(0x2fc9, &(0x7f0000000080), &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ff6000/0x8000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 12:54:23 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r0) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r1, 0x709}, 0x14}}, 0x0) 12:54:23 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getgroups(0x3, &(0x7f0000003a80)=[0xffffffffffffffff, 0xee00, 0xffffffffffffffff]) sendmsg$unix(r0, &(0x7f0000004140)={0x0, 0x0, 0x0, 0x0, &(0x7f00000040c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r1}}}], 0x20}, 0x0) 12:54:23 executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000007c0)) [ 1289.608697][T25181] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. 12:54:23 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, &(0x7f00000019c0)="de", 0x1, 0x3f6f824babb9591b, 0x0, 0x0) recvmsg$unix(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001900)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x12021) 12:54:23 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$bt_hci(r0, &(0x7f00000001c0)={0x1, @write_def_err_data_reporting={{0xc5b, 0x1}}}, 0x5) [ 1289.881039][T25184] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1290.007209][T25184] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. 12:54:24 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f00000001c0)={0x1f, 0x0, 0x4}, 0x6) [ 1290.131120][T25181] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. 12:54:24 executing program 3: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'gretap0\x00'}) 12:54:24 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3400000024000b0f000003000000000000000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000900010063616b65"], 0x34}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0x5}}, [@filter_kind_options=@f_rsvp={{0x9}, {0x14, 0x2, [@TCA_RSVP_SRC={0x8, 0x3, @multicast1}, @TCA_RSVP_DST={0x8, 0x2, @private}]}}]}, 0x44}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) [ 1290.807588][T25213] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1290.915008][T25218] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. 12:54:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, 0x0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:25 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r1, 0x709, 0x0, 0x0, {0x4}}, 0x14}}, 0x0) 12:54:25 executing program 1: socketpair(0x10, 0x2, 0x8048, &(0x7f0000000000)) 12:54:25 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000001c0)={0x0, 0x0, 0x4, {0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}}}) 12:54:25 executing program 3: socketpair(0x27, 0x0, 0x0, &(0x7f00000016c0)) 12:54:25 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9}, 0x0) 12:54:25 executing program 2: openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config', 0x0, 0x0) 12:54:25 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001900)=[{0x0}, {0x0}, {0x0}, {0x0, 0x3f}, {0x0}, {0x0}, {0x0, 0xfffffffffffffd48}, {0x0}, {0x0}], 0x9}, 0x0) 12:54:26 executing program 4: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0) 12:54:26 executing program 3: openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/cpia2', 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/class/rc', 0x40, 0x0) 12:54:26 executing program 1: mprotect(&(0x7f0000ff6000/0xa000)=nil, 0xa000, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 12:54:26 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r0, 0x0, 0x0, 0x2160, 0x0, 0x0) 12:54:27 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, 0x0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:27 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x2}, 0x0) 12:54:27 executing program 4: r0 = syz_io_uring_setup(0x7d1a, &(0x7f0000000000), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x7ffffffff007, 0x0, 0x10, r0, 0x10000000) 12:54:27 executing program 3: syz_io_uring_setup(0x6122, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) remap_file_pages(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x9, 0x0) syz_io_uring_setup(0x7612, &(0x7f0000000100), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000240)) 12:54:27 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x6000}, 0x0) 12:54:27 executing program 5: shmget$private(0x0, 0x4000, 0x596e5487793af472, &(0x7f0000ffa000/0x4000)=nil) 12:54:27 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x8, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000140)={0x1, @sdr}) 12:54:27 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, &(0x7f00000019c0)="de", 0x1, 0x3f6f824babb9591b, 0x0, 0x0) recvmsg$unix(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x12021) 12:54:27 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x0, 0x1, 0x1}) 12:54:27 executing program 4: syz_io_uring_setup(0x4914, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) syz_io_uring_setup(0x2ab0, &(0x7f0000000200), &(0x7f0000fca000/0x2000)=nil, &(0x7f0000e14000/0x2000)=nil, &(0x7f0000000280), 0x0) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) 12:54:27 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00'}) 12:54:28 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x3}, @NFT_MSG_NEWSET={0x20, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x5c}}, 0x0) 12:54:28 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, 0x0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:28 executing program 2: socketpair(0x15, 0x0, 0x0, &(0x7f0000000100)) 12:54:28 executing program 4: io_uring_setup(0x3ca7, &(0x7f0000000580)={0x0, 0x0, 0x20}) 12:54:28 executing program 3: madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x15) 12:54:28 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x38, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}, @L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x40) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000000c0)={'gre0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="73797a746e6c30eab2a71d7b0af7192f31c30000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000004500001400000000000090780000000000000000"]}) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000240)={'gretap0\x00', 0x0, 0x700, 0x40, 0x7d3, 0x9, {{0xa, 0x4, 0x3, 0x0, 0x28, 0x64, 0x0, 0xff, 0x29, 0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0x2b}, {[@lsrr={0x83, 0x13, 0x6a, [@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010102, @broadcast, @local]}, @noop]}}}}}) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f00000004c0)={&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000300)=""/183, 0xb7, 0x0, &(0x7f00000003c0)=""/250, 0xfa}, &(0x7f0000000500)=0x40) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/lcd', 0x4002, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/cpia2', 0x0, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000780), r1) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/cpia2', 0x0, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000780), r2) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000001c0)) 12:54:28 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_opts(r0, 0x0, 0xd, 0x0, &(0x7f0000000140)) 12:54:29 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x6, 0x0, 0x0, 0x1}, 0x40) 12:54:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000c40)={0x4c, 0x0, 0x2, 0x5, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast2}}}]}, @CTA_EXPECT_MASTER={0x4}]}, 0x4c}}, 0x0) 12:54:29 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f00000001c0)={0x3, @win={{}, 0x0, 0x0, &(0x7f0000000140), 0x0, 0x0}}) 12:54:29 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) recvmsg$can_raw(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x10041) 12:54:29 executing program 1: mremap(&(0x7f0000ff9000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) 12:54:29 executing program 5: syz_io_uring_setup(0x6cc3, &(0x7f0000000000)={0x0, 0x8f2b}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000080), 0x0) mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) 12:54:30 executing program 0: r0 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:30 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)=ANY=[@ANYBLOB="1400000010"], 0x254}}, 0x0) 12:54:30 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, &(0x7f00000019c0)="de", 0x1, 0x3f6f824babb9591b, 0x0, 0x0) recvmsg$unix(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001900)=[{0x0}, {0x0}], 0x2}, 0x12021) 12:54:30 executing program 3: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000500)) 12:54:30 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000001880)=[{0x0}, {&(0x7f00000019c0)="87", 0x1}], 0x2}, 0x0) 12:54:30 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 12:54:31 executing program 2: r0 = syz_io_uring_setup(0x7d1a, &(0x7f0000000000), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x7fffdf004000, 0x0, 0x13, r0, 0x10000000) 12:54:31 executing program 3: prctl$PR_SET_MM(0x23, 0xc, &(0x7f0000ffc000/0x1000)=nil) 12:54:31 executing program 1: syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) mprotect(&(0x7f0000ff6000/0xa000)=nil, 0xa002, 0x2) 12:54:31 executing program 5: syz_io_uring_setup(0x5b84, &(0x7f0000000000), &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0, 0x0) mremap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil) 12:54:31 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f00000000c0)={0x0, 0x33424752, 0x0, @stepwise}) 12:54:31 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000001f00)={0x0, 0x0, 0x0, 0x0, 0x0, 0xd8}, 0x0) 12:54:32 executing program 0: r0 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:32 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/cpia2', 0x0, 0x0) syz_io_uring_setup(0x4efd, &(0x7f0000000000)={0x0, 0x0, 0x26, 0x0, 0x0, 0x0, r0}, &(0x7f0000ff4000/0xc000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 12:54:32 executing program 1: mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x26333, 0xffffffffffffffff, 0x10000000) 12:54:32 executing program 5: r0 = io_uring_setup(0x185b, &(0x7f0000000000)={0x0, 0x3e1d}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x744a, &(0x7f00000000c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000200)) 12:54:32 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001900)=[{0x0, 0x5}, {0x0}, {0x0}, {0x0}, {0x0, 0xffffff4d}, {0x0}, {0x0}, {0x0}, {0x0}], 0x10000000000002f0}, 0x0) 12:54:32 executing program 2: socketpair(0xa, 0x2, 0x73, &(0x7f0000000500)) 12:54:32 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x20, 0x1, 0x1}) 12:54:32 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f00000000c0)={0x0, 0x0, 0x0, @stepwise}) 12:54:32 executing program 2: r0 = shmget$private(0x0, 0x2000, 0x4, &(0x7f0000ffd000/0x2000)=nil) shmat(r0, &(0x7f0000ffd000/0x1000)=nil, 0x4000) shmctl$IPC_RMID(r0, 0x0) shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x4000) 12:54:32 executing program 5: syz_io_uring_setup(0x7d1a, &(0x7f0000000000), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f00000000c0)=[&(0x7f0000ff7000/0x1000)=nil], 0x0, 0x0, 0x0) 12:54:32 executing program 3: mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) syz_io_uring_setup(0x6a08, &(0x7f0000000140), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0, 0x0) 12:54:33 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r1, 0x1}, 0x14}}, 0x0) 12:54:33 executing program 0: r0 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:33 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)=ANY=[@ANYBLOB="1400000010000100000000"], 0x254}}, 0x40008) 12:54:33 executing program 3: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, @short}, 0x14, &(0x7f00000001c0)={0x0}}, 0x0) 12:54:33 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89a0, 0x0) 12:54:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000000)={{0x0, @broadcast, 0x0, 0x0, 'fo\x00'}, {@initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x44) 12:54:33 executing program 4: r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r0, &(0x7f0000000040)='0\x00', 0x2) [ 1300.020085][T25391] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:0 12:54:34 executing program 1: mremap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil) 12:54:34 executing program 5: socketpair(0x25, 0x0, 0x0, &(0x7f00000027c0)) 12:54:34 executing program 3: r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) write$bt_hci(r0, 0x0, 0x0) 12:54:34 executing program 4: r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r0, &(0x7f0000000040)='0\x00', 0x2) 12:54:34 executing program 2: syz_io_uring_setup(0x0, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) mprotect(&(0x7f0000848000/0x4000)=nil, 0x4000, 0x0) syz_io_uring_setup(0x7a0b, &(0x7f0000000280), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000f74000/0x3000)=nil, &(0x7f0000000300), &(0x7f0000000340)) 12:54:34 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000040)=""/227, &(0x7f0000000140)=0xe3) 12:54:35 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:35 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000600)={'veth0_macvtap\x00', 0x0}) connect$can_j1939(r1, &(0x7f0000000640)={0x1d, r2, 0x0, {0x2}}, 0x18) 12:54:35 executing program 5: perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 12:54:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x1, 0x2, 0x3}, 0x14}}, 0x0) 12:54:35 executing program 4: munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0) 12:54:35 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000240)={0x14}, 0x40) 12:54:35 executing program 4: openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/disk', 0x84a01, 0x0) 12:54:35 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x1c, 0x2, 0x1, 0x101, 0x0, 0x0, {}, [@CTA_STATUS={0x8}]}, 0x1c}}, 0x0) 12:54:35 executing program 2: socketpair(0x1e, 0x2, 0x0, &(0x7f0000000500)) 12:54:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{}, {}, {0xc, 0x14, 'syz1\x00'}}}, 0x28}}, 0x0) 12:54:35 executing program 1: syz_io_uring_setup(0x4914, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0) madvise(&(0x7f0000ff9000/0x1000)=nil, 0x1000, 0x3) 12:54:36 executing program 4: munmap(&(0x7f0000ffa000/0x6000)=nil, 0x6000) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x1000)=nil], 0x0, &(0x7f00000000c0), 0x0) 12:54:36 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:36 executing program 5: shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0x4000) madvise(&(0x7f0000ff9000/0x1000)=nil, 0x1000, 0x16) 12:54:36 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f00000002c0)={'broute\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000180)=[{}], 0x0}, &(0x7f0000000340)=0x78) 12:54:36 executing program 3: socketpair(0xf, 0x3, 0x0, &(0x7f0000000500)) 12:54:36 executing program 1: madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17) madvise(&(0x7f0000ff9000/0x1000)=nil, 0x1000, 0x3) 12:54:36 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) write$FUSE_GETXATTR(r0, 0x0, 0x0) 12:54:37 executing program 3: r0 = syz_io_uring_setup(0x7d1a, &(0x7f0000000000), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x10000000) 12:54:37 executing program 1: socketpair(0x26, 0x5, 0x6, &(0x7f0000000080)) 12:54:37 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0x0, 0x0) 12:54:37 executing program 2: socketpair(0x1, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) 12:54:37 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0x19, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40) 12:54:37 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001900)=[{0x0}, {0x0}, {0x0}, {0x0, 0x100000000000000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) 12:54:38 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:38 executing program 1: sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, 0x0, 0x400c094) socket$can_j1939(0x1d, 0x2, 0x7) socket$unix(0x1, 0x5, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000380)={&(0x7f0000000280), 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0x40, 0x3, 0x1, 0x101, 0x0, 0x0, {0xa}, [@CTA_PROTOINFO={0x2c, 0x4, 0x0, 0x1, @CTA_PROTOINFO_DCCP={0x28, 0x2, 0x0, 0x1, [@CTA_PROTOINFO_DCCP_STATE={0x5}, @CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc}, @CTA_PROTOINFO_DCCP_STATE={0x5}, @CTA_PROTOINFO_DCCP_STATE={0x5, 0x1, 0x70}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40090}, 0x0) 12:54:38 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f3, &(0x7f0000000040)={'tunl0\x00', &(0x7f0000000100)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @broadcast, {[@lsrr={0x83, 0x13, 0x0, [@broadcast, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @cipso={0x86, 0x2a, 0x0, [{0x0, 0x3, 'j'}, {0x0, 0xc, "99cf65928d03ba0683ed"}, {0x0, 0xe, "083aeb217fa5b6e381235578"}, {0x0, 0x7, "91bdf8da3e"}]}]}}}}}) 12:54:38 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x8982, 0x0) 12:54:38 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14}, 0x14}, 0x300}, 0x0) 12:54:39 executing program 2: pselect6(0x40, &(0x7f0000000040), &(0x7f0000000080)={0x3}, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140), 0x8}) 12:54:39 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, &(0x7f00000019c0)="de", 0x1, 0x3f6f824babb9591b, 0x0, 0x0) recvmsg$unix(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) 12:54:39 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0) openat$bsg(0xffffff9c, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x0) syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x14, &(0x7f0000000640)=[{&(0x7f0000010000)="0200000000003434180100007a4a7934171308d3000000003f00000000000000000010000000000004000000000000001000000005000000010000000000000004000000000000000000000000000000e003000000000000561b675f00000000571b675f00000000571b675f000000000100320000000100561b675f00000000004eed0000000000000000000b00000080002000c000100053b0c0d949ee453ea072891e4b77bc60", 0xa8, 0x400}, {&(0x7f0000010100)="000000000000000001", 0x9, 0x500}, {&(0x7f0000010200)="dd6bcb1c8fa443cb11faaf1e400007000000000000000000561b675f0000000010000000000000000c0000000500000040010000000000000100000000000000020000000000000001000000000000000100000001000000010000000000000000000000000000000600000000000000010000000000000004000000040000000200000000000000000000000000000003000000000000000100000000000000040000000000000002000000000000000500000000000000030000000000000004000000000000000100000000000000010000000100000006000000000000000000000000000000050000000000000001000000000000000100000001000000070000000000000000000000000000000300000000000000010000000000000003000000030000000000000000000000010000000000000002", 0x139, 0x1000}, {&(0x7f0000010400)="0200000000000000100001022e0000000200000000000000100002022e2e00000b00000000000000e00306012e6e696c6673", 0x32, 0x1400}, {&(0x7f0000010500)="f41f0000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000ff0f", 0x402, 0x1800}, {&(0x7f0000010a00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2080}, {&(0x7f0000010b00)="01000000000000000004000000000000561b675f00000000561b675f0000000000000000000000000000000000000000ed41020000000000000000000000000001", 0x41, 0x2100}, {&(0x7f0000010c00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2380}, {&(0x7f0000010d00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2400}, {&(0x7f0000010e00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2480}, {&(0x7f0000010f00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2500}, {&(0x7f0000011000)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000a48101", 0x33, 0x2580}, {&(0x7f0000011100)="01", 0x1, 0x2800}, {&(0x7f0000011200)="0000000000000000000000000000000000000000000000000100000000000000561b675f000000000c000000000000000200000000000000050000000000000004000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000200000000000000030000000000000004000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000002", 0xd9, 0x28c0}, {&(0x7f0000011300)="02000000000000000000000000000000000000000000000003", 0x19, 0x2a40}, {&(0x7f0000011400)="02000000000000000000000000000000000000000000000004", 0x19, 0x2b00}, {&(0x7f0000011500)="3d0000000000000002000000000000003e000000000000000000000000000000561b675f000000000c0000000300000000000000000000000000000003", 0x3d, 0x2c00}, {&(0x7f0000011600)="f81f0000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000ff", 0x401, 0x3000}, {&(0x7f0000011b00)="05000000000000000100000000000000ffffffffffffffff000000000000000006000000000000000100000000000000ffffffffffffffff000000000000000007000000000000000100000000000000ffffffffffffffff000000000000000008000000000000000100000000000000ffffffffffffffff000000000000000009000000000000000100000000000000ffffffffffffffff00000000000000000a000000000000000100000000000000ffffffffffffffff00000000000000000b000000000000000100000000000000ffffffffffffffff", 0xd8, 0x3820}, {&(0x7f0000011c00)="53882a9490010000561b675f0000000003000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000c000000000000000d000000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000561b675f00000000561b675f00000000000000000000000000000000000000000080010000000000000000000000000007", 0x151, 0x3c00}], 0x0, &(0x7f0000015b00)) 12:54:39 executing program 4: syz_io_uring_setup(0x6cc3, &(0x7f0000000000), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) mprotect(&(0x7f0000ff6000/0xa000)=nil, 0xa002, 0x0) [ 1306.061226][T25487] loop3: detected capacity change from 0 to 60 [ 1306.252053][T25487] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1306.279815][T25487] NILFS (loop3): mounting unchecked fs [ 1306.377805][T25487] NILFS (loop3): recovery complete [ 1306.400486][T25491] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds 12:54:40 executing program 1: socketpair(0xc1b6d6c023bfc3e8, 0x0, 0x0, &(0x7f0000000480)) 12:54:40 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, 0x3, 0x1, 0x5, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @multicast2}}}]}]}, 0x2c}}, 0x0) 12:54:40 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0) openat$bsg(0xffffff9c, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x0) syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x14, &(0x7f0000000640)=[{&(0x7f0000010000)="0200000000003434180100007a4a7934171308d3000000003f00000000000000000010000000000004000000000000001000000005000000010000000000000004000000000000000000000000000000e003000000000000561b675f00000000571b675f00000000571b675f000000000100320000000100561b675f00000000004eed0000000000000000000b00000080002000c000100053b0c0d949ee453ea072891e4b77bc60", 0xa8, 0x400}, {&(0x7f0000010100)="000000000000000001", 0x9, 0x500}, {&(0x7f0000010200)="dd6bcb1c8fa443cb11faaf1e400007000000000000000000561b675f0000000010000000000000000c0000000500000040010000000000000100000000000000020000000000000001000000000000000100000001000000010000000000000000000000000000000600000000000000010000000000000004000000040000000200000000000000000000000000000003000000000000000100000000000000040000000000000002000000000000000500000000000000030000000000000004000000000000000100000000000000010000000100000006000000000000000000000000000000050000000000000001000000000000000100000001000000070000000000000000000000000000000300000000000000010000000000000003000000030000000000000000000000010000000000000002", 0x139, 0x1000}, {&(0x7f0000010400)="0200000000000000100001022e0000000200000000000000100002022e2e00000b00000000000000e00306012e6e696c6673", 0x32, 0x1400}, {&(0x7f0000010500)="f41f0000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000ff0f", 0x402, 0x1800}, {&(0x7f0000010a00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2080}, {&(0x7f0000010b00)="01000000000000000004000000000000561b675f00000000561b675f0000000000000000000000000000000000000000ed41020000000000000000000000000001", 0x41, 0x2100}, {&(0x7f0000010c00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2380}, {&(0x7f0000010d00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2400}, {&(0x7f0000010e00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2480}, {&(0x7f0000010f00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2500}, {&(0x7f0000011000)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000a48101", 0x33, 0x2580}, {&(0x7f0000011100)="01", 0x1, 0x2800}, {&(0x7f0000011200)="0000000000000000000000000000000000000000000000000100000000000000561b675f000000000c000000000000000200000000000000050000000000000004000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000200000000000000030000000000000004000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000002", 0xd9, 0x28c0}, {&(0x7f0000011300)="02000000000000000000000000000000000000000000000003", 0x19, 0x2a40}, {&(0x7f0000011400)="02000000000000000000000000000000000000000000000004", 0x19, 0x2b00}, {&(0x7f0000011500)="3d0000000000000002000000000000003e000000000000000000000000000000561b675f000000000c0000000300000000000000000000000000000003", 0x3d, 0x2c00}, {&(0x7f0000011600)="f81f0000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000ff", 0x401, 0x3000}, {&(0x7f0000011b00)="05000000000000000100000000000000ffffffffffffffff000000000000000006000000000000000100000000000000ffffffffffffffff000000000000000007000000000000000100000000000000ffffffffffffffff000000000000000008000000000000000100000000000000ffffffffffffffff000000000000000009000000000000000100000000000000ffffffffffffffff00000000000000000a000000000000000100000000000000ffffffffffffffff00000000000000000b000000000000000100000000000000ffffffffffffffff", 0xd8, 0x3820}, {&(0x7f0000011c00)="53882a9490010000561b675f0000000003000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000c000000000000000d000000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000561b675f00000000561b675f00000000000000000000000000000000000000000080010000000000000000000000000007", 0x151, 0x3c00}], 0x0, &(0x7f0000015b00)) [ 1307.267585][T25504] loop3: detected capacity change from 0 to 60 [ 1307.410720][T25504] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1307.438285][T25504] NILFS (loop3): mounting unchecked fs [ 1307.479406][T25504] NILFS (loop3): recovery complete [ 1307.520679][T25508] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds 12:54:41 executing program 0: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:41 executing program 2: socketpair(0x10, 0x2, 0x0, &(0x7f0000000500)) 12:54:41 executing program 5: openat$cuse(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1) munmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000) 12:54:41 executing program 1: accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0x19, 0x0, 0x0, 0x8001, 0x0, 0x1, 0xfffffff7}, 0x40) 12:54:41 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, 0xb, 0x6, 0x401}, 0x14}}, 0x0) 12:54:41 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0) openat$bsg(0xffffff9c, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x0) syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x14, &(0x7f0000000640)=[{&(0x7f0000010000)="0200000000003434180100007a4a7934171308d3000000003f00000000000000000010000000000004000000000000001000000005000000010000000000000004000000000000000000000000000000e003000000000000561b675f00000000571b675f00000000571b675f000000000100320000000100561b675f00000000004eed0000000000000000000b00000080002000c000100053b0c0d949ee453ea072891e4b77bc60", 0xa8, 0x400}, {&(0x7f0000010100)="000000000000000001", 0x9, 0x500}, {&(0x7f0000010200)="dd6bcb1c8fa443cb11faaf1e400007000000000000000000561b675f0000000010000000000000000c0000000500000040010000000000000100000000000000020000000000000001000000000000000100000001000000010000000000000000000000000000000600000000000000010000000000000004000000040000000200000000000000000000000000000003000000000000000100000000000000040000000000000002000000000000000500000000000000030000000000000004000000000000000100000000000000010000000100000006000000000000000000000000000000050000000000000001000000000000000100000001000000070000000000000000000000000000000300000000000000010000000000000003000000030000000000000000000000010000000000000002", 0x139, 0x1000}, {&(0x7f0000010400)="0200000000000000100001022e0000000200000000000000100002022e2e00000b00000000000000e00306012e6e696c6673", 0x32, 0x1400}, {&(0x7f0000010500)="f41f0000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000ff0f", 0x402, 0x1800}, {&(0x7f0000010a00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2080}, {&(0x7f0000010b00)="01000000000000000004000000000000561b675f00000000561b675f0000000000000000000000000000000000000000ed41020000000000000000000000000001", 0x41, 0x2100}, {&(0x7f0000010c00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2380}, {&(0x7f0000010d00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2400}, {&(0x7f0000010e00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2480}, {&(0x7f0000010f00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2500}, {&(0x7f0000011000)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000a48101", 0x33, 0x2580}, {&(0x7f0000011100)="01", 0x1, 0x2800}, {&(0x7f0000011200)="0000000000000000000000000000000000000000000000000100000000000000561b675f000000000c000000000000000200000000000000050000000000000004000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000200000000000000030000000000000004000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000002", 0xd9, 0x28c0}, {&(0x7f0000011300)="02000000000000000000000000000000000000000000000003", 0x19, 0x2a40}, {&(0x7f0000011400)="02000000000000000000000000000000000000000000000004", 0x19, 0x2b00}, {&(0x7f0000011500)="3d0000000000000002000000000000003e000000000000000000000000000000561b675f000000000c0000000300000000000000000000000000000003", 0x3d, 0x2c00}, {&(0x7f0000011600)="f81f0000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000ff", 0x401, 0x3000}, {&(0x7f0000011b00)="05000000000000000100000000000000ffffffffffffffff000000000000000006000000000000000100000000000000ffffffffffffffff000000000000000007000000000000000100000000000000ffffffffffffffff000000000000000008000000000000000100000000000000ffffffffffffffff000000000000000009000000000000000100000000000000ffffffffffffffff00000000000000000a000000000000000100000000000000ffffffffffffffff00000000000000000b000000000000000100000000000000ffffffffffffffff", 0xd8, 0x3820}, {&(0x7f0000011c00)="53882a9490010000561b675f0000000003000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000c000000000000000d000000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000561b675f00000000561b675f00000000000000000000000000000000000000000080010000000000000000000000000007", 0x151, 0x3c00}], 0x0, &(0x7f0000015b00)) 12:54:42 executing program 1: sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x14, 0x3, 0x1, 0x101, 0x0, 0x0, {0xa}}, 0x14}}, 0x0) 12:54:42 executing program 2: madvise(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0xc) mremap(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffd000/0x2000)=nil) 12:54:42 executing program 4: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) mmap$snddsp_control(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x83000000) 12:54:42 executing program 5: syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d3000/0x4000)=nil, &(0x7f0000000000), 0x0) r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e) connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2, 0xfffffffd}}, 0x2e) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x2, 0x20000000, 0x4) [ 1308.215830][T25524] loop3: detected capacity change from 0 to 60 [ 1308.442176][T25524] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1308.484315][T25524] NILFS (loop3): mounting unchecked fs [ 1308.602321][T25524] NILFS (loop3): recovery complete [ 1308.644749][T25530] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds 12:54:42 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0) openat$bsg(0xffffff9c, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x0) syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x14, &(0x7f0000000640)=[{&(0x7f0000010000)="0200000000003434180100007a4a7934171308d3000000003f00000000000000000010000000000004000000000000001000000005000000010000000000000004000000000000000000000000000000e003000000000000561b675f00000000571b675f00000000571b675f000000000100320000000100561b675f00000000004eed0000000000000000000b00000080002000c000100053b0c0d949ee453ea072891e4b77bc60", 0xa8, 0x400}, {&(0x7f0000010100)="000000000000000001", 0x9, 0x500}, {&(0x7f0000010200)="dd6bcb1c8fa443cb11faaf1e400007000000000000000000561b675f0000000010000000000000000c0000000500000040010000000000000100000000000000020000000000000001000000000000000100000001000000010000000000000000000000000000000600000000000000010000000000000004000000040000000200000000000000000000000000000003000000000000000100000000000000040000000000000002000000000000000500000000000000030000000000000004000000000000000100000000000000010000000100000006000000000000000000000000000000050000000000000001000000000000000100000001000000070000000000000000000000000000000300000000000000010000000000000003000000030000000000000000000000010000000000000002", 0x139, 0x1000}, {&(0x7f0000010400)="0200000000000000100001022e0000000200000000000000100002022e2e00000b00000000000000e00306012e6e696c6673", 0x32, 0x1400}, {&(0x7f0000010500)="f41f0000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000ff0f", 0x402, 0x1800}, {&(0x7f0000010a00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2080}, {&(0x7f0000010b00)="01000000000000000004000000000000561b675f00000000561b675f0000000000000000000000000000000000000000ed41020000000000000000000000000001", 0x41, 0x2100}, {&(0x7f0000010c00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2380}, {&(0x7f0000010d00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2400}, {&(0x7f0000010e00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2480}, {&(0x7f0000010f00)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001", 0x33, 0x2500}, {&(0x7f0000011000)="00000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000a48101", 0x33, 0x2580}, {&(0x7f0000011100)="01", 0x1, 0x2800}, {&(0x7f0000011200)="0000000000000000000000000000000000000000000000000100000000000000561b675f000000000c000000000000000200000000000000050000000000000004000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000200000000000000030000000000000004000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000002", 0xd9, 0x28c0}, {&(0x7f0000011300)="02000000000000000000000000000000000000000000000003", 0x19, 0x2a40}, {&(0x7f0000011400)="02000000000000000000000000000000000000000000000004", 0x19, 0x2b00}, {&(0x7f0000011500)="3d0000000000000002000000000000003e000000000000000000000000000000561b675f000000000c0000000300000000000000000000000000000003", 0x3d, 0x2c00}, {&(0x7f0000011600)="f81f0000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000002000000020000000200000ff", 0x401, 0x3000}, {&(0x7f0000011b00)="05000000000000000100000000000000ffffffffffffffff000000000000000006000000000000000100000000000000ffffffffffffffff000000000000000007000000000000000100000000000000ffffffffffffffff000000000000000008000000000000000100000000000000ffffffffffffffff000000000000000009000000000000000100000000000000ffffffffffffffff00000000000000000a000000000000000100000000000000ffffffffffffffff00000000000000000b000000000000000100000000000000ffffffffffffffff", 0xd8, 0x3820}, {&(0x7f0000011c00)="53882a9490010000561b675f0000000003000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000c000000000000000d000000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000561b675f00000000561b675f0000000000000000000000000000000000000000008001000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000561b675f00000000561b675f00000000000000000000000000000000000000000080010000000000000000000000000007", 0x151, 0x3c00}], 0x0, &(0x7f0000015b00)) 12:54:43 executing program 2: perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0) [ 1309.761406][T25547] loop3: detected capacity change from 0 to 60 [ 1309.952169][T25547] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1310.009838][T25547] NILFS (loop3): mounting unchecked fs [ 1310.171221][T25547] NILFS (loop3): recovery complete [ 1310.215514][T25553] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds 12:54:45 executing program 0: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:45 executing program 5: r0 = syz_io_uring_setup(0x884, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d3000/0x4000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307f, 0x0, 0x4) r3 = socket$nl_route(0x10, 0x3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="180000006a0001917e"], 0x18}}, 0x0) io_uring_enter(r0, 0x688c, 0x0, 0x0, 0x0, 0x0) 12:54:45 executing program 4: perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) madvise(&(0x7f000030b000/0x4000)=nil, 0x4000, 0x1) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) 12:54:45 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x40, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50) syz_fuse_handle_req(r1, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0) dup3(r0, r1, 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r4, 0x4, &(0x7f0000000780)=[&(0x7f0000000440)={0x0, 0x0, 0x4, 0x1, 0x0, r3, &(0x7f0000000380)='\b', 0x20000381}]) 12:54:45 executing program 2: openat$null(0xffffffffffffff9c, &(0x7f0000001f40), 0x301081, 0x0) 12:54:45 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x38}}}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in={{0x2, 0x4e21, @local}}}, 0x9c) 12:54:46 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0xd41, 0x0) write$P9_RSTATu(r0, 0x0, 0x0) [ 1312.156185][T25575] fuse: Bad value for 'fd' [ 1312.209174][ T24] audit: type=1804 audit(1639140886.282:58): pid=25576 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir061547031/syzkaller.Uoe8Xd/59/file0" dev="sda1" ino=15155 res=1 errno=0 12:54:46 executing program 2: r0 = socket$unix(0x1, 0x2, 0x0) recvmmsg$unix(r0, &(0x7f0000000a80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x100, 0x0) 12:54:46 executing program 3: r0 = creat(&(0x7f00000015c0)='./file0\x00', 0x0) ioctl$NS_GET_NSTYPE(r0, 0xb703, 0x0) 12:54:46 executing program 1: r0 = creat(&(0x7f00000015c0)='./file0\x00', 0x0) write$FUSE_NOTIFY_RETRIEVE(r0, 0x0, 0x0) 12:54:47 executing program 5: r0 = syz_io_uring_setup(0x884, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d3000/0x4000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307f, 0x0, 0x4) r3 = socket$nl_route(0x10, 0x3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="180000006a0001917e"], 0x18}}, 0x0) io_uring_enter(r0, 0x688c, 0x0, 0x0, 0x0, 0x0) 12:54:47 executing program 4: openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x400801, 0x0) [ 1314.285030][ T1201] ieee802154 phy0 wpan0: encryption failed: -22 [ 1314.291647][ T1201] ieee802154 phy1 wpan1: encryption failed: -22 12:54:48 executing program 0: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:54:48 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:54:48 executing program 4: msgget(0x0, 0x374) 12:54:48 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$cgroup_pressure(r0, &(0x7f0000000000)='io.pressure\x00', 0x2, 0x0) 12:54:48 executing program 2: semget$private(0x0, 0x3, 0x10) 12:54:48 executing program 5: r0 = syz_io_uring_setup(0x884, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d3000/0x4000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307f, 0x0, 0x4) r3 = socket$nl_route(0x10, 0x3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="180000006a0001917e"], 0x18}}, 0x0) io_uring_enter(r0, 0x688c, 0x0, 0x0, 0x0, 0x0) 12:54:49 executing program 3: openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.threads\x00', 0x2, 0x0) 12:54:50 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$cgroup(r0, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) 12:54:50 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) 12:54:50 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:54:50 executing program 3: r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, 0x0) 12:54:50 executing program 2: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0) 12:54:51 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, 0x0, 0x0) 12:54:51 executing program 4: openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) 12:54:51 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, 0xffffffffffffffff, 0x0) 12:54:51 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, 0x0) 12:54:51 executing program 2: syz_io_uring_setup(0x167a, &(0x7f0000000000)={0x0, 0x999, 0x8}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 12:54:51 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:54:51 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000980)={0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000fc0)={&(0x7f00000009c0)=@can, 0x80, 0x0, 0x0, &(0x7f0000000f80)=""/17, 0x11}, 0x10042) 12:54:51 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x0, 0x0, 0x0, 0xf}]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) 12:54:51 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x26, 0x0, 0xc, 0xc, 0x2, [@ptr]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) 12:54:51 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x2}, {0x1}, {0x1, 0x5}]}, @func_proto]}}, &(0x7f0000000080)=""/143, 0x4a, 0x8f, 0x1}, 0x20) 12:54:52 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x4, 0xc, 0xc, 0x2, [@ptr]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) 12:54:52 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001580)={&(0x7f0000001340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@fwd={0x4, 0x0, 0x0, 0xd}]}, {0x0, [0x0, 0x0, 0x0]}}, &(0x7f0000001480)=""/255, 0x29, 0xff, 0x1}, 0x20) 12:54:53 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, 0x0, 0x0) 12:54:53 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$sock(r0, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001600)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f00000016c0)=[@mark={{0x14}}], 0x18}, 0x0) 12:54:53 executing program 4: socketpair(0x2, 0x6, 0x0, &(0x7f00000001c0)) 12:54:53 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:54:53 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@var={0x1}]}}, &(0x7f0000000080)=""/134, 0x2a, 0x86, 0x1}, 0x20) 12:54:53 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000008c80)={0x1, 0x400, 0xdd, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x40) 12:54:53 executing program 5: r0 = socket$kcm(0x29, 0x2, 0x0) sendmsg(r0, &(0x7f0000000340)={&(0x7f0000000140)=@l2tp6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000a40)="a0", 0x1}, {&(0x7f0000000240)="cb", 0x1}], 0x2}, 0x0) 12:54:53 executing program 3: socketpair(0xa, 0x1, 0x5, &(0x7f00000001c0)) 12:54:53 executing program 4: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000100)=@name={0x1e, 0x2, 0x1, {{0x42, 0xfffffffd}, 0x2}}, 0x10, &(0x7f0000000100), 0x0, &(0x7f00000000c0)="7d0ad43aba8e706e515e7b", 0xb, 0x40080}, 0x80) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000900)=0x1, 0x4) r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001a80)=@bpf_ext={0x1c, 0x8, &(0x7f0000000980)=@raw=[@map={0x18, 0x9}, @jmp={0x5, 0x1, 0xa, 0x0, 0xd, 0xc, 0xfffffffffffffffc}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x1}, @alu={0x7, 0x0, 0x0, 0x1, 0x5, 0x30, 0xfffffffffffffff0}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @ldst={0x3, 0x2, 0x6, 0x2, 0x8, 0x40, 0x1}], &(0x7f00000009c0)='syzkaller\x00', 0x9, 0x1000, &(0x7f0000000a00)=""/4096, 0x41000, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000001a00)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000001a40)={0x1, 0x0, 0x1, 0xffff}, 0x10, 0x534f}, 0x78) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r0, 0xc0, &(0x7f0000001c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001b00)=0xfffffffffffffffa, 0x0, 0x0, 0x0, &(0x7f0000001b40)={0x6, 0x5}, 0x0, 0x0, &(0x7f0000001b80)={0x0, 0x1, 0x3, 0x6}, &(0x7f0000001bc0)=0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001c00)=0x1000}}, 0x10) r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00'}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000003380)={0x1, 0xfc, 0x9, 0x9, 0x2, r1, 0x401, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x5}, 0x40) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000006f40)={&(0x7f0000005d40)="f3755bf0c4f19bd3c4f8b016d612c4db467e609be87c6e27628749f061d5fe133da74646fbdb145be2dbe48ab70f7202c6a4da90f1fe1dd93e91348b2fa8e284bd0160fd1b850be6ff73f65d445924c64740b403ebfe05c551a91c8bd4385c301ccdf9", &(0x7f0000005dc0)=""/138, &(0x7f0000005e80)="57c0b84ebdd87c2a8df9fe445a9144d8ee087014dd24dc00e8b49a424c9fe3a3214c2ed5eb4272642554e206b91eb77a41f4c1b784a1993b41fc9813f31eefb1461a5aefb7699191f49c69cb044ee4e6d1359c49942034ecd9cb5c4b088c5efd3a7dbd2c138b5322a0336627c879753e051420b286433908ebfc04d697368ad3d4c801e497b060dce3833f34d8477fc2902f44f3beec6f7f4e0e6864a1314bf7b739f2a6382ccaca654fccfeb67a13738b9aa0b86b58b46e0cb93692889f49f5e6da1c678f992d5a7e2c0157423ddd2968141d8b5f9f0c1883e822efd3c6c5fbba70ac3ef37721927304d84c09de93484348d308144f8607f0ed5df2596ae7f086650e6af4427dc98d99a41061436bd10567e74e5591064c6e9e1a72845cca0c16f3e521361f84237ddc26fd40f852e8c0cb9a91c07c2337b675b50a5445f3b437e98edfbe4f8a47722e0299327e6c5df1c8e7196f72d427571d3f006d44e88fa69900568007c20ed2e36b4972aa77cda2643fbca3422ecf9d6ee8fba54f1b012289181266eb85d13a92be75f3dffe2f2e9c2f92994411df8a13ae79add7d8601d274324d7c9cc0ef3fac3f351c5ac569a98dab6b7df585b98cd6ff832ba162e7972e507c899a44efb20ffbe04b9a835c6b30c85e2f17ea44cb8fdad97511d03a531098d0725f21c7fd2a4f888eb3c59fcd0f5acb9566b97ee64c8cae7dda38bf9591ee6cdf09604678bd6da6081cc6e3977c7e36907802410d3958024bc2647b68f1ff6c15858ab26ff9019905d9b5b40a2228d03bbdc86847bf8ac0926f8c5df1e0ff4b686c364ecba61b41019979cd1c2bec63cee6b574080ba8df7a089c31eaa16a4f1ec9d612056619991b21dd79716aedd7b5c07abc26c26b8e8564e9819d13a2bfe16a654247f74a21a5cc95cf5e4419cb4ff26c6cdd3a6b194e2914449898be6fc2bd6067bf4dfb3c792beaa95ba70d8440bb6a5d94f45cb80b0c3e7d358c4ee420b01f88ffff53772a7f81c429a246b4b01a28f4b00f697f48e8c7cfec897a33543ce61278bedd6f51614ad33ea25c87a77a4402be7374529d4e3f493ee772dd98421d1e6ba627e45fa502e269a12893e825ea2be9e1e5f79a976b34856df577d9662fe51112bd7bd01e68e5bd41a7f95cd70db9349ef63df565956cbede11505244e508a5dc7028b9c6f3b0db32624433c8eb35249acba1ef70a1d02df2db309b9b7f8f1e5901bd062728f2b05f96b36f8380c003bc8e6f65bbe34ca7d37e5fd00808587e96a66b13a3e0e63b462faa7224e5dc9da89c8e80d11004584c3ffec3e4799f5d06cd82f0040830d30a2fa58d0522d23bbf44cf8af2164449511f0df071a88894599b876f77d664b1314683171da9e6778fb9a878da81ba65bad8a57d0d2dd220a76ea76f2bdbb182d5b30e847235875d6049badce7731d5760efc924786983beeda890bd52a7e8c6ea52e0d31e0ba9e55b295395c29caa10ba1da23e2d159c2bd5c221821df3d6655dbc248fb3baeb74fbfc229da058bbf656222a487eaefae3841784f1cb05627c19a9a6c70bc3cb45327afdf2e2869942b99f314da41f53f28240c3beb654395c9c396ba89dec8cc8665b5d8f6aa281e4bfbbac48ea35f0b9054594492b7ffd6ec0a3ba0d98604008096738da9001e2c73a819816a863a172b8e99e27fa9e2c3044b00ee58968719af5d6379b9c45e2d23d593e7f5327383855485ff1586b97af3738c4de7b2ddf5affe810fc5909737863e137ed8c5fe1edc1b15f750ea9e00e8f8618a7d97a0b0c8bb0acd07370745a314575bbe4e9e4c548acc2d6c790ceb464f530849ec60e881ba5b3acebcfed6515ce83a0e2a70b9938d253c31786c65c577ecdbc5711c5ab95450b1a59edd05fdf81105175c6339a425b4d93d883876e42edd9a49c815d7e67d6a4c321143449eef731f8e41a2f617d26ca9305c4e03a6b5d776727cff945d889db6b29eae9a7420402d1d8730d9f75e22b6be8406fc39ca9187346a37a8fbf334af9ee883ecb7021060ee291161c7822110fde40ed15397ec560f1ed984c3e5ad90ec9dabc2f0b754b9a651876daacb2dc6eb48f063268f0b8b200132ae4c6c4be1be495136b2d8708ccd6c3ac76015afbc4dd3f44b9a80e635cc358fd8a8a4032208512f23c4e8e59fd1168c701da1eb0b0d8a4437e89e6c28aeec725940a1827c4fd0bda2fd362e5a22d275a581393152b7350811eab98d5914ad92e8b42e14b2e54d1ec81250cebdaea29326d0a3cb436e61b60b602ee059286fd1393e40d383506e5eaf84e1c02420e20404b16f884077b09eb1eacdfca5ff48e0f7a9ac0bc8d2fbfd5aa581d8ba47cc3fbdf080a0bf96ef05037636693b68cb3e7f98b987fdbc4a446b5f5c6f197124196fea73435060f4104486526f811c2bde648976624f386679396b47acc697055e01a8d02199f6303275868772dd986e1d0ed35fa4247013673c5fe053992f7f0dc203a6b1de98bd203d41ed794a13d16dbb5dd4a358bd6c0067f4b30250bc074cba67428782ccea14346ec4d63d3659303ccd811aa4cf6cb8680c7b86625a226ff8aec6a09803094bb0168983160d00c824a40348f6e24f6c8e50fe38661f13cc6e04ca25649c844d06c073da4c554e535ce2da70d27b75a65a1fb8899fa7c7bc26c40a6d3ffc5d5aa4fed8e90a1181ca85bf0da957fd7687ef0ed2080bd070017484cfe93d413f60c3d1925c9d2c6326f8114131465d74f503fc883b8098cc05e3a44d93c586f4c129993cf7b9e287fbffed54bf7662a339af34fa71fdc2be22f537f62093ac876920ef42bd1f439799bb8a4587d438a4caa796c6b58f65c848156df61663a97610a007f1688804672708b637564fc61baad73f524d68742533343d7fe4a03dcb3d54ffe009116f958b10a014d3732078ad05ebc27e7c8ebdc7da08fa4705edc0d0dff71707a6648dd0bc64faa75ee15440fe898716508248c8283a53bf96cad69a070f3733059baeec741307ed2db6cca711efa613ac63e1be70fdcde57d5dc0ad8ef98ce0388b1a20fdc74686bd10b9ff57db2d330cdc86264bbef05f618c058772a99c2c1db86259b6a29881cf8a60077314a04f0b40bf8af69bdc85a0a7147f5531dce164f06a06432377d0e334e5a3450a5a60189be68cad6f759537270055237c309f7145a3b6cca142bef38eaae10ea1c7fd04eb8254893c2a041dc43da841de00021e5aa447e0cff5f4d2aeede270fd760bdaac1dd7117bf988b643d75f3129aed36a93528abcaba0ce1d07b705a89baba7a116cd9733e1c2adc9a453ee338d5ea016ebaccc9a39ac1fb81954fc2fbf4bb13725724fd46215d83f1c029182eb02d12922f00326fcdeac7d02cb3e8ebb1188ef0ce86954b69a8aba18cb0116d6c5e34905931e8bf11872b5ea1628ba0a80ef3b5afb12cfc368de89c75c6a16e15e43400ca4abcb4e07e742b0f994d870e2024b3084d05d81c8fd1e53d866c8e7efeda459931c6cd10baf00164d6f9f0eba7c892bac90ca4d91b7cc408e89a11df3647199656b4bba19cc92adaeef63f6843c70e147183b9b8b7f0032ef6db3a0fe652968127a66cb6d716292b940a4c91a809bea6087ec2e62ba7ac66f167cacf430ed61a71cc4663b70ea597c86942b9bac9628b647c1b2cc337aa470d8f4eb59caea39af8921796996e56e6ffa84fa42ed05de33c23a904f0fc82f2af4032128d3b59f4c7b060bb8659f5ac7d9d1d4396b454f562541a5e07eea48401f3d6fc422f78597f909688a0eaa32c5d0edd954427207cc6d2686391e5f76baf520d2122654c92ab876ca6ac7c0dd075af49df7afc689d5cce61e0e9db1194b00a40fa4e79ef91df9e4646ef5b3ebfbea566efa9b508617041a3ab7890dc0c3dc692ceff207a34ca95810d44fc78640e664ce51ff41f8c0b02a3b197a59983520990022a2f4d33afebbd41d5a0a603a628254f009a5e9f3091642500e1876120f7181ab7e7105f0a3aa63fe46ee606ab521d70d0ccbd4ed548b39fc7297eaafa003c4cb0cf139df82e90471bfc125867f79bce95eb66c8d39c54c7d875a2317b0d884fc6048a92614912f8421bdb6119bf27a2c027fd2765ef700946fa876baf80380a7a3fe97d912d0e273fe85a24de9bbe9166639c51ccbdacb1653b2fe21f85e4b796b2e1fd467a6d2a5f238b372eab56b83494bc619ff1a8ca2aae4c26f8945f76f21d2b68dfbc9c4cb8ba07c57dabbb59794f4866371b07eef290e7fec12c11b5144a1e3a5a3f632ac6d7323e97ee6e91b2a4c03b51b6dc1ef5e1623f156c7c312910ce5a48bff32235b2b522c0d917b036ed279a3977f83d13bade3c7024a71419562390560da21f2502465e5b11d2cfe34a91e96baf13b1acb867de90bd3153b7fa5303f390ea5068e2046da139688003ced38521a1d748371f2b1933a20782112c7c8e7f30433bddf191463bc7af205974aa8311242f4eaffe82dcd8e47e6aa1a6427ef3ac532707fc825fd4e249e2c3dccb5df9bc59d15eea2f67a42d514b3009fe84e3d444462fcc222f8a5f3a0387f4a61e10ef7f6e26d2162a8760bdd3f39e898411f0bd3f24105ab9c405e7f62b47128dbcfa0aa43b6d4e19b954980d88f198c7f6cda3a8c9a5cd350d9eb155ec44c6e51cb292f500be32e180950f80f6ff477bb2ce6d888af3b1d7de5f4bf73d81be2b28aaa0dd0d4757753d01d3563a168f07387fcee788526a9ce1d70450d911b7a3d1f9a92abff11e8424ede0d1f06d7f5c8efcbc68be252c7644eda24157c7866e16a7528205f2655667313b92af50f27370dee3ace8ed12c14158e1081c6fbbad2fd365441d5562b23d53e2571769d3b4cdb76413ad95f52e2ee6555f376ee527b7b74c1a5086a77c50013f0aa1e77ac37c89f375dd7142976f4febe726a6d2d22148ac2cbbd20dad2d12aef0181297075723e7b18a02333fd9af138e0bf0c5ff7381f9f429bb8c0a49fc10523614c4a3bacb114a8c95822cb577e5fe7115435575a38f18e3f987dccae2465808ce320d5f89ece2188be5518cd75d4425b360d77d6b988826d72aaa7c3dc63e1458ea9dd7b4e76997051cc510e86b5ca5727cb622306ec17860513bb8f38c289ae75c11d335247ff1f22fb662837f9376c098d1135b0ba24a105431e2c11ecb622621cf1e19c98844bb25362f8ef1628fd6fb2bfb690c0767c71992e5e87cfa6e4ff011bad1f28a5663b3bdd41023c591a9434f53e17900cc056485eb503a0d599a72e8b8a207a50c54e448a5c89142c9857cac6553c23a94f88a763976c1fd03a335421264847a2e5d183964cc42f874b295a83b866287b00cdf0c145819b5244e6fc99bc6b901e0bc0b50ec93ded43f0162be60049c7034bbfd264a06b326086faa3739b9e9bed51629122bf4f5de4caeec52eccee813c43eb66cc24abb50d2bf4772c82aaabca87180eeb05433f18526e6a797e25912c6e52ec619a8f5f45e3e3a7383c5e9386735a55eca6a59786d51dc68c4763a252e24d3b04b62147692ce4c5b9f70d386a5fbf832812eb85c5d10414a79bef6c6cf9c30524802d52b890ede23abba509469d2540b69ea39461c25f3d21b63fcb28b74e7d8abb4e224231105d23c004a2735e88bb9739d9181d4dff899800b240da771ab5b89e16b30a3bc08ed7b5900bb17b7c9dbcf1a7eee6ccf40551577b8a1df810f459d47235a625877636f9f9a101da53b0df269b7412409662770e7e1198888386b622b9e80bbb9c4df48538a79e177436c763", &(0x7f0000006e80)="cdb31cb8fd5e6a580e2b34624caf50de0e3b63376d4806216076e901bd5c8b741a8aecb04c21ed468247bdadac0b66a0659da9172a93ce5a84901d43e0fa767199193a02712decd31ff02703110c26236af6f2bf2b16842b113866097a8a63a39f395b9c73808fa5dc0a66460576ccca547be190f61189ddbdc61413ab35f7a9e05c4f0641a7bc904bb0e1cfef612d43d7837d7073fd3eea4bb2b4a6", 0xc06, r1, 0x4}, 0x38) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000007000)={&(0x7f0000006fc0)='./file0\x00', r1}, 0x10) recvmsg(r1, &(0x7f00000071c0)={&(0x7f0000007040)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f0000007140)=[{&(0x7f00000070c0)=""/124, 0x7c}], 0x1, &(0x7f0000007180)=""/6, 0x6}, 0x2) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000940)=r1, 0x4) r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)={&(0x7f00000050c0)='./file0\x00', 0x0, 0x20}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f00000059c0)='./file0\x00'}, 0x10) sendmsg$tipc(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x3, 0x3}}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000200)="1ef0ee0418ecbfc114af6ded7793c2d474e7d6fbb7c529de409256153820bea91d9ffab2bc21b147bc8b4f16648257b73b988555", 0x34}, {&(0x7f0000000240)="6a9e7b3560ab10dcbb747e8bbd7bae2f8dd6748e5e9701a4f8d1d86591c540e9", 0x20}, {&(0x7f0000000280)="d9715e25d64c452ef81eac4f5e53fd8b60994b84e16bbe588312e2f2d9d39ec226453cebee51027ca3ccbb8be10dbd875d7b4d736d5cf16d83f4", 0x3a}, {&(0x7f00000002c0)="f0ccf74585f3b328d8694d74f14c79aa11323723a08c1c6accf6f30e59272e3d7af05e5c9e3c9ce9b4ea74869934d597227fa367fad05f5e59b196431c01e5b0ae5d59f0", 0x44}, {&(0x7f0000000340)="d099cc597efc1b69f01b3e371951c0dce0a2a48a0f71f64cb879e4deabc0a515b112de294cd17e7b3d5cab7fda8d990dcabc4be3b23b218000ca3e1e84a7a706043126d262a59cc9e008e1736b2dbab14632a6a54bfefe9f0a5c6981c1267c1daa73b4240b07d3ca2215930ea05286fc80210c3afc9be4c42ed2c008c4251a76da89db007c046fbd36fb1cfafdb24681aa673560073c98f70bff3eaeaf1640307dff1d890a1f4c592e23fee7f26e6c538bfb26042822569de1a8724bf9c6859df568c356c62e3a78b8b180968fed819f986a433444a22a966d81bc70875377", 0xdf}, {&(0x7f0000000440)="323c868b4c7a742c3ddc2ecef844b7d7412ffa16f361029fde38063ea7595aebb8d27109a3f58de6d56db428228d08f763ffb6debbe8307ca21537405eb7e51cbb4f85ab73b70d8d852478f23171ebe3685eefc65952097d7f39c8c29e5cde64780b7d1f25fbd22bc6eb51c5597c8187f3fc", 0x72}, {&(0x7f00000004c0)="fc5ae0bd0cb2e7393a4850e40f2a6cc0af6a195c2b8ae2539df026088c51f6cfee81fbd91200904b9d309f11fa3f1588a48642822df53cb9dd4b4e71b1fc33c9989b778d721036d3042bc8062f12c45d4a3fc88b8ec4139897e7b998a2de53426dc4cc", 0x63}, {&(0x7f0000000540)="9d7e480f0079b1c1a4d1862bb71d01a990c72995c74028e88c6e24c621ec5908ee1358ebdd983b53f0f288e96b0c1c0ad3d8599fa6cab54e697d254e12ef63216bbae696b954e4fc", 0x48}, {&(0x7f00000005c0)="6fbf263bb354b215b54b583cc77328e7e55add1bf3a7db4b657144d7f1035765fa62b3c6b5c35cc983db0fcaa8acdab032feebe2c2b48e1b25d658eef8249cf1758920e6339921fcb68ffabc277f04d6a93085b6e295a52a164de172f8ac9954179918d65e72c41addecdbf38121b979284ef708eb30f704b0ce50545dcf720c4a2d7ab39f9a9e165a7b83c4356096886fc46106d59d43bd0e7120d45799fda9a07deaf9a0cae71936d16e522d116467a6a9494cb54031430a9bdda3a9b11e648258da3e86cf9afe691b3a764da669ff58ebbfe1", 0xd4}, {&(0x7f00000006c0)="a1b371c8bc2c57", 0x7}], 0xa, &(0x7f00000007c0)="1cea0c4e70bdbf203ea077ebe8fe88281abc334a035658bd2fd5d59bc3ac484cfae1d18ebe45e2bcbd7c075253837de10b1f0139f1a87d79a21f6a01ece09965f16d08744673b5a8a6887a1b9ac5e7b7d33a1a2df7453bb5179655f4274edd6fda19b1bbf845f267065205ec869f9053c12725dbf27ce86e616cc6ca7492bc7f9e39df0522ad21794d9750b495cad0baae4f17bd29a936983b609ff4d9c606ae736ffa1da2e3e8192d401bb6227c8aca6643753ef77c7ad38701e35b5c68b335afb3cb2e19c444016eb104ba96588a5e8a9de1da052f6a1be098beeec0ce8103d4d4", 0xe2, 0x8001}, 0x20000884) bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x9, 0x5, 0x5, 0x6, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x5}, 0x40) 12:54:53 executing program 2: bpf$OBJ_GET_MAP(0x7, &(0x7f0000005100)={0x0, 0x0, 0x8}, 0x10) 12:54:54 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x0, 0x0, 0xe}]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) 12:54:54 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001580)={&(0x7f0000001340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@fwd={0x0, 0x0, 0x0, 0x13}]}}, &(0x7f0000001480)=""/255, 0x26, 0xff, 0x1}, 0x20) 12:54:55 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, 0x0, 0x0) 12:54:55 executing program 4: socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000004200)) 12:54:55 executing program 2: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x7, 0xb7, &(0x7f00000001c0)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0), 0x10}, 0x78) 12:54:55 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x0, 0x1c8, 0x1}, 0x40) 12:54:55 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000003380)={0x1, 0xfc, 0x9, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000005700)={0xffffffffffffffff, 0x0, &(0x7f00000056c0)=""/6}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000006f80), 0x10) unlink(0x0) 12:54:55 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{}, {0x0, 0x3}]}]}}, &(0x7f0000000080)=""/143, 0x36, 0x8f, 0x1}, 0x20) 12:54:55 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x1, &(0x7f0000000000)=@raw=[@generic], &(0x7f0000000040)='GPL\x00', 0x48, 0xf7, &(0x7f0000000080)=""/247, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:55 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0) perf_event_open$cgroup(&(0x7f0000001340)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) 12:54:55 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x0, 0x0, 0x0, 0x2, 0x2000}]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) 12:54:55 executing program 2: openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001100)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0) 12:54:55 executing program 1: sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) 12:54:56 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, &(0x7f0000000080)=""/143, 0x0, 0x8f, 0x8}, 0x20) [ 1322.389648][T25721] BPF:hdr_len not found [ 1322.406094][T25721] BPF:hdr_len not found 12:54:56 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) 12:54:56 executing program 3: socketpair(0xa, 0x1, 0x0, &(0x7f00000001c0)) 12:54:56 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001580)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{}]}]}}, &(0x7f0000001480)=""/255, 0x2e, 0xff, 0x1}, 0x20) 12:54:56 executing program 2: write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)={'some'}, 0x2f) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) 12:54:56 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}]}}, &(0x7f0000000580)=""/207, 0x2a, 0xcf, 0x1}, 0x20) 12:54:56 executing program 4: openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0) 12:54:57 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x63, [@ptr]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, &(0x7f0000000080)=""/143, 0x2e, 0x8f, 0x1}, 0x20) 12:54:57 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, 0x0, 0x1}, 0x40) 12:54:57 executing program 3: bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000005580)={0x0, 0x0, 0x0, 0x0}, 0x38) 12:54:57 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x0, 0x6c00}]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) 12:54:57 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3}}]}}, &(0x7f0000000080)=""/143, 0x32, 0x8f, 0x1}, 0x20) 12:54:57 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000000c0)='r7', 0x2}], 0x1}, 0x4048851) 12:54:58 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) 12:54:58 executing program 5: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000a00)) 12:54:58 executing program 1: perf_event_open(&(0x7f00000042c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 12:54:58 executing program 4: openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x12340, 0x0) 12:54:58 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x0, 0x0, 0x0, 0x2, 0x74000000}]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) 12:54:58 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000980)={0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000fc0)={0x0, 0x0, 0x0}, 0x0) 12:54:58 executing program 1: bpf$PROG_LOAD(0x2, &(0x7f0000003100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) 12:54:58 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x68000000, 0xc, 0xc, 0x2, [@ptr]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) 12:54:58 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$sock(r0, &(0x7f0000001740)={0x0, 0x0, 0x0}, 0x0) 12:54:58 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001580)={&(0x7f0000001340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@fwd={0x0, 0x0, 0x0, 0x6}]}}, &(0x7f0000001480)=""/255, 0x26, 0xff, 0x1}, 0x20) 12:54:59 executing program 1: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00'}, 0x10) 12:54:59 executing program 5: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000007100)=@bpf_ext={0x1c, 0x3, &(0x7f0000007000)=@framed, &(0x7f0000007040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:54:59 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) 12:54:59 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$sock(r0, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001600)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f00000016c0)=[@mark={{0x14}}, @txtime={{0x18}}], 0x30}, 0x0) 12:54:59 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000003100)={0x1, 0x3, &(0x7f0000002ec0)=@framed, &(0x7f0000002f40)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) 12:54:59 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x26, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40) 12:54:59 executing program 5: perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x4, 0xffffffffffffffff, 0x0) 12:54:59 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000004a80)={0x17, 0x0, 0x8, 0xc000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x40) 12:55:00 executing program 4: bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x0, 0xc7fcc86b0deae285}, 0x20) 12:55:00 executing program 3: r0 = socket$kcm(0x29, 0x2, 0x0) recvmsg(r0, &(0x7f00000009c0)={0x0, 0x0, 0x0}, 0x0) sendmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)="cb", 0x1}], 0x1}, 0x0) 12:55:00 executing program 5: bpf$BPF_BTF_LOAD(0x14, &(0x7f0000000140)={0x0, &(0x7f0000000180)=""/155, 0x0, 0x9b}, 0xad) 12:55:00 executing program 2: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00'}, 0x10) unlink(&(0x7f000000a300)='./file0\x00') mkdir(&(0x7f000000a340)='./file0\x00', 0x0) 12:55:00 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x70}]}}, &(0x7f0000000240)=""/219, 0x2a, 0xdb, 0x1}, 0x20) 12:55:01 executing program 1: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000200)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000140)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:55:01 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0) 12:55:01 executing program 4: bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) 12:55:01 executing program 5: socketpair(0x1a, 0x0, 0x0, &(0x7f00000031c0)) 12:55:01 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001580)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, &(0x7f0000001480)=""/255, 0x26, 0xff, 0x1}, 0x20) 12:55:01 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x0, 0x7e, 0x0, 0x70, 0x3}]}}, &(0x7f0000000240)=""/219, 0x2a, 0xdb, 0x1}, 0x20) 12:55:01 executing program 5: socketpair(0x1d, 0x0, 0x7, &(0x7f0000000b80)) 12:55:02 executing program 4: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x7, 0xb7, &(0x7f00000001c0)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x1}, 0x10}, 0x78) 12:55:02 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000003380)={0x1, 0xfc, 0x0, 0x9}, 0x40) 12:55:02 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0x10, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000080)=""/143, 0x1a, 0x8f, 0x1}, 0x20) 12:55:02 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr]}}, &(0x7f0000000080)=""/143, 0x5f5e0ff, 0x8f}, 0x20) 12:55:02 executing program 2: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000740)) 12:55:02 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x20000000}]}}, &(0x7f0000000080)=""/143, 0x26, 0x8f, 0x1}, 0x20) 12:55:04 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0) 12:55:04 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f00000001c0)={0x3, @win={{}, 0x0, 0x0, &(0x7f0000000140), 0x7, 0x0}}) 12:55:04 executing program 1: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x46d, 0x4072, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x1, 0x0, 0x0, {0x9}, {{{0x9, 0x5, 0x81, 0x3, 0x400}}}}}]}}]}}, 0x0) syz_usb_disconnect(r0) 12:55:04 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000008c80)={0x1, 0x0, 0x0, 0x5, 0x0, 0x1}, 0x40) 12:55:04 executing program 2: syz_usb_connect$uac1(0x0, 0x71, &(0x7f00000005c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) 12:55:04 executing program 4: syz_usb_connect(0x2, 0x24, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x98, 0xac, 0xb1, 0x40, 0x5c6, 0x920d, 0xe7ef, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0xff, 0xff, 0x3}}]}}]}}, 0x0) 12:55:04 executing program 3: syz_open_dev$hiddev(&(0x7f0000001440), 0x0, 0x402) 12:55:05 executing program 5: r0 = socket(0x11, 0x2, 0x0) write$FUSE_INIT(r0, 0x0, 0x0) [ 1331.067476][T22272] usb 5-1: new full-speed USB device number 18 using dummy_hcd [ 1331.090991][ T26] usb 3-1: new high-speed USB device number 16 using dummy_hcd 12:55:05 executing program 3: pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff}, 0x0) r2 = dup3(r0, r1, 0x0) write$P9_RSYMLINK(r2, 0x0, 0x0) [ 1331.347369][ T26] usb 3-1: Using ep0 maxpacket: 16 12:55:05 executing program 5: setuid(0xee01) openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000001c0), 0x8842, 0x0) [ 1331.468435][ T26] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1331.477634][ T26] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 1331.488097][ T26] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1331.588523][T22272] usb 5-1: New USB device found, idVendor=05c6, idProduct=920d, bcdDevice=e7.ef [ 1331.599276][T22272] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1331.608320][T22272] usb 5-1: Product: syz [ 1331.612622][T22272] usb 5-1: Manufacturer: syz [ 1331.617509][T22272] usb 5-1: SerialNumber: syz 12:55:05 executing program 3: r0 = socket(0xa, 0x1, 0x0) read$FUSE(r0, &(0x7f0000005780)={0x2020}, 0x2020) [ 1331.720845][T22272] usb 5-1: config 0 descriptor?? 12:55:05 executing program 5: pipe(&(0x7f0000002040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) write$FUSE_STATFS(r2, 0x0, 0x0) [ 1331.858600][ T26] usb 3-1: string descriptor 0 read error: -22 [ 1331.865137][ T26] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1331.874591][ T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1331.999304][T22272] qmi_wwan: probe of 5-1:0.0 failed with error -22 [ 1332.057135][ T26] usb 3-1: 0:2 : does not exist [ 1332.126192][T22272] usb 5-1: USB disconnect, device number 18 [ 1332.288979][ T26] usb 3-1: USB disconnect, device number 16 12:55:06 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0) 12:55:06 executing program 3: pipe(&(0x7f0000002040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) write$FUSE_DIRENTPLUS(r2, 0xffffffffffffffff, 0x0) [ 1332.757678][T22272] usb 5-1: new full-speed USB device number 19 using dummy_hcd [ 1333.050919][ T26] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 1333.278654][T22272] usb 5-1: New USB device found, idVendor=05c6, idProduct=920d, bcdDevice=e7.ef [ 1333.288078][T22272] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1333.296230][T22272] usb 5-1: Product: syz [ 1333.300823][T22272] usb 5-1: Manufacturer: syz [ 1333.305546][T22272] usb 5-1: SerialNumber: syz [ 1333.307641][ T26] usb 3-1: Using ep0 maxpacket: 16 [ 1333.409368][T22272] usb 5-1: config 0 descriptor?? [ 1333.434737][ T26] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1333.446966][ T26] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 1333.457913][ T26] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 12:55:07 executing program 1: setuid(0xee01) socket(0x11, 0x0, 0x0) 12:55:07 executing program 3: r0 = socket(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:55:07 executing program 2: setuid(0xee01) r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x0) 12:55:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, 0x0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:55:07 executing program 4: r0 = memfd_create(&(0x7f0000000180)='{--^\x00\xa2\x10X8#\x82f\x16}51\x9e\xb0\xf9oh~\xb3*\x18\xd2\xb6\xa3\xe5\f\xb3\x88<\x8c!\xac\xf5\xdcU\xfa\xfc\x99Gb/\xe6\xc54\xd0\xee\xfdS\xb02\x1e\xa8\xb3X!\xe3\".\x10r\xaa\\\vy\x1d\xc6H\x97R>\xf3\xfaA\x8dE\xe6\xfbA_\x98?\xad\"\x89A\xfa\xd5x\xdf\xc8\xb0\x96\xa7\xe2\xf5\xf6\xed\xb3&\xdd\xc9FM1\x1cY\xd8M_;\xaf\xe2\xed\xac~\xc7KmJ\xb6)\xc37\xb9$\'\"0\x9b\xc9\xa8\xe5\x84\x85\x00\x00\x00', 0x0) sendfile(r0, r0, 0x0, 0x0) 12:55:07 executing program 5: socket(0x10, 0x80802, 0x0) [ 1333.708557][T22272] qmi_wwan: probe of 5-1:0.0 failed with error -22 [ 1333.727848][ T26] usb 3-1: string descriptor 0 read error: -71 [ 1333.734952][ T26] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1333.744386][ T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1333.754131][T22272] usb 5-1: USB disconnect, device number 19 [ 1333.897021][ T26] usb 3-1: can't set config #1, error -71 [ 1333.959970][ T26] usb 3-1: USB disconnect, device number 17 12:55:08 executing program 5: r0 = socket(0xa, 0x1, 0x0) write$binfmt_aout(r0, 0x0, 0x0) 12:55:08 executing program 3: pipe(&(0x7f0000000080)) pipe(&(0x7f0000000340)) pipe(&(0x7f0000000340)) syz_open_pts(0xffffffffffffffff, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) select(0x40, &(0x7f00000000c0), &(0x7f0000000040)={0x4}, &(0x7f0000000140)={0x800}, 0x0) 12:55:08 executing program 4: r0 = syz_open_pts(0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x2010, r0, 0x0) 12:55:08 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r1, 0x0) sendto(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:55:08 executing program 1: r0 = socket$inet(0x2, 0x1, 0x0) shutdown(r0, 0x1) getsockname(r0, 0x0, &(0x7f00000000c0)) 12:55:08 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) select(0x40, &(0x7f0000000080)={0x1f}, 0x0, 0x0, 0x0) select(0x40, &(0x7f0000000040)={0xcaa}, 0x0, 0x0, 0x0) sendto$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:55:08 executing program 4: pipe(&(0x7f0000000340)) pipe(&(0x7f0000000340)) syz_open_pts(0xffffffffffffffff, 0x0) pipe(&(0x7f0000000040)) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000140)={0x646f879e}, 0x0) 12:55:08 executing program 3: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r0, 0x0, 0x0) 12:55:08 executing program 2: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) unlinkat(r0, &(0x7f0000020540)='./file0\x00', 0x0) 12:55:09 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, 0x0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:55:09 executing program 5: select(0x2, &(0x7f00000000c0)={0x5}, &(0x7f0000000100), &(0x7f0000000140), 0x0) 12:55:09 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r1, 0x0, 0x0, 0x0, 0x0, 0xa) recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000036c0)=[{0x0}, {0x0}, {0x0}, {0x0, 0x63}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x100000000000020f}, 0x0) 12:55:09 executing program 4: r0 = socket(0x2, 0x2, 0x0) connect$unix(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="82022e2fac1400fd7d81afe46d5733e0f293aaeb82fb168297e2ff23922299c3383f1bf63a78b796473d48e4c734a899f96f0b224ec765ed0e76d9d8a5b7c34e2c0c318fe43b00fa0400000000000000d9ac55a52f7dc8062782814d8cefefdb1bd4f9c0e36d58ab4f79a65f69e73991844d490000"], 0x10) writev(r0, &(0x7f0000002740)=[{&(0x7f00000003c0)="335735e6feb7919a57096910571680f9beb31dce", 0x14}, {&(0x7f00000027c0)="8f64579bdcc065936dd7c91702e0b497bdb30599b419739a279b0750e4da7e967bd469d63f4945a5192160a6d3f3772225e44a7c60e49495f00f815664393c43f4817c8cd88d2c43bf4e7c2aabea53540ac193cff02667b5b12845aeb649216e4648f17c1e9fe1ad48d87c8699641866ffbca93a37c1747815401eda2cfc0d543fc4c134394db9e4", 0x88}, {&(0x7f0000001500)="5c950142f1e825eb9c8dbdbb1aa4ac51c50eea69a8cf2af5307f0bf2d4ffa4957572223c0ae62a1035b99d11970b0ce6aa7a3d63904bdf0b3e0ce0142ccec58e5caae38e0adf7ae2cc46fbf91964dfa212364dfd4ed753cb31ac5703d0465e6b7ff405f80f8852f22bb89e6b81c50b2434c59643f375742df67ecd6c13aa6d77ece98e9ef4399435b60298d78a04adb7d3ca4402045d2add3bca88ff38c038898d7f9be305227543bd775729c8faf22ece1211422a0643099471228a2d8fe9ad5c93d9c069eadd0d542b2a4a3ae2701519fc2c9528f4be75a3dd0a92c81ec789d55cac76333cb9cade90f61d65b1152065a2e404bf91a4814a8c55cc103f68b854af97bfe9e5de33f2a61760fcc80f63092c0bcf52b634820cbb558e23ced9cc426003ff4187c32d0a5a6ed3f104a6e51e999c63f84b7085259593efa4cd14ef457acc2f0efbfbb8adef765b50883301a6f799bdad57aec846363515922f28acb7ae3c29964cb5352d3c1925ce79a8ca96618c1d8f770f8af83b5dac45fa0c9934341c525316a2f545007f886c783858f5de3b980167320f55f98b233ed578abd38cdfce01648e6637a05e0ca8d75b785850b6a17330bc5958ff8d8a81fee1f0e65fad684c93179a20156ae13e4b5ded1316d3624fcd4279ea1591beb812ab8718f9b1c453dbf95729bd50a5b96326186dafda43f207a6900a28d59c378712bbf358190729a3dc21e12f21ebbc1fc1bf1c8debdab46b626a0c7fd35a204b443a0ef38060d9144a047233230a3f4c1388828b8172468a783f4baa3b1c1bc9802c7f82b20363b5f4aabde7090c04e4ebee1c4188216ed3bd30f2faa95b2ecc809096a8398aa5d2434a5604f14fb93f80eebaa217e5f8c141e6b5382fed24730e1e3cb89e9604b9874444964cf5b852e0b7137197ac9d3321e0022615ab5632079503d96c45777c4aff5651f3a4881d778be2218a2da55430bf138ea42f520742da6d5e49c529c623e811f76b0e4f8c2215b67da3a1dec1c10e19ed817d8cabc24ad7a1b4c89ce403f97b82ed1bc265c97f525cfcb5217db93421b2bd8966f2ecb3980993df65674b640761529e9729b6e0ce059b440e6cad719204b94e7aa5cd1e52f64e54c49278b79636ca0e3d90605d373a89a8549789ed", 0x338}, {&(0x7f0000002500)}, {&(0x7f0000002880)="ddd7a65075815f8f148cb464bfcdd27fd5cbcde8fa0512e290ae5062c2a9e2b103c9d1c6cf97d076ca4c7e958236024047e69d8e9094e2881e05c9985c74af8b053e9bd3e69ba37ff9f4729c72c6147cffc439c6602f0ea99330e796943bf7042c0fb408ce9a8beebd98129686716a346c44b903d456824558e62646fbdedeee64a66787e4d217f47d77842f80f2ef1dcf3b4a28e18ff37a8bac53b05f91c29913ed0155482e64039a4ff6ab8aa6a5dd0574e4e40cb773ed4544e6bed0d3f27705c08af0663d6a800ddcaa87fca53f814673480da25a4a02a7a4aac4568e2cddc85df375077fee612facf6f9ae3795c3607ed57d16221e93b0e5fb", 0xfb}, {&(0x7f0000002580)="edbba07ac7ab8ebef25793a100d47cb875742ca8166e8377d0d62386b14a5104c24936c1d4be038e3907a9aea0a88da4ff1b8b0a90ea0c16271dde0e716331745c4c8635176f0f6cdaca0d57e46bcc42d2ec1a24a94821a98457d791a85a680bc656a8553fa076387df979ba034fa3e6db4f0000000000000000ac4bbe778cc74be166b0e3b37f2323d1aef2bab1c0c12190a57cbd2e258c5a5b5f54adc3b8e7011324b526a0bd725f74677051de24afeeda297d60858c9b02c217965d808bdb0fc451af9025be63a8dd0419933b30264d7d0bca7a14b4ad6386aa893affc067c4073361c3a7cdcf08231f53420c78a08d11", 0xf2}], 0x6) 12:55:09 executing program 3: select(0x2, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x800}, 0x0) 12:55:09 executing program 2: sched_getattr(0x0, &(0x7f0000000480)={0x38}, 0x38, 0x0) 12:55:09 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x2) 12:55:09 executing program 4: getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0) syz_mount_image$romfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000900), 0x2, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) write$FUSE_NOTIFY_POLL(r0, 0xfffffffffffffffe, 0x0) 12:55:09 executing program 3: r0 = syz_open_dev$dri(&(0x7f0000000780), 0x0, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000007c0)) 12:55:09 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) write$vhost_msg_v2(r0, 0x0, 0x0) 12:55:09 executing program 1: mount$fuseblk(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)={{}, 0x2c, {}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee01}}) 12:55:10 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x2) 12:55:10 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, 0x0, 0xc29bf272469f17fb, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:55:10 executing program 4: r0 = epoll_create1(0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x30000000}) epoll_pwait2(r0, &(0x7f0000000000)=[{}], 0x1, 0x0, 0x0, 0x0) 12:55:10 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)={0x10}, 0x10}, {&(0x7f0000000700)={0x10, 0x0, 0x1}, 0x10}], 0x2}, 0x0) 12:55:10 executing program 1: mount$fuseblk(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0) syz_mount_image$fuse(&(0x7f0000000b00), &(0x7f0000000b40)='./file0\x00', 0x0, 0x0, 0x0, 0x1b4004, &(0x7f0000000bc0)={{}, 0x2c, {}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee01}}) 12:55:10 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg(r0, &(0x7f0000000880)={&(0x7f0000000500)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2}, 0x0) 12:55:10 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x2) 12:55:11 executing program 2: pipe(&(0x7f0000000000)) openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000001480)='./binderfs/custom1\x00', 0x0, 0x0) 12:55:11 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x2) 12:55:11 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) recvmsg(r0, 0x0, 0x0) 12:55:11 executing program 4: r0 = socket(0x29, 0x2, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r0) 12:55:11 executing program 1: bpf$MAP_CREATE(0x8, &(0x7f0000000080), 0x2c) 12:55:11 executing program 2: r0 = syz_io_uring_setup(0x3031, &(0x7f0000000380), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000300)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x8000000) 12:55:12 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0x0, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:55:12 executing program 5: r0 = socket(0x1, 0x2, 0x0) sendmsg$netlink(r0, &(0x7f0000003dc0)={0x0, 0x0, 0x0}, 0x0) 12:55:12 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, &(0x7f00000023c0)=[{&(0x7f0000000000)=@in={0x2, 0x0, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000040)='[', 0x1}], 0x1, &(0x7f0000000240)=[@init={0x18, 0x84, 0x0, {0x0, 0x1}}], 0x18}], 0x1, 0x0) 12:55:12 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x894c, 0x0) 12:55:12 executing program 2: bpf$MAP_CREATE(0x23, &(0x7f0000000080), 0x2c) 12:55:12 executing program 4: r0 = io_uring_setup(0x1ff9, &(0x7f0000000140)) syz_io_uring_setup(0x774c, &(0x7f00000000c0)={0x0, 0x0, 0x24, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000004c0), &(0x7f0000000500)) 12:55:12 executing program 5: r0 = socket(0x2, 0x2, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x541b, 0x0) 12:55:12 executing program 3: set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x4) syz_io_uring_setup(0x6509, &(0x7f0000000000), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 12:55:13 executing program 1: socket(0xa, 0x6, 0x4) 12:55:13 executing program 2: preadv(0xffffffffffffffff, &(0x7f00000023c0)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/igmp6\x00') r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000640)) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f00000572c0)={0x5, [], 0x0, "dbb668427cef41"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, r1) preadv(0xffffffffffffffff, &(0x7f0000001240)=[{0x0}], 0x1, 0x0, 0x0) preadv(r0, &(0x7f00000017c0), 0x218, 0x4800, 0x0) 12:55:13 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8912, &(0x7f0000000040)) 12:55:13 executing program 5: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x8902, 0x0) [ 1339.610922][ C1] sd 0:0:1:0: tag#569 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1339.621235][ C1] sd 0:0:1:0: tag#569 CDB: opcode=0xe5 (vendor) [ 1339.627938][ C1] sd 0:0:1:0: tag#569 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1339.637240][ C1] sd 0:0:1:0: tag#569 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1339.646862][ C1] sd 0:0:1:0: tag#569 CDB[20]: ba 12:55:14 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0x0, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:55:14 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)={0x38, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x24, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_ID={0x15, 0x3, "8180f5539c458ed7d5e12e7ecb4e483e7c"}]}]}, 0x38}}, 0x0) 12:55:14 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000340)={0xe, 0x18, 0xfa00, @id_tos={0x0, r1}}, 0x20) 12:55:14 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x54, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @remote}}, {0x14, 0x2, @in={0x2, 0x0, @loopback}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x54}}, 0x0) 12:55:14 executing program 1: mq_open(&(0x7f0000000000), 0x0, 0x0, 0x0) 12:55:14 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8927, &(0x7f0000000040)) [ 1340.538313][T26071] tipc: Started in network mode [ 1340.543384][T26071] tipc: Node identity ac1414bb, cluster identity 4711 [ 1340.550721][T26071] tipc: New replicast peer: 127.0.0.1 [ 1340.558159][T26071] tipc: Enabled bearer , priority 10 12:55:14 executing program 1: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001640), 0x0, 0x0) pipe(&(0x7f0000000000)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff3000/0xb000)=nil, 0xb000, 0x0, 0x100010, r0, 0x8000000) [ 1340.641680][T26078] tipc: Enabling of bearer rejected, already enabled 12:55:14 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000bc0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000b80)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000000)={0x14, 0x88, 0xfa00, {r2, 0x1c, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}}, 0x90) 12:55:14 executing program 3: r0 = socket(0x11, 0xa, 0x0) getpeername$qrtr(r0, 0x0, 0x0) 12:55:14 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000340)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0xffffffffffffffff) 12:55:14 executing program 5: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001640), 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff3000/0xb000)=nil, 0xb000, 0x0, 0x100010, r0, 0x8000000) 12:55:15 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x541b, 0x0) [ 1341.377342][ T26] Bluetooth: hci5: command 0x0406 tx timeout [ 1341.677770][ T26] tipc: Node number set to 2886997179 12:55:15 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, r1, 0x0, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 12:55:15 executing program 4: r0 = socket$netlink(0x10, 0x3, 0xf) sendmsg$TIPC_NL_MON_SET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001680)={0x14}, 0x14}}, 0x0) 12:55:15 executing program 2: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x8983, 0x0) 12:55:15 executing program 3: r0 = socket(0x18, 0x0, 0x0) recvmsg$qrtr(r0, &(0x7f00000011c0)={0x0, 0x0, 0x0}, 0x38, 0x0) 12:55:15 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x4) bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc) 12:55:15 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x0, 0x0, 0x0, 0x704, 0x1}, 0x40) 12:55:16 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8946, &(0x7f0000000040)) 12:55:16 executing program 4: set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x4) syz_io_uring_setup(0x6509, &(0x7f0000000000), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x11da2117ebabf272, 0xffffffffffffffff, 0x8000000) 12:55:16 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x89a0, &(0x7f0000000040)={0x39, 0x0, 0x6, 0x4, 0x1}) 12:55:16 executing program 5: bpf$MAP_CREATE(0xe, &(0x7f0000000080), 0x2c) 12:55:16 executing program 2: r0 = epoll_create1(0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)) epoll_pwait2(r0, &(0x7f0000000000)=[{}], 0x1, &(0x7f0000000040)={0x77359400}, 0x0, 0x0) 12:55:16 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x3}, 0x40) 12:55:17 executing program 5: mq_open(&(0x7f0000000000)='\xed\"u\xfc\xb9\xa0\xea\xdf\\^\x04\bJ\x02\x00\x17%_|\x01\x1c8\x00\x00\xd0\xcf\xb3', 0xc002, 0x0, 0x0) 12:55:17 executing program 1: set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x4) fsopen(&(0x7f0000000180)='bdev\x00', 0x0) 12:55:17 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000700)={0x10, 0x1a, 0x1}, 0x10}], 0x1}, 0x0) 12:55:17 executing program 3: r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f0000001180)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0}}, 0x24) connect$rxrpc(r0, &(0x7f0000000300)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x24) 12:55:17 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8940, &(0x7f0000000040)={0x39}) 12:55:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:17 executing program 1: r0 = socket(0x2a, 0x2, 0x0) getsockopt$X25_QBITINCL(r0, 0x106, 0x1, 0x0, 0x0) 12:55:18 executing program 3: r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f0000001180)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0}}, 0x2) 12:55:18 executing program 5: syz_io_uring_setup(0x76d1, &(0x7f0000000000)={0x0, 0x83d9d, 0x8}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fea000/0x14000)=nil, &(0x7f0000000140), &(0x7f00000000c0)) 12:55:18 executing program 2: set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x4) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f00000000c0)={0xf, 0x8}, 0x10) 12:55:18 executing program 4: r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f0000000040)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @remote}}, 0x24) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f0000000080), 0x4) 12:55:18 executing program 1: set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x4) r0 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, &(0x7f0000000000)='^\x00', 0x2) 12:55:18 executing program 5: r0 = socket$rxrpc(0x21, 0x2, 0x2) bind$rxrpc(r0, &(0x7f0000000240)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e24, @multicast1}}, 0x24) 12:55:18 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="18010000", @ANYRES16=r1, @ANYBLOB="0100000000000000440006"], 0x118}}, 0x0) 12:55:18 executing program 2: r0 = socket(0x18, 0x0, 0x0) getpeername$qrtr(r0, 0x0, &(0x7f00000000c0)) 12:55:18 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8941, &(0x7f0000000040)) 12:55:19 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x300, r0, &(0x7f0000000000)) [ 1345.669089][T26174] loop0: detected capacity change from 0 to 264192 [ 1345.765848][T26174] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 12:55:19 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:19 executing program 5: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x8904, 0x0) 12:55:19 executing program 1: mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x11da2117ebabf272, 0xffffffffffffffff, 0x8000000) 12:55:19 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8910, &(0x7f0000000040)) 12:55:19 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8921, &(0x7f0000000040)) 12:55:19 executing program 2: set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x4) syz_mount_image$vfat(&(0x7f0000001600), &(0x7f0000001700)='./file0\x00', 0x0, 0x0, &(0x7f0000001880), 0x0, &(0x7f00000018c0)) 12:55:20 executing program 1: mount(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='coredump_filter\x00') r1 = gettid() r2 = getpgid(r1) write$cgroup_pid(r0, &(0x7f0000000080)=r2, 0x12) [ 1346.182462][T26186] FAT-fs (loop2): bogus number of reserved sectors [ 1346.189396][T26186] FAT-fs (loop2): Can't find a valid FAT filesystem 12:55:20 executing program 5: r0 = socket(0x18, 0x0, 0x0) getsockname$netlink(r0, 0x0, &(0x7f0000000080)) 12:55:20 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000340)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r1, 0x0, 0x3}}, 0x20) 12:55:20 executing program 3: r0 = socket(0x29, 0x2, 0x0) getsockopt$MISDN_TIME_STAMP(r0, 0x119, 0x1, 0x0, 0x0) 12:55:20 executing program 4: r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f0000001180)=@in6={0x21, 0x0, 0x2, 0x2, {0x2, 0x0, 0x0, @private0}}, 0x24) 12:55:20 executing program 1: mount(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='coredump_filter\x00') r1 = gettid() r2 = getpgid(r1) write$cgroup_pid(r0, &(0x7f0000000080)=r2, 0x12) [ 1347.897118][T26218] loop0: detected capacity change from 0 to 264192 [ 1347.985983][T26218] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 12:55:22 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:22 executing program 5: set_mempolicy(0x1, 0x0, 0x0) socket$inet6_dccp(0xa, 0x6, 0x0) 12:55:22 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000240)={0x10}, 0x10}], 0x1, &(0x7f0000001b40)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, 0xffffffffffffffff}}}], 0x20}, 0x0) 12:55:22 executing program 2: r0 = socket(0x29, 0x2, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)={0x10}, 0x10}], 0x1, &(0x7f0000001400)=[@rights={{0x10}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}], 0x30}, 0x8800) 12:55:22 executing program 4: r0 = socket(0x29, 0x2, 0x0) getsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x1, 0x0, 0x0) 12:55:22 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000800000000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:22 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) [ 1348.461999][T26234] loop1: detected capacity change from 0 to 264192 12:55:22 executing program 3: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001640), 0x0, 0x0) read$snapshot(r0, 0x0, 0x5f74507b14f8a08a) 12:55:22 executing program 2: bpf$MAP_CREATE(0x1e, &(0x7f0000000080), 0x2c) 12:55:22 executing program 5: socket$isdn(0xa, 0x3, 0x21) [ 1348.573988][T26234] EXT4-fs (loop1): corrupt root inode, run e2fsck [ 1348.580938][T26234] EXT4-fs (loop1): mount failed [ 1348.666908][T26234] loop1: detected capacity change from 0 to 264192 [ 1348.714913][T26234] EXT4-fs (loop1): corrupt root inode, run e2fsck [ 1348.721813][T26234] EXT4-fs (loop1): mount failed 12:55:23 executing program 1: bpf$MAP_CREATE(0x15, &(0x7f0000000080)={0x5}, 0x2c) 12:55:23 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) [ 1349.927236][T26264] loop0: detected capacity change from 0 to 264192 [ 1349.977094][T26264] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 12:55:24 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:24 executing program 5: r0 = socket(0x29, 0x2, 0x0) pipe(&(0x7f0000000040)) ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000000)) 12:55:24 executing program 3: r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f0000001180)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0}}, 0x24) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) 12:55:24 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0) r1 = epoll_create(0x491) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)) 12:55:24 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000003180)={0x0, 0x0, &(0x7f0000003100)=[{&(0x7f0000000300)={0x10}, 0x10}, {&(0x7f0000000ac0)={0x18, 0x37, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@loopback}]}, 0x18}], 0x2}, 0x0) 12:55:24 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:25 executing program 2: r0 = socket(0x2a, 0x2, 0x0) sendto$isdn(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:55:25 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:25 executing program 3: syz_io_uring_setup(0x4cbd, &(0x7f0000000100), &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000180), 0x0) 12:55:25 executing program 1: recvmsg$qrtr(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)=[{&(0x7f0000000040)=""/28, 0x1c}, {&(0x7f0000000280)=""/109, 0x6d}, {&(0x7f0000000100)=""/221, 0xea}], 0x3}, 0xffffffffffffffe8, 0x0) 12:55:25 executing program 5: r0 = socket(0x29, 0x2, 0x0) sendmsg$netlink(r0, &(0x7f0000004300)={0x0, 0x0, 0x0}, 0x40080) 12:55:25 executing program 1: syz_io_uring_setup(0x0, &(0x7f00000000c0), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0) [ 1352.663423][T26306] loop0: detected capacity change from 0 to 264192 [ 1352.754996][T26306] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 12:55:26 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:26 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8982, &(0x7f0000000040)={0x39}) 12:55:26 executing program 4: syz_emit_ethernet(0x0, 0x0, 0x0) 12:55:26 executing program 2: r0 = socket(0x18, 0x0, 0x0) recvfrom$x25(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:55:26 executing program 3: bpf$MAP_CREATE(0xa, &(0x7f0000000080)={0x5}, 0x2c) 12:55:26 executing program 1: bpf$MAP_CREATE(0x3, &(0x7f0000000080), 0x2c) 12:55:27 executing program 2: r0 = socket(0x2a, 0x2, 0x0) recvfrom$x25(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:55:27 executing program 1: r0 = epoll_create1(0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x9000000a}) 12:55:27 executing program 3: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x89a0, 0x0) 12:55:27 executing program 5: r0 = epoll_create1(0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0x0, 0x0, 0x0) 12:55:27 executing program 4: syz_emit_ethernet(0x0, 0x0, 0x0) 12:55:28 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0xb0, 0xe0, 0x3}, 0x40) [ 1354.884707][T26343] loop0: detected capacity change from 0 to 264192 12:55:29 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:29 executing program 4: syz_emit_ethernet(0x0, 0x0, 0x0) 12:55:29 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x890b, &(0x7f0000000040)) 12:55:29 executing program 1: r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f0000001180)=@in6={0x21, 0x0, 0x1c, 0x2, {0xa, 0x0, 0x0, @private0}}, 0x24) 12:55:29 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) read$snapshot(r0, 0x0, 0x0) 12:55:29 executing program 3: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x8907, 0x0) 12:55:29 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8912, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4}) 12:55:29 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000300), r1) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x1}, 0x14}}, 0x0) 12:55:29 executing program 1: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x8906, 0x0) 12:55:29 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:29 executing program 2: io_uring_setup(0x4ed8, &(0x7f0000000000)={0x0, 0x243007, 0x8}) 12:55:30 executing program 3: r0 = syz_io_uring_setup(0x5c2c, &(0x7f0000000000), &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff3000/0xb000)=nil, 0x7fffdf00c000, 0x0, 0x12, r0, 0x8000000) [ 1356.933838][T26377] loop0: detected capacity change from 0 to 264192 12:55:31 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:31 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8941, &(0x7f0000000040)={0x2}) 12:55:31 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:31 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000003180)={0x0, 0x0, &(0x7f0000003100)=[{&(0x7f0000000300)={0x10}, 0x10}, {&(0x7f0000000ac0)={0x10, 0x37, 0x1}, 0x10}], 0x2}, 0x0) 12:55:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="18010000", @ANYRES16=r1, @ANYBLOB="010000000000000044000a"], 0x118}}, 0x0) 12:55:31 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000340)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000000)=[{}], r1, 0x1, 0x1, 0x48}}, 0x20) [ 1357.929897][T26393] netlink: 260 bytes leftover after parsing attributes in process `syz-executor.2'. 12:55:32 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000080)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @dev, 0x8}, r1}}, 0x30) 12:55:32 executing program 1: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff3000/0xb000)=nil, 0xb000, 0x0, 0x11, r0, 0x8000000) [ 1358.012482][T26398] netlink: 260 bytes leftover after parsing attributes in process `syz-executor.2'. 12:55:32 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:32 executing program 3: r0 = socket(0x2a, 0x2, 0x0) sendto$isdn(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0xfffffffffffffee7) 12:55:32 executing program 2: r0 = socket(0x29, 0x2, 0x0) ioctl$SIOCX25GFACILITIES(r0, 0x89e2, 0x0) 12:55:32 executing program 1: r0 = syz_io_uring_setup(0x5c2c, &(0x7f0000000000), &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) syz_io_uring_setup(0x4cbd, &(0x7f0000000100), &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000180), 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x8000000) syz_io_uring_setup(0x2c1c, &(0x7f00000001c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000000240), &(0x7f0000000280)) 12:55:33 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:33 executing program 5: r0 = socket(0x29, 0x2, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)=[@rights={{0x10}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}], 0x30}, 0x8800) 12:55:33 executing program 3: syz_io_uring_setup(0x3030, &(0x7f0000000380), &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200), 0x0) 12:55:33 executing program 4: syz_emit_ethernet(0x5e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}]}}}}}}}, 0x0) 12:55:33 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f0000000040)={0x39, 0x0, 0x6, 0x6, 0x54a90287}) 12:55:33 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8903, &(0x7f0000000040)) 12:55:33 executing program 4: syz_emit_ethernet(0x5e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}]}}}}}}}, 0x0) 12:55:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="18010000", @ANYRES16=r1, @ANYBLOB="0100000000000000440008"], 0x118}}, 0x0) 12:55:33 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x5452, &(0x7f0000000040)={0x39}) 12:55:33 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000004c0)={&(0x7f0000000300)=@proc, 0x2000030c, &(0x7f0000000480)=[{&(0x7f0000000340)={0x80, 0x0, 0x0, 0x0, 0x0, "", [@generic="4c164e366dce60341cf1c7e9227bb7e6237fdd66790165d4b2394781d282f925852b087a1c3a67c140a0b0587e6bca461021f8d95d7cecdc470a17f855a69aa0d13860396423d1645ab51f06909474b4b3da1a842e3f69e85f861aec0c4d1cec8300478e905e82048c", @nested={0x4}]}, 0x80}], 0x1, 0x0, 0x5000}, 0x0) 12:55:33 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x89a3, &(0x7f0000000040)) [ 1360.185630][T26437] netlink: 260 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1360.234261][T26439] netlink: 260 bytes leftover after parsing attributes in process `syz-executor.3'. 12:55:34 executing program 4: syz_emit_ethernet(0x5e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}]}}}}}}}, 0x0) [ 1361.064562][T26452] loop0: detected capacity change from 0 to 264192 12:55:35 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:35 executing program 3: r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f0000000180)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) 12:55:35 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x118}}, 0x0) bind$netlink(r0, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc) 12:55:35 executing program 1: r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @empty}}, 0x24) sendmmsg(r0, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[{0x18, 0x110, 0x1, "ec"}], 0x18}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[{0x10}, {0x18, 0x110, 0xa, "9b"}], 0x28}}], 0x2, 0x0) 12:55:35 executing program 2: r0 = io_uring_setup(0x3fff, &(0x7f00000000c0)) io_uring_setup(0xe8, &(0x7f0000000140)={0x0, 0x0, 0x22, 0x0, 0x0, 0x0, r0}) 12:55:35 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x18, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}]}]}}}}}}}, 0x0) 12:55:35 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8929, &(0x7f0000000040)) 12:55:35 executing program 1: r0 = socket(0x18, 0x0, 0x0) connect$rxrpc(r0, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x2) 12:55:35 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8995, &(0x7f0000000040)) 12:55:35 executing program 2: r0 = socket(0x2a, 0x2, 0x0) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, 0x0, 0x0) 12:55:35 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x18, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}]}]}}}}}}}, 0x0) 12:55:36 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8941, &(0x7f0000000040)={0x3}) [ 1362.876997][T26488] loop0: detected capacity change from 0 to 264192 12:55:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:37 executing program 1: syz_open_procfs(0x0, &(0x7f00008f6ff9)='mounts\x00') socket$inet6_mptcp(0xa, 0x1, 0x106) socket$rxrpc(0x21, 0x2, 0xa) socket$pppl2tp(0x18, 0x1, 0x1) unshare(0x2a000400) pselect6(0x40, &(0x7f0000000100)={0x8}, 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0) 12:55:37 executing program 2: r0 = syz_io_uring_setup(0x5c2c, &(0x7f0000000000), &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff3000/0xb000)=nil, 0xb000, 0x0, 0x12, r0, 0x2000000) 12:55:37 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x18, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}]}]}}}}}}}, 0x0) 12:55:37 executing program 5: syz_io_uring_setup(0x6509, &(0x7f0000000000), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x6509, &(0x7f0000000000), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, 0x0) syz_io_uring_setup(0x3031, &(0x7f0000000380), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000240), 0x0) syz_io_uring_setup(0x4871, &(0x7f0000000280), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000300)) 12:55:37 executing program 3: r0 = socket(0x1, 0x3, 0x0) bind$isdn(r0, 0x0, 0x0) 12:55:37 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @local, 0x2}, r1}}, 0x30) 12:55:37 executing program 3: bpf$MAP_CREATE(0x12, &(0x7f0000000080), 0x40) 12:55:37 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1a, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x2}]}]}}}}}}}, 0x0) 12:55:37 executing program 5: r0 = epoll_create1(0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0x4, 0x0, 0x0) 12:55:37 executing program 2: syz_open_procfs(0x0, &(0x7f00008f6ff9)='mounts\x00') syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$rxrpc(0x21, 0x2, 0xa) unshare(0x2a000400) pselect6(0x40, &(0x7f0000000100)={0x8}, 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0) 12:55:38 executing program 3: r0 = socket$rxrpc(0x21, 0x2, 0x2) sendto$rxrpc(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) [ 1364.714755][T26524] loop0: detected capacity change from 0 to 264192 12:55:38 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:38 executing program 5: socket$isdn(0xa, 0x3, 0x0) 12:55:38 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1a, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x2}]}]}}}}}}}, 0x0) 12:55:38 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x89a2, &(0x7f0000000040)) 12:55:38 executing program 3: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001640), 0x208a00, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff3000/0xb000)=nil, 0xb000, 0x0, 0x10, r0, 0x8000000) 12:55:39 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1a, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x2}]}]}}}}}}}, 0x0) 12:55:39 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x5411, &(0x7f0000000040)) 12:55:39 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x4020940d, &(0x7f0000000040)={0x39}) 12:55:39 executing program 1: r0 = socket(0x29, 0x2, 0x0) sendto$rxrpc(r0, &(0x7f0000000000)="c7", 0x1, 0x4000841, 0x0, 0x0) 12:55:39 executing program 5: syz_emit_ethernet(0x4a, &(0x7f00000000c0)=ANY=[], 0x0) 12:55:39 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1d, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x5, "3cccab"}]}]}}}}}}}, 0x0) 12:55:40 executing program 2: r0 = epoll_create1(0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x30000000}) [ 1366.620026][T26573] loop0: detected capacity change from 0 to 66 [ 1366.664302][T26573] EXT4-fs (loop0): bad geometry: block count 64 exceeds size of device (8 blocks) 12:55:40 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:40 executing program 3: r0 = socket(0x29, 0x2, 0x0) connect$rxrpc(r0, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0x24) 12:55:40 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8982, &(0x7f0000000040)) 12:55:40 executing program 1: r0 = socket(0x2a, 0x2, 0x0) bind$rxrpc(r0, &(0x7f0000000080)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) 12:55:40 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1d, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x5, "3cccab"}]}]}}}}}}}, 0x0) 12:55:40 executing program 2: set_mempolicy(0x1, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/slabinfo\x00', 0x0, 0x0) 12:55:41 executing program 5: r0 = socket(0x18, 0x0, 0x0) getpeername$qrtr(r0, 0x0, &(0x7f00000000c0)=0x1e) 12:55:41 executing program 3: set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x4) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x11da2117ebabf272, 0xffffffffffffffff, 0x8000000) 12:55:41 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x5411, 0x0) 12:55:41 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1d, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x5, "3cccab"}]}]}}}}}}}, 0x0) 12:55:41 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SSUBSCRIP(r0, 0x89e1, &(0x7f0000000080)={'bond0\x00'}) 12:55:41 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1e, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x6, "3cccab0e"}]}]}}}}}}}, 0x0) [ 1368.096444][T26605] loop0: detected capacity change from 0 to 66 [ 1368.124617][T26605] EXT4-fs (loop0): bad geometry: block count 64 exceeds size of device (8 blocks) 12:55:42 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:42 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f00000000c0)={0x12, 0x10, 0xfa00, {&(0x7f0000000080), r1, r0}}, 0x18) 12:55:42 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x8924, &(0x7f0000000040)) 12:55:42 executing program 3: r0 = socket(0x29, 0x2, 0x0) sendto$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:55:42 executing program 1: r0 = socket(0x2a, 0x2, 0x0) sendto$isdn(r0, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x20000106) 12:55:42 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1e, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x6, "3cccab0e"}]}]}}}}}}}, 0x0) 12:55:42 executing program 1: bpf$MAP_CREATE(0x1d, &(0x7f0000000080), 0x2c) 12:55:42 executing program 3: r0 = socket(0x2a, 0x2, 0x0) recvmmsg(r0, &(0x7f0000003280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 12:55:42 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, &(0x7f0000000000)) 12:55:43 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1e, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x6, "3cccab0e"}]}]}}}}}}}, 0x0) 12:55:43 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0xc0189436, 0x0) 12:55:43 executing program 3: r0 = socket(0x2, 0x8000a, 0x0) recvmmsg(r0, 0x0, 0x0, 0x40002122, 0x0) [ 1370.222288][T26641] loop0: detected capacity change from 0 to 66 [ 1370.271075][T26641] EXT4-fs (loop0): bad geometry: block count 64 exceeds size of device (8 blocks) 12:55:44 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[]) 12:55:44 executing program 4: syz_emit_ethernet(0x6a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0xd, 0x0, [{0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:44 executing program 1: r0 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_SECURITY_KEYRING(r0, 0x110, 0x2, &(0x7f0000000000)='\x00', 0x1) 12:55:44 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001540)={[], [{@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@fscontext={'fscontext', 0x3d, 'root'}}]}) 12:55:44 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x5452, &(0x7f0000000000)={'wpan1\x00'}) 12:55:44 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:44 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x401c5820, 0x0) 12:55:44 executing program 1: socket(0x0, 0xa00, 0x0) [ 1370.920155][T26658] tmpfs: Unknown parameter 'fscontext' 12:55:45 executing program 4: syz_emit_ethernet(0x6a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0xd, 0x0, [{0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) [ 1370.963177][T26658] tmpfs: Unknown parameter 'fscontext' 12:55:45 executing program 5: r0 = socket$kcm(0x29, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="d1", 0x1}, {0x0}], 0x2, &(0x7f0000000300)=[{0x28, 0x0, 0x0, "c63e8970465c6024f1703b4c3c5dd94cc9"}], 0x28}, 0x20040000) 12:55:45 executing program 1: perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x258, 0x4c, 0x200, 0x0, 0x0, 0x390, 0x2e8, 0x2e8, 0x390, 0x2e8, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast2, [], [], 'veth1_to_bond\x00', 'ip6gre0\x00', {}, {}, 0x6, 0x0, 0x3}, 0x0, 0x230, 0x258, 0x0, {}, [@common=@unspec=@cluster={{0x30}}, @common=@inet=@policy={{0x158}, {[{@ipv4=@dev, [], @ipv4=@multicast1}, {@ipv4, [], @ipv4=@broadcast}, {@ipv4=@multicast2, [], @ipv6=@mcast1}, {@ipv6=@loopback, [], @ipv6=@private2}], 0x1}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @remote}, @private1, [], [], 'team_slave_0\x00', 'xfrm0\x00'}, 0x0, 0x100, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@realm={{0x30}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0) r2 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) bind$packet(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000780)=@newchain={0x104, 0x64, 0x0, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff3}, {0x1}}, [@filter_kind_options=@f_cgroup={{0xb}, {0xbc, 0x2, [@TCA_CGROUP_EMATCHES={0x14, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xb754}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xd1}}]}, @TCA_CGROUP_POLICE={0xa4, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x10000, 0x3, 0x8, 0x9, 0x2, {0x4, 0x0, 0x1f, 0xfff, 0x101, 0x80000000}, {0x9, 0xe7b8170aa3efb51c, 0x6, 0x0, 0x800, 0x9}, 0x0, 0x40, 0x5}}, @TCA_POLICE_RESULT={0x8, 0x5, 0x49}, @TCA_POLICE_TBF={0x3c, 0x1, {0x5, 0x8, 0x9d, 0x80, 0x25c5, {0x5, 0x1, 0x3c, 0x6, 0x0, 0x95}, {0x0, 0x0, 0xfffb, 0x7fff, 0x7f}, 0x0, 0x6}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x1}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_AVRATE={0x8}]}]}}, @TCA_RATE={0x6, 0x5, {0x7, 0x20}}, @TCA_RATE={0x6, 0x5, {0x5, 0xff}}, @TCA_RATE={0x6, 0x5, {0x40}}]}, 0x104}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) socket(0x10, 0x3, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0) 12:55:45 executing program 2: r0 = socket(0x2, 0x8000a, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000100)={'sit0\x00', 0x0}) 12:55:46 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[]) 12:55:46 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:46 executing program 4: syz_emit_ethernet(0x6a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0xd, 0x0, [{0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:46 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8970, &(0x7f0000000000)={'wpan1\x00'}) 12:55:46 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='&\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd7000fbdbdf252000000008000300", @ANYRES32, @ANYBLOB='\f'], 0x28}}, 0x0) 12:55:46 executing program 1: syz_io_uring_setup(0x4bc8, &(0x7f0000000000)={0x0, 0x19bb, 0x8}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 12:55:47 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r0, &(0x7f0000005fc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000006200)={0x0, 0x3938700}) syz_genetlink_get_family_id$SEG6(&(0x7f0000006280), r0) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, 0x0, 0x4000010) [ 1372.975245][T26685] netlink: 10 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1373.049761][T26689] netlink: 10 bytes leftover after parsing attributes in process `syz-executor.2'. 12:55:47 executing program 4: syz_emit_ethernet(0x6e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0xf, 0x0, [{0x0, 0x2}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:47 executing program 1: socketpair(0x1e, 0x0, 0x6, &(0x7f0000000740)) 12:55:47 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8946, &(0x7f0000000000)={'wpan1\x00'}) 12:55:47 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:47 executing program 4: syz_emit_ethernet(0x6e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0xf, 0x0, [{0x0, 0x2}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) [ 1375.149450][ T1201] ieee802154 phy0 wpan0: encryption failed: -22 [ 1375.155962][ T1201] ieee802154 phy1 wpan1: encryption failed: -22 12:55:49 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[]) 12:55:49 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x20, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x20}}, 0x0) 12:55:49 executing program 2: socket$inet6(0xa, 0x5, 0x1) 12:55:49 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x801c581f, 0x0) 12:55:49 executing program 4: syz_emit_ethernet(0x6e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0xf, 0x0, [{0x0, 0x2}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:49 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:49 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x17, 0x0, [{0x0, 0xa, "c41a1fe2ed7e6f6f"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:49 executing program 1: r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000001600)={0x0, 0x0, 0x0}, 0x7ac567ae727427e3) 12:55:49 executing program 5: r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000001600)={0x0, 0x0, 0x0}, 0x0) 12:55:50 executing program 2: shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0xd000) 12:55:50 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:50 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SCAUSEDIAG(r0, 0x89ec, &(0x7f00000002c0)) 12:55:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:51 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x17, 0x0, [{0x0, 0xa, "c41a1fe2ed7e6f6f"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:51 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x5) getpeername(r0, 0x0, 0x0) 12:55:51 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x40086602, 0x0) 12:55:51 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x5421, 0x0) 12:55:51 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:51 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_ADD_KEY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[], 0x14}}, 0x0) 12:55:51 executing program 5: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$midi(r0, 0x0, 0x0) 12:55:51 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r1, 0x1}, 0x14}}, 0x0) 12:55:51 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x17, 0x0, [{0x0, 0xa, "c41a1fe2ed7e6f6f"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:52 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:52 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x7b, 0x0, 0x0, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_PAN_ID={0x6}]}, 0x30}}, 0x0) [ 1379.238451][T26774] loop0: detected capacity change from 0 to 264192 [ 1379.284845][T26774] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1379.308977][T26774] EXT4-fs (loop0): get root inode failed [ 1379.318463][T26774] EXT4-fs (loop0): mount failed 12:55:53 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:53 executing program 5: openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101102) 12:55:53 executing program 1: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TRIM(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0xffffff7f00000000}}, 0x0) 12:55:53 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1b, 0x0, [{0x0, 0xe, "c41a1fe2ed7e6f6f0f652f80"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:53 executing program 2: syz_io_uring_setup(0x290f, &(0x7f00000000c0)={0x0, 0x92fe, 0x8}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 12:55:53 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:53 executing program 1: r0 = socket(0x1, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000026c0)={&(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @random="33421073118d", 'ip6erspan0\x00'}}, 0x80, 0x0}, 0x0) 12:55:53 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x891e, &(0x7f0000000000)={'wpan1\x00'}) 12:55:53 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x5) recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 12:55:54 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1b, 0x0, [{0x0, 0xe, "c41a1fe2ed7e6f6f0f652f80"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:54 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:54 executing program 1: r0 = epoll_create(0x3) epoll_wait(r0, &(0x7f0000000000)=[{}], 0x1, 0x0) [ 1381.086437][T26810] loop0: detected capacity change from 0 to 264192 [ 1381.141541][T26810] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1381.175717][T26810] EXT4-fs (loop0): get root inode failed [ 1381.181804][T26810] EXT4-fs (loop0): mount failed 12:55:55 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:55 executing program 5: keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, &(0x7f0000001640)={0x0}) clone3(&(0x7f0000000200)={0x40000000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080), {0x13}, &(0x7f00000000c0)=""/126, 0x7e, 0x0, 0x0}, 0x58) 12:55:55 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1b, 0x0, [{0x0, 0xe, "c41a1fe2ed7e6f6f0f652f80"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:55 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:55 executing program 1: syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR03', 0x6, 0x8800}, {&(0x7f0000010300)="0100030012000100cbf1f00160", 0xd, 0xc000}, {&(0x7f0000010d00)="0900030051000100e36b7600800000000010e4070913122c1709504b0100000000000000000000001700000000000000000000000000000000000000000000000000000000000000010000002e00000080020000a0020000002a4c696e7578205544464653000000000000000000000004050000000000000500000002000000010201020102", 0x86, 0x10000}, {&(0x7f0000011100)="02000300fe0001008f77f00100010000004000006000000000400000c007", 0x1e, 0x20000}, {&(0x7f0000011300)="000103006e0001003a1ef001200000007810e4070913142c1643092d0300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0xa8000}, {&(0x7f0000011400)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900020000600000000000000000000000002a4f5354412055444620436f6d706c69616e74000000000102000000000000000000000000000000000000000000000002000040", 0xf5, 0xa80e0}, {&(0x7f0000011700)="0a010300ed000100c6e7d0016000000000000000040000000100000400000000000003000000000000000000a53c000002000000000000000801000000000000080100000000000000000000000000000010e4070913122c1643092d0010e4070913122c170936350010e4070913122c1643092d0010e4070913122c1709363501000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e75782055444646530000000000000000000000040500000000000000000000000000000000000008010000010103008500010033d418006000000001000a0000020000600000000000000000000000000000000101030087000100e81d1c0060000000010002060002000061000000000000001000000000000866696c6530010103009e0001001ffd1c0060000000010000060002000067000000000000001300000000000866696c6531010103000900010097f01c0060000000010000060002000068000000000000001400000000000866696c65320101030028000100c3e31c0060000000010000060002000068000000000000001500000000000866696c653301010300e4000100b7a72000600000000100000a000200007b000000000000001600000000000866696c652e636f6c64", 0x1e0, 0xb0000}, {&(0x7f0000012800)="0100030079000100cbf1f001c00700000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0xf8000}, {&(0x7f0000012900)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1643092d002a4c696e757820554446465300000000000000000000000405", 0xde, 0xf80c0}, {&(0x7f0000012a00)="000000000000000001000000000000000000000000000000000000000000000006000300c8000100fd10e801c107000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x7d, 0xf81e0}, {&(0x7f0000012b00)="000000000000000000000000000000000000000900020000002a4f5354412055444620436f6d706c69616e74000000000102000000000000000200002000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0xf82c0}, {&(0x7f0000012c00)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e0102040500000000010000002000020038010000a0000000e007000000000000000000000000000000000000050003009a000100cd0af001c20700000500000001000000002b4e535230330000000000000000000000000000000000000000000000000000000000000000000002", 0xa2, 0xf83a0}, {&(0x7f0000012d00)="0000000000000000000000000000000000000000000000000300000020050000a0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0xf84a0}], 0x0, &(0x7f0000013500)) 12:55:55 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) write$binfmt_aout(r0, &(0x7f0000000000), 0x20) [ 1381.572914][T26824] loop1: detected capacity change from 0 to 3972 12:55:55 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1d, 0x0, [{0x0, 0x10, "c41a1fe2ed7e6f6f0f652f80db5c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:55 executing program 2: bind$xdp(0xffffffffffffffff, 0x0, 0x0) [ 1381.742103][T26824] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 1381.912673][T26824] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) 12:55:56 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:56 executing program 1: syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)='\x00BEA01', 0x6, 0x8000}, {&(0x7f0000010100)='\x00NSR03', 0x6, 0x8800}, {&(0x7f0000010300)="0100030012000100cbf1f00160", 0xd, 0xc000}, {&(0x7f0000010d00)="0900030051000100e36b7600800000000010e4070913122c1709504b0100000000000000000000001700000000000000000000000000000000000000000000000000000000000000010000002e00000080020000a0020000002a4c696e7578205544464653000000000000000000000004050000000000000500000002000000010201020102", 0x86, 0x10000}, {&(0x7f0000011100)="02000300fe0001008f77f00100010000004000006000000000400000c007", 0x1e, 0x20000}, {&(0x7f0000011300)="000103006e0001003a1ef001200000007810e4070913142c1643092d0300030001000000010000000000000000000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x79, 0xa8000}, {&(0x7f0000011400)="00000000000000000000000000000009004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446000000000000000000000000000000000000000000000908436f707972696768740000000000000000000000000000000000000000000a084162737472616374000000000000000000000000000000000000000000000900020000600000000000000000000000002a4f5354412055444620436f6d706c69616e74000000000102000000000000000000000000000000000000000000000002000040", 0xf5, 0xa80e0}, {&(0x7f0000011700)="0a010300ed000100c6e7d0016000000000000000040000000100000400000000000003000000000000000000a53c000002000000000000000801000000000000080100000000000000000000000000000010e4070913122c1643092d0010e4070913122c170936350010e4070913122c1643092d0010e4070913122c1709363501000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e75782055444646530000000000000000000000040500000000000000000000000000000000000008010000010103008500010033d418006000000001000a0000020000600000000000000000000000000000000101030087000100e81d1c0060000000010002060002000061000000000000001000000000000866696c6530010103009e0001001ffd1c0060000000010000060002000067000000000000001300000000000866696c6531010103000900010097f01c0060000000010000060002000068000000000000001400000000000866696c65320101030028000100c3e31c0060000000010000060002000068000000000000001500000000000866696c653301010300e4000100b7a72000600000000100000a000200007b000000000000001600000000000866696c652e636f6c64", 0x1e0, 0xb0000}, {&(0x7f0000012800)="0100030079000100cbf1f001c00700000100000000000000084c696e757855444600000000000000000000000000000000000000000000090100010003000300010000000100000008313233343536373831323334353637384c696e7578554446", 0x61, 0xf8000}, {&(0x7f0000012900)="0000000000000019004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000004f53544120436f6d7072657373656420556e69636f64650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a4c696e7578206d6b756466667300000000000000000004050000000000007810e4070913142c1643092d002a4c696e757820554446465300000000000000000000000405", 0xde, 0xf80c0}, {&(0x7f0000012a00)="000000000000000001000000000000000000000000000000000000000000000006000300c8000100fd10e801c107000002000000004f53544120436f6d7072657373656420556e69636f646500000000000000000000000000000000000000000000000000000000000000000000000000000000084c696e7578554446", 0x7d, 0xf81e0}, {&(0x7f0000012b00)="000000000000000000000000000000000000000900020000002a4f5354412055444620436f6d706c69616e74000000000102000000000000000200002000000000000000000000004000000001000000002a4c696e757820554446465300000000000000000000000405", 0x6a, 0xf82c0}, {&(0x7f0000012c00)="00000000000000000000000000000000004000008000000002400000002a554446205370617261626c6520506172746974696f6e0102040500000000010000002000020038010000a0000000e007000000000000000000000000000000000000050003009a000100cd0af001c20700000500000001000000002b4e535230330000000000000000000000000000000000000000000000000000000000000000000002", 0xa2, 0xf83a0}, {&(0x7f0000012d00)="0000000000000000000000000000000000000000000000000300000020050000a0020000002a4c696e757820554446465300000000000000000000000405", 0x3e, 0xf84a0}], 0x0, &(0x7f0000013500)) 12:55:56 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1d, 0x0, [{0x0, 0x10, "c41a1fe2ed7e6f6f0f652f80db5c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:56 executing program 2: r0 = socket$unix(0x1, 0x1, 0x0) ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0) [ 1382.629042][T26864] loop1: detected capacity change from 0 to 3972 [ 1382.765168][T26864] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 1382.906209][T26864] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2020/09/19 18:44 (1000) [ 1383.406175][T26877] loop0: detected capacity change from 0 to 264192 [ 1383.504332][T26877] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1383.524350][T26877] EXT4-fs (loop0): get root inode failed [ 1383.530414][T26877] EXT4-fs (loop0): mount failed 12:55:58 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {0x0, 0x0, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:55:58 executing program 5: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x3002, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 12:55:58 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:58 executing program 2: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3) 12:55:58 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1d, 0x0, [{0x0, 0x10, "c41a1fe2ed7e6f6f0f652f80db5c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:58 executing program 1: ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x20, 0x0, {0x233}}, 0x0) ioctl$vim2m_VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, 0x0) syz_io_uring_setup(0x6e15, &(0x7f0000000400)={0x0, 0x0, 0x10, 0x9}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000000480), &(0x7f00000004c0)) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) 12:55:58 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1e, 0x0, [{0x0, 0x11, "c41a1fe2ed7e6f6f0f652f80db5cf4"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:55:58 executing program 2: io_uring_setup(0x4511, &(0x7f0000000000)={0x0, 0x0, 0x20}) 12:55:58 executing program 5: pipe2(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = epoll_create1(0x0) copy_file_range(r0, 0x0, r1, 0x0, 0x0, 0x0) 12:55:58 executing program 1: r0 = io_uring_setup(0x3c40, &(0x7f0000000300)) fcntl$notify(r0, 0x402, 0x22) 12:55:58 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:55:59 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1e, 0x0, [{0x0, 0x11, "c41a1fe2ed7e6f6f0f652f80db5cf4"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) [ 1386.957073][T26920] loop0: detected capacity change from 0 to 264192 [ 1387.006365][T26920] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1387.030746][T26920] EXT4-fs (loop0): get root inode failed [ 1387.036601][T26920] EXT4-fs (loop0): mount failed 12:56:01 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {0x0, 0x0, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:01 executing program 2: openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x10101, 0x0) 12:56:01 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockname(r0, &(0x7f0000000000)=@ethernet={0x0, @dev}, &(0x7f0000000080)=0x80) 12:56:01 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0) 12:56:01 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1e, 0x0, [{0x0, 0x11, "c41a1fe2ed7e6f6f0f652f80db5cf4"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:01 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:02 executing program 5: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, 0x0) 12:56:02 executing program 1: timer_create(0x0, 0x0, &(0x7f0000000040)) timer_create(0x0, &(0x7f0000001100)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, 0x0) 12:56:02 executing program 4: syz_emit_ethernet(0x62, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0xe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:02 executing program 2: ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, 0x0) socket(0x1d, 0x0, 0x0) 12:56:02 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:02 executing program 5: r0 = socket$inet(0x2, 0x3, 0x9) fcntl$notify(r0, 0x402, 0x0) [ 1388.822703][T26946] can: request_module (can-proto-0) failed. [ 1389.588171][T26956] loop0: detected capacity change from 0 to 264192 [ 1389.621350][T26956] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1389.644005][T26956] EXT4-fs (loop0): get root inode failed [ 1389.649994][T26956] EXT4-fs (loop0): mount failed 12:56:04 executing program 4: syz_emit_ethernet(0x62, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0xe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {0x0, 0x0, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:04 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x40086602, 0x0) 12:56:04 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000002140)={0x0, 0x0, &(0x7f0000002100)={0x0}}, 0x0) sendmsg$WG_CMD_GET_DEVICE(r0, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={0x0}}, 0x0) 12:56:04 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:04 executing program 5: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_ext={0x1c, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:56:05 executing program 5: syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r0 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x12, r0, 0x0) 12:56:05 executing program 2: pipe2(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, 0xffffffffffffffff, &(0x7f0000000380)) 12:56:05 executing program 1: pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x0) vmsplice(r0, 0x0, 0x2, 0x0) 12:56:05 executing program 4: syz_emit_ethernet(0x62, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0xe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:05 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:05 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xa5, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5}, 0x40) 12:56:05 executing program 1: select(0x40, &(0x7f0000000000), &(0x7f0000000040)={0x1}, &(0x7f0000000080)={0x401}, 0x0) [ 1393.073298][T26995] loop0: detected capacity change from 0 to 264192 [ 1393.102811][T26995] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1393.125606][T26995] EXT4-fs (loop0): get root inode failed [ 1393.131669][T26995] EXT4-fs (loop0): mount failed 12:56:07 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600), 0x0, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:07 executing program 2: perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffff7ffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x1000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) socket(0x28, 0x6, 0x23b) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x2, 0x4) r1 = fork() ptrace(0x10, r1) 12:56:07 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:07 executing program 5: r0 = socket$vsock_stream(0x28, 0x1, 0x0) recvmsg(r0, &(0x7f00000004c0)={&(0x7f0000000000)=@nfc, 0x80, 0x0}, 0x0) 12:56:07 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:07 executing program 1: r0 = syz_io_uring_setup(0x884, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d3000/0x4000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307f, 0x0, 0x4) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x55) r3 = socket$nl_route(0x10, 0x3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@ipv6_getnexthop={0x18, 0x6a, 0x1}, 0x18}}, 0x0) io_uring_enter(r0, 0x688c, 0x0, 0x0, 0x0, 0x0) 12:56:07 executing program 1: syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010003000000084e040c1240000102030109023751"], &(0x7f00000001c0)={0x0, 0x0, 0x16, 0x0}) 12:56:07 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) r0 = getpid() r1 = getpid() r2 = getpid() r3 = getpid() rt_tgsigqueueinfo(r0, r3, 0x16, &(0x7f0000000100)={0x0, 0x0, 0x3}) ptrace(0x10, r1) ptrace$pokeuser(0x6, r2, 0x0, 0xfffffffffffffffe) 12:56:07 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:08 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:08 executing program 5: symlinkat(&(0x7f00000000c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00') r0 = open$dir(&(0x7f0000000080)='.\x00', 0x0, 0x0) linkat(r0, &(0x7f00000003c0)='./file0\x00', r0, &(0x7f00000004c0)='./file1\x00', 0x0) 12:56:08 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) [ 1396.003878][T27040] loop0: detected capacity change from 0 to 264192 [ 1396.044618][T27040] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1396.351906][T27040] EXT4-fs (loop0): get root inode failed [ 1396.358135][T27040] EXT4-fs (loop0): mount failed 12:56:10 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600), 0x0, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:10 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:10 executing program 2: r0 = socket(0x840000000002, 0x3, 0x9) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0xffffffffffff0166) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r1, &(0x7f00000000c0)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240)=[{{0x0, 0xffffff7f, 0x0, 0x0, 0x0, 0x0, 0x6}}], 0x300, 0x14) 12:56:10 executing program 5: syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100b3000000084e040c124000010203210902"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0}) 12:56:10 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:10 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) [ 1396.888126][ T5] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 1397.127197][ T5] usb 6-1: Using ep0 maxpacket: 8 [ 1397.288915][ T5] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1397.297011][ T5] usb 6-1: too many configurations: 33, using maximum allowed: 8 12:56:11 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001140)={0x2, &(0x7f0000001100)=[{}, {0x60}]}) 12:56:11 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1397.619660][ T5] usb 6-1: config 0 has no interfaces? [ 1397.699958][ T5] usb 6-1: config 0 has no interfaces? [ 1397.784876][ T5] usb 6-1: config 0 has no interfaces? 12:56:11 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) [ 1397.868544][ T5] usb 6-1: config 0 has no interfaces? [ 1397.948914][ T5] usb 6-1: config 0 has no interfaces? [ 1397.977711][T27063] not chained 1130000 origins [ 1397.982516][T27063] CPU: 0 PID: 27063 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1397.991323][T27063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1398.001413][T27063] Call Trace: [ 1398.004710][T27063] [ 1398.007656][T27063] dump_stack_lvl+0x1ff/0x28e [ 1398.012386][T27063] dump_stack+0x25/0x28 [ 1398.016590][T27063] kmsan_internal_chain_origin+0x7a/0x110 [ 1398.022372][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1398.028501][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1398.033676][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1398.039559][T27063] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1398.045171][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1398.050350][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1398.056223][T27063] ? should_fail+0x75/0x9c0 [ 1398.060786][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1398.065964][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1398.072274][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1398.078409][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1398.083581][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1398.089455][T27063] __msan_chain_origin+0xbf/0x140 [ 1398.094537][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1398.099716][T27063] get_compat_msghdr+0x108/0x2c0 [ 1398.104709][T27063] ? __sys_recvmmsg+0x51c/0x6f0 [ 1398.109596][T27063] do_recvmmsg+0x1063/0x2120 [ 1398.114235][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1398.120108][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1398.125266][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1398.131566][T27063] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1398.138120][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1398.142846][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1398.149235][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1398.154304][T27063] do_fast_syscall_32+0x34/0x70 [ 1398.159195][T27063] do_SYSENTER_32+0x1b/0x20 [ 1398.163737][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1398.170125][T27063] RIP: 0023:0xf6e70549 [ 1398.174212][T27063] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1398.193857][T27063] RSP: 002b:00000000f59e65fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1398.202313][T27063] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1398.210308][T27063] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1398.218300][T27063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1398.226297][T27063] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1398.234288][T27063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1398.242294][T27063] [ 1398.247767][T27063] Uninit was stored to memory at: [ 1398.252888][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1398.259970][T27063] get_compat_msghdr+0x108/0x2c0 [ 1398.264953][T27063] do_recvmmsg+0x1063/0x2120 [ 1398.269900][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1398.274617][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1398.281117][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1398.286186][T27063] do_fast_syscall_32+0x34/0x70 [ 1398.291205][T27063] do_SYSENTER_32+0x1b/0x20 [ 1398.295753][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1398.302247][T27063] [ 1398.304593][T27063] Uninit was stored to memory at: [ 1398.309772][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1398.314938][T27063] get_compat_msghdr+0x108/0x2c0 [ 1398.320047][T27063] do_recvmmsg+0x1063/0x2120 [ 1398.324674][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1398.329553][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1398.335935][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1398.341170][T27063] do_fast_syscall_32+0x34/0x70 [ 1398.346065][T27063] do_SYSENTER_32+0x1b/0x20 [ 1398.350796][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1398.357336][T27063] [ 1398.359684][T27063] Uninit was stored to memory at: [ 1398.364768][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1398.370029][T27063] get_compat_msghdr+0x108/0x2c0 [ 1398.375017][T27063] do_recvmmsg+0x1063/0x2120 [ 1398.379822][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1398.384547][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1398.391096][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1398.396170][T27063] do_fast_syscall_32+0x34/0x70 [ 1398.401242][T27063] do_SYSENTER_32+0x1b/0x20 [ 1398.405794][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1398.412355][T27063] [ 1398.414692][T27063] Uninit was stored to memory at: [ 1398.419934][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1398.425093][T27063] get_compat_msghdr+0x108/0x2c0 [ 1398.430233][T27063] do_recvmmsg+0x1063/0x2120 [ 1398.434866][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1398.439733][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1398.446125][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1398.451362][T27063] do_fast_syscall_32+0x34/0x70 [ 1398.456257][T27063] do_SYSENTER_32+0x1b/0x20 [ 1398.460983][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1398.467501][T27063] [ 1398.469836][T27063] Uninit was stored to memory at: [ 1398.474922][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1398.480298][T27063] get_compat_msghdr+0x108/0x2c0 [ 1398.485284][T27063] do_recvmmsg+0x1063/0x2120 [ 1398.490044][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1398.494759][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1398.501331][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1398.506403][T27063] do_fast_syscall_32+0x34/0x70 [ 1398.511464][T27063] do_SYSENTER_32+0x1b/0x20 [ 1398.516012][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1398.522551][T27063] [ 1398.524887][T27063] Uninit was stored to memory at: [ 1398.530110][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1398.535265][T27063] get_compat_msghdr+0x108/0x2c0 [ 1398.540406][T27063] do_recvmmsg+0x1063/0x2120 [ 1398.545037][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1398.549900][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1398.556283][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1398.561526][T27063] do_fast_syscall_32+0x34/0x70 [ 1398.566418][T27063] do_SYSENTER_32+0x1b/0x20 [ 1398.571134][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1398.577649][T27063] [ 1398.579984][T27063] Uninit was stored to memory at: [ 1398.585073][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1398.590413][T27063] get_compat_msghdr+0x108/0x2c0 [ 1398.595401][T27063] do_recvmmsg+0x1063/0x2120 [ 1398.600221][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1398.604936][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1398.611563][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1398.616633][T27063] do_fast_syscall_32+0x34/0x70 [ 1398.621668][T27063] do_SYSENTER_32+0x1b/0x20 [ 1398.626216][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1398.632757][T27063] [ 1398.635092][T27063] Local variable msg_sys created at: [ 1398.640542][T27063] do_recvmmsg+0xc1/0x2120 [ 1398.644997][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1398.698432][ T5] usb 6-1: config 0 has no interfaces? [ 1398.778585][ T5] usb 6-1: config 0 has no interfaces? 12:56:12 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, @l2tp={0x2, 0x0, @rand_addr=0x64010101}, @ax25={0x3, @null}, 0x4}) [ 1398.859641][ T5] usb 6-1: config 0 has no interfaces? 12:56:13 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1399.021050][ T5] usb 6-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.40 [ 1399.030586][ T5] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1399.039072][ T5] usb 6-1: Product: syz [ 1399.043434][ T5] usb 6-1: Manufacturer: syz [ 1399.048435][ T5] usb 6-1: SerialNumber: syz [ 1399.162382][ T5] usb 6-1: config 0 descriptor?? [ 1399.296576][T27063] not chained 1140000 origins [ 1399.301571][T27063] CPU: 0 PID: 27063 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1399.310381][T27063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1399.320467][T27063] Call Trace: [ 1399.323763][T27063] [ 1399.326712][T27063] dump_stack_lvl+0x1ff/0x28e [ 1399.331444][T27063] dump_stack+0x25/0x28 [ 1399.335645][T27063] kmsan_internal_chain_origin+0x7a/0x110 [ 1399.341432][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1399.347558][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1399.352725][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1399.358600][T27063] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1399.364204][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1399.369372][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1399.375243][T27063] ? should_fail+0x75/0x9c0 [ 1399.379800][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1399.384967][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1399.391264][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1399.397393][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1399.402566][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1399.408433][T27063] __msan_chain_origin+0xbf/0x140 [ 1399.413517][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1399.418700][T27063] get_compat_msghdr+0x108/0x2c0 [ 1399.423688][T27063] ? __sys_recvmmsg+0x51c/0x6f0 [ 1399.428580][T27063] do_recvmmsg+0x1063/0x2120 [ 1399.433224][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1399.439103][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1399.444273][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1399.450582][T27063] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1399.457149][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1399.461879][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1399.468273][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1399.473350][T27063] do_fast_syscall_32+0x34/0x70 [ 1399.478256][T27063] do_SYSENTER_32+0x1b/0x20 [ 1399.482804][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1399.489184][T27063] RIP: 0023:0xf6e70549 [ 1399.493278][T27063] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1399.512936][T27063] RSP: 002b:00000000f59e65fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1399.521389][T27063] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1399.529398][T27063] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1399.537411][T27063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1399.545415][T27063] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1399.553419][T27063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1399.561453][T27063] [ 1399.568218][T27063] Uninit was stored to memory at: [ 1399.573314][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1399.579158][T27063] get_compat_msghdr+0x108/0x2c0 [ 1399.584145][T27063] do_recvmmsg+0x1063/0x2120 [ 1399.588933][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1399.593643][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1399.600198][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1399.605408][T27063] do_fast_syscall_32+0x34/0x70 [ 1399.610478][T27063] do_SYSENTER_32+0x1b/0x20 [ 1399.615022][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1399.621575][T27063] [ 1399.623907][T27063] Uninit was stored to memory at: [ 1399.629143][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1399.634300][T27063] get_compat_msghdr+0x108/0x2c0 [ 1399.639461][T27063] do_recvmmsg+0x1063/0x2120 [ 1399.644100][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1399.648984][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1399.655366][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1399.660623][T27063] do_fast_syscall_32+0x34/0x70 [ 1399.665520][T27063] do_SYSENTER_32+0x1b/0x20 [ 1399.670239][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1399.676620][T27063] [ 1399.679105][T27063] Uninit was stored to memory at: [ 1399.684193][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1399.689530][T27063] get_compat_msghdr+0x108/0x2c0 [ 1399.694517][T27063] do_recvmmsg+0x1063/0x2120 [ 1399.699322][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1399.704040][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1399.710604][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1399.715672][T27063] do_fast_syscall_32+0x34/0x70 [ 1399.720741][T27063] do_SYSENTER_32+0x1b/0x20 [ 1399.725235][ T8343] usb 6-1: USB disconnect, device number 14 [ 1399.725281][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1399.725341][T27063] [ 1399.725350][T27063] Uninit was stored to memory at: [ 1399.725426][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1399.750331][T27063] get_compat_msghdr+0x108/0x2c0 [ 1399.755329][T27063] do_recvmmsg+0x1063/0x2120 [ 1399.760129][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1399.764847][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1399.771390][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1399.776468][T27063] do_fast_syscall_32+0x34/0x70 [ 1399.781530][T27063] do_SYSENTER_32+0x1b/0x20 [ 1399.786072][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1399.792624][T27063] [ 1399.794973][T27063] Uninit was stored to memory at: [ 1399.800279][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1399.805442][T27063] get_compat_msghdr+0x108/0x2c0 [ 1399.810591][T27063] do_recvmmsg+0x1063/0x2120 [ 1399.815227][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1399.820096][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1399.826486][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1399.831723][T27063] do_fast_syscall_32+0x34/0x70 [ 1399.836623][T27063] do_SYSENTER_32+0x1b/0x20 [ 1399.841348][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c 12:56:13 executing program 5: syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x8, 0x44e, 0x120c, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, &(0x7f00000000c0)={0x0, 0x0, 0x16, 0x0}) [ 1399.847879][T27063] [ 1399.850211][T27063] Uninit was stored to memory at: [ 1399.855302][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1399.860638][T27063] get_compat_msghdr+0x108/0x2c0 [ 1399.865625][T27063] do_recvmmsg+0x1063/0x2120 [ 1399.870416][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1399.875126][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1399.881679][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1399.886884][T27063] do_fast_syscall_32+0x34/0x70 [ 1399.891781][T27063] do_SYSENTER_32+0x1b/0x20 [ 1399.896336][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1399.902921][T27063] [ 1399.905257][T27063] Uninit was stored to memory at: [ 1399.910518][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1399.915677][T27063] get_compat_msghdr+0x108/0x2c0 [ 1399.920834][T27063] do_recvmmsg+0x1063/0x2120 [ 1399.925467][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1399.930371][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1399.936909][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1399.941980][T27063] do_fast_syscall_32+0x34/0x70 [ 1399.947050][T27063] do_SYSENTER_32+0x1b/0x20 [ 1399.951597][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1399.958156][T27063] [ 1399.960503][T27063] Local variable msg_sys created at: [ 1399.965799][T27063] do_recvmmsg+0xc1/0x2120 [ 1399.970435][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1400.110479][T27063] not chained 1150000 origins [ 1400.115208][T27063] CPU: 0 PID: 27063 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1400.124010][T27063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1400.134087][T27063] Call Trace: [ 1400.137382][T27063] [ 1400.140330][T27063] dump_stack_lvl+0x1ff/0x28e [ 1400.145068][T27063] dump_stack+0x25/0x28 [ 1400.149258][T27063] kmsan_internal_chain_origin+0x7a/0x110 [ 1400.155044][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1400.161169][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1400.166341][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1400.172210][T27063] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1400.177816][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1400.182982][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1400.188851][T27063] ? should_fail+0x75/0x9c0 [ 1400.193412][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1400.198574][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1400.204870][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1400.210992][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1400.216161][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1400.222024][T27063] __msan_chain_origin+0xbf/0x140 [ 1400.227097][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1400.232272][T27063] get_compat_msghdr+0x108/0x2c0 [ 1400.237270][T27063] ? __sys_recvmmsg+0x51c/0x6f0 [ 1400.242169][T27063] do_recvmmsg+0x1063/0x2120 [ 1400.246809][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1400.252688][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1400.257850][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1400.264153][T27063] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.270715][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1400.275441][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.281831][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1400.286901][T27063] do_fast_syscall_32+0x34/0x70 [ 1400.291800][T27063] do_SYSENTER_32+0x1b/0x20 [ 1400.296347][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1400.302724][T27063] RIP: 0023:0xf6e70549 [ 1400.306814][T27063] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1400.326464][T27063] RSP: 002b:00000000f59e65fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1400.334921][T27063] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1400.342923][T27063] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1400.350920][T27063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1400.358916][T27063] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1400.366914][T27063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1400.374925][T27063] [ 1400.380205][T27063] Uninit was stored to memory at: [ 1400.385320][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1400.390825][T27063] get_compat_msghdr+0x108/0x2c0 [ 1400.395806][T27063] do_recvmmsg+0x1063/0x2120 [ 1400.400546][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1400.405258][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.411751][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1400.416920][T27063] do_fast_syscall_32+0x34/0x70 [ 1400.421815][T27063] do_SYSENTER_32+0x1b/0x20 [ 1400.426359][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1400.432852][T27063] [ 1400.435183][T27063] Uninit was stored to memory at: [ 1400.440401][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1400.445553][T27063] get_compat_msghdr+0x108/0x2c0 [ 1400.450636][T27063] do_recvmmsg+0x1063/0x2120 [ 1400.455261][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1400.460093][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.466490][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1400.471744][T27063] do_fast_syscall_32+0x34/0x70 [ 1400.476641][T27063] do_SYSENTER_32+0x1b/0x20 [ 1400.481449][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1400.487972][T27063] [ 1400.490308][T27063] Uninit was stored to memory at: [ 1400.495408][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1400.500734][T27063] get_compat_msghdr+0x108/0x2c0 [ 1400.505717][T27063] do_recvmmsg+0x1063/0x2120 [ 1400.510573][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1400.515290][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.521858][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1400.527066][T27063] do_fast_syscall_32+0x34/0x70 [ 1400.531959][T27063] do_SYSENTER_32+0x1b/0x20 [ 1400.536502][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1400.543066][T27063] [ 1400.545409][T27063] Uninit was stored to memory at: [ 1400.550683][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1400.555839][T27063] get_compat_msghdr+0x108/0x2c0 [ 1400.560994][T27063] do_recvmmsg+0x1063/0x2120 [ 1400.565619][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1400.570517][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.577047][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1400.582115][T27063] do_fast_syscall_32+0x34/0x70 [ 1400.587190][T27063] do_SYSENTER_32+0x1b/0x20 [ 1400.591736][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1400.598475][T27063] [ 1400.600814][T27063] Uninit was stored to memory at: [ 1400.605925][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1400.611256][T27063] get_compat_msghdr+0x108/0x2c0 [ 1400.616246][T27063] do_recvmmsg+0x1063/0x2120 [ 1400.621051][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1400.625772][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.632351][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1400.637562][T27063] do_fast_syscall_32+0x34/0x70 [ 1400.642456][T27063] do_SYSENTER_32+0x1b/0x20 [ 1400.647167][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1400.653544][T27063] [ 1400.655876][T27063] Uninit was stored to memory at: [ 1400.661140][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1400.666293][T27063] get_compat_msghdr+0x108/0x2c0 [ 1400.671468][T27063] do_recvmmsg+0x1063/0x2120 [ 1400.676102][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1400.680994][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.687508][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1400.692575][T27063] do_fast_syscall_32+0x34/0x70 [ 1400.697649][T27063] do_SYSENTER_32+0x1b/0x20 [ 1400.702197][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1400.708745][T27063] [ 1400.711077][T27063] Uninit was stored to memory at: [ 1400.716159][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1400.721489][T27063] get_compat_msghdr+0x108/0x2c0 [ 1400.726473][T27063] do_recvmmsg+0x1063/0x2120 [ 1400.731278][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1400.735999][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.742556][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1400.747772][T27063] do_fast_syscall_32+0x34/0x70 [ 1400.752664][T27063] do_SYSENTER_32+0x1b/0x20 [ 1400.757374][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1400.763751][T27063] [ 1400.766086][T27063] Local variable msg_sys created at: [ 1400.771560][T27063] do_recvmmsg+0xc1/0x2120 [ 1400.776018][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1400.784204][T27059] not chained 1160000 origins [ 1400.789140][T27059] CPU: 1 PID: 27059 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1400.797938][T27059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1400.808283][T27059] Call Trace: [ 1400.811581][T27059] [ 1400.814527][T27059] dump_stack_lvl+0x1ff/0x28e [ 1400.819256][T27059] dump_stack+0x25/0x28 [ 1400.823449][T27059] kmsan_internal_chain_origin+0x7a/0x110 [ 1400.829219][T27059] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1400.835337][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1400.840497][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1400.846358][T27059] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1400.851952][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1400.857197][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1400.863058][T27059] ? should_fail+0x75/0x9c0 [ 1400.867605][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1400.872759][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1400.879056][T27059] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1400.885177][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1400.890336][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1400.896192][T27059] __msan_chain_origin+0xbf/0x140 [ 1400.901261][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1400.906436][T27059] get_compat_msghdr+0x108/0x2c0 [ 1400.911425][T27059] ? __sys_recvmmsg+0x51c/0x6f0 [ 1400.916310][T27059] do_recvmmsg+0x1063/0x2120 [ 1400.920951][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1400.926115][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1400.932408][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1400.937564][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1400.943857][T27059] ? fput+0x82/0x320 [ 1400.947795][T27059] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.954356][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1400.959077][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1400.965462][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1400.970530][T27059] do_fast_syscall_32+0x34/0x70 [ 1400.975421][T27059] do_SYSENTER_32+0x1b/0x20 [ 1400.979961][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1400.986332][T27059] RIP: 0023:0xf6e70549 [ 1400.990421][T27059] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1401.010069][T27059] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1401.018522][T27059] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1401.026516][T27059] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1401.034511][T27059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1401.042503][T27059] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1401.050496][T27059] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1401.058512][T27059] [ 1401.066265][T27059] Uninit was stored to memory at: [ 1401.072909][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1401.078152][T27059] get_compat_msghdr+0x108/0x2c0 [ 1401.083136][T27059] do_recvmmsg+0x1063/0x2120 [ 1401.087845][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1401.092555][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1401.099019][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1401.104085][T27059] do_fast_syscall_32+0x34/0x70 [ 1401.109059][T27059] do_SYSENTER_32+0x1b/0x20 [ 1401.113604][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.120074][T27059] [ 1401.122411][T27059] Uninit was stored to memory at: [ 1401.127593][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1401.132748][T27059] get_compat_msghdr+0x108/0x2c0 [ 1401.137812][T27059] do_recvmmsg+0x1063/0x2120 [ 1401.142440][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1401.147293][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1401.153682][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1401.158898][T27059] do_fast_syscall_32+0x34/0x70 [ 1401.163810][T27059] do_SYSENTER_32+0x1b/0x20 [ 1401.168506][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.174879][T27059] [ 1401.177349][T27059] Uninit was stored to memory at: [ 1401.182439][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1401.187734][T27059] get_compat_msghdr+0x108/0x2c0 [ 1401.192725][T27059] do_recvmmsg+0x1063/0x2120 [ 1401.197505][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1401.202215][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1401.208755][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1401.213827][T27059] do_fast_syscall_32+0x34/0x70 [ 1401.218861][T27059] do_SYSENTER_32+0x1b/0x20 [ 1401.223409][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.229933][T27059] [ 1401.232272][T27059] Uninit was stored to memory at: [ 1401.237504][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1401.242662][T27059] get_compat_msghdr+0x108/0x2c0 [ 1401.247730][T27059] do_recvmmsg+0x1063/0x2120 [ 1401.252362][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1401.257213][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1401.263590][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1401.268802][T27059] do_fast_syscall_32+0x34/0x70 [ 1401.273694][T27059] do_SYSENTER_32+0x1b/0x20 [ 1401.278392][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.284807][T27059] [ 1401.287231][T27059] Uninit was stored to memory at: [ 1401.292328][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1401.297573][T27059] get_compat_msghdr+0x108/0x2c0 [ 1401.302548][T27059] do_recvmmsg+0x1063/0x2120 [ 1401.307308][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1401.312023][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1401.318543][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1401.323616][T27059] do_fast_syscall_32+0x34/0x70 [ 1401.328670][T27059] do_SYSENTER_32+0x1b/0x20 [ 1401.333224][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.339751][T27059] [ 1401.342089][T27059] Uninit was stored to memory at: [ 1401.347328][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1401.352491][T27059] get_compat_msghdr+0x108/0x2c0 [ 1401.357621][T27059] do_recvmmsg+0x1063/0x2120 [ 1401.362247][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1401.367463][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1401.373851][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1401.379078][T27059] do_fast_syscall_32+0x34/0x70 [ 1401.383974][T27059] do_SYSENTER_32+0x1b/0x20 [ 1401.388618][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.394992][T27059] [ 1401.397467][T27059] Uninit was stored to memory at: [ 1401.402572][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1401.407872][T27059] get_compat_msghdr+0x108/0x2c0 [ 1401.412848][T27059] do_recvmmsg+0x1063/0x2120 [ 1401.417609][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1401.422337][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1401.428908][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1401.433987][T27059] do_fast_syscall_32+0x34/0x70 [ 1401.439029][T27059] do_SYSENTER_32+0x1b/0x20 [ 1401.443582][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1401.450108][T27059] [ 1401.452454][T27059] Local variable msg_sys created at: [ 1401.457841][T27059] do_recvmmsg+0xc1/0x2120 [ 1401.462294][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1401.967255][ T5] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 1402.247414][ T5] usb 6-1: Using ep0 maxpacket: 8 [ 1402.411575][ T5] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1402.498748][ T5] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1402.668479][ T5] usb 6-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.40 [ 1402.678026][ T5] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1402.686261][ T5] usb 6-1: Product: syz [ 1402.690895][ T5] usb 6-1: Manufacturer: syz [ 1402.695708][ T5] usb 6-1: SerialNumber: syz [ 1402.778531][T27063] not chained 1170000 origins [ 1402.783340][T27063] CPU: 0 PID: 27063 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1402.792150][T27063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1402.802228][T27063] Call Trace: [ 1402.805521][T27063] [ 1402.808468][T27063] dump_stack_lvl+0x1ff/0x28e [ 1402.813199][T27063] dump_stack+0x25/0x28 [ 1402.817397][T27063] kmsan_internal_chain_origin+0x7a/0x110 [ 1402.823175][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1402.829302][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1402.834565][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1402.840437][T27063] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1402.846042][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1402.851206][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1402.857073][T27063] ? should_fail+0x75/0x9c0 [ 1402.861632][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1402.866796][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1402.873099][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1402.879234][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1402.884406][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1402.890401][T27063] __msan_chain_origin+0xbf/0x140 [ 1402.895479][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1402.900661][T27063] get_compat_msghdr+0x108/0x2c0 [ 1402.905655][T27063] ? __sys_recvmmsg+0x51c/0x6f0 [ 1402.910545][T27063] do_recvmmsg+0x1063/0x2120 [ 1402.915187][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1402.921066][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1402.926233][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1402.932535][T27063] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1402.939098][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1402.943838][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1402.950228][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1402.955303][T27063] do_fast_syscall_32+0x34/0x70 [ 1402.960205][T27063] do_SYSENTER_32+0x1b/0x20 [ 1402.964810][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1402.971188][T27063] RIP: 0023:0xf6e70549 [ 1402.975283][T27063] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1402.994939][T27063] RSP: 002b:00000000f59e65fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1403.003393][T27063] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1403.011398][T27063] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1403.019402][T27063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1403.027402][T27063] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1403.035396][T27063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1403.043408][T27063] [ 1403.048599][T27063] Uninit was stored to memory at: [ 1403.053700][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1403.059261][T27063] get_compat_msghdr+0x108/0x2c0 [ 1403.064250][T27063] do_recvmmsg+0x1063/0x2120 [ 1403.069071][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1403.073807][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.080374][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1403.085444][T27063] do_fast_syscall_32+0x34/0x70 [ 1403.090526][T27063] do_SYSENTER_32+0x1b/0x20 [ 1403.095333][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1403.101889][T27063] [ 1403.104222][T27063] Uninit was stored to memory at: [ 1403.109487][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1403.114649][T27063] get_compat_msghdr+0x108/0x2c0 [ 1403.119815][T27063] do_recvmmsg+0x1063/0x2120 [ 1403.124444][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1403.129352][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.135734][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1403.140983][T27063] do_fast_syscall_32+0x34/0x70 [ 1403.145885][T27063] do_SYSENTER_32+0x1b/0x20 [ 1403.150593][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1403.157100][T27063] [ 1403.159436][T27063] Uninit was stored to memory at: [ 1403.164521][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1403.169848][T27063] get_compat_msghdr+0x108/0x2c0 [ 1403.174832][T27063] do_recvmmsg+0x1063/0x2120 [ 1403.179623][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1403.184339][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.190906][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1403.195978][T27063] do_fast_syscall_32+0x34/0x70 [ 1403.201051][T27063] do_SYSENTER_32+0x1b/0x20 [ 1403.205601][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1403.212147][T27063] [ 1403.214481][T27063] Uninit was stored to memory at: [ 1403.219718][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1403.224873][T27063] get_compat_msghdr+0x108/0x2c0 [ 1403.230019][T27063] do_recvmmsg+0x1063/0x2120 [ 1403.234649][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1403.239535][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.245919][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1403.251155][T27063] do_fast_syscall_32+0x34/0x70 [ 1403.256048][T27063] do_SYSENTER_32+0x1b/0x20 [ 1403.260767][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1403.267280][T27063] [ 1403.269611][T27063] Uninit was stored to memory at: [ 1403.274716][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1403.280053][T27063] get_compat_msghdr+0x108/0x2c0 [ 1403.285041][T27063] do_recvmmsg+0x1063/0x2120 [ 1403.289827][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1403.294541][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.301088][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1403.306157][T27063] do_fast_syscall_32+0x34/0x70 [ 1403.311222][T27063] do_SYSENTER_32+0x1b/0x20 [ 1403.315771][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1403.322314][T27063] [ 1403.324664][T27063] Uninit was stored to memory at: [ 1403.329890][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1403.335044][T27063] get_compat_msghdr+0x108/0x2c0 [ 1403.340182][T27063] do_recvmmsg+0x1063/0x2120 [ 1403.344813][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1403.349668][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.356055][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1403.361294][T27063] do_fast_syscall_32+0x34/0x70 [ 1403.366194][T27063] do_SYSENTER_32+0x1b/0x20 [ 1403.370903][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1403.377415][T27063] [ 1403.379748][T27063] Uninit was stored to memory at: [ 1403.384838][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1403.390193][T27063] get_compat_msghdr+0x108/0x2c0 [ 1403.395180][T27063] do_recvmmsg+0x1063/0x2120 [ 1403.399958][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1403.404672][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.411224][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1403.416292][T27063] do_fast_syscall_32+0x34/0x70 [ 1403.421366][T27063] do_SYSENTER_32+0x1b/0x20 [ 1403.425913][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1403.432465][T27063] [ 1403.434801][T27063] Local variable msg_sys created at: [ 1403.440266][T27063] do_recvmmsg+0xc1/0x2120 [ 1403.444718][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1403.505797][ T5] usbhid 6-1:1.0: couldn't find an input interrupt endpoint [ 1403.618450][T27059] not chained 1180000 origins [ 1403.623179][T27059] CPU: 0 PID: 27059 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1403.631980][T27059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1403.642060][T27059] Call Trace: [ 1403.645355][T27059] [ 1403.648307][T27059] dump_stack_lvl+0x1ff/0x28e [ 1403.653041][T27059] dump_stack+0x25/0x28 [ 1403.657241][T27059] kmsan_internal_chain_origin+0x7a/0x110 [ 1403.663019][T27059] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1403.669145][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1403.674312][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1403.680183][T27059] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1403.685790][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1403.690959][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1403.696833][T27059] ? should_fail+0x75/0x9c0 [ 1403.701400][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1403.706570][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1403.712877][T27059] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1403.719008][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1403.724180][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1403.730046][T27059] __msan_chain_origin+0xbf/0x140 [ 1403.735139][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1403.740319][T27059] get_compat_msghdr+0x108/0x2c0 [ 1403.745314][T27059] ? __sys_recvmmsg+0x51c/0x6f0 [ 1403.750206][T27059] do_recvmmsg+0x1063/0x2120 [ 1403.754858][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1403.760036][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1403.766342][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1403.771513][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1403.777813][T27059] ? fput+0x82/0x320 [ 1403.781770][T27059] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.788343][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1403.793071][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.799469][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1403.804543][T27059] do_fast_syscall_32+0x34/0x70 [ 1403.809440][T27059] do_SYSENTER_32+0x1b/0x20 [ 1403.813989][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1403.820366][T27059] RIP: 0023:0xf6e70549 [ 1403.824466][T27059] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1403.844123][T27059] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1403.852583][T27059] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1403.860601][T27059] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1403.868600][T27059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1403.876600][T27059] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1403.884598][T27059] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1403.892611][T27059] [ 1403.899264][T27059] Uninit was stored to memory at: [ 1403.904371][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1403.910248][T27059] get_compat_msghdr+0x108/0x2c0 [ 1403.915242][T27059] do_recvmmsg+0x1063/0x2120 [ 1403.919175][ T8343] usb 6-1: USB disconnect, device number 15 [ 1403.919982][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1403.930586][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.937105][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1403.942184][T27059] do_fast_syscall_32+0x34/0x70 [ 1403.947707][T27059] do_SYSENTER_32+0x1b/0x20 [ 1403.952261][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1403.958821][T27059] [ 1403.961159][T27059] Uninit was stored to memory at: [ 1403.966247][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1403.971586][T27059] get_compat_msghdr+0x108/0x2c0 [ 1403.976575][T27059] do_recvmmsg+0x1063/0x2120 [ 1403.981371][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1403.986084][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1403.992624][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1403.997838][T27059] do_fast_syscall_32+0x34/0x70 [ 1404.002739][T27059] do_SYSENTER_32+0x1b/0x20 [ 1404.007441][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1404.013823][T27059] [ 1404.016158][T27059] Uninit was stored to memory at: [ 1404.021429][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1404.026588][T27059] get_compat_msghdr+0x108/0x2c0 [ 1404.031753][T27059] do_recvmmsg+0x1063/0x2120 [ 1404.036381][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.041274][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.047901][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1404.052967][T27059] do_fast_syscall_32+0x34/0x70 [ 1404.058030][T27059] do_SYSENTER_32+0x1b/0x20 [ 1404.062583][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1404.069136][T27059] [ 1404.071467][T27059] Uninit was stored to memory at: [ 1404.076562][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1404.081894][T27059] get_compat_msghdr+0x108/0x2c0 [ 1404.087029][T27059] do_recvmmsg+0x1063/0x2120 [ 1404.091656][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.096367][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.102935][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1404.108161][T27059] do_fast_syscall_32+0x34/0x70 [ 1404.113055][T27059] do_SYSENTER_32+0x1b/0x20 [ 1404.117759][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1404.124129][T27059] [ 1404.126459][T27059] Uninit was stored to memory at: [ 1404.131720][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1404.137013][T27059] get_compat_msghdr+0x108/0x2c0 [ 1404.142016][T27059] do_recvmmsg+0x1063/0x2120 [ 1404.146647][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.151539][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.158078][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1404.163150][T27059] do_fast_syscall_32+0x34/0x70 [ 1404.168240][T27059] do_SYSENTER_32+0x1b/0x20 [ 1404.172787][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1404.179346][T27059] [ 1404.181690][T27059] Uninit was stored to memory at: [ 1404.186953][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1404.192114][T27059] get_compat_msghdr+0x108/0x2c0 [ 1404.197260][T27059] do_recvmmsg+0x1063/0x2120 [ 1404.201889][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.206599][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.213162][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1404.218392][T27059] do_fast_syscall_32+0x34/0x70 [ 1404.223286][T27059] do_SYSENTER_32+0x1b/0x20 [ 1404.228005][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1404.234382][T27059] [ 1404.236717][T27059] Uninit was stored to memory at: [ 1404.241985][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1404.247303][T27059] get_compat_msghdr+0x108/0x2c0 [ 1404.252293][T27059] do_recvmmsg+0x1063/0x2120 [ 1404.257082][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.261798][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.268358][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1404.273427][T27059] do_fast_syscall_32+0x34/0x70 [ 1404.278486][T27059] do_SYSENTER_32+0x1b/0x20 [ 1404.283037][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1404.289586][T27059] [ 1404.291924][T27059] Local variable msg_sys created at: [ 1404.297384][T27059] do_recvmmsg+0xc1/0x2120 [ 1404.301835][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.512256][T27059] not chained 1190000 origins [ 1404.517118][T27059] CPU: 0 PID: 27059 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1404.525922][T27059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1404.536007][T27059] Call Trace: [ 1404.539304][T27059] [ 1404.542253][T27059] dump_stack_lvl+0x1ff/0x28e [ 1404.547172][T27059] dump_stack+0x25/0x28 [ 1404.551383][T27059] kmsan_internal_chain_origin+0x7a/0x110 [ 1404.557165][T27059] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1404.563296][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1404.568478][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1404.574352][T27059] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1404.579969][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1404.585139][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1404.591012][T27059] ? should_fail+0x75/0x9c0 [ 1404.595573][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1404.600742][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1404.607040][T27059] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1404.613165][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1404.618335][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1404.624249][T27059] __msan_chain_origin+0xbf/0x140 [ 1404.629345][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1404.634530][T27059] get_compat_msghdr+0x108/0x2c0 [ 1404.639527][T27059] ? __sys_recvmmsg+0x51c/0x6f0 [ 1404.644432][T27059] do_recvmmsg+0x1063/0x2120 [ 1404.649085][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1404.654258][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1404.660568][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1404.665733][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1404.672034][T27059] ? fput+0x82/0x320 [ 1404.675976][T27059] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.682535][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.687261][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.693663][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1404.698735][T27059] do_fast_syscall_32+0x34/0x70 [ 1404.703641][T27059] do_SYSENTER_32+0x1b/0x20 [ 1404.708184][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1404.714563][T27059] RIP: 0023:0xf6e70549 [ 1404.718656][T27059] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1404.738309][T27059] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1404.746766][T27059] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1404.754794][T27059] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1404.762803][T27059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1404.770808][T27059] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1404.778814][T27059] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1404.786830][T27059] [ 1404.792118][T27059] Uninit was stored to memory at: [ 1404.797493][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1404.802655][T27059] get_compat_msghdr+0x108/0x2c0 [ 1404.807769][T27059] do_recvmmsg+0x1063/0x2120 [ 1404.812420][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.817259][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.823661][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1404.828848][T27059] do_fast_syscall_32+0x34/0x70 [ 1404.833749][T27059] do_SYSENTER_32+0x1b/0x20 [ 1404.838417][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1404.844795][T27059] [ 1404.847239][T27059] Uninit was stored to memory at: [ 1404.852333][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1404.857626][T27059] get_compat_msghdr+0x108/0x2c0 [ 1404.862619][T27059] do_recvmmsg+0x1063/0x2120 [ 1404.867356][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.872072][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.878602][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1404.883678][T27059] do_fast_syscall_32+0x34/0x70 [ 1404.888688][T27059] do_SYSENTER_32+0x1b/0x20 [ 1404.893237][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1404.899795][T27059] [ 1404.902148][T27059] Uninit was stored to memory at: [ 1404.907359][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1404.912516][T27059] get_compat_msghdr+0x108/0x2c0 [ 1404.917613][T27059] do_recvmmsg+0x1063/0x2120 [ 1404.922241][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.927082][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.933466][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1404.938648][T27059] do_fast_syscall_32+0x34/0x70 [ 1404.943544][T27059] do_SYSENTER_32+0x1b/0x20 [ 1404.948202][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1404.954576][T27059] [ 1404.957016][T27059] Uninit was stored to memory at: [ 1404.957157][ T8343] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 1404.962102][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1404.974832][T27059] get_compat_msghdr+0x108/0x2c0 [ 1404.979946][T27059] do_recvmmsg+0x1063/0x2120 [ 1404.984580][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1404.989402][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1404.995795][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1405.000973][T27059] do_fast_syscall_32+0x34/0x70 [ 1405.005903][T27059] do_SYSENTER_32+0x1b/0x20 [ 1405.010567][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1405.017027][T27059] [ 1405.019362][T27059] Uninit was stored to memory at: [ 1405.024455][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1405.029745][T27059] get_compat_msghdr+0x108/0x2c0 [ 1405.034766][T27059] do_recvmmsg+0x1063/0x2120 [ 1405.039507][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1405.044656][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1405.051169][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1405.056240][T27059] do_fast_syscall_32+0x34/0x70 [ 1405.061242][T27059] do_SYSENTER_32+0x1b/0x20 [ 1405.065798][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1405.072314][T27059] [ 1405.074650][T27059] Uninit was stored to memory at: [ 1405.079833][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1405.084997][T27059] get_compat_msghdr+0x108/0x2c0 [ 1405.090095][T27059] do_recvmmsg+0x1063/0x2120 [ 1405.094721][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1405.099521][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1405.105901][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1405.111089][T27059] do_fast_syscall_32+0x34/0x70 [ 1405.115982][T27059] do_SYSENTER_32+0x1b/0x20 [ 1405.120620][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1405.127082][T27059] [ 1405.129423][T27059] Uninit was stored to memory at: [ 1405.134513][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1405.139786][T27059] get_compat_msghdr+0x108/0x2c0 [ 1405.144785][T27059] do_recvmmsg+0x1063/0x2120 [ 1405.149545][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1405.154258][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1405.160795][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1405.165888][T27059] do_fast_syscall_32+0x34/0x70 [ 1405.170906][T27059] do_SYSENTER_32+0x1b/0x20 [ 1405.175452][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1405.181946][T27059] [ 1405.184280][T27059] Local variable msg_sys created at: [ 1405.189674][T27059] do_recvmmsg+0xc1/0x2120 [ 1405.194143][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1405.256927][ T8343] usb 6-1: Using ep0 maxpacket: 8 [ 1405.438199][ T8343] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1405.517339][ T8343] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 1405.525104][ T8343] usb 6-1: can't read configurations, error -71 [ 1405.621638][T27063] not chained 1200000 origins [ 1405.626361][T27063] CPU: 0 PID: 27063 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1405.635159][T27063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1405.645238][T27063] Call Trace: [ 1405.648533][T27063] [ 1405.651480][T27063] dump_stack_lvl+0x1ff/0x28e [ 1405.656210][T27063] dump_stack+0x25/0x28 [ 1405.660406][T27063] kmsan_internal_chain_origin+0x7a/0x110 [ 1405.666185][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1405.672307][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1405.677478][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1405.683344][T27063] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1405.688948][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1405.694112][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1405.699983][T27063] ? should_fail+0x75/0x9c0 [ 1405.704550][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1405.709716][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1405.716017][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1405.722152][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1405.727316][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1405.733181][T27063] __msan_chain_origin+0xbf/0x140 [ 1405.738265][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1405.743449][T27063] get_compat_msghdr+0x108/0x2c0 [ 1405.748445][T27063] ? __sys_recvmmsg+0x51c/0x6f0 [ 1405.753342][T27063] do_recvmmsg+0x1063/0x2120 [ 1405.757999][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1405.763883][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1405.769057][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1405.775362][T27063] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1405.781929][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1405.786653][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1405.793048][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1405.798121][T27063] do_fast_syscall_32+0x34/0x70 [ 1405.803022][T27063] do_SYSENTER_32+0x1b/0x20 [ 1405.807578][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1405.813962][T27063] RIP: 0023:0xf6e70549 [ 1405.818053][T27063] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1405.837707][T27063] RSP: 002b:00000000f59e65fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1405.848251][T27063] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1405.856260][T27063] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1405.864263][T27063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1405.872257][T27063] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1405.880251][T27063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1405.888259][T27063] [ 1405.897947][T27063] Uninit was stored to memory at: [ 1405.903054][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1405.911745][T27063] get_compat_msghdr+0x108/0x2c0 [ 1405.916849][T27063] do_recvmmsg+0x1063/0x2120 [ 1405.921503][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1405.926216][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1405.932791][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1405.938019][T27063] do_fast_syscall_32+0x34/0x70 [ 1405.942910][T27063] do_SYSENTER_32+0x1b/0x20 [ 1405.947627][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1405.954002][T27063] [ 1405.956332][T27063] Uninit was stored to memory at: [ 1405.961598][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1405.966896][T27063] get_compat_msghdr+0x108/0x2c0 [ 1405.971887][T27063] do_recvmmsg+0x1063/0x2120 [ 1405.976511][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1405.981409][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1405.987959][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1405.993033][T27063] do_fast_syscall_32+0x34/0x70 [ 1405.998094][T27063] do_SYSENTER_32+0x1b/0x20 [ 1406.002652][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.009206][T27063] [ 1406.011548][T27063] Uninit was stored to memory at: [ 1406.016632][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.021968][T27063] get_compat_msghdr+0x108/0x2c0 [ 1406.027081][T27063] do_recvmmsg+0x1063/0x2120 [ 1406.031705][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1406.036413][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.042957][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1406.048184][T27063] do_fast_syscall_32+0x34/0x70 [ 1406.053077][T27063] do_SYSENTER_32+0x1b/0x20 [ 1406.057782][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.064161][T27063] [ 1406.066494][T27063] Uninit was stored to memory at: [ 1406.071761][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.077066][T27063] get_compat_msghdr+0x108/0x2c0 [ 1406.082053][T27063] do_recvmmsg+0x1063/0x2120 [ 1406.086677][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1406.091546][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.098113][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1406.103188][T27063] do_fast_syscall_32+0x34/0x70 [ 1406.108252][T27063] do_SYSENTER_32+0x1b/0x20 [ 1406.112813][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.119363][T27063] [ 1406.121693][T27063] Uninit was stored to memory at: [ 1406.126955][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.132111][T27063] get_compat_msghdr+0x108/0x2c0 [ 1406.137262][T27063] do_recvmmsg+0x1063/0x2120 [ 1406.141889][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1406.146599][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.153156][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1406.158374][T27063] do_fast_syscall_32+0x34/0x70 [ 1406.163268][T27063] do_SYSENTER_32+0x1b/0x20 [ 1406.167983][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.174360][T27063] [ 1406.176689][T27063] Uninit was stored to memory at: [ 1406.181965][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.187284][T27063] get_compat_msghdr+0x108/0x2c0 [ 1406.192266][T27063] do_recvmmsg+0x1063/0x2120 [ 1406.197052][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1406.201763][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.208319][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1406.213386][T27063] do_fast_syscall_32+0x34/0x70 [ 1406.218442][T27063] do_SYSENTER_32+0x1b/0x20 [ 1406.222997][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.229545][T27063] [ 1406.231885][T27063] Uninit was stored to memory at: [ 1406.237155][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.242322][T27063] get_compat_msghdr+0x108/0x2c0 [ 1406.247475][T27063] do_recvmmsg+0x1063/0x2120 [ 1406.252103][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1406.256974][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.263358][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1406.268603][T27063] do_fast_syscall_32+0x34/0x70 [ 1406.273496][T27063] do_SYSENTER_32+0x1b/0x20 [ 1406.278213][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.284604][T27063] [ 1406.287102][T27063] Local variable msg_sys created at: [ 1406.292405][T27063] do_recvmmsg+0xc1/0x2120 [ 1406.292764][T27059] not chained 1210000 origins [ 1406.296998][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1406.306374][T27059] CPU: 1 PID: 27059 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1406.315171][T27059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1406.325254][T27059] Call Trace: [ 1406.328544][T27059] [ 1406.331486][T27059] dump_stack_lvl+0x1ff/0x28e [ 1406.336210][T27059] dump_stack+0x25/0x28 [ 1406.340404][T27059] kmsan_internal_chain_origin+0x7a/0x110 [ 1406.346612][T27059] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1406.352732][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1406.357900][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1406.363769][T27059] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1406.369377][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1406.374551][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1406.380424][T27059] ? should_fail+0x75/0x9c0 [ 1406.384990][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1406.390151][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1406.396449][T27059] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1406.402571][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1406.407736][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1406.413598][T27059] __msan_chain_origin+0xbf/0x140 [ 1406.418757][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.423939][T27059] get_compat_msghdr+0x108/0x2c0 [ 1406.428934][T27059] ? __sys_recvmmsg+0x51c/0x6f0 [ 1406.433829][T27059] do_recvmmsg+0x1063/0x2120 [ 1406.438477][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1406.443656][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1406.449976][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1406.455137][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1406.461444][T27059] ? fput+0x82/0x320 [ 1406.465385][T27059] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.471950][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1406.476685][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.483083][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1406.488161][T27059] do_fast_syscall_32+0x34/0x70 [ 1406.493057][T27059] do_SYSENTER_32+0x1b/0x20 [ 1406.497600][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.503989][T27059] RIP: 0023:0xf6e70549 [ 1406.508082][T27059] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1406.527734][T27059] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1406.536186][T27059] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1406.544188][T27059] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1406.552186][T27059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1406.560182][T27059] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1406.568177][T27059] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1406.576191][T27059] [ 1406.583863][T27059] Uninit was stored to memory at: [ 1406.590236][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.595405][T27059] get_compat_msghdr+0x108/0x2c0 [ 1406.600550][T27059] do_recvmmsg+0x1063/0x2120 [ 1406.605324][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1406.610200][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.616583][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1406.621803][T27059] do_fast_syscall_32+0x34/0x70 [ 1406.626705][T27059] do_SYSENTER_32+0x1b/0x20 [ 1406.631404][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.637900][T27059] [ 1406.640281][T27059] Uninit was stored to memory at: [ 1406.645380][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.650694][T27059] get_compat_msghdr+0x108/0x2c0 [ 1406.655706][T27059] do_recvmmsg+0x1063/0x2120 [ 1406.660488][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1406.665204][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.671737][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1406.676880][T27059] do_fast_syscall_32+0x34/0x70 [ 1406.681773][T27059] do_SYSENTER_32+0x1b/0x20 [ 1406.686317][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.692851][T27059] [ 1406.695184][T27059] Uninit was stored to memory at: [ 1406.700445][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.705608][T27059] get_compat_msghdr+0x108/0x2c0 [ 1406.710743][T27059] do_recvmmsg+0x1063/0x2120 [ 1406.715374][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1406.720239][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.726622][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1406.731838][T27059] do_fast_syscall_32+0x34/0x70 [ 1406.736732][T27059] do_SYSENTER_32+0x1b/0x20 [ 1406.741402][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.748268][T27059] [ 1406.750602][T27059] Uninit was stored to memory at: [ 1406.755689][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.760996][T27059] get_compat_msghdr+0x108/0x2c0 [ 1406.765982][T27059] do_recvmmsg+0x1063/0x2120 [ 1406.770760][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1406.775475][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.782005][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1406.787248][T27059] do_fast_syscall_32+0x34/0x70 [ 1406.792144][T27059] do_SYSENTER_32+0x1b/0x20 [ 1406.796687][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.803218][T27059] [ 1406.805549][T27059] Uninit was stored to memory at: [ 1406.810803][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.815962][T27059] get_compat_msghdr+0x108/0x2c0 [ 1406.821134][T27059] do_recvmmsg+0x1063/0x2120 [ 1406.825766][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1406.830632][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.837141][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1406.842216][T27059] do_fast_syscall_32+0x34/0x70 [ 1406.847250][T27059] do_SYSENTER_32+0x1b/0x20 [ 1406.851807][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.858326][T27059] [ 1406.860664][T27059] Uninit was stored to memory at: [ 1406.865752][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.871054][T27059] get_compat_msghdr+0x108/0x2c0 [ 1406.876038][T27059] do_recvmmsg+0x1063/0x2120 [ 1406.880805][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1406.885519][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.892050][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1406.897355][T27059] do_fast_syscall_32+0x34/0x70 [ 1406.902251][T27059] do_SYSENTER_32+0x1b/0x20 [ 1406.906942][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.913319][T27059] [ 1406.915652][T27059] Uninit was stored to memory at: [ 1406.920890][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1406.926049][T27059] get_compat_msghdr+0x108/0x2c0 [ 1406.931184][T27059] do_recvmmsg+0x1063/0x2120 [ 1406.935817][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1406.940675][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1406.947460][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1406.952545][T27059] do_fast_syscall_32+0x34/0x70 [ 1406.957580][T27059] do_SYSENTER_32+0x1b/0x20 [ 1406.962128][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1406.968736][T27059] [ 1406.971071][T27059] Local variable msg_sys created at: [ 1406.976364][T27059] do_recvmmsg+0xc1/0x2120 [ 1406.980982][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1407.011169][T27063] not chained 1220000 origins [ 1407.015884][T27063] CPU: 0 PID: 27063 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1407.024688][T27063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1407.034772][T27063] Call Trace: [ 1407.038064][T27063] [ 1407.041009][T27063] dump_stack_lvl+0x1ff/0x28e [ 1407.045737][T27063] dump_stack+0x25/0x28 [ 1407.049931][T27063] kmsan_internal_chain_origin+0x7a/0x110 [ 1407.055706][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1407.061866][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1407.067036][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1407.072910][T27063] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1407.078515][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1407.083681][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1407.089546][T27063] ? should_fail+0x75/0x9c0 [ 1407.094099][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1407.099267][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1407.105575][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1407.111696][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1407.116860][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1407.122723][T27063] __msan_chain_origin+0xbf/0x140 [ 1407.127808][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.132991][T27063] get_compat_msghdr+0x108/0x2c0 [ 1407.137980][T27063] ? __sys_recvmmsg+0x51c/0x6f0 [ 1407.142870][T27063] do_recvmmsg+0x1063/0x2120 [ 1407.147510][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1407.153389][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1407.158552][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1407.164852][T27063] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.171414][T27063] __sys_recvmmsg+0x51c/0x6f0 12:56:21 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600), 0x0, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:21 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001140)={0x1, &(0x7f0000001100)=[{0x16}]}) [ 1407.176146][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.182536][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1407.187609][T27063] do_fast_syscall_32+0x34/0x70 [ 1407.192502][T27063] do_SYSENTER_32+0x1b/0x20 [ 1407.197055][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.200324][T27059] not chained 1230000 origins [ 1407.203432][T27063] RIP: 0023:0xf6e70549 [ 1407.203466][T27063] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1407.203513][T27063] RSP: 002b:00000000f59e65fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1407.240236][T27063] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1407.248224][T27063] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1407.256209][T27063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1407.264191][T27063] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1407.272174][T27063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1407.280174][T27063] [ 1407.283198][T27059] CPU: 1 PID: 27059 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1407.285640][T27063] Uninit was stored to memory at: [ 1407.291992][T27059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1407.292019][T27059] Call Trace: [ 1407.292033][T27059] [ 1407.292048][T27059] dump_stack_lvl+0x1ff/0x28e [ 1407.292108][T27059] dump_stack+0x25/0x28 [ 1407.292152][T27059] kmsan_internal_chain_origin+0x7a/0x110 [ 1407.292218][T27059] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1407.292280][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1407.292340][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1407.292409][T27059] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1407.292471][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1407.292529][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1407.292597][T27059] ? should_fail+0x75/0x9c0 [ 1407.292655][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1407.292715][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1407.292780][T27059] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1407.292853][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1407.292912][T27059] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1407.292975][T27059] __msan_chain_origin+0xbf/0x140 [ 1407.293033][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.293107][T27059] get_compat_msghdr+0x108/0x2c0 [ 1407.293164][T27059] ? __sys_recvmmsg+0x51c/0x6f0 [ 1407.293211][T27059] do_recvmmsg+0x1063/0x2120 [ 1407.293272][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1407.298436][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.308344][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1407.308413][T27059] ? kmsan_get_metadata+0xa4/0x120 [ 1407.311717][T27063] get_compat_msghdr+0x108/0x2c0 [ 1407.314645][T27059] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1407.319402][T27063] do_recvmmsg+0x1063/0x2120 [ 1407.323448][T27059] ? fput+0x82/0x320 [ 1407.329242][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1407.335208][T27059] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.340418][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.346128][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1407.351756][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1407.356774][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.356855][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1407.362628][T27063] do_fast_syscall_32+0x34/0x70 [ 1407.367117][T27059] do_fast_syscall_32+0x34/0x70 [ 1407.367172][T27059] do_SYSENTER_32+0x1b/0x20 [ 1407.367224][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.372322][T27063] do_SYSENTER_32+0x1b/0x20 [ 1407.378526][T27059] RIP: 0023:0xf6e70549 [ 1407.378561][T27059] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1407.378608][T27059] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1407.384685][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.389778][T27059] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1407.389814][T27059] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1407.389849][T27059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1407.389880][T27059] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1407.395664][T27063] [ 1407.395672][T27063] Uninit was stored to memory at: [ 1407.400669][T27059] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1407.400714][T27059] [ 1407.400819][T27059] Uninit was stored to memory at: [ 1407.405917][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.410917][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.415717][T27063] get_compat_msghdr+0x108/0x2c0 [ 1407.420362][T27059] get_compat_msghdr+0x108/0x2c0 [ 1407.425480][T27063] do_recvmmsg+0x1063/0x2120 [ 1407.430646][T27059] do_recvmmsg+0x1063/0x2120 [ 1407.436960][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1407.442056][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1407.447506][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.453705][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.458418][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1407.462272][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1407.467024][T27063] do_fast_syscall_32+0x34/0x70 [ 1407.473485][T27059] do_fast_syscall_32+0x34/0x70 [ 1407.479887][T27063] do_SYSENTER_32+0x1b/0x20 [ 1407.484534][T27059] do_SYSENTER_32+0x1b/0x20 [ 1407.484581][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.489694][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.495983][T27059] [ 1407.495991][T27059] Uninit was stored to memory at: [ 1407.501080][T27063] [ 1407.505950][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.510817][T27063] Uninit was stored to memory at: [ 1407.515284][T27059] get_compat_msghdr+0x108/0x2c0 [ 1407.521744][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.526151][T27059] do_recvmmsg+0x1063/0x2120 [ 1407.530319][T27063] get_compat_msghdr+0x108/0x2c0 [ 1407.549960][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1407.550003][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.558486][T27063] do_recvmmsg+0x1063/0x2120 [ 1407.564777][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1407.572832][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1407.580841][T27059] do_fast_syscall_32+0x34/0x70 [ 1407.588896][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.596926][T27059] do_SYSENTER_32+0x1b/0x20 [ 1407.599270][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1407.604274][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.612326][T27063] do_fast_syscall_32+0x34/0x70 [ 1407.612381][T27063] do_SYSENTER_32+0x1b/0x20 [ 1407.612428][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.615437][T27059] [ 1407.615446][T27059] Uninit was stored to memory at: [ 1407.620558][T27063] [ 1407.625687][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.630814][T27063] Uninit was stored to memory at: [ 1407.635712][T27059] get_compat_msghdr+0x108/0x2c0 [ 1407.640785][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.645276][T27059] do_recvmmsg+0x1063/0x2120 [ 1407.649925][T27063] get_compat_msghdr+0x108/0x2c0 [ 1407.654579][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1407.659352][T27063] do_recvmmsg+0x1063/0x2120 [ 1407.665632][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.672037][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1407.677083][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1407.682099][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.687001][T27059] do_fast_syscall_32+0x34/0x70 [ 1407.691855][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1407.696361][T27059] do_SYSENTER_32+0x1b/0x20 [ 1407.700944][T27063] do_fast_syscall_32+0x34/0x70 [ 1407.707295][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.713614][T27063] do_SYSENTER_32+0x1b/0x20 [ 1407.715933][T27059] [ 1407.715941][T27059] Uninit was stored to memory at: [ 1407.721034][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.723381][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.728492][T27063] [ 1407.728500][T27063] Uninit was stored to memory at: [ 1407.733495][T27059] get_compat_msghdr+0x108/0x2c0 [ 1407.738579][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.743589][T27059] do_recvmmsg+0x1063/0x2120 [ 1407.748252][T27063] get_compat_msghdr+0x108/0x2c0 [ 1407.753148][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1407.757897][T27063] do_recvmmsg+0x1063/0x2120 [ 1407.764186][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.768853][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1407.773862][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1407.778616][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.783434][T27059] do_fast_syscall_32+0x34/0x70 [ 1407.789860][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1407.794368][T27059] do_SYSENTER_32+0x1b/0x20 [ 1407.799482][T27063] do_fast_syscall_32+0x34/0x70 [ 1407.805764][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.810690][T27063] do_SYSENTER_32+0x1b/0x20 [ 1407.815151][T27059] [ 1407.815161][T27059] Uninit was stored to memory at: [ 1407.821563][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.823927][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.828944][T27063] [ 1407.828953][T27063] Uninit was stored to memory at: [ 1407.831254][T27059] get_compat_msghdr+0x108/0x2c0 [ 1407.836405][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.841427][T27059] do_recvmmsg+0x1063/0x2120 [ 1407.841470][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1407.846401][T27063] get_compat_msghdr+0x108/0x2c0 [ 1407.851577][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.856167][T27063] do_recvmmsg+0x1063/0x2120 [ 1407.861160][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1407.865842][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1407.870493][T27059] do_fast_syscall_32+0x34/0x70 [ 1407.876892][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.881555][T27059] do_SYSENTER_32+0x1b/0x20 [ 1407.886648][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1407.893031][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.897957][T27063] do_fast_syscall_32+0x34/0x70 [ 1407.902961][T27059] [ 1407.902970][T27059] Uninit was stored to memory at: [ 1407.907540][T27063] do_SYSENTER_32+0x1b/0x20 [ 1407.912411][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.918759][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.923225][T27059] get_compat_msghdr+0x108/0x2c0 [ 1407.925539][T27063] [ 1407.925548][T27063] Uninit was stored to memory at: [ 1407.930620][T27059] do_recvmmsg+0x1063/0x2120 [ 1407.937080][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1407.942114][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1407.944715][T27063] get_compat_msghdr+0x108/0x2c0 [ 1407.949795][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.954762][T27063] do_recvmmsg+0x1063/0x2120 [ 1407.959931][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1407.964524][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1407.969521][T27059] do_fast_syscall_32+0x34/0x70 [ 1407.974206][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1407.978884][T27059] do_SYSENTER_32+0x1b/0x20 [ 1407.985208][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1407.989956][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1407.994977][T27063] do_fast_syscall_32+0x34/0x70 [ 1408.001361][T27059] [ 1408.001370][T27059] Uninit was stored to memory at: [ 1408.001442][T27059] __get_compat_msghdr+0x6e1/0x9d0 [ 1408.006214][T27063] do_SYSENTER_32+0x1b/0x20 [ 1408.011325][T27059] get_compat_msghdr+0x108/0x2c0 [ 1408.015834][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1408.020737][T27059] do_recvmmsg+0x1063/0x2120 [ 1408.020780][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1408.027144][T27063] [ 1408.027155][T27063] Local variable msg_sys created at: [ 1408.031629][T27059] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1408.033943][T27063] do_recvmmsg+0xc1/0x2120 [ 1408.039022][T27059] __do_fast_syscall_32+0x96/0xf0 [ 1408.045358][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1408.050533][T27059] do_fast_syscall_32+0x34/0x70 [ 1408.313929][T27059] do_SYSENTER_32+0x1b/0x20 [ 1408.318685][T27059] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1408.325062][T27059] [ 1408.327546][T27059] Local variable msg_sys created at: [ 1408.332841][T27059] do_recvmmsg+0xc1/0x2120 [ 1408.337384][T27059] __sys_recvmmsg+0x51c/0x6f0 [ 1408.393311][ T24] audit: type=1326 audit(1639140982.462:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=27108 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6e93549 code=0x0 [ 1409.008213][T27063] not chained 1240000 origins [ 1409.016286][T27063] CPU: 1 PID: 27063 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1409.025103][T27063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1409.035184][T27063] Call Trace: [ 1409.038479][T27063] [ 1409.041426][T27063] dump_stack_lvl+0x1ff/0x28e [ 1409.046151][T27063] dump_stack+0x25/0x28 [ 1409.050340][T27063] kmsan_internal_chain_origin+0x7a/0x110 [ 1409.056115][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1409.062231][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1409.067395][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1409.073254][T27063] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1409.078859][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1409.084017][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1409.089876][T27063] ? should_fail+0x75/0x9c0 [ 1409.094431][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1409.099591][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1409.105882][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1409.111999][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1409.117157][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1409.123019][T27063] __msan_chain_origin+0xbf/0x140 [ 1409.128090][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1409.133262][T27063] get_compat_msghdr+0x108/0x2c0 [ 1409.138247][T27063] ? __sys_recvmmsg+0x51c/0x6f0 [ 1409.143134][T27063] do_recvmmsg+0x1063/0x2120 [ 1409.147773][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1409.153651][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1409.158809][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1409.165108][T27063] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1409.171659][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1409.176382][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1409.182765][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1409.187839][T27063] do_fast_syscall_32+0x34/0x70 [ 1409.192738][T27063] do_SYSENTER_32+0x1b/0x20 [ 1409.197276][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1409.203648][T27063] RIP: 0023:0xf6e70549 [ 1409.207735][T27063] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1409.227380][T27063] RSP: 002b:00000000f59e65fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1409.235825][T27063] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1409.243825][T27063] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1409.251821][T27063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1409.259813][T27063] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1409.267808][T27063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1409.275814][T27063] [ 1409.279506][T27063] Uninit was stored to memory at: [ 1409.284603][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1409.289858][T27063] get_compat_msghdr+0x108/0x2c0 [ 1409.294840][T27063] do_recvmmsg+0x1063/0x2120 [ 1409.299548][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1409.304262][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1409.310744][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1409.315815][T27063] do_fast_syscall_32+0x34/0x70 [ 1409.320808][T27063] do_SYSENTER_32+0x1b/0x20 [ 1409.325360][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1409.331828][T27063] [ 1409.334165][T27063] Uninit was stored to memory at: [ 1409.339340][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1409.344495][T27063] get_compat_msghdr+0x108/0x2c0 [ 1409.349563][T27063] do_recvmmsg+0x1063/0x2120 [ 1409.354185][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1409.358980][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1409.365362][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1409.370520][T27063] do_fast_syscall_32+0x34/0x70 [ 1409.375416][T27063] do_SYSENTER_32+0x1b/0x20 [ 1409.380047][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1409.386424][T27063] [ 1409.388838][T27063] Uninit was stored to memory at: [ 1409.393933][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1409.399172][T27063] get_compat_msghdr+0x108/0x2c0 [ 1409.404154][T27063] do_recvmmsg+0x1063/0x2120 [ 1409.408867][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1409.413579][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1409.420042][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1409.425108][T27063] do_fast_syscall_32+0x34/0x70 [ 1409.430089][T27063] do_SYSENTER_32+0x1b/0x20 [ 1409.434634][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1409.441096][T27063] [ 1409.443428][T27063] Uninit was stored to memory at: [ 1409.448601][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1409.453762][T27063] get_compat_msghdr+0x108/0x2c0 [ 1409.458828][T27063] do_recvmmsg+0x1063/0x2120 [ 1409.463455][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1409.468257][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1409.474636][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1409.479778][T27063] do_fast_syscall_32+0x34/0x70 [ 1409.484674][T27063] do_SYSENTER_32+0x1b/0x20 [ 1409.489376][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1409.495753][T27063] [ 1409.498231][T27063] Uninit was stored to memory at: [ 1409.503323][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1409.508631][T27063] get_compat_msghdr+0x108/0x2c0 [ 1409.513616][T27063] do_recvmmsg+0x1063/0x2120 [ 1409.518387][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1409.523100][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1409.529638][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1409.534709][T27063] do_fast_syscall_32+0x34/0x70 [ 1409.539750][T27063] do_SYSENTER_32+0x1b/0x20 [ 1409.544295][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1409.550817][T27063] [ 1409.553151][T27063] Uninit was stored to memory at: [ 1409.558392][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1409.563548][T27063] get_compat_msghdr+0x108/0x2c0 [ 1409.568686][T27063] do_recvmmsg+0x1063/0x2120 [ 1409.573313][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1409.578106][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1409.584487][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1409.589697][T27063] do_fast_syscall_32+0x34/0x70 [ 1409.594590][T27063] do_SYSENTER_32+0x1b/0x20 [ 1409.599221][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1409.605719][T27063] [ 1409.608134][T27063] Uninit was stored to memory at: [ 1409.613226][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1409.618523][T27063] get_compat_msghdr+0x108/0x2c0 [ 1409.623501][T27063] do_recvmmsg+0x1063/0x2120 [ 1409.628208][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1409.632918][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1409.639383][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1409.644450][T27063] do_fast_syscall_32+0x34/0x70 [ 1409.649495][T27063] do_SYSENTER_32+0x1b/0x20 [ 1409.654039][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1409.660557][T27063] [ 1409.662890][T27063] Local variable msg_sys created at: [ 1409.668397][T27063] do_recvmmsg+0xc1/0x2120 [ 1409.672848][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1410.067479][T27113] loop0: detected capacity change from 0 to 264192 [ 1410.134797][T27063] not chained 1250000 origins [ 1410.143115][T27063] CPU: 1 PID: 27063 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1410.151926][T27063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1410.162008][T27063] Call Trace: [ 1410.165304][T27063] [ 1410.168254][T27063] dump_stack_lvl+0x1ff/0x28e [ 1410.172984][T27063] dump_stack+0x25/0x28 [ 1410.177177][T27063] kmsan_internal_chain_origin+0x7a/0x110 [ 1410.182957][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1410.189081][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1410.194245][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1410.200115][T27063] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1410.205721][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1410.210884][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1410.216753][T27063] ? should_fail+0x75/0x9c0 [ 1410.221316][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1410.226487][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1410.232789][T27063] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1410.238925][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1410.244086][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1410.249956][T27063] __msan_chain_origin+0xbf/0x140 [ 1410.255033][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1410.260218][T27063] get_compat_msghdr+0x108/0x2c0 [ 1410.265209][T27063] ? __sys_recvmmsg+0x51c/0x6f0 [ 1410.270102][T27063] do_recvmmsg+0x1063/0x2120 [ 1410.274748][T27063] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1410.280635][T27063] ? kmsan_get_metadata+0xa4/0x120 [ 1410.285804][T27063] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1410.292135][T27063] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1410.298696][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1410.303426][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1410.309821][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1410.314905][T27063] do_fast_syscall_32+0x34/0x70 [ 1410.319811][T27063] do_SYSENTER_32+0x1b/0x20 [ 1410.324362][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1410.330740][T27063] RIP: 0023:0xf6e70549 [ 1410.334849][T27063] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1410.354507][T27063] RSP: 002b:00000000f59e65fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1410.362962][T27063] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1410.370963][T27063] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1410.378961][T27063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1410.386976][T27063] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1410.394974][T27063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1410.402991][T27063] [ 1410.410184][T27063] Uninit was stored to memory at: [ 1410.415299][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1410.423636][T27063] get_compat_msghdr+0x108/0x2c0 [ 1410.428718][T27063] do_recvmmsg+0x1063/0x2120 [ 1410.433346][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1410.438139][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1410.444547][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1410.449771][T27063] do_fast_syscall_32+0x34/0x70 [ 1410.454676][T27063] do_SYSENTER_32+0x1b/0x20 [ 1410.459312][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1410.465689][T27063] [ 1410.468108][T27063] Uninit was stored to memory at: [ 1410.473200][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1410.478434][T27063] get_compat_msghdr+0x108/0x2c0 [ 1410.483430][T27063] do_recvmmsg+0x1063/0x2120 [ 1410.488136][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1410.492842][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1410.499311][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1410.504387][T27063] do_fast_syscall_32+0x34/0x70 [ 1410.509366][T27063] do_SYSENTER_32+0x1b/0x20 [ 1410.513910][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1410.520366][T27063] [ 1410.522697][T27063] Uninit was stored to memory at: [ 1410.527875][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1410.533028][T27063] get_compat_msghdr+0x108/0x2c0 [ 1410.538092][T27063] do_recvmmsg+0x1063/0x2120 [ 1410.542718][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1410.547523][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1410.553905][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1410.559067][T27063] do_fast_syscall_32+0x34/0x70 [ 1410.563958][T27063] do_SYSENTER_32+0x1b/0x20 [ 1410.568583][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1410.574978][T27063] [ 1410.577389][T27063] Uninit was stored to memory at: [ 1410.582485][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1410.587718][T27063] get_compat_msghdr+0x108/0x2c0 [ 1410.592701][T27063] do_recvmmsg+0x1063/0x2120 [ 1410.597405][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1410.602120][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1410.608589][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1410.613661][T27063] do_fast_syscall_32+0x34/0x70 [ 1410.618636][T27063] do_SYSENTER_32+0x1b/0x20 [ 1410.623177][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1410.629631][T27063] [ 1410.631966][T27063] Uninit was stored to memory at: [ 1410.637135][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1410.642294][T27063] get_compat_msghdr+0x108/0x2c0 [ 1410.647365][T27063] do_recvmmsg+0x1063/0x2120 [ 1410.651992][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1410.656700][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1410.663180][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1410.668374][T27063] do_fast_syscall_32+0x34/0x70 [ 1410.673269][T27063] do_SYSENTER_32+0x1b/0x20 [ 1410.677900][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1410.684272][T27063] [ 1410.686624][T27063] Uninit was stored to memory at: [ 1410.691792][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1410.697026][T27063] get_compat_msghdr+0x108/0x2c0 [ 1410.702029][T27063] do_recvmmsg+0x1063/0x2120 [ 1410.706662][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1410.711466][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1410.717939][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1410.723006][T27063] do_fast_syscall_32+0x34/0x70 [ 1410.727977][T27063] do_SYSENTER_32+0x1b/0x20 [ 1410.732518][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1410.738973][T27063] [ 1410.741306][T27063] Uninit was stored to memory at: [ 1410.746645][T27063] __get_compat_msghdr+0x6e1/0x9d0 [ 1410.751887][T27063] get_compat_msghdr+0x108/0x2c0 [ 1410.756949][T27063] do_recvmmsg+0x1063/0x2120 [ 1410.761579][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1410.766293][T27063] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1410.772759][T27063] __do_fast_syscall_32+0x96/0xf0 [ 1410.777920][T27063] do_fast_syscall_32+0x34/0x70 [ 1410.782818][T27063] do_SYSENTER_32+0x1b/0x20 [ 1410.787503][T27063] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1410.793881][T27063] [ 1410.796214][T27063] Local variable msg_sys created at: [ 1410.801660][T27063] do_recvmmsg+0xc1/0x2120 [ 1410.806112][T27063] __sys_recvmmsg+0x51c/0x6f0 [ 1410.842009][T27113] EXT4-fs: failed to create workqueue [ 1410.847749][T27113] EXT4-fs (loop0): mount failed 12:56:25 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) connect(r0, &(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @private0}, 0x80) sendmsg$inet6(r0, &(0x7f0000001300)={0x0, 0x0, 0x0}, 0x0) 12:56:25 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:25 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:25 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f00000002c0)={0x0, @in={0x2, 0x0, @remote}, @qipcrtr={0x2, 0xffffffff}, @ax25={0x3, @null}, 0x104}) 12:56:25 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x7, 0x1b790, 0xff, 0x0, 0x1}, 0x40) 12:56:25 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 12:56:25 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:25 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:25 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x7, 0x2, 0xffffffe, 0x0, 0x1}, 0x40) 12:56:25 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001140)={0x2, &(0x7f0000001100)=[{}, {0x34}]}) 12:56:26 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf465", 0xf, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:26 executing program 1: bpf$MAP_UPDATE_ELEM(0x10, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000000), 0x0}, 0x20) 12:56:26 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:26 executing program 4: syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@generic={0x0, 0x2}, @timestamp_addr={0x44, 0x14, 0x0, 0x1, 0x0, [{@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:26 executing program 2: bpf$MAP_UPDATE_ELEM(0x16, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0}, 0x20) 12:56:26 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001140)={0x2, &(0x7f0000001100)=[{0x35}, {}]}) 12:56:26 executing program 5: r0 = socket(0x840000000002, 0x3, 0x9) getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0xffffffffffff0166) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240)=[{{0x0, 0xffffff7f, 0x0, 0x0, 0x0, 0x0, 0x6}}], 0x300, 0x14) 12:56:26 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:26 executing program 1: bpf$MAP_UPDATE_ELEM(0x22, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0}, 0x20) 12:56:26 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:26 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001140)={0x2, &(0x7f0000001100)=[{}, {0x16}]}) 12:56:27 executing program 1: io_setup(0x3fd, &(0x7f00000002c0)=0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) io_submit(r0, 0x1, &(0x7f00000008c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000040)="e4", 0x1}]) [ 1413.384060][ T24] audit: type=1326 audit(1639140987.452:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=27158 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6e70549 code=0x0 [ 1414.211746][T27169] loop0: detected capacity change from 0 to 264192 [ 1414.266402][T27169] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1414.290447][T27169] EXT4-fs (loop0): get root inode failed [ 1414.296412][T27169] EXT4-fs (loop0): mount failed 12:56:28 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf465", 0xf, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:28 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:28 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:28 executing program 2: pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x7, 0x2, 0xff, 0x1, 0x1, 0x1, '\x00', 0x0, r0, 0x0, 0x4}, 0x40) 12:56:28 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f00000001c0)={0x2, @ethernet, @ethernet={0x0, @link_local}, @generic={0x0, "70833696a996e5f03281b6c13c89"}, 0x0, 0x0, 0x0, 0x1000000}) 12:56:28 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001140)={0x2, &(0x7f0000001100)=[{}, {0x64}]}) 12:56:28 executing program 4: syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xf1, 0x0, 0x4000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback=0xac1414aa, @local, {[@timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1=0xe0000021}, {@private}, {@empty}]}, @cipso={0x86, 0x1f, 0x0, [{0x0, 0x12, "c41a1fe2ed7e6f6f0f652f80db5cf41c"}, {0x0, 0x7, "3cccab0ef9"}]}]}}}}}}}, 0x0) 12:56:28 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x5, 0x7, 0x2, 0xff, 0x0, 0x1}, 0x40) 12:56:28 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:28 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCDELRT(r0, 0x891c, &(0x7f0000000240)={0x0, @l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x10}, 0x3}, @l2={0x1f, 0x85, @none, 0x2, 0x2}, @generic={0x28, "9a52e4a66f4b5dda673c12b19174"}, 0x2, 0x0, 0x0, 0x0, 0xfffd}) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x2, @in={0x2, 0x4e24, @remote}, @isdn={0x22, 0x5, 0x7f, 0x7, 0x9}, @ax25={0x3, @null, 0x8}, 0x4, 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000000)='veth0\x00', 0xd654, 0x2, 0xf6e5}) 12:56:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001140)={0x2, &(0x7f0000001100)=[{0x20}, {0x6}]}) 12:56:29 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000000c0)=@newtfilter={0x24}, 0x24}}, 0x0) [ 1415.689870][ T24] audit: type=1326 audit(1639140989.762:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=27203 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6e9f549 code=0x0 [ 1416.096173][T27210] loop0: detected capacity change from 0 to 264192 [ 1416.145182][T27210] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1416.168818][T27210] EXT4-fs (loop0): get root inode failed [ 1416.174661][T27210] EXT4-fs (loop0): mount failed 12:56:30 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x12, &(0x7f0000000500), 0x4) 12:56:30 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf465", 0xf, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:30 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @in={0x2, 0x0, @remote}, @in={0x2, 0x0, @local}, @ax25={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, 0x4, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='veth0\x00'}) 12:56:30 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:30 executing program 5: setregid(0xee00, 0xee01) setregid(0xee01, 0xee00) 12:56:30 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) recvmsg(r0, &(0x7f0000005580)={0x0, 0x0, 0x0}, 0x0) 12:56:30 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x5, 0x7, 0xee02, 0xff, 0x0, 0x1}, 0x40) 12:56:30 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @in={0x2, 0x0, @remote}, @generic={0x0, "68eeb452707859446cbc8a542495"}, @ax25={0x3, @null}, 0x6}) 12:56:30 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @in={0x2, 0x0, @empty}, @isdn={0x22, 0x0, 0x3, 0x4}, @nfc={0x27, 0x1, 0x2, 0x1}, 0x4, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='veth0\x00'}) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x0) write$vga_arbiter(r1, 0x0, 0x0) ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x8902, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f00000001c0)={'syztnl2\x00', r3, 0x29, 0x0, 0x0, 0x4, 0x40, @dev={0xfe, 0x80, '\x00', 0x33}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1c}}, 0x8000, 0x8, 0x4a, 0x10000}}) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r1, 0x89f9, &(0x7f0000000140)={'ip6gre0\x00', &(0x7f00000000c0)={'syztnl1\x00', r3, 0x4, 0x5, 0x9, 0xbc, 0x22, @private1={0xfc, 0x1, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x700, 0x1000, 0x8}}) 12:56:30 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x0) write$vga_arbiter(r1, 0x0, 0x0) ioctl$EVIOCGBITKEY(r1, 0x80404521, &(0x7f00000000c0)=""/137) ioctl$sock_SIOCDELRT(r0, 0x891c, &(0x7f0000000240)={0x0, @l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x10}, 0x3}, @rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1}, @nfc={0x27, 0x0, 0x0, 0x3}, 0x2, 0x0, 0x0, 0x0, 0xfffd}) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @in={0x2, 0x4e24, @remote}, @isdn={0x22, 0x5, 0x82, 0x7, 0x9}, @ax25={0x3, @null, 0x8}, 0x4, 0x0, 0x0, 0x0, 0x8001, &(0x7f0000000000)='bridge_slave_1\x00', 0xd654, 0x2, 0xf6e5}) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x0) ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000480)={0x0, @tipc=@name={0x1e, 0x2, 0x2, {{0x0, 0x1}}}, @sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, @generic={0x25, "d0abe5dc58698279de2289f4f20f"}, 0x6, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000340)='veth1_to_bond\x00', 0xd0d, 0x7}) write$vga_arbiter(r2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_SET_SERVICE(r3, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042dbd7000fedbe0250200000008000600b10a00000800040000000000080004000300000008000600010000800800050008000000f63ca762ebdad0d54b6d376b28b447de165166794627d8896fa684b393bb78403d340f0f809fc38f795da6f80cff25a871162e"], 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000084) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r2, 0x89f6, &(0x7f00000002c0)={'syztnl2\x00', &(0x7f00000001c0)={'sit0\x00', 0x0, 0x2f, 0x0, 0x5, 0x8, 0x2, @ipv4={'\x00', '\xff\xff', @multicast2}, @mcast1, 0x40, 0x10, 0x0, 0x7}}) 12:56:30 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:31 executing program 4: r0 = socket$tipc(0x1e, 0x2, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x40}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41}, 0x10) 12:56:31 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x5, 0x3f, 0x3400, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x80008}, 0x40) [ 1418.725288][T27257] loop0: detected capacity change from 0 to 264192 [ 1418.776624][T27257] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1418.815365][T27257] EXT4-fs (loop0): get root inode failed [ 1418.821460][T27257] EXT4-fs (loop0): mount failed 12:56:33 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f0000", 0x16, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:33 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x7, 0x250, 0xff, 0x0, 0x1}, 0x40) 12:56:33 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:33 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) shutdown(r0, 0x0) 12:56:33 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x7, 0x250, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x700}, 0x40) 12:56:33 executing program 1: bpf$MAP_UPDATE_ELEM(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0}, 0x20) 12:56:33 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, @in={0x2, 0x0, @dev}, @isdn={0x2, 0x0, 0x0, 0xe0}, @ax25={0x3, @null}, 0x7}) 12:56:33 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x7, 0x2, 0xff, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r0, &(0x7f0000000100), &(0x7f0000000140)=@tcp}, 0x20) 12:56:33 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x7, 0x2, 0xff, 0x4, 0x1}, 0x40) 12:56:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1419.624097][T27269] not chained 1260000 origins [ 1419.629249][T27269] CPU: 0 PID: 27269 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0 [ 1419.638058][T27269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1419.648133][T27269] Call Trace: [ 1419.651420][T27269] [ 1419.654359][T27269] dump_stack_lvl+0x1ff/0x28e [ 1419.659089][T27269] dump_stack+0x25/0x28 [ 1419.663283][T27269] kmsan_internal_chain_origin+0x7a/0x110 [ 1419.669062][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1419.674221][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1419.680081][T27269] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1419.685680][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1419.690838][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1419.696700][T27269] ? should_fail+0x75/0x9c0 [ 1419.701252][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1419.706413][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1419.712708][T27269] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1419.718826][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1419.723991][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1419.729850][T27269] __msan_chain_origin+0xbf/0x140 [ 1419.734923][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1419.740093][T27269] get_compat_msghdr+0x108/0x2c0 [ 1419.745076][T27269] ? __sys_recvmmsg+0x51c/0x6f0 [ 1419.749962][T27269] do_recvmmsg+0x1063/0x2120 [ 1419.754602][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1419.759766][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1419.765628][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1419.770787][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1419.777088][T27269] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1419.783645][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1419.788368][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1419.794758][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1419.799829][T27269] do_fast_syscall_32+0x34/0x70 [ 1419.804718][T27269] do_SYSENTER_32+0x1b/0x20 [ 1419.809259][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1419.815631][T27269] RIP: 0023:0xf6e9f549 [ 1419.819717][T27269] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1419.839365][T27269] RSP: 002b:00000000f5a995fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1419.847816][T27269] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1419.855810][T27269] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1419.863803][T27269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1419.871795][T27269] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1419.879787][T27269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1419.887797][T27269] [ 1419.893109][T27269] Uninit was stored to memory at: [ 1419.898499][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1419.903658][T27269] get_compat_msghdr+0x108/0x2c0 [ 1419.908765][T27269] do_recvmmsg+0x1063/0x2120 [ 1419.913398][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1419.918323][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1419.924717][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1419.929970][T27269] do_fast_syscall_32+0x34/0x70 [ 1419.934864][T27269] do_SYSENTER_32+0x1b/0x20 [ 1419.939573][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1419.945954][T27269] [ 1419.948451][T27269] Uninit was stored to memory at: [ 1419.953543][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1419.958867][T27269] get_compat_msghdr+0x108/0x2c0 [ 1419.963853][T27269] do_recvmmsg+0x1063/0x2120 [ 1419.968643][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1419.973357][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1419.979898][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1419.984973][T27269] do_fast_syscall_32+0x34/0x70 [ 1419.990038][T27269] do_SYSENTER_32+0x1b/0x20 [ 1419.994590][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1420.001126][T27269] [ 1420.003464][T27269] Uninit was stored to memory at: [ 1420.008702][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1420.013858][T27269] get_compat_msghdr+0x108/0x2c0 [ 1420.019031][T27269] do_recvmmsg+0x1063/0x2120 [ 1420.023658][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1420.028544][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1420.034929][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1420.040167][T27269] do_fast_syscall_32+0x34/0x70 [ 1420.045064][T27269] do_SYSENTER_32+0x1b/0x20 [ 1420.049762][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1420.056147][T27269] [ 1420.058589][T27269] Uninit was stored to memory at: [ 1420.063681][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1420.068941][T27269] get_compat_msghdr+0x108/0x2c0 [ 1420.073923][T27269] do_recvmmsg+0x1063/0x2120 [ 1420.078659][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1420.083376][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1420.089877][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1420.094947][T27269] do_fast_syscall_32+0x34/0x70 [ 1420.099947][T27269] do_SYSENTER_32+0x1b/0x20 [ 1420.104498][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1420.110981][T27269] [ 1420.113320][T27269] Uninit was stored to memory at: [ 1420.118501][T27269] __get_compat_msghdr+0x6e1/0x9d0 12:56:34 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001140)={0x2, &(0x7f0000001100)=[{0x2d}, {}]}) [ 1420.123662][T27269] get_compat_msghdr+0x108/0x2c0 [ 1420.128760][T27269] do_recvmmsg+0x1063/0x2120 [ 1420.133384][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1420.138212][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1420.144606][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1420.149856][T27269] do_fast_syscall_32+0x34/0x70 [ 1420.154751][T27269] do_SYSENTER_32+0x1b/0x20 [ 1420.159479][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1420.165866][T27269] [ 1420.168383][T27269] Uninit was stored to memory at: 12:56:34 executing program 4: r0 = socket(0x840000000002, 0x3, 0x9) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0xffffffffffff0166) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r1, &(0x7f00000000c0)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240)=[{{0x0, 0xffffff7f, 0x0, 0x0, 0x0, 0x0, 0x6}}], 0x300, 0xff02) [ 1420.173480][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1420.178797][T27269] get_compat_msghdr+0x108/0x2c0 [ 1420.183790][T27269] do_recvmmsg+0x1063/0x2120 [ 1420.188638][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1420.193353][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1420.199912][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1420.204987][T27269] do_fast_syscall_32+0x34/0x70 [ 1420.210055][T27269] do_SYSENTER_32+0x1b/0x20 [ 1420.214606][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1420.221156][T27269] [ 1420.223491][T27269] Uninit was stored to memory at: [ 1420.228729][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1420.233885][T27269] get_compat_msghdr+0x108/0x2c0 [ 1420.238972][T27269] do_recvmmsg+0x1063/0x2120 [ 1420.243597][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1420.248421][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1420.254803][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1420.259986][T27269] do_fast_syscall_32+0x34/0x70 [ 1420.264878][T27269] do_SYSENTER_32+0x1b/0x20 [ 1420.269533][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1420.275909][T27269] [ 1420.278354][T27269] Local variable msg_sys created at: [ 1420.283654][T27269] do_recvmmsg+0xc1/0x2120 [ 1420.288216][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1421.086164][T27269] not chained 1270000 origins [ 1421.091473][T27269] CPU: 1 PID: 27269 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0 [ 1421.100280][T27269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1421.110359][T27269] Call Trace: [ 1421.113664][T27269] [ 1421.116609][T27269] dump_stack_lvl+0x1ff/0x28e [ 1421.121340][T27269] dump_stack+0x25/0x28 [ 1421.125543][T27269] kmsan_internal_chain_origin+0x7a/0x110 [ 1421.131322][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1421.136500][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1421.142370][T27269] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1421.147989][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1421.153157][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1421.159025][T27269] ? should_fail+0x75/0x9c0 [ 1421.163585][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1421.168755][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1421.175055][T27269] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1421.181178][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1421.186340][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1421.192202][T27269] __msan_chain_origin+0xbf/0x140 [ 1421.197272][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1421.202444][T27269] get_compat_msghdr+0x108/0x2c0 [ 1421.207428][T27269] ? __sys_recvmmsg+0x51c/0x6f0 [ 1421.212311][T27269] do_recvmmsg+0x1063/0x2120 [ 1421.216947][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1421.222110][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1421.227967][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1421.233123][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1421.239420][T27269] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1421.245975][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1421.250696][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1421.257079][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1421.262141][T27269] do_fast_syscall_32+0x34/0x70 [ 1421.267030][T27269] do_SYSENTER_32+0x1b/0x20 [ 1421.271567][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1421.277938][T27269] RIP: 0023:0xf6e9f549 [ 1421.282022][T27269] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1421.301666][T27269] RSP: 002b:00000000f5a995fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1421.310110][T27269] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1421.318104][T27269] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1421.326092][T27269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1421.334083][T27269] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1421.342072][T27269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1421.350074][T27269] [ 1421.357723][T27269] Uninit was stored to memory at: [ 1421.362835][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1421.369699][T27269] get_compat_msghdr+0x108/0x2c0 [ 1421.374698][T27269] do_recvmmsg+0x1063/0x2120 [ 1421.379421][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1421.384135][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1421.390606][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1421.395675][T27269] do_fast_syscall_32+0x34/0x70 [ 1421.400653][T27269] do_SYSENTER_32+0x1b/0x20 [ 1421.405193][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1421.411655][T27269] [ 1421.413988][T27269] Uninit was stored to memory at: [ 1421.419153][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1421.424311][T27269] get_compat_msghdr+0x108/0x2c0 [ 1421.429446][T27269] do_recvmmsg+0x1063/0x2120 [ 1421.434071][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1421.438926][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1421.445307][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1421.450526][T27269] do_fast_syscall_32+0x34/0x70 [ 1421.455419][T27269] do_SYSENTER_32+0x1b/0x20 [ 1421.460108][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1421.466484][T27269] [ 1421.468955][T27269] Uninit was stored to memory at: [ 1421.474042][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1421.479325][T27269] get_compat_msghdr+0x108/0x2c0 [ 1421.484316][T27269] do_recvmmsg+0x1063/0x2120 [ 1421.489091][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1421.493804][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1421.500324][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1421.505406][T27269] do_fast_syscall_32+0x34/0x70 [ 1421.510453][T27269] do_SYSENTER_32+0x1b/0x20 [ 1421.514999][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1421.521522][T27269] [ 1421.523854][T27269] Uninit was stored to memory at: [ 1421.529097][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1421.534253][T27269] get_compat_msghdr+0x108/0x2c0 [ 1421.539364][T27269] do_recvmmsg+0x1063/0x2120 [ 1421.543997][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1421.548841][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1421.555236][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1421.560456][T27269] do_fast_syscall_32+0x34/0x70 [ 1421.565351][T27269] do_SYSENTER_32+0x1b/0x20 [ 1421.570041][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1421.576420][T27269] [ 1421.578883][T27269] Uninit was stored to memory at: [ 1421.583987][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1421.589284][T27269] get_compat_msghdr+0x108/0x2c0 [ 1421.594273][T27269] do_recvmmsg+0x1063/0x2120 [ 1421.599047][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1421.603769][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1421.610346][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1421.615433][T27269] do_fast_syscall_32+0x34/0x70 [ 1421.620479][T27269] do_SYSENTER_32+0x1b/0x20 [ 1421.625034][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1421.631567][T27269] [ 1421.633894][T27269] Uninit was stored to memory at: [ 1421.639122][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1421.644277][T27269] get_compat_msghdr+0x108/0x2c0 [ 1421.649403][T27269] do_recvmmsg+0x1063/0x2120 [ 1421.654029][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1421.658893][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1421.665273][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1421.670489][T27269] do_fast_syscall_32+0x34/0x70 [ 1421.675381][T27269] do_SYSENTER_32+0x1b/0x20 [ 1421.680083][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1421.686459][T27269] [ 1421.688919][T27269] Uninit was stored to memory at: [ 1421.694007][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1421.699302][T27269] get_compat_msghdr+0x108/0x2c0 [ 1421.704288][T27269] do_recvmmsg+0x1063/0x2120 [ 1421.709069][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1421.713776][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1421.720239][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1421.725311][T27269] do_fast_syscall_32+0x34/0x70 [ 1421.730289][T27269] do_SYSENTER_32+0x1b/0x20 [ 1421.734835][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1421.741291][T27269] [ 1421.743623][T27269] Local variable msg_sys created at: [ 1421.749008][T27269] do_recvmmsg+0xc1/0x2120 [ 1421.753455][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1422.272317][T27294] not chained 1280000 origins [ 1422.277865][T27294] CPU: 0 PID: 27294 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1422.286674][T27294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1422.296752][T27294] Call Trace: [ 1422.300045][T27294] [ 1422.302991][T27294] dump_stack_lvl+0x1ff/0x28e [ 1422.307721][T27294] dump_stack+0x25/0x28 [ 1422.311920][T27294] kmsan_internal_chain_origin+0x7a/0x110 [ 1422.317700][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1422.323827][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1422.328996][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1422.334872][T27294] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1422.340483][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1422.345652][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1422.351527][T27294] ? should_fail+0x75/0x9c0 [ 1422.356088][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1422.361257][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1422.367565][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1422.373697][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1422.378865][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1422.384738][T27294] __msan_chain_origin+0xbf/0x140 [ 1422.389821][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1422.395014][T27294] get_compat_msghdr+0x108/0x2c0 [ 1422.400011][T27294] ? __sys_recvmmsg+0x51c/0x6f0 [ 1422.404911][T27294] do_recvmmsg+0x1063/0x2120 [ 1422.409561][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1422.414745][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1422.421046][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1422.426211][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1422.432512][T27294] ? fput+0x82/0x320 [ 1422.436461][T27294] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1422.443025][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1422.447755][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1422.454150][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1422.459230][T27294] do_fast_syscall_32+0x34/0x70 [ 1422.464129][T27294] do_SYSENTER_32+0x1b/0x20 [ 1422.468679][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1422.475059][T27294] RIP: 0023:0xf6ea0549 [ 1422.479156][T27294] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1422.498812][T27294] RSP: 002b:00000000f5a795fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1422.507274][T27294] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1422.515277][T27294] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1422.523279][T27294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1422.531277][T27294] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1422.539276][T27294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1422.547293][T27294] [ 1422.550664][T27294] Uninit was stored to memory at: [ 1422.555754][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1422.561100][T27294] get_compat_msghdr+0x108/0x2c0 [ 1422.566086][T27294] do_recvmmsg+0x1063/0x2120 [ 1422.570828][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1422.575547][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1422.582109][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1422.587311][T27294] do_fast_syscall_32+0x34/0x70 [ 1422.592207][T27294] do_SYSENTER_32+0x1b/0x20 [ 1422.596750][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1422.603306][T27294] [ 1422.605773][T27294] Uninit was stored to memory at: [ 1422.611073][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1422.616233][T27294] get_compat_msghdr+0x108/0x2c0 [ 1422.621396][T27294] do_recvmmsg+0x1063/0x2120 [ 1422.626023][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1422.630885][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1422.637852][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1422.642930][T27294] do_fast_syscall_32+0x34/0x70 [ 1422.648003][T27294] do_SYSENTER_32+0x1b/0x20 [ 1422.652550][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1422.659092][T27294] [ 1422.661426][T27294] Uninit was stored to memory at: [ 1422.666515][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1422.671845][T27294] get_compat_msghdr+0x108/0x2c0 [ 1422.676999][T27294] do_recvmmsg+0x1063/0x2120 [ 1422.681630][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1422.686340][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1422.692885][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1422.698105][T27294] do_fast_syscall_32+0x34/0x70 [ 1422.703003][T27294] do_SYSENTER_32+0x1b/0x20 [ 1422.707718][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1422.714095][T27294] [ 1422.716427][T27294] Uninit was stored to memory at: [ 1422.721691][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1422.726998][T27294] get_compat_msghdr+0x108/0x2c0 [ 1422.731987][T27294] do_recvmmsg+0x1063/0x2120 [ 1422.736613][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1422.741549][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1422.748085][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1422.753156][T27294] do_fast_syscall_32+0x34/0x70 [ 1422.758228][T27294] do_SYSENTER_32+0x1b/0x20 [ 1422.762778][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1422.769328][T27294] [ 1422.771665][T27294] Uninit was stored to memory at: [ 1422.776754][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1422.782098][T27294] get_compat_msghdr+0x108/0x2c0 [ 1422.787289][T27294] do_recvmmsg+0x1063/0x2120 [ 1422.791918][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1422.796630][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1422.803185][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1422.808403][T27294] do_fast_syscall_32+0x34/0x70 [ 1422.813300][T27294] do_SYSENTER_32+0x1b/0x20 [ 1422.818019][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1422.824398][T27294] [ 1422.826737][T27294] Uninit was stored to memory at: [ 1422.832005][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1422.837295][T27294] get_compat_msghdr+0x108/0x2c0 [ 1422.842279][T27294] do_recvmmsg+0x1063/0x2120 [ 1422.847058][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1422.851777][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1422.858327][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1422.863408][T27294] do_fast_syscall_32+0x34/0x70 [ 1422.868485][T27294] do_SYSENTER_32+0x1b/0x20 [ 1422.873036][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1422.879575][T27294] [ 1422.881911][T27294] Uninit was stored to memory at: [ 1422.887149][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1422.892309][T27294] get_compat_msghdr+0x108/0x2c0 [ 1422.897481][T27294] do_recvmmsg+0x1063/0x2120 [ 1422.902108][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1422.906984][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1422.913369][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1422.918623][T27294] do_fast_syscall_32+0x34/0x70 [ 1422.923520][T27294] do_SYSENTER_32+0x1b/0x20 [ 1422.928245][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1422.934625][T27294] [ 1422.937113][T27294] Local variable msg_sys created at: [ 1422.942420][T27294] do_recvmmsg+0xc1/0x2120 [ 1422.947058][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1423.044472][T27295] not chained 1290000 origins [ 1423.049518][T27295] CPU: 1 PID: 27295 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1423.058320][T27295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1423.068405][T27295] Call Trace: [ 1423.071701][T27295] [ 1423.074653][T27295] dump_stack_lvl+0x1ff/0x28e [ 1423.079388][T27295] dump_stack+0x25/0x28 [ 1423.083586][T27295] kmsan_internal_chain_origin+0x7a/0x110 [ 1423.089374][T27295] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1423.095506][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1423.100672][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1423.106543][T27295] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1423.112151][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1423.117325][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1423.123194][T27295] ? should_fail+0x75/0x9c0 [ 1423.127748][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1423.132919][T27295] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1423.139223][T27295] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1423.145349][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1423.150520][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1423.156391][T27295] __msan_chain_origin+0xbf/0x140 [ 1423.161476][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1423.166659][T27295] get_compat_msghdr+0x108/0x2c0 [ 1423.171651][T27295] ? __sys_recvmmsg+0x51c/0x6f0 [ 1423.176546][T27295] do_recvmmsg+0x1063/0x2120 [ 1423.181192][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1423.187075][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1423.192246][T27295] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1423.198554][T27295] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1423.205118][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1423.209847][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1423.216252][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1423.221329][T27295] do_fast_syscall_32+0x34/0x70 [ 1423.226233][T27295] do_SYSENTER_32+0x1b/0x20 [ 1423.230783][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1423.237160][T27295] RIP: 0023:0xf6ea0549 [ 1423.241251][T27295] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1423.260911][T27295] RSP: 002b:00000000f5a585fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1423.269366][T27295] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1423.277370][T27295] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1423.285369][T27295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1423.293372][T27295] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1423.301370][T27295] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1423.309383][T27295] [ 1423.316574][T27295] Uninit was stored to memory at: [ 1423.322305][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1423.327568][T27295] get_compat_msghdr+0x108/0x2c0 [ 1423.332556][T27295] do_recvmmsg+0x1063/0x2120 [ 1423.337270][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1423.341982][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1423.348446][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1423.353519][T27295] do_fast_syscall_32+0x34/0x70 [ 1423.358500][T27295] do_SYSENTER_32+0x1b/0x20 [ 1423.363044][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1423.369577][T27295] [ 1423.371918][T27295] Uninit was stored to memory at: [ 1423.377087][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1423.382240][T27295] get_compat_msghdr+0x108/0x2c0 [ 1423.387296][T27295] do_recvmmsg+0x1063/0x2120 [ 1423.391927][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1423.396643][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1423.403113][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1423.408266][T27295] do_fast_syscall_32+0x34/0x70 [ 1423.413164][T27295] do_SYSENTER_32+0x1b/0x20 [ 1423.417790][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1423.424170][T27295] [ 1423.426502][T27295] Uninit was stored to memory at: [ 1423.431679][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1423.436916][T27295] get_compat_msghdr+0x108/0x2c0 [ 1423.441908][T27295] do_recvmmsg+0x1063/0x2120 [ 1423.446542][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1423.451335][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1423.457803][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1423.462873][T27295] do_fast_syscall_32+0x34/0x70 [ 1423.467852][T27295] do_SYSENTER_32+0x1b/0x20 [ 1423.472401][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1423.478861][T27295] [ 1423.481196][T27295] Uninit was stored to memory at: [ 1423.486282][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1423.491532][T27295] get_compat_msghdr+0x108/0x2c0 [ 1423.496524][T27295] do_recvmmsg+0x1063/0x2120 [ 1423.501236][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1423.505950][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1423.512418][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1423.517577][T27295] do_fast_syscall_32+0x34/0x70 [ 1423.522468][T27295] do_SYSENTER_32+0x1b/0x20 [ 1423.527097][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1423.533472][T27295] [ 1423.535802][T27295] Uninit was stored to memory at: [ 1423.540978][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1423.546138][T27295] get_compat_msghdr+0x108/0x2c0 [ 1423.551201][T27295] do_recvmmsg+0x1063/0x2120 [ 1423.555824][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1423.560619][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1423.567082][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1423.572149][T27295] do_fast_syscall_32+0x34/0x70 [ 1423.577123][T27295] do_SYSENTER_32+0x1b/0x20 [ 1423.581667][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1423.588127][T27295] [ 1423.590459][T27295] Uninit was stored to memory at: [ 1423.595546][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1423.600793][T27295] get_compat_msghdr+0x108/0x2c0 [ 1423.605781][T27295] do_recvmmsg+0x1063/0x2120 [ 1423.610497][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1423.615210][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1423.621683][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1423.626756][T27295] do_fast_syscall_32+0x34/0x70 [ 1423.631748][T27295] do_SYSENTER_32+0x1b/0x20 [ 1423.636288][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1423.642749][T27295] [ 1423.645081][T27295] Uninit was stored to memory at: [ 1423.650248][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1423.655409][T27295] get_compat_msghdr+0x108/0x2c0 [ 1423.660481][T27295] do_recvmmsg+0x1063/0x2120 [ 1423.665107][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1423.669909][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1423.676292][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1423.681448][T27295] do_fast_syscall_32+0x34/0x70 [ 1423.686344][T27295] do_SYSENTER_32+0x1b/0x20 [ 1423.690980][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1423.697444][T27295] [ 1423.699775][T27295] Local variable msg_sys created at: [ 1423.705062][T27295] do_recvmmsg+0xc1/0x2120 [ 1423.709596][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1424.141207][T27294] not chained 1300000 origins [ 1424.145915][T27294] CPU: 1 PID: 27294 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1424.154713][T27294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1424.164792][T27294] Call Trace: [ 1424.168080][T27294] [ 1424.171026][T27294] dump_stack_lvl+0x1ff/0x28e [ 1424.175760][T27294] dump_stack+0x25/0x28 [ 1424.179955][T27294] kmsan_internal_chain_origin+0x7a/0x110 [ 1424.185737][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1424.191860][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1424.197031][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1424.202897][T27294] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1424.208506][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1424.213676][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1424.219544][T27294] ? should_fail+0x75/0x9c0 [ 1424.224106][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1424.229271][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1424.235570][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1424.241694][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1424.246857][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1424.252724][T27294] __msan_chain_origin+0xbf/0x140 [ 1424.257801][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1424.262978][T27294] get_compat_msghdr+0x108/0x2c0 [ 1424.267967][T27294] ? __sys_recvmmsg+0x51c/0x6f0 [ 1424.272855][T27294] do_recvmmsg+0x1063/0x2120 [ 1424.277506][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1424.282684][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1424.288980][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1424.294143][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1424.300443][T27294] ? fput+0x82/0x320 [ 1424.304389][T27294] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1424.310956][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1424.315686][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1424.322077][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1424.327150][T27294] do_fast_syscall_32+0x34/0x70 [ 1424.332046][T27294] do_SYSENTER_32+0x1b/0x20 [ 1424.336592][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1424.342974][T27294] RIP: 0023:0xf6ea0549 [ 1424.347065][T27294] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1424.366717][T27294] RSP: 002b:00000000f5a795fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1424.375170][T27294] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1424.383174][T27294] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1424.391173][T27294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1424.399171][T27294] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1424.407170][T27294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1424.415179][T27294] [ 1424.422009][T27294] Uninit was stored to memory at: [ 1424.427670][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1424.432831][T27294] get_compat_msghdr+0x108/0x2c0 [ 1424.437908][T27294] do_recvmmsg+0x1063/0x2120 [ 1424.442535][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1424.447333][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1424.453715][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1424.458862][T27294] do_fast_syscall_32+0x34/0x70 [ 1424.463759][T27294] do_SYSENTER_32+0x1b/0x20 [ 1424.468386][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1424.474782][T27294] [ 1424.477191][T27294] Uninit was stored to memory at: [ 1424.482279][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1424.487519][T27294] get_compat_msghdr+0x108/0x2c0 [ 1424.492505][T27294] do_recvmmsg+0x1063/0x2120 [ 1424.497197][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1424.501912][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1424.508422][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1424.513489][T27294] do_fast_syscall_32+0x34/0x70 [ 1424.518520][T27294] do_SYSENTER_32+0x1b/0x20 [ 1424.523066][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1424.529590][T27294] [ 1424.531931][T27294] Uninit was stored to memory at: [ 1424.537140][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1424.542296][T27294] get_compat_msghdr+0x108/0x2c0 [ 1424.547413][T27294] do_recvmmsg+0x1063/0x2120 [ 1424.552038][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1424.556743][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1424.563273][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1424.568474][T27294] do_fast_syscall_32+0x34/0x70 [ 1424.573366][T27294] do_SYSENTER_32+0x1b/0x20 [ 1424.578057][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1424.584439][T27294] [ 1424.586769][T27294] Uninit was stored to memory at: [ 1424.592005][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1424.597292][T27294] get_compat_msghdr+0x108/0x2c0 [ 1424.602274][T27294] do_recvmmsg+0x1063/0x2120 [ 1424.607028][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1424.611741][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1424.618264][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1424.623331][T27294] do_fast_syscall_32+0x34/0x70 [ 1424.628363][T27294] do_SYSENTER_32+0x1b/0x20 [ 1424.632913][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1424.639427][T27294] [ 1424.641757][T27294] Uninit was stored to memory at: [ 1424.646929][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1424.652088][T27294] get_compat_msghdr+0x108/0x2c0 [ 1424.657199][T27294] do_recvmmsg+0x1063/0x2120 [ 1424.661822][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1424.666528][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1424.673053][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1424.678249][T27294] do_fast_syscall_32+0x34/0x70 [ 1424.683143][T27294] do_SYSENTER_32+0x1b/0x20 [ 1424.687839][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1424.694225][T27294] [ 1424.696555][T27294] Uninit was stored to memory at: [ 1424.701785][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1424.707076][T27294] get_compat_msghdr+0x108/0x2c0 [ 1424.712063][T27294] do_recvmmsg+0x1063/0x2120 [ 1424.716688][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1424.721535][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1424.728059][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1424.733129][T27294] do_fast_syscall_32+0x34/0x70 [ 1424.738161][T27294] do_SYSENTER_32+0x1b/0x20 [ 1424.742708][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1424.749227][T27294] [ 1424.751557][T27294] Uninit was stored to memory at: [ 1424.756645][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1424.761959][T27294] get_compat_msghdr+0x108/0x2c0 [ 1424.767081][T27294] do_recvmmsg+0x1063/0x2120 [ 1424.771706][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1424.776414][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1424.782947][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1424.788161][T27294] do_fast_syscall_32+0x34/0x70 [ 1424.793055][T27294] do_SYSENTER_32+0x1b/0x20 [ 1424.797732][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1424.804107][T27294] [ 1424.806441][T27294] Local variable msg_sys created at: [ 1424.811901][T27294] do_recvmmsg+0xc1/0x2120 [ 1424.816357][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1425.022829][T27269] not chained 1310000 origins [ 1425.027669][T27269] CPU: 1 PID: 27269 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0 [ 1425.036469][T27269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1425.046547][T27269] Call Trace: [ 1425.049840][T27269] [ 1425.052785][T27269] dump_stack_lvl+0x1ff/0x28e [ 1425.057514][T27269] dump_stack+0x25/0x28 [ 1425.061709][T27269] kmsan_internal_chain_origin+0x7a/0x110 [ 1425.067486][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1425.072648][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1425.078511][T27269] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1425.084110][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1425.089272][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1425.095141][T27269] ? should_fail+0x75/0x9c0 [ 1425.099696][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1425.104859][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1425.111154][T27269] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1425.117277][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1425.122439][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1425.128301][T27269] __msan_chain_origin+0xbf/0x140 [ 1425.133373][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1425.138554][T27269] get_compat_msghdr+0x108/0x2c0 [ 1425.143542][T27269] ? __sys_recvmmsg+0x51c/0x6f0 [ 1425.148435][T27269] do_recvmmsg+0x1063/0x2120 [ 1425.153078][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1425.158248][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1425.164116][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1425.169282][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1425.175586][T27269] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.182149][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1425.186880][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.193274][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1425.198349][T27269] do_fast_syscall_32+0x34/0x70 [ 1425.203247][T27269] do_SYSENTER_32+0x1b/0x20 [ 1425.207795][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1425.214167][T27269] RIP: 0023:0xf6e9f549 [ 1425.218261][T27269] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1425.237911][T27269] RSP: 002b:00000000f5a995fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1425.246363][T27269] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1425.254369][T27269] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1425.262369][T27269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1425.270376][T27269] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1425.278373][T27269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1425.286386][T27269] [ 1425.293047][T27269] Uninit was stored to memory at: [ 1425.299243][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1425.304411][T27269] get_compat_msghdr+0x108/0x2c0 [ 1425.309647][T27269] do_recvmmsg+0x1063/0x2120 [ 1425.314274][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1425.319066][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.325446][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1425.330595][T27269] do_fast_syscall_32+0x34/0x70 [ 1425.335488][T27269] do_SYSENTER_32+0x1b/0x20 [ 1425.340119][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1425.346492][T27269] [ 1425.348904][T27269] Uninit was stored to memory at: [ 1425.353988][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1425.359215][T27269] get_compat_msghdr+0x108/0x2c0 [ 1425.364195][T27269] do_recvmmsg+0x1063/0x2120 [ 1425.368902][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1425.373616][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.380146][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1425.385215][T27269] do_fast_syscall_32+0x34/0x70 [ 1425.390254][T27269] do_SYSENTER_32+0x1b/0x20 [ 1425.394822][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1425.401346][T27269] [ 1425.403680][T27269] Uninit was stored to memory at: [ 1425.408904][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1425.414064][T27269] get_compat_msghdr+0x108/0x2c0 [ 1425.419188][T27269] do_recvmmsg+0x1063/0x2120 [ 1425.423812][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1425.428658][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.435039][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1425.440241][T27269] do_fast_syscall_32+0x34/0x70 [ 1425.445131][T27269] do_SYSENTER_32+0x1b/0x20 [ 1425.449823][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1425.456200][T27269] [ 1425.458677][T27269] Uninit was stored to memory at: [ 1425.463765][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1425.469064][T27269] get_compat_msghdr+0x108/0x2c0 [ 1425.474044][T27269] do_recvmmsg+0x1063/0x2120 [ 1425.478811][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1425.483524][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.490049][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1425.495116][T27269] do_fast_syscall_32+0x34/0x70 [ 1425.500155][T27269] do_SYSENTER_32+0x1b/0x20 [ 1425.504704][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1425.511229][T27269] [ 1425.513563][T27269] Uninit was stored to memory at: [ 1425.518790][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1425.523949][T27269] get_compat_msghdr+0x108/0x2c0 [ 1425.529080][T27269] do_recvmmsg+0x1063/0x2120 [ 1425.533712][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1425.538564][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.544942][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1425.550147][T27269] do_fast_syscall_32+0x34/0x70 [ 1425.555039][T27269] do_SYSENTER_32+0x1b/0x20 [ 1425.559729][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1425.566106][T27269] [ 1425.568576][T27269] Uninit was stored to memory at: [ 1425.573658][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1425.578959][T27269] get_compat_msghdr+0x108/0x2c0 [ 1425.583936][T27269] do_recvmmsg+0x1063/0x2120 [ 1425.588701][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1425.593413][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.599929][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1425.604997][T27269] do_fast_syscall_32+0x34/0x70 [ 1425.610033][T27269] do_SYSENTER_32+0x1b/0x20 [ 1425.614578][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1425.621099][T27269] [ 1425.623433][T27269] Uninit was stored to memory at: [ 1425.628659][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1425.633813][T27269] get_compat_msghdr+0x108/0x2c0 [ 1425.638940][T27269] do_recvmmsg+0x1063/0x2120 [ 1425.643567][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1425.648418][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.654800][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1425.660005][T27269] do_fast_syscall_32+0x34/0x70 [ 1425.664898][T27269] do_SYSENTER_32+0x1b/0x20 [ 1425.669584][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1425.675961][T27269] [ 1425.678429][T27269] Local variable msg_sys created at: [ 1425.683720][T27269] do_recvmmsg+0xc1/0x2120 [ 1425.688309][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1425.711048][T27295] not chained 1320000 origins [ 1425.715746][T27295] CPU: 1 PID: 27295 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1425.724543][T27295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1425.734620][T27295] Call Trace: [ 1425.737911][T27295] [ 1425.740859][T27295] dump_stack_lvl+0x1ff/0x28e [ 1425.745584][T27295] dump_stack+0x25/0x28 [ 1425.749776][T27295] kmsan_internal_chain_origin+0x7a/0x110 [ 1425.755554][T27295] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1425.761678][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1425.766843][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1425.772707][T27295] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1425.778310][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1425.783480][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1425.789352][T27295] ? should_fail+0x75/0x9c0 [ 1425.793910][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1425.799070][T27295] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1425.805362][T27295] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1425.811493][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1425.816659][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1425.822523][T27295] __msan_chain_origin+0xbf/0x140 [ 1425.827599][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1425.832785][T27295] get_compat_msghdr+0x108/0x2c0 [ 1425.837772][T27295] ? __sys_recvmmsg+0x51c/0x6f0 [ 1425.842661][T27295] do_recvmmsg+0x1063/0x2120 [ 1425.847303][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1425.853183][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1425.858348][T27295] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1425.864653][T27295] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.871212][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1425.875941][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1425.882339][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1425.887430][T27295] do_fast_syscall_32+0x34/0x70 [ 1425.892328][T27295] do_SYSENTER_32+0x1b/0x20 [ 1425.896877][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1425.903252][T27295] RIP: 0023:0xf6ea0549 [ 1425.907340][T27295] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1425.927000][T27295] RSP: 002b:00000000f5a585fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1425.935450][T27295] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1425.943450][T27295] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1425.951448][T27295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1425.959447][T27295] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1425.967448][T27295] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1425.975458][T27295] [ 1425.982671][T27295] Uninit was stored to memory at: [ 1425.989324][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1425.994489][T27295] get_compat_msghdr+0x108/0x2c0 [ 1425.999555][T27295] do_recvmmsg+0x1063/0x2120 [ 1426.004180][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1426.008969][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.015353][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1426.020518][T27295] do_fast_syscall_32+0x34/0x70 [ 1426.025407][T27295] do_SYSENTER_32+0x1b/0x20 [ 1426.030033][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.036407][T27295] [ 1426.038822][T27295] Uninit was stored to memory at: [ 1426.043907][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.049150][T27295] get_compat_msghdr+0x108/0x2c0 [ 1426.054130][T27295] do_recvmmsg+0x1063/0x2120 [ 1426.058825][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1426.063536][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.070070][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1426.075138][T27295] do_fast_syscall_32+0x34/0x70 [ 1426.080172][T27295] do_SYSENTER_32+0x1b/0x20 [ 1426.084716][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.091235][T27295] [ 1426.093568][T27295] Uninit was stored to memory at: [ 1426.098793][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.103947][T27295] get_compat_msghdr+0x108/0x2c0 [ 1426.109071][T27295] do_recvmmsg+0x1063/0x2120 [ 1426.113698][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1426.118548][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.124928][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1426.130134][T27295] do_fast_syscall_32+0x34/0x70 [ 1426.135031][T27295] do_SYSENTER_32+0x1b/0x20 [ 1426.139717][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.146096][T27295] [ 1426.148580][T27295] Uninit was stored to memory at: [ 1426.153666][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.158954][T27295] get_compat_msghdr+0x108/0x2c0 [ 1426.163939][T27295] do_recvmmsg+0x1063/0x2120 [ 1426.168705][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1426.173419][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.179946][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1426.185015][T27295] do_fast_syscall_32+0x34/0x70 [ 1426.190054][T27295] do_SYSENTER_32+0x1b/0x20 [ 1426.194597][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.201115][T27295] [ 1426.203449][T27295] Uninit was stored to memory at: [ 1426.208671][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.213823][T27295] get_compat_msghdr+0x108/0x2c0 [ 1426.218952][T27295] do_recvmmsg+0x1063/0x2120 [ 1426.223578][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1426.228431][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.234810][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1426.240017][T27295] do_fast_syscall_32+0x34/0x70 [ 1426.244909][T27295] do_SYSENTER_32+0x1b/0x20 [ 1426.249597][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.255969][T27295] [ 1426.258454][T27295] Uninit was stored to memory at: [ 1426.263544][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.268838][T27295] get_compat_msghdr+0x108/0x2c0 [ 1426.273818][T27295] do_recvmmsg+0x1063/0x2120 [ 1426.278580][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1426.283290][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.289811][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1426.294877][T27295] do_fast_syscall_32+0x34/0x70 [ 1426.299905][T27295] do_SYSENTER_32+0x1b/0x20 [ 1426.304446][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.310958][T27295] [ 1426.313290][T27295] Uninit was stored to memory at: [ 1426.318522][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.323677][T27295] get_compat_msghdr+0x108/0x2c0 [ 1426.328804][T27295] do_recvmmsg+0x1063/0x2120 [ 1426.333433][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1426.338275][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.344650][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1426.349857][T27295] do_fast_syscall_32+0x34/0x70 [ 1426.354751][T27295] do_SYSENTER_32+0x1b/0x20 [ 1426.359445][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.365819][T27295] [ 1426.368295][T27295] Local variable msg_sys created at: [ 1426.373586][T27295] do_recvmmsg+0xc1/0x2120 [ 1426.378173][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1426.470791][T27294] not chained 1330000 origins [ 1426.475499][T27294] CPU: 0 PID: 27294 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1426.484300][T27294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1426.494379][T27294] Call Trace: [ 1426.497675][T27294] [ 1426.500622][T27294] dump_stack_lvl+0x1ff/0x28e [ 1426.505348][T27294] dump_stack+0x25/0x28 [ 1426.509546][T27294] kmsan_internal_chain_origin+0x7a/0x110 [ 1426.515325][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1426.521451][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1426.526615][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1426.532484][T27294] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1426.538086][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1426.543255][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1426.549124][T27294] ? should_fail+0x75/0x9c0 [ 1426.553686][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1426.558852][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1426.565157][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1426.571293][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1426.576465][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1426.582328][T27294] __msan_chain_origin+0xbf/0x140 [ 1426.587412][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.592586][T27294] get_compat_msghdr+0x108/0x2c0 [ 1426.597567][T27294] ? __sys_recvmmsg+0x51c/0x6f0 [ 1426.602452][T27294] do_recvmmsg+0x1063/0x2120 [ 1426.607090][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1426.612256][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1426.618548][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1426.623710][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1426.630005][T27294] ? fput+0x82/0x320 [ 1426.633944][T27294] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.640502][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1426.645222][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.651608][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1426.656676][T27294] do_fast_syscall_32+0x34/0x70 [ 1426.661566][T27294] do_SYSENTER_32+0x1b/0x20 [ 1426.666107][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.672479][T27294] RIP: 0023:0xf6ea0549 [ 1426.676567][T27294] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1426.696213][T27294] RSP: 002b:00000000f5a795fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1426.704659][T27294] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1426.712657][T27294] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1426.720650][T27294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1426.728640][T27294] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1426.736630][T27294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1426.744635][T27294] [ 1426.749996][T27294] Uninit was stored to memory at: [ 1426.755094][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.761040][T27294] get_compat_msghdr+0x108/0x2c0 [ 1426.766027][T27294] do_recvmmsg+0x1063/0x2120 [ 1426.770825][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1426.775550][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.782119][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1426.787340][T27294] do_fast_syscall_32+0x34/0x70 [ 1426.792233][T27294] do_SYSENTER_32+0x1b/0x20 [ 1426.796780][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.803318][T27294] [ 1426.805651][T27294] Uninit was stored to memory at: [ 1426.810923][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.816080][T27294] get_compat_msghdr+0x108/0x2c0 [ 1426.821245][T27294] do_recvmmsg+0x1063/0x2120 [ 1426.825872][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1426.830754][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.837286][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1426.842359][T27294] do_fast_syscall_32+0x34/0x70 [ 1426.847433][T27294] do_SYSENTER_32+0x1b/0x20 [ 1426.851979][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.858479][T27294] [ 1426.860815][T27294] Uninit was stored to memory at: [ 1426.865900][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.871233][T27294] get_compat_msghdr+0x108/0x2c0 [ 1426.876221][T27294] do_recvmmsg+0x1063/0x2120 [ 1426.881019][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1426.885735][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.892302][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1426.897527][T27294] do_fast_syscall_32+0x34/0x70 [ 1426.902436][T27294] do_SYSENTER_32+0x1b/0x20 [ 1426.907151][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.913532][T27294] [ 1426.915865][T27294] Uninit was stored to memory at: [ 1426.921121][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.926280][T27294] get_compat_msghdr+0x108/0x2c0 [ 1426.931425][T27294] do_recvmmsg+0x1063/0x2120 [ 1426.936047][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1426.940939][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1426.947480][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1426.952557][T27294] do_fast_syscall_32+0x34/0x70 [ 1426.957621][T27294] do_SYSENTER_32+0x1b/0x20 [ 1426.962169][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1426.968718][T27294] [ 1426.971053][T27294] Uninit was stored to memory at: [ 1426.976139][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1426.981480][T27294] get_compat_msghdr+0x108/0x2c0 [ 1426.986467][T27294] do_recvmmsg+0x1063/0x2120 [ 1426.991284][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1426.996003][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1427.002585][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1427.007810][T27294] do_fast_syscall_32+0x34/0x70 [ 1427.012708][T27294] do_SYSENTER_32+0x1b/0x20 [ 1427.017416][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1427.023800][T27294] [ 1427.026127][T27294] Uninit was stored to memory at: [ 1427.031397][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1427.036565][T27294] get_compat_msghdr+0x108/0x2c0 [ 1427.041730][T27294] do_recvmmsg+0x1063/0x2120 [ 1427.046360][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1427.051252][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1427.057775][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1427.062841][T27294] do_fast_syscall_32+0x34/0x70 [ 1427.067908][T27294] do_SYSENTER_32+0x1b/0x20 [ 1427.072457][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1427.079000][T27294] [ 1427.081334][T27294] Uninit was stored to memory at: [ 1427.086418][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1427.091755][T27294] get_compat_msghdr+0x108/0x2c0 [ 1427.096741][T27294] do_recvmmsg+0x1063/0x2120 [ 1427.101506][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1427.106214][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1427.112774][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1427.118001][T27294] do_fast_syscall_32+0x34/0x70 [ 1427.122897][T27294] do_SYSENTER_32+0x1b/0x20 [ 1427.127619][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1427.134001][T27294] [ 1427.136335][T27294] Local variable msg_sys created at: [ 1427.141788][T27294] do_recvmmsg+0xc1/0x2120 [ 1427.146234][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1427.540776][T27295] not chained 1340000 origins [ 1427.548913][T27295] CPU: 1 PID: 27295 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1427.557728][T27295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1427.567806][T27295] Call Trace: [ 1427.571103][T27295] [ 1427.574049][T27295] dump_stack_lvl+0x1ff/0x28e [ 1427.578778][T27295] dump_stack+0x25/0x28 [ 1427.582972][T27295] kmsan_internal_chain_origin+0x7a/0x110 [ 1427.588746][T27295] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1427.594866][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1427.600034][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1427.605901][T27295] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1427.611505][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1427.616668][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1427.622539][T27295] ? should_fail+0x75/0x9c0 [ 1427.627096][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1427.632261][T27295] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1427.638559][T27295] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1427.644678][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1427.649846][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1427.655716][T27295] __msan_chain_origin+0xbf/0x140 [ 1427.660791][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1427.665976][T27295] get_compat_msghdr+0x108/0x2c0 [ 1427.670965][T27295] ? __sys_recvmmsg+0x51c/0x6f0 [ 1427.675861][T27295] do_recvmmsg+0x1063/0x2120 [ 1427.680516][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1427.686397][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1427.691559][T27295] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1427.697868][T27295] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1427.704433][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1427.709159][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1427.715558][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1427.720629][T27295] do_fast_syscall_32+0x34/0x70 [ 1427.725521][T27295] do_SYSENTER_32+0x1b/0x20 [ 1427.730072][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1427.736449][T27295] RIP: 0023:0xf6ea0549 [ 1427.740537][T27295] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1427.760192][T27295] RSP: 002b:00000000f5a585fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1427.768644][T27295] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1427.776647][T27295] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1427.784647][T27295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1427.792646][T27295] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1427.800641][T27295] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1427.808654][T27295] [ 1427.816150][T27295] Uninit was stored to memory at: [ 1427.821817][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1427.827120][T27295] get_compat_msghdr+0x108/0x2c0 [ 1427.832104][T27295] do_recvmmsg+0x1063/0x2120 [ 1427.836725][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1427.841594][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1427.848144][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1427.853237][T27295] do_fast_syscall_32+0x34/0x70 [ 1427.858215][T27295] do_SYSENTER_32+0x1b/0x20 [ 1427.862759][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1427.869279][T27295] [ 1427.871612][T27295] Uninit was stored to memory at: [ 1427.876698][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1427.881998][T27295] get_compat_msghdr+0x108/0x2c0 [ 1427.887118][T27295] do_recvmmsg+0x1063/0x2120 [ 1427.891745][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1427.896458][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1427.902988][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1427.908202][T27295] do_fast_syscall_32+0x34/0x70 [ 1427.913099][T27295] do_SYSENTER_32+0x1b/0x20 [ 1427.917791][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1427.924170][T27295] [ 1427.926501][T27295] Uninit was stored to memory at: [ 1427.931733][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1427.937008][T27295] get_compat_msghdr+0x108/0x2c0 [ 1427.941989][T27295] do_recvmmsg+0x1063/0x2120 [ 1427.946610][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1427.951466][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1427.957991][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1427.963064][T27295] do_fast_syscall_32+0x34/0x70 [ 1427.968092][T27295] do_SYSENTER_32+0x1b/0x20 [ 1427.972636][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1427.979153][T27295] [ 1427.981485][T27295] Uninit was stored to memory at: [ 1427.986572][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1427.991868][T27295] get_compat_msghdr+0x108/0x2c0 [ 1427.996975][T27295] do_recvmmsg+0x1063/0x2120 [ 1428.001600][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1428.006317][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.012841][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1428.018048][T27295] do_fast_syscall_32+0x34/0x70 [ 1428.022939][T27295] do_SYSENTER_32+0x1b/0x20 [ 1428.027617][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.033990][T27295] [ 1428.036317][T27295] Uninit was stored to memory at: [ 1428.041552][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.046706][T27295] get_compat_msghdr+0x108/0x2c0 [ 1428.051826][T27295] do_recvmmsg+0x1063/0x2120 [ 1428.056456][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1428.061315][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.067852][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1428.072923][T27295] do_fast_syscall_32+0x34/0x70 [ 1428.077955][T27295] do_SYSENTER_32+0x1b/0x20 [ 1428.082503][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.089023][T27295] [ 1428.091355][T27295] Uninit was stored to memory at: [ 1428.096442][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.101687][T27295] get_compat_msghdr+0x108/0x2c0 [ 1428.106672][T27295] do_recvmmsg+0x1063/0x2120 [ 1428.111384][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1428.116104][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.122572][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1428.127720][T27295] do_fast_syscall_32+0x34/0x70 [ 1428.132614][T27295] do_SYSENTER_32+0x1b/0x20 [ 1428.137237][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.143614][T27295] [ 1428.145942][T27295] Uninit was stored to memory at: [ 1428.151110][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.156264][T27295] get_compat_msghdr+0x108/0x2c0 [ 1428.161323][T27295] do_recvmmsg+0x1063/0x2120 [ 1428.165947][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1428.170741][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.177209][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1428.182278][T27295] do_fast_syscall_32+0x34/0x70 [ 1428.187251][T27295] do_SYSENTER_32+0x1b/0x20 [ 1428.190678][T27294] not chained 1350000 origins [ 1428.191790][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.196469][T27294] CPU: 0 PID: 27294 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1428.202848][T27295] [ 1428.211515][T27294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1428.211542][T27294] Call Trace: [ 1428.211557][T27294] [ 1428.211573][T27294] dump_stack_lvl+0x1ff/0x28e [ 1428.213901][T27295] Local variable msg_sys created at: [ 1428.213917][T27295] do_recvmmsg+0xc1/0x2120 [ 1428.223957][T27294] dump_stack+0x25/0x28 [ 1428.224005][T27294] kmsan_internal_chain_origin+0x7a/0x110 [ 1428.227350][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1428.230213][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1428.265101][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1428.270272][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1428.276136][T27294] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1428.281734][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1428.286891][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1428.292764][T27294] ? should_fail+0x75/0x9c0 [ 1428.297316][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1428.302477][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1428.308773][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1428.314893][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1428.320058][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1428.325917][T27294] __msan_chain_origin+0xbf/0x140 [ 1428.330995][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.336171][T27294] get_compat_msghdr+0x108/0x2c0 [ 1428.341156][T27294] ? __sys_recvmmsg+0x51c/0x6f0 [ 1428.346042][T27294] do_recvmmsg+0x1063/0x2120 [ 1428.350682][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1428.355851][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1428.362149][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1428.367310][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1428.373610][T27294] ? fput+0x82/0x320 [ 1428.377550][T27294] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.384107][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1428.388835][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.395228][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1428.400300][T27294] do_fast_syscall_32+0x34/0x70 [ 1428.405193][T27294] do_SYSENTER_32+0x1b/0x20 [ 1428.409736][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.416109][T27294] RIP: 0023:0xf6ea0549 [ 1428.420201][T27294] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1428.434576][T27269] not chained 1360000 origins [ 1428.439846][T27294] RSP: 002b:00000000f5a795fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1428.439894][T27294] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1428.439927][T27294] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1428.468891][T27294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1428.476883][T27294] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1428.484875][T27294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1428.492877][T27294] [ 1428.495904][T27269] CPU: 1 PID: 27269 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0 [ 1428.498296][T27294] Uninit was stored to memory at: [ 1428.504697][T27269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1428.510107][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.519763][T27269] Call Trace: [ 1428.519779][T27269] [ 1428.519794][T27269] dump_stack_lvl+0x1ff/0x28e [ 1428.519853][T27269] dump_stack+0x25/0x28 [ 1428.524960][T27294] get_compat_msghdr+0x108/0x2c0 [ 1428.528234][T27269] kmsan_internal_chain_origin+0x7a/0x110 [ 1428.528303][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1428.531255][T27294] do_recvmmsg+0x1063/0x2120 [ 1428.535917][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1428.540151][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1428.544980][T27269] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1428.550766][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.556985][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1428.557048][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1428.563195][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1428.568987][T27269] ? should_fail+0x75/0x9c0 [ 1428.569050][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1428.573735][T27294] do_fast_syscall_32+0x34/0x70 [ 1428.579264][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1428.579333][T27269] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1428.585662][T27294] do_SYSENTER_32+0x1b/0x20 [ 1428.590760][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1428.590823][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1428.596632][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.601639][T27269] __msan_chain_origin+0xbf/0x140 [ 1428.601703][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.606349][T27294] [ 1428.611329][T27269] get_compat_msghdr+0x108/0x2c0 [ 1428.611392][T27269] ? __sys_recvmmsg+0x51c/0x6f0 [ 1428.616239][T27294] Uninit was stored to memory at: [ 1428.616310][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.622471][T27269] do_recvmmsg+0x1063/0x2120 [ 1428.622537][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1428.628677][T27294] get_compat_msghdr+0x108/0x2c0 [ 1428.633107][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1428.638285][T27294] do_recvmmsg+0x1063/0x2120 [ 1428.643982][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1428.650379][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1428.655295][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1428.660478][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.662713][T27269] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.667696][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1428.672466][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1428.677580][T27294] do_fast_syscall_32+0x34/0x70 [ 1428.682597][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.687246][T27294] do_SYSENTER_32+0x1b/0x20 [ 1428.692260][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1428.697259][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.702961][T27269] do_fast_syscall_32+0x34/0x70 [ 1428.707620][T27294] [ 1428.712624][T27269] do_SYSENTER_32+0x1b/0x20 [ 1428.717373][T27294] Uninit was stored to memory at: [ 1428.723505][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.729966][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.736293][T27269] RIP: 0023:0xf6e9f549 [ 1428.741391][T27294] get_compat_msghdr+0x108/0x2c0 [ 1428.745959][T27269] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1428.750886][T27294] do_recvmmsg+0x1063/0x2120 [ 1428.757101][T27269] RSP: 002b:00000000f5a995fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1428.757149][T27269] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1428.757183][T27269] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1428.761662][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1428.766666][T27269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1428.773073][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.777816][T27269] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1428.777847][T27269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1428.777889][T27269] [ 1428.777990][T27269] Uninit was stored to memory at: [ 1428.780220][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1428.784763][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.789808][T27294] do_fast_syscall_32+0x34/0x70 [ 1428.796100][T27269] get_compat_msghdr+0x108/0x2c0 [ 1428.801294][T27294] do_SYSENTER_32+0x1b/0x20 [ 1428.805321][T27269] do_recvmmsg+0x1063/0x2120 [ 1428.810334][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.829976][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1428.830018][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.834583][T27294] [ 1428.834591][T27294] Uninit was stored to memory at: [ 1428.834661][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.843047][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1428.851116][T27294] get_compat_msghdr+0x108/0x2c0 [ 1428.859121][T27269] do_fast_syscall_32+0x34/0x70 [ 1428.863789][T27294] do_recvmmsg+0x1063/0x2120 [ 1428.871818][T27269] do_SYSENTER_32+0x1b/0x20 [ 1428.878222][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1428.886184][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.894236][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.897286][T27269] [ 1428.897294][T27269] Uninit was stored to memory at: [ 1428.897363][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.902300][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1428.907374][T27269] get_compat_msghdr+0x108/0x2c0 [ 1428.912490][T27294] do_fast_syscall_32+0x34/0x70 [ 1428.917390][T27269] do_recvmmsg+0x1063/0x2120 [ 1428.922332][T27294] do_SYSENTER_32+0x1b/0x20 [ 1428.926887][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1428.926930][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.931490][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.937867][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1428.942550][T27294] [ 1428.942558][T27294] Uninit was stored to memory at: [ 1428.948925][T27269] do_fast_syscall_32+0x34/0x70 [ 1428.951325][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.956272][T27269] do_SYSENTER_32+0x1b/0x20 [ 1428.961467][T27294] get_compat_msghdr+0x108/0x2c0 [ 1428.966456][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1428.971490][T27294] do_recvmmsg+0x1063/0x2120 [ 1428.976335][T27269] [ 1428.976346][T27269] Uninit was stored to memory at: [ 1428.981029][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1428.985553][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1428.990247][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1428.996530][T27269] get_compat_msghdr+0x108/0x2c0 [ 1429.002939][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1429.005228][T27269] do_recvmmsg+0x1063/0x2120 [ 1429.010331][T27294] do_fast_syscall_32+0x34/0x70 [ 1429.015398][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1429.020497][T27294] do_SYSENTER_32+0x1b/0x20 [ 1429.025398][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1429.030324][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1429.034870][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1429.039429][T27294] [ 1429.039437][T27294] Uninit was stored to memory at: [ 1429.044085][T27269] do_fast_syscall_32+0x34/0x70 [ 1429.050550][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1429.056781][T27269] do_SYSENTER_32+0x1b/0x20 [ 1429.061883][T27294] get_compat_msghdr+0x108/0x2c0 [ 1429.064103][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1429.069184][T27294] do_recvmmsg+0x1063/0x2120 [ 1429.074010][T27269] [ 1429.074019][T27269] Uninit was stored to memory at: [ 1429.079196][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1429.083719][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1429.088705][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1429.095007][T27269] get_compat_msghdr+0x108/0x2c0 [ 1429.099678][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1429.101970][T27269] do_recvmmsg+0x1063/0x2120 [ 1429.107072][T27294] do_fast_syscall_32+0x34/0x70 [ 1429.111706][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1429.116798][T27294] do_SYSENTER_32+0x1b/0x20 [ 1429.123188][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1429.128198][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1429.133186][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1429.137858][T27294] [ 1429.142669][T27269] do_fast_syscall_32+0x34/0x70 [ 1429.147428][T27294] Uninit was stored to memory at: [ 1429.151887][T27269] do_SYSENTER_32+0x1b/0x20 [ 1429.158354][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1429.164581][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1429.169700][T27294] get_compat_msghdr+0x108/0x2c0 [ 1429.172001][T27269] [ 1429.172009][T27269] Uninit was stored to memory at: [ 1429.177099][T27294] do_recvmmsg+0x1063/0x2120 [ 1429.181972][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1429.187097][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1429.191562][T27269] get_compat_msghdr+0x108/0x2c0 [ 1429.196481][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1429.202860][T27269] do_recvmmsg+0x1063/0x2120 [ 1429.207523][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1429.209838][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1429.214842][T27294] do_fast_syscall_32+0x34/0x70 [ 1429.219574][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1429.224689][T27294] do_SYSENTER_32+0x1b/0x20 [ 1429.231068][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1429.236011][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1429.241087][T27269] do_fast_syscall_32+0x34/0x70 [ 1429.245679][T27294] [ 1429.245690][T27294] Local variable msg_sys created at: [ 1429.250582][T27269] do_SYSENTER_32+0x1b/0x20 [ 1429.255264][T27294] do_recvmmsg+0xc1/0x2120 [ 1429.259823][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1429.266135][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1429.272519][T27269] [ 1429.272528][T27269] Uninit was stored to memory at: [ 1429.272597][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1429.430575][T27269] get_compat_msghdr+0x108/0x2c0 [ 1429.435563][T27269] do_recvmmsg+0x1063/0x2120 [ 1429.440276][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1429.444988][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1429.451453][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1429.456520][T27269] do_fast_syscall_32+0x34/0x70 [ 1429.461504][T27269] do_SYSENTER_32+0x1b/0x20 [ 1429.466048][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1429.472511][T27269] [ 1429.474843][T27269] Uninit was stored to memory at: [ 1429.480017][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1429.485171][T27269] get_compat_msghdr+0x108/0x2c0 [ 1429.490235][T27269] do_recvmmsg+0x1063/0x2120 [ 1429.494858][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1429.499658][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1429.506039][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1429.511192][T27269] do_fast_syscall_32+0x34/0x70 [ 1429.516082][T27269] do_SYSENTER_32+0x1b/0x20 [ 1429.520706][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1429.527157][T27269] [ 1429.529495][T27269] Local variable msg_sys created at: [ 1429.534782][T27269] do_recvmmsg+0xc1/0x2120 [ 1429.539317][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1429.737479][T27295] not chained 1370000 origins [ 1429.742196][T27295] CPU: 1 PID: 27295 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1429.751002][T27295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1429.761084][T27295] Call Trace: [ 1429.764378][T27295] [ 1429.767327][T27295] dump_stack_lvl+0x1ff/0x28e [ 1429.772053][T27295] dump_stack+0x25/0x28 [ 1429.776245][T27295] kmsan_internal_chain_origin+0x7a/0x110 [ 1429.782020][T27295] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1429.788140][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1429.793310][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1429.799184][T27295] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1429.804792][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1429.809969][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1429.815845][T27295] ? should_fail+0x75/0x9c0 [ 1429.820408][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1429.825573][T27295] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1429.831874][T27295] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1429.838010][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1429.843180][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1429.849044][T27295] __msan_chain_origin+0xbf/0x140 [ 1429.854122][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1429.859299][T27295] get_compat_msghdr+0x108/0x2c0 [ 1429.864289][T27295] ? __sys_recvmmsg+0x51c/0x6f0 [ 1429.869183][T27295] do_recvmmsg+0x1063/0x2120 [ 1429.873827][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1429.879715][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1429.884881][T27295] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1429.891192][T27295] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1429.897753][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1429.902481][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1429.908877][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1429.913960][T27295] do_fast_syscall_32+0x34/0x70 [ 1429.918856][T27295] do_SYSENTER_32+0x1b/0x20 [ 1429.923405][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1429.929785][T27295] RIP: 0023:0xf6ea0549 [ 1429.933882][T27295] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1429.953542][T27295] RSP: 002b:00000000f5a585fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1429.961993][T27295] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1429.969997][T27295] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1429.977998][T27295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1429.985998][T27295] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1429.994016][T27295] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1430.002031][T27295] [ 1430.008694][T27295] Uninit was stored to memory at: [ 1430.013798][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.019589][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.024578][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.029293][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.034008][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.040480][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1430.045551][T27295] do_fast_syscall_32+0x34/0x70 [ 1430.050529][T27295] do_SYSENTER_32+0x1b/0x20 [ 1430.055073][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1430.061539][T27295] [ 1430.063872][T27295] Uninit was stored to memory at: [ 1430.069049][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.074206][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.079268][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.083891][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.088685][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.095068][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1430.100219][T27295] do_fast_syscall_32+0x34/0x70 [ 1430.105133][T27295] do_SYSENTER_32+0x1b/0x20 [ 1430.109763][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1430.116139][T27295] [ 1430.118548][T27295] Uninit was stored to memory at: [ 1430.123636][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.128945][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.133930][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.138703][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.143420][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.149954][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1430.155023][T27295] do_fast_syscall_32+0x34/0x70 [ 1430.160061][T27295] do_SYSENTER_32+0x1b/0x20 [ 1430.164606][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1430.171128][T27295] [ 1430.173459][T27295] Uninit was stored to memory at: [ 1430.178694][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.183849][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.188969][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.193595][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.198461][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.204844][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1430.210056][T27295] do_fast_syscall_32+0x34/0x70 [ 1430.214951][T27295] do_SYSENTER_32+0x1b/0x20 [ 1430.219633][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1430.226007][T27295] [ 1430.228483][T27295] Uninit was stored to memory at: [ 1430.233564][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.238858][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.243845][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.248608][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.253324][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.259858][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1430.264925][T27295] do_fast_syscall_32+0x34/0x70 [ 1430.269969][T27295] do_SYSENTER_32+0x1b/0x20 [ 1430.274519][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1430.281042][T27295] [ 1430.283375][T27295] Uninit was stored to memory at: [ 1430.288605][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.293763][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.298826][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.303462][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.308314][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.314695][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1430.319905][T27295] do_fast_syscall_32+0x34/0x70 [ 1430.324800][T27295] do_SYSENTER_32+0x1b/0x20 [ 1430.329497][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1430.335876][T27295] [ 1430.338342][T27295] Uninit was stored to memory at: [ 1430.343424][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.348735][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.353717][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.358483][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.363222][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.369747][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1430.374817][T27295] do_fast_syscall_32+0x34/0x70 [ 1430.379858][T27295] do_SYSENTER_32+0x1b/0x20 [ 1430.384405][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1430.390934][T27295] [ 1430.393270][T27295] Local variable msg_sys created at: [ 1430.398701][T27295] do_recvmmsg+0xc1/0x2120 [ 1430.403151][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.585957][T27295] not chained 1380000 origins [ 1430.590966][T27295] CPU: 1 PID: 27295 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1430.599765][T27295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1430.609841][T27295] Call Trace: [ 1430.613135][T27295] [ 1430.616091][T27295] dump_stack_lvl+0x1ff/0x28e [ 1430.620820][T27295] dump_stack+0x25/0x28 [ 1430.625017][T27295] kmsan_internal_chain_origin+0x7a/0x110 [ 1430.630794][T27295] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1430.636924][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1430.642091][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1430.647957][T27295] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1430.653562][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1430.658729][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1430.664599][T27295] ? should_fail+0x75/0x9c0 [ 1430.669153][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1430.674319][T27295] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1430.680617][T27295] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1430.686746][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1430.691910][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1430.697780][T27295] __msan_chain_origin+0xbf/0x140 [ 1430.702865][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.708050][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.713042][T27295] ? __sys_recvmmsg+0x51c/0x6f0 [ 1430.717941][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.722586][T27295] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1430.728471][T27295] ? kmsan_get_metadata+0xa4/0x120 [ 1430.733641][T27295] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1430.739945][T27295] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.746510][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.751239][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.757634][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1430.762711][T27295] do_fast_syscall_32+0x34/0x70 [ 1430.767611][T27295] do_SYSENTER_32+0x1b/0x20 [ 1430.772158][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1430.778535][T27295] RIP: 0023:0xf6ea0549 [ 1430.782622][T27295] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1430.802269][T27295] RSP: 002b:00000000f5a585fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1430.810720][T27295] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1430.818720][T27295] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1430.826721][T27295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1430.834719][T27295] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1430.842723][T27295] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1430.850738][T27295] [ 1430.857303][T27295] Uninit was stored to memory at: [ 1430.862406][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.868174][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.873163][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.877864][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.882583][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.889052][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1430.894115][T27295] do_fast_syscall_32+0x34/0x70 [ 1430.899087][T27295] do_SYSENTER_32+0x1b/0x20 [ 1430.903637][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1430.910092][T27295] [ 1430.912421][T27295] Uninit was stored to memory at: [ 1430.917592][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.922751][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.927839][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.932468][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.937257][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.943644][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1430.948797][T27295] do_fast_syscall_32+0x34/0x70 [ 1430.953690][T27295] do_SYSENTER_32+0x1b/0x20 [ 1430.958313][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1430.964797][T27295] [ 1430.967205][T27295] Uninit was stored to memory at: [ 1430.972290][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1430.977530][T27295] get_compat_msghdr+0x108/0x2c0 [ 1430.982509][T27295] do_recvmmsg+0x1063/0x2120 [ 1430.987217][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1430.992020][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1430.998481][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1431.003548][T27295] do_fast_syscall_32+0x34/0x70 [ 1431.008516][T27295] do_SYSENTER_32+0x1b/0x20 [ 1431.013059][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1431.019512][T27295] [ 1431.021842][T27295] Uninit was stored to memory at: [ 1431.027004][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1431.032161][T27295] get_compat_msghdr+0x108/0x2c0 [ 1431.037223][T27295] do_recvmmsg+0x1063/0x2120 [ 1431.041850][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1431.046559][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1431.053032][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1431.058185][T27295] do_fast_syscall_32+0x34/0x70 [ 1431.063076][T27295] do_SYSENTER_32+0x1b/0x20 [ 1431.067703][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1431.074081][T27295] [ 1431.076408][T27295] Uninit was stored to memory at: [ 1431.081583][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1431.086742][T27295] get_compat_msghdr+0x108/0x2c0 [ 1431.091812][T27295] do_recvmmsg+0x1063/0x2120 [ 1431.096436][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1431.101229][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1431.107690][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1431.112756][T27295] do_fast_syscall_32+0x34/0x70 [ 1431.117728][T27295] do_SYSENTER_32+0x1b/0x20 [ 1431.122273][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1431.128784][T27295] [ 1431.131115][T27295] Uninit was stored to memory at: [ 1431.136199][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1431.141509][T27295] get_compat_msghdr+0x108/0x2c0 [ 1431.146496][T27295] do_recvmmsg+0x1063/0x2120 [ 1431.151270][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1431.155985][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1431.162525][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1431.167737][T27295] do_fast_syscall_32+0x34/0x70 [ 1431.172632][T27295] do_SYSENTER_32+0x1b/0x20 [ 1431.177302][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1431.183678][T27295] [ 1431.186007][T27295] Uninit was stored to memory at: [ 1431.191237][T27295] __get_compat_msghdr+0x6e1/0x9d0 [ 1431.196393][T27295] get_compat_msghdr+0x108/0x2c0 [ 1431.201525][T27295] do_recvmmsg+0x1063/0x2120 [ 1431.206153][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1431.211016][T27295] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1431.217532][T27295] __do_fast_syscall_32+0x96/0xf0 [ 1431.222597][T27295] do_fast_syscall_32+0x34/0x70 [ 1431.227633][T27295] do_SYSENTER_32+0x1b/0x20 [ 1431.232178][T27295] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1431.238698][T27295] [ 1431.241032][T27295] Local variable msg_sys created at: [ 1431.246323][T27295] do_recvmmsg+0xc1/0x2120 [ 1431.250916][T27295] __sys_recvmmsg+0x51c/0x6f0 [ 1431.472908][T27294] not chained 1390000 origins [ 1431.477887][T27294] CPU: 1 PID: 27294 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1431.486694][T27294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1431.496776][T27294] Call Trace: [ 1431.500078][T27294] [ 1431.503029][T27294] dump_stack_lvl+0x1ff/0x28e [ 1431.507754][T27294] dump_stack+0x25/0x28 [ 1431.511953][T27294] kmsan_internal_chain_origin+0x7a/0x110 [ 1431.517731][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1431.523855][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1431.529024][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1431.534893][T27294] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1431.540501][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1431.545669][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1431.551536][T27294] ? should_fail+0x75/0x9c0 [ 1431.556093][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1431.561257][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1431.567559][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1431.573684][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1431.578850][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1431.584718][T27294] __msan_chain_origin+0xbf/0x140 [ 1431.589797][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1431.594977][T27294] get_compat_msghdr+0x108/0x2c0 [ 1431.599970][T27294] ? __sys_recvmmsg+0x51c/0x6f0 [ 1431.604863][T27294] do_recvmmsg+0x1063/0x2120 [ 1431.609516][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1431.614692][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1431.620993][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1431.626158][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1431.632464][T27294] ? fput+0x82/0x320 [ 1431.636404][T27294] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1431.642970][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1431.647701][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1431.654099][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1431.659174][T27294] do_fast_syscall_32+0x34/0x70 [ 1431.664071][T27294] do_SYSENTER_32+0x1b/0x20 [ 1431.668620][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1431.674999][T27294] RIP: 0023:0xf6ea0549 [ 1431.679087][T27294] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1431.698737][T27294] RSP: 002b:00000000f5a795fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1431.707187][T27294] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1431.715191][T27294] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1431.723185][T27294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1431.731177][T27294] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1431.739174][T27294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1431.747185][T27294] [ 1431.756713][T27294] Uninit was stored to memory at: [ 1431.770037][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1431.775221][T27294] get_compat_msghdr+0x108/0x2c0 [ 1431.780298][T27294] do_recvmmsg+0x1063/0x2120 [ 1431.784924][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1431.789801][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1431.796186][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1431.801337][T27294] do_fast_syscall_32+0x34/0x70 [ 1431.806232][T27294] do_SYSENTER_32+0x1b/0x20 [ 1431.810858][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1431.817381][T27294] [ 1431.819716][T27294] Uninit was stored to memory at: [ 1431.824806][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1431.830110][T27294] get_compat_msghdr+0x108/0x2c0 [ 1431.835094][T27294] do_recvmmsg+0x1063/0x2120 [ 1431.839861][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1431.844595][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1431.851115][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1431.856185][T27294] do_fast_syscall_32+0x34/0x70 [ 1431.861227][T27294] do_SYSENTER_32+0x1b/0x20 [ 1431.865769][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1431.872294][T27294] [ 1431.874654][T27294] Uninit was stored to memory at: [ 1431.879875][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1431.885034][T27294] get_compat_msghdr+0x108/0x2c0 [ 1431.890163][T27294] do_recvmmsg+0x1063/0x2120 [ 1431.894793][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1431.899649][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1431.906025][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1431.911236][T27294] do_fast_syscall_32+0x34/0x70 [ 1431.916128][T27294] do_SYSENTER_32+0x1b/0x20 [ 1431.920814][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1431.927347][T27294] [ 1431.929685][T27294] Uninit was stored to memory at: [ 1431.934770][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1431.940142][T27294] get_compat_msghdr+0x108/0x2c0 [ 1431.945128][T27294] do_recvmmsg+0x1063/0x2120 [ 1431.949898][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1431.954618][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1431.961146][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1431.966218][T27294] do_fast_syscall_32+0x34/0x70 [ 1431.971253][T27294] do_SYSENTER_32+0x1b/0x20 [ 1431.975801][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1431.982334][T27294] [ 1431.984670][T27294] Uninit was stored to memory at: [ 1431.989904][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1431.995057][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.000189][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.004818][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.009670][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.016051][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.021266][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.026157][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.030841][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.037358][T27294] [ 1432.039688][T27294] Uninit was stored to memory at: [ 1432.044770][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1432.050063][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.055045][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.059815][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.064525][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.071049][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.076116][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.081152][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.085694][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.092205][T27294] [ 1432.094540][T27294] Uninit was stored to memory at: [ 1432.099763][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1432.104915][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.110039][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.114662][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.119521][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.125898][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.131106][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.135997][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.140678][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.147197][T27294] [ 1432.149531][T27294] Local variable msg_sys created at: [ 1432.154823][T27294] do_recvmmsg+0xc1/0x2120 [ 1432.159413][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.218778][T27294] not chained 1400000 origins [ 1432.223479][T27294] CPU: 1 PID: 27294 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1432.232276][T27294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1432.242354][T27294] Call Trace: [ 1432.245645][T27294] [ 1432.248596][T27294] dump_stack_lvl+0x1ff/0x28e [ 1432.253318][T27294] dump_stack+0x25/0x28 [ 1432.257510][T27294] kmsan_internal_chain_origin+0x7a/0x110 [ 1432.263292][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1432.269422][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1432.274589][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1432.280460][T27294] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1432.286056][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1432.291210][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1432.297069][T27294] ? should_fail+0x75/0x9c0 [ 1432.301616][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1432.306774][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1432.313071][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1432.319188][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1432.324344][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1432.330203][T27294] __msan_chain_origin+0xbf/0x140 [ 1432.335274][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1432.340452][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.345439][T27294] ? __sys_recvmmsg+0x51c/0x6f0 [ 1432.350323][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.354957][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1432.360124][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1432.366415][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1432.371669][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1432.377960][T27294] ? fput+0x82/0x320 [ 1432.381894][T27294] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.388448][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.393170][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.399552][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.404619][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.409507][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.414044][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.420415][T27294] RIP: 0023:0xf6ea0549 [ 1432.424509][T27294] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1432.444154][T27294] RSP: 002b:00000000f5a795fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1432.452596][T27294] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1432.460591][T27294] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1432.468580][T27294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1432.476571][T27294] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1432.484561][T27294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1432.492570][T27294] [ 1432.499530][T27294] Uninit was stored to memory at: [ 1432.504624][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1432.510331][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.515316][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.520075][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.524790][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.531318][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.536390][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.541437][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.545980][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.552504][T27294] [ 1432.554837][T27294] Uninit was stored to memory at: [ 1432.560072][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1432.565251][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.570384][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.575018][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.579879][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.586268][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.591485][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.596378][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.601081][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.607597][T27294] [ 1432.609928][T27294] Uninit was stored to memory at: [ 1432.615010][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1432.620302][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.625287][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.630053][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.634771][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.641307][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.646381][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.651431][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.655988][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.662524][T27294] [ 1432.664859][T27294] Uninit was stored to memory at: [ 1432.670098][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1432.675252][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.680381][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.685453][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.690313][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.696699][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.701916][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.706814][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.711490][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.718000][T27294] [ 1432.720329][T27294] Uninit was stored to memory at: [ 1432.725410][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1432.730727][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.735719][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.740488][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.745202][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.751712][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.756781][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.761829][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.766371][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.772895][T27294] [ 1432.775227][T27294] Uninit was stored to memory at: [ 1432.780462][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1432.785616][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.790745][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.795368][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.800225][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.806612][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.811846][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.816754][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.821454][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.827968][T27294] [ 1432.830300][T27294] Uninit was stored to memory at: [ 1432.835385][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1432.840691][T27294] get_compat_msghdr+0x108/0x2c0 [ 1432.845676][T27294] do_recvmmsg+0x1063/0x2120 [ 1432.850451][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1432.855165][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1432.861701][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1432.866774][T27294] do_fast_syscall_32+0x34/0x70 [ 1432.871807][T27294] do_SYSENTER_32+0x1b/0x20 [ 1432.876352][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1432.882879][T27294] [ 1432.885217][T27294] Local variable msg_sys created at: [ 1432.890661][T27294] do_recvmmsg+0xc1/0x2120 [ 1432.895109][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1433.000977][T27269] not chained 1410000 origins [ 1433.005699][T27269] CPU: 0 PID: 27269 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0 [ 1433.014509][T27269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1433.024594][T27269] Call Trace: [ 1433.027884][T27269] [ 1433.030827][T27269] dump_stack_lvl+0x1ff/0x28e [ 1433.035560][T27269] dump_stack+0x25/0x28 [ 1433.039766][T27269] kmsan_internal_chain_origin+0x7a/0x110 [ 1433.045559][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1433.050730][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1433.056598][T27269] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1433.062199][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1433.067375][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1433.073239][T27269] ? should_fail+0x75/0x9c0 [ 1433.077792][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1433.082956][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1433.089254][T27269] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1433.095379][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1433.100549][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1433.106412][T27269] __msan_chain_origin+0xbf/0x140 [ 1433.111489][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.116673][T27269] get_compat_msghdr+0x108/0x2c0 [ 1433.121660][T27269] ? __sys_recvmmsg+0x51c/0x6f0 [ 1433.126554][T27269] do_recvmmsg+0x1063/0x2120 [ 1433.131195][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1433.136368][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1433.142230][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1433.147391][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1433.153692][T27269] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.160249][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1433.164970][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.168041][T27294] not chained 1420000 origins [ 1433.171352][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1433.181021][T27269] do_fast_syscall_32+0x34/0x70 [ 1433.185905][T27269] do_SYSENTER_32+0x1b/0x20 [ 1433.190435][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.196801][T27269] RIP: 0023:0xf6e9f549 [ 1433.200884][T27269] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1433.220528][T27269] RSP: 002b:00000000f5a995fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1433.228967][T27269] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1433.236959][T27269] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1433.244945][T27269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1433.252928][T27269] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1433.260913][T27269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1433.268911][T27269] [ 1433.271933][T27294] CPU: 1 PID: 27294 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1433.274139][T27269] Uninit was stored to memory at: [ 1433.280733][T27294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1433.280761][T27294] Call Trace: [ 1433.280775][T27294] [ 1433.280790][T27294] dump_stack_lvl+0x1ff/0x28e [ 1433.280850][T27294] dump_stack+0x25/0x28 [ 1433.280896][T27294] kmsan_internal_chain_origin+0x7a/0x110 [ 1433.280961][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1433.281030][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1433.281090][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1433.281158][T27294] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1433.281221][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1433.281280][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1433.281350][T27294] ? should_fail+0x75/0x9c0 [ 1433.281412][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1433.281471][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1433.281536][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1433.281601][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1433.281660][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1433.281725][T27294] __msan_chain_origin+0xbf/0x140 [ 1433.281787][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.281868][T27294] get_compat_msghdr+0x108/0x2c0 [ 1433.281926][T27294] ? __sys_recvmmsg+0x51c/0x6f0 [ 1433.281974][T27294] do_recvmmsg+0x1063/0x2120 [ 1433.282039][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1433.282108][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1433.282173][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1433.282234][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1433.282302][T27294] ? fput+0x82/0x320 [ 1433.282355][T27294] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.282422][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1433.287707][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.297479][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.297556][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1433.300854][T27269] get_compat_msghdr+0x108/0x2c0 [ 1433.303782][T27294] do_fast_syscall_32+0x34/0x70 [ 1433.308537][T27269] do_recvmmsg+0x1063/0x2120 [ 1433.312580][T27294] do_SYSENTER_32+0x1b/0x20 [ 1433.318374][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1433.324332][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.329517][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.335216][T27294] RIP: 0023:0xf6ea0549 [ 1433.340841][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1433.345841][T27294] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1433.351723][T27269] do_fast_syscall_32+0x34/0x70 [ 1433.356114][T27294] RSP: 002b:00000000f5a795fc EFLAGS: 00000296 [ 1433.361344][T27269] do_SYSENTER_32+0x1b/0x20 [ 1433.367451][T27294] ORIG_RAX: 0000000000000151 [ 1433.367474][T27294] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1433.367508][T27294] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1433.367538][T27294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1433.367566][T27294] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1433.373610][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.378703][T27294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1433.378749][T27294] [ 1433.378843][T27294] Uninit was stored to memory at: [ 1433.384630][T27269] [ 1433.389754][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.394815][T27269] Uninit was stored to memory at: [ 1433.394885][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.399807][T27294] get_compat_msghdr+0x108/0x2c0 [ 1433.404662][T27269] get_compat_msghdr+0x108/0x2c0 [ 1433.409308][T27294] do_recvmmsg+0x1063/0x2120 [ 1433.414421][T27269] do_recvmmsg+0x1063/0x2120 [ 1433.420720][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1433.425837][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1433.432134][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.436031][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.442587][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1433.447339][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1433.452435][T27294] do_fast_syscall_32+0x34/0x70 [ 1433.458848][T27269] do_fast_syscall_32+0x34/0x70 [ 1433.463839][T27294] do_SYSENTER_32+0x1b/0x20 [ 1433.468854][T27269] do_SYSENTER_32+0x1b/0x20 [ 1433.473668][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.478337][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.482798][T27294] [ 1433.482807][T27294] Uninit was stored to memory at: [ 1433.482875][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.487645][T27269] [ 1433.493928][T27294] get_compat_msghdr+0x108/0x2c0 [ 1433.500335][T27269] Uninit was stored to memory at: [ 1433.504362][T27294] do_recvmmsg+0x1063/0x2120 [ 1433.509506][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.529107][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1433.529150][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.533968][T27269] get_compat_msghdr+0x108/0x2c0 [ 1433.540088][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1433.544594][T27269] do_recvmmsg+0x1063/0x2120 [ 1433.549321][T27294] do_fast_syscall_32+0x34/0x70 [ 1433.557370][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1433.565314][T27294] do_SYSENTER_32+0x1b/0x20 [ 1433.573397][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.581414][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.587826][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1433.595786][T27294] [ 1433.595796][T27294] Uninit was stored to memory at: [ 1433.598891][T27269] do_fast_syscall_32+0x34/0x70 [ 1433.603938][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.606342][T27269] do_SYSENTER_32+0x1b/0x20 [ 1433.611361][T27294] get_compat_msghdr+0x108/0x2c0 [ 1433.616389][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.621560][T27294] do_recvmmsg+0x1063/0x2120 [ 1433.626498][T27269] [ 1433.626507][T27269] Uninit was stored to memory at: [ 1433.631491][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1433.631535][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.636155][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.640740][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1433.645418][T27269] get_compat_msghdr+0x108/0x2c0 [ 1433.650148][T27294] do_fast_syscall_32+0x34/0x70 [ 1433.656479][T27269] do_recvmmsg+0x1063/0x2120 [ 1433.662862][T27294] do_SYSENTER_32+0x1b/0x20 [ 1433.667957][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1433.672972][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.677900][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.682713][T27294] [ 1433.682721][T27294] Uninit was stored to memory at: [ 1433.687292][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1433.691811][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.698153][T27269] do_fast_syscall_32+0x34/0x70 [ 1433.704441][T27294] get_compat_msghdr+0x108/0x2c0 [ 1433.706760][T27269] do_SYSENTER_32+0x1b/0x20 [ 1433.711836][T27294] do_recvmmsg+0x1063/0x2120 [ 1433.717022][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.719341][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1433.724264][T27269] [ 1433.724272][T27269] Uninit was stored to memory at: [ 1433.729343][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.734014][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.739123][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1433.743802][T27269] get_compat_msghdr+0x108/0x2c0 [ 1433.750181][T27294] do_fast_syscall_32+0x34/0x70 [ 1433.755121][T27269] do_recvmmsg+0x1063/0x2120 [ 1433.760197][T27294] do_SYSENTER_32+0x1b/0x20 [ 1433.764788][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1433.769689][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.774354][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.778963][T27294] [ 1433.778974][T27294] Uninit was stored to memory at: [ 1433.779046][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.785382][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1433.791761][T27294] get_compat_msghdr+0x108/0x2c0 [ 1433.796789][T27269] do_fast_syscall_32+0x34/0x70 [ 1433.799172][T27294] do_recvmmsg+0x1063/0x2120 [ 1433.804106][T27269] do_SYSENTER_32+0x1b/0x20 [ 1433.809007][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1433.809049][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.814134][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.818688][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1433.823630][T27269] [ 1433.823638][T27269] Uninit was stored to memory at: [ 1433.830009][T27294] do_fast_syscall_32+0x34/0x70 [ 1433.834670][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.836998][T27294] do_SYSENTER_32+0x1b/0x20 [ 1433.842029][T27269] get_compat_msghdr+0x108/0x2c0 [ 1433.846685][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.853090][T27269] do_recvmmsg+0x1063/0x2120 [ 1433.858222][T27294] [ 1433.858232][T27294] Uninit was stored to memory at: [ 1433.858300][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.863234][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1433.868222][T27294] get_compat_msghdr+0x108/0x2c0 [ 1433.873074][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.877716][T27294] do_recvmmsg+0x1063/0x2120 [ 1433.877758][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1433.882222][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1433.886953][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.893291][T27269] do_fast_syscall_32+0x34/0x70 [ 1433.899676][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1433.902010][T27269] do_SYSENTER_32+0x1b/0x20 [ 1433.907090][T27294] do_fast_syscall_32+0x34/0x70 [ 1433.912117][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.917281][T27294] do_SYSENTER_32+0x1b/0x20 [ 1433.922136][T27269] [ 1433.922144][T27269] Uninit was stored to memory at: [ 1433.922215][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.927126][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1433.931634][T27269] get_compat_msghdr+0x108/0x2c0 [ 1433.936202][T27294] [ 1433.936210][T27294] Uninit was stored to memory at: [ 1433.942601][T27269] do_recvmmsg+0x1063/0x2120 [ 1433.947359][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1433.949625][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1433.954628][T27294] get_compat_msghdr+0x108/0x2c0 [ 1433.961035][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.966103][T27294] do_recvmmsg+0x1063/0x2120 [ 1433.971301][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1433.976199][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1433.981123][T27269] do_fast_syscall_32+0x34/0x70 [ 1433.985673][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1433.990251][T27269] do_SYSENTER_32+0x1b/0x20 [ 1433.994885][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1434.001286][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1434.007637][T27294] do_fast_syscall_32+0x34/0x70 [ 1434.009961][T27269] [ 1434.009972][T27269] Local variable msg_sys created at: [ 1434.014966][T27294] do_SYSENTER_32+0x1b/0x20 [ 1434.020152][T27269] do_recvmmsg+0xc1/0x2120 [ 1434.025134][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1434.030146][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1434.034956][T27294] [ 1434.034965][T27294] Local variable msg_sys created at: [ 1434.322526][T27294] do_recvmmsg+0xc1/0x2120 [ 1434.327121][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1434.701737][T27294] not chained 1430000 origins [ 1434.706462][T27294] CPU: 1 PID: 27294 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0 [ 1434.715268][T27294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1434.725348][T27294] Call Trace: [ 1434.728638][T27294] [ 1434.731586][T27294] dump_stack_lvl+0x1ff/0x28e [ 1434.736319][T27294] dump_stack+0x25/0x28 [ 1434.740518][T27294] kmsan_internal_chain_origin+0x7a/0x110 [ 1434.746296][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1434.752418][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1434.757588][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1434.763460][T27294] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1434.769065][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1434.774230][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1434.780098][T27294] ? should_fail+0x75/0x9c0 [ 1434.784653][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1434.789820][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1434.796117][T27294] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1434.802246][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1434.807413][T27294] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1434.813286][T27294] __msan_chain_origin+0xbf/0x140 [ 1434.818365][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1434.823547][T27294] get_compat_msghdr+0x108/0x2c0 [ 1434.828534][T27294] ? __sys_recvmmsg+0x51c/0x6f0 [ 1434.833423][T27294] do_recvmmsg+0x1063/0x2120 [ 1434.838065][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1434.843239][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1434.849536][T27294] ? kmsan_get_metadata+0xa4/0x120 [ 1434.854695][T27294] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1434.860997][T27294] ? fput+0x82/0x320 [ 1434.864942][T27294] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1434.871507][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1434.876235][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1434.882629][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1434.887705][T27294] do_fast_syscall_32+0x34/0x70 [ 1434.892607][T27294] do_SYSENTER_32+0x1b/0x20 [ 1434.897154][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1434.903534][T27294] RIP: 0023:0xf6ea0549 [ 1434.907623][T27294] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1434.927270][T27294] RSP: 002b:00000000f5a795fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1434.935722][T27294] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1434.943725][T27294] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1434.951723][T27294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1434.959720][T27294] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1434.967719][T27294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1434.975734][T27294] [ 1434.982553][T27294] Uninit was stored to memory at: [ 1434.988259][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1434.993423][T27294] get_compat_msghdr+0x108/0x2c0 [ 1434.998503][T27294] do_recvmmsg+0x1063/0x2120 [ 1435.003131][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1435.008000][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1435.014383][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1435.019598][T27294] do_fast_syscall_32+0x34/0x70 [ 1435.024492][T27294] do_SYSENTER_32+0x1b/0x20 [ 1435.029191][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1435.035569][T27294] [ 1435.038046][T27294] Uninit was stored to memory at: [ 1435.043138][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1435.048432][T27294] get_compat_msghdr+0x108/0x2c0 [ 1435.053416][T27294] do_recvmmsg+0x1063/0x2120 [ 1435.058178][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1435.062894][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1435.069429][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1435.074503][T27294] do_fast_syscall_32+0x34/0x70 [ 1435.079545][T27294] do_SYSENTER_32+0x1b/0x20 [ 1435.084090][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1435.090613][T27294] [ 1435.092944][T27294] Uninit was stored to memory at: [ 1435.098170][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1435.103328][T27294] get_compat_msghdr+0x108/0x2c0 [ 1435.108465][T27294] do_recvmmsg+0x1063/0x2120 [ 1435.113087][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1435.117944][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1435.124325][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1435.129476][T27294] do_fast_syscall_32+0x34/0x70 [ 1435.134368][T27294] do_SYSENTER_32+0x1b/0x20 [ 1435.138993][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1435.145373][T27294] [ 1435.147834][T27294] Uninit was stored to memory at: [ 1435.152920][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1435.158210][T27294] get_compat_msghdr+0x108/0x2c0 [ 1435.163187][T27294] do_recvmmsg+0x1063/0x2120 [ 1435.167945][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1435.172655][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1435.179181][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1435.184249][T27294] do_fast_syscall_32+0x34/0x70 [ 1435.189293][T27294] do_SYSENTER_32+0x1b/0x20 [ 1435.193838][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1435.200358][T27294] [ 1435.202688][T27294] Uninit was stored to memory at: [ 1435.207904][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1435.213062][T27294] get_compat_msghdr+0x108/0x2c0 [ 1435.218182][T27294] do_recvmmsg+0x1063/0x2120 [ 1435.222806][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1435.227659][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1435.234038][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1435.239250][T27294] do_fast_syscall_32+0x34/0x70 [ 1435.244140][T27294] do_SYSENTER_32+0x1b/0x20 [ 1435.248839][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1435.255216][T27294] [ 1435.257685][T27294] Uninit was stored to memory at: [ 1435.262771][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1435.268066][T27294] get_compat_msghdr+0x108/0x2c0 [ 1435.273047][T27294] do_recvmmsg+0x1063/0x2120 [ 1435.277796][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1435.282504][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1435.289032][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1435.294102][T27294] do_fast_syscall_32+0x34/0x70 [ 1435.299136][T27294] do_SYSENTER_32+0x1b/0x20 [ 1435.303685][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1435.310204][T27294] [ 1435.312537][T27294] Uninit was stored to memory at: [ 1435.317765][T27294] __get_compat_msghdr+0x6e1/0x9d0 [ 1435.322920][T27294] get_compat_msghdr+0x108/0x2c0 [ 1435.328020][T27294] do_recvmmsg+0x1063/0x2120 [ 1435.332646][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1435.337497][T27294] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1435.343876][T27294] __do_fast_syscall_32+0x96/0xf0 [ 1435.349095][T27294] do_fast_syscall_32+0x34/0x70 [ 1435.353992][T27294] do_SYSENTER_32+0x1b/0x20 [ 1435.358679][T27294] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1435.365053][T27294] [ 1435.367468][T27294] Local variable msg_sys created at: [ 1435.372759][T27294] do_recvmmsg+0xc1/0x2120 [ 1435.377285][T27294] __sys_recvmmsg+0x51c/0x6f0 [ 1435.699057][T27269] not chained 1440000 origins [ 1435.703774][T27269] CPU: 1 PID: 27269 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0 [ 1435.712571][T27269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1435.722649][T27269] Call Trace: [ 1435.725940][T27269] [ 1435.728887][T27269] dump_stack_lvl+0x1ff/0x28e [ 1435.733620][T27269] dump_stack+0x25/0x28 [ 1435.737818][T27269] kmsan_internal_chain_origin+0x7a/0x110 [ 1435.743601][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1435.748767][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1435.754637][T27269] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1435.760238][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1435.765401][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1435.771270][T27269] ? should_fail+0x75/0x9c0 [ 1435.775825][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1435.780988][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1435.787287][T27269] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1435.793411][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1435.798583][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1435.804446][T27269] __msan_chain_origin+0xbf/0x140 [ 1435.809532][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1435.814713][T27269] get_compat_msghdr+0x108/0x2c0 [ 1435.819705][T27269] ? __sys_recvmmsg+0x51c/0x6f0 [ 1435.824609][T27269] do_recvmmsg+0x1063/0x2120 [ 1435.829262][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1435.834441][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1435.840312][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1435.845478][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1435.851784][T27269] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1435.858349][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1435.863076][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1435.869468][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1435.874545][T27269] do_fast_syscall_32+0x34/0x70 [ 1435.879438][T27269] do_SYSENTER_32+0x1b/0x20 [ 1435.883986][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1435.890362][T27269] RIP: 0023:0xf6e9f549 [ 1435.894451][T27269] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1435.914098][T27269] RSP: 002b:00000000f5a995fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1435.922546][T27269] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1435.930547][T27269] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1435.938549][T27269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1435.946546][T27269] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1435.954546][T27269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1435.962561][T27269] [ 1435.969297][T27269] Uninit was stored to memory at: [ 1435.974400][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1435.980173][T27269] get_compat_msghdr+0x108/0x2c0 [ 1435.985158][T27269] do_recvmmsg+0x1063/0x2120 [ 1435.989870][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1435.994577][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1436.001046][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1436.006112][T27269] do_fast_syscall_32+0x34/0x70 [ 1436.011088][T27269] do_SYSENTER_32+0x1b/0x20 [ 1436.015631][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1436.022149][T27269] [ 1436.024478][T27269] Uninit was stored to memory at: [ 1436.029719][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1436.034876][T27269] get_compat_msghdr+0x108/0x2c0 [ 1436.040004][T27269] do_recvmmsg+0x1063/0x2120 [ 1436.044645][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1436.049495][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1436.055876][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1436.061089][T27269] do_fast_syscall_32+0x34/0x70 [ 1436.065988][T27269] do_SYSENTER_32+0x1b/0x20 [ 1436.070679][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1436.077183][T27269] [ 1436.079514][T27269] Uninit was stored to memory at: [ 1436.084596][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1436.089877][T27269] get_compat_msghdr+0x108/0x2c0 [ 1436.094863][T27269] do_recvmmsg+0x1063/0x2120 [ 1436.099618][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1436.104324][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1436.110853][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1436.115924][T27269] do_fast_syscall_32+0x34/0x70 [ 1436.120976][T27269] do_SYSENTER_32+0x1b/0x20 [ 1436.125518][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1436.132042][T27269] [ 1436.134375][T27269] Uninit was stored to memory at: [ 1436.139598][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1436.144752][T27269] get_compat_msghdr+0x108/0x2c0 [ 1436.149867][T27269] do_recvmmsg+0x1063/0x2120 [ 1436.154488][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1436.159332][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1436.165712][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1436.170918][T27269] do_fast_syscall_32+0x34/0x70 [ 1436.175816][T27269] do_SYSENTER_32+0x1b/0x20 [ 1436.180498][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1436.187009][T27269] [ 1436.189340][T27269] Uninit was stored to memory at: [ 1436.194421][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1436.199719][T27269] get_compat_msghdr+0x108/0x2c0 [ 1436.204701][T27269] do_recvmmsg+0x1063/0x2120 [ 1436.209463][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1436.214170][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1436.220692][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1436.225759][T27269] do_fast_syscall_32+0x34/0x70 [ 1436.230790][T27269] do_SYSENTER_32+0x1b/0x20 [ 1436.235336][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1436.241856][T27269] [ 1436.244189][T27269] Uninit was stored to memory at: [ 1436.249357][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1436.254508][T27269] get_compat_msghdr+0x108/0x2c0 [ 1436.259572][T27269] do_recvmmsg+0x1063/0x2120 [ 1436.264190][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1436.268982][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1436.275363][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1436.280512][T27269] do_fast_syscall_32+0x34/0x70 [ 1436.285406][T27269] do_SYSENTER_32+0x1b/0x20 [ 1436.290033][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1436.296405][T27269] [ 1436.298817][T27269] Uninit was stored to memory at: [ 1436.303902][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1436.309141][T27269] get_compat_msghdr+0x108/0x2c0 [ 1436.314124][T27269] do_recvmmsg+0x1063/0x2120 [ 1436.318825][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1436.323534][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1436.330000][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1436.335064][T27269] do_fast_syscall_32+0x34/0x70 [ 1436.340044][T27269] do_SYSENTER_32+0x1b/0x20 [ 1436.344591][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1436.351055][T27269] [ 1436.353391][T27269] Local variable msg_sys created at: [ 1436.358762][T27269] do_recvmmsg+0xc1/0x2120 [ 1436.363204][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1436.573805][ T1201] ieee802154 phy0 wpan0: encryption failed: -22 [ 1436.580486][ T1201] ieee802154 phy1 wpan1: encryption failed: -22 [ 1436.682274][T27269] not chained 1450000 origins [ 1436.687144][T27269] CPU: 0 PID: 27269 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0 [ 1436.695946][T27269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1436.706023][T27269] Call Trace: [ 1436.709324][T27269] [ 1436.712269][T27269] dump_stack_lvl+0x1ff/0x28e [ 1436.716998][T27269] dump_stack+0x25/0x28 [ 1436.721190][T27269] kmsan_internal_chain_origin+0x7a/0x110 [ 1436.726973][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1436.732138][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1436.738008][T27269] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1436.743611][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1436.748781][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1436.754656][T27269] ? should_fail+0x75/0x9c0 [ 1436.759211][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1436.764375][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1436.770676][T27269] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1436.776803][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1436.781968][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1436.787828][T27269] __msan_chain_origin+0xbf/0x140 [ 1436.792904][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1436.798082][T27269] get_compat_msghdr+0x108/0x2c0 [ 1436.803071][T27269] ? __sys_recvmmsg+0x51c/0x6f0 [ 1436.807959][T27269] do_recvmmsg+0x1063/0x2120 [ 1436.812600][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1436.817772][T27269] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1436.823632][T27269] ? kmsan_get_metadata+0xa4/0x120 [ 1436.828792][T27269] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1436.835094][T27269] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1436.841648][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1436.846375][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1436.852767][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1436.857843][T27269] do_fast_syscall_32+0x34/0x70 [ 1436.862732][T27269] do_SYSENTER_32+0x1b/0x20 [ 1436.867267][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1436.873640][T27269] RIP: 0023:0xf6e9f549 [ 1436.877729][T27269] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1436.893557][T27303] loop0: detected capacity change from 0 to 264192 [ 1436.897373][T27269] RSP: 002b:00000000f5a995fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1436.897423][T27269] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1436.897457][T27269] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1436.897493][T27269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1436.936266][T27269] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1436.944265][T27269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1436.952277][T27269] [ 1436.957317][T27269] Uninit was stored to memory at: [ 1436.962412][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1436.969421][T27269] get_compat_msghdr+0x108/0x2c0 [ 1436.974415][T27269] do_recvmmsg+0x1063/0x2120 [ 1436.979329][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1436.984042][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1436.990560][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1436.995645][T27269] do_fast_syscall_32+0x34/0x70 [ 1437.000656][T27269] do_SYSENTER_32+0x1b/0x20 [ 1437.005204][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1437.011690][T27269] [ 1437.014022][T27269] Uninit was stored to memory at: [ 1437.019199][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1437.024351][T27269] get_compat_msghdr+0x108/0x2c0 [ 1437.029437][T27269] do_recvmmsg+0x1063/0x2120 [ 1437.034069][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1437.038891][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1437.045273][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1437.050443][T27269] do_fast_syscall_32+0x34/0x70 [ 1437.055336][T27269] do_SYSENTER_32+0x1b/0x20 [ 1437.059964][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1437.066338][T27269] [ 1437.068777][T27269] Uninit was stored to memory at: [ 1437.073860][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1437.079121][T27269] get_compat_msghdr+0x108/0x2c0 [ 1437.084100][T27269] do_recvmmsg+0x1063/0x2120 [ 1437.088834][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1437.093545][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1437.100041][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1437.105107][T27269] do_fast_syscall_32+0x34/0x70 [ 1437.110099][T27269] do_SYSENTER_32+0x1b/0x20 [ 1437.114637][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1437.121121][T27269] [ 1437.123452][T27269] Uninit was stored to memory at: [ 1437.128629][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1437.133782][T27269] get_compat_msghdr+0x108/0x2c0 [ 1437.138868][T27269] do_recvmmsg+0x1063/0x2120 [ 1437.143492][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1437.148314][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1437.154692][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1437.159864][T27269] do_fast_syscall_32+0x34/0x70 [ 1437.164752][T27269] do_SYSENTER_32+0x1b/0x20 [ 1437.169400][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1437.175775][T27269] [ 1437.178220][T27269] Uninit was stored to memory at: [ 1437.183307][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1437.188578][T27269] get_compat_msghdr+0x108/0x2c0 [ 1437.193559][T27269] do_recvmmsg+0x1063/0x2120 [ 1437.198295][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1437.203004][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1437.209567][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1437.214634][T27269] do_fast_syscall_32+0x34/0x70 [ 1437.219639][T27269] do_SYSENTER_32+0x1b/0x20 [ 1437.224182][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1437.230669][T27269] [ 1437.232996][T27269] Uninit was stored to memory at: [ 1437.238171][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1437.243324][T27269] get_compat_msghdr+0x108/0x2c0 [ 1437.248411][T27269] do_recvmmsg+0x1063/0x2120 [ 1437.253053][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1437.257865][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1437.264247][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1437.269423][T27269] do_fast_syscall_32+0x34/0x70 [ 1437.274318][T27269] do_SYSENTER_32+0x1b/0x20 [ 1437.278969][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1437.285345][T27269] [ 1437.287781][T27269] Uninit was stored to memory at: [ 1437.292869][T27269] __get_compat_msghdr+0x6e1/0x9d0 [ 1437.298137][T27269] get_compat_msghdr+0x108/0x2c0 [ 1437.303118][T27269] do_recvmmsg+0x1063/0x2120 [ 1437.307851][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1437.312562][T27269] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1437.319051][T27269] __do_fast_syscall_32+0x96/0xf0 [ 1437.324123][T27269] do_fast_syscall_32+0x34/0x70 [ 1437.329122][T27269] do_SYSENTER_32+0x1b/0x20 [ 1437.333665][T27269] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1437.340149][T27269] [ 1437.342483][T27269] Local variable msg_sys created at: [ 1437.347854][T27269] do_recvmmsg+0xc1/0x2120 [ 1437.352300][T27269] __sys_recvmmsg+0x51c/0x6f0 [ 1437.685305][T27303] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1437.732657][T27303] EXT4-fs (loop0): get root inode failed [ 1437.738781][T27303] EXT4-fs (loop0): mount failed 12:56:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f0000", 0x16, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:51 executing program 2: syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x44e, 0x120c, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0) syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000500)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46d, 0xc29a, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0) 12:56:51 executing program 1: syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x8, 0x46d, 0xca04, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, &(0x7f0000000040)={0x0, 0x0, 0x16, 0x0}) 12:56:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:51 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x5, 0x7, 0x9, 0xea5, 0x0, 0x1}, 0x40) 12:56:51 executing program 5: syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, 0x0, 0x0) clone3(&(0x7f0000001c40)={0x2200000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001c00)=[0x0], 0x1}, 0x58) syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff) 12:56:52 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1438.258271][T21991] usb 3-1: new high-speed USB device number 18 using dummy_hcd 12:56:52 executing program 5: epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x8) [ 1438.507985][T21991] usb 3-1: Using ep0 maxpacket: 8 12:56:52 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1438.639273][T21991] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 12:56:52 executing program 5: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000480)={[{@rodir}]}) [ 1438.810526][T21991] usb 3-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.40 [ 1438.820008][T21991] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1438.828524][T21991] usb 3-1: Product: syz [ 1438.832810][T21991] usb 3-1: Manufacturer: syz [ 1438.837726][T21991] usb 3-1: SerialNumber: syz [ 1438.995681][T21991] usbhid 3-1:1.0: couldn't find an input interrupt endpoint 12:56:53 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1439.197517][T27316] UDC core: couldn't find an available UDC or it's busy: -16 [ 1439.205030][T27316] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 1439.289610][T27337] FAT-fs (loop5): bogus number of reserved sectors [ 1439.296259][T27337] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1439.308822][ T7925] usb 3-1: USB disconnect, device number 18 [ 1439.435812][T27337] FAT-fs (loop5): bogus number of reserved sectors [ 1439.442673][T27337] FAT-fs (loop5): Can't find a valid FAT filesystem 12:56:53 executing program 5: getpriority(0x2, 0x0) gettid() symlinkat(&(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00') lsetxattr$trusted_overlay_upper(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), &(0x7f0000000340)={0x0, 0xfb, 0x39, 0x0, 0x0, "3339ce307d3c4056932008c3dbed47ab", "9172994abe2373e29cc4378878eff33b1956a3314a464e6d6ae00fad8e7b210104cbeb04"}, 0x39, 0x0) [ 1440.087253][T22272] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 1440.327678][T22272] usb 3-1: Using ep0 maxpacket: 8 [ 1440.449106][T22272] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1440.584121][T27363] loop0: detected capacity change from 0 to 264192 [ 1440.619131][T22272] usb 3-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.40 [ 1440.628812][T22272] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1440.637230][T22272] usb 3-1: Product: syz [ 1440.641521][T22272] usb 3-1: Manufacturer: syz [ 1440.646245][T22272] usb 3-1: SerialNumber: syz [ 1440.726719][T22272] usbhid 3-1:1.0: couldn't find an input interrupt endpoint [ 1440.727536][T27363] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1440.897442][ T7925] usb 3-1: USB disconnect, device number 19 [ 1441.161034][T27363] EXT4-fs (loop0): get root inode failed [ 1441.168693][T27363] EXT4-fs (loop0): mount failed 12:56:55 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f0000", 0x16, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:55 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:55 executing program 5: mremap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil) 12:56:55 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000480), 0x1, 0x0) write$cgroup_freezer_state(r0, &(0x7f0000000980)='THAWED\x00', 0x7) 12:56:55 executing program 2: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) 12:56:55 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() perf_event_open(0x0, 0x0, 0x6, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_open_procfs(0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000600)=[{0x0}], 0x1, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = socket$kcm(0x29, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8914, &(0x7f0000000340)='wlan1\x00\x1b\x1a\xec\xd8n\xff\xc3\x87\xe2\xa3\x80\x8a\xb2\xd9\xa8L\x06\xb5\x12\x03F\xd9\x1f\xb9\xf2-\xda,C\xfdj\xe3\x8d\xe3\xd6\xe0|6l\xe9\xd9;\xea\x84\x13\xdf\xf7\xber\'\x8a\xd5W\xbb\xac%j\x9d\xeb\xba\xe6\xc4\xc4\xa9\xf5\xd5\xa1\xf5\\\x9b\xb2\a\xde\xbb\xc18\x84\xb5:f\xcb\xe8oOArYZ\xe1\xc9\x86\xfe') bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT(0xffffffffffffffff, 0x4004f506, 0x0) r1 = socket$kcm(0x29, 0x2, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000040)='wlan1\x00\x1b\x1a\xec\xb5\x12\x03F\xd9U\x1c\xc9%\x9b\xa0\xf5\xee\x16\x1f\xb9\xf2-\xda,C\xfdj\xe3\x8d\xe3\xd6\xe0|cL\xe9\xd9;%\xdf\xf7\xber\'\x8a\xd5\xd5\xe1\xf5\\\x9b\xb2\a\xde\xbb\xc18\x84\xb5\\f\xcb\xe8%OArYZ\xe1\xc9\x86\xfe\x88\x9d\xfa\xacJ\x1f\xebp\xf5\xfb\xaad\x1a\xa0\xb1\x9c\xac\xe8\xff^9P\xee\x8aG\xdd2') 12:56:55 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4010ae68, &(0x7f00000001c0)={0x0, 0x0, @ioapic}) 12:56:55 executing program 5: perf_event_open(&(0x7f0000002340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x5, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40}, 0x0, 0xf9d}, 0x0, 0x0, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000380)={0x5, 0x80, 0xb6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6ee4}, r0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="00424541303101", 0x7, 0x8000}, {&(0x7f0000010100)='\x00NSR02', 0x6, 0x8800}, {0x0, 0x0, 0x180c0}, {&(0x7f0000010600), 0x0, 0x18400}, {0x0, 0x0, 0x185a0}, {0x0, 0x0, 0x18800}, {0x0}, {&(0x7f0000011600), 0x0, 0x148000}, {&(0x7f0000011700), 0x0, 0x1480e0}], 0x0, &(0x7f0000000400)=ANY=[]) 12:56:55 executing program 4: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f00000005c0)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) 12:56:55 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1441.806296][T27392] device wlan1 entered promiscuous mode [ 1441.861108][T27390] device wlan1 left promiscuous mode 12:56:56 executing program 1: openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x480, 0x0) [ 1442.052033][T27400] loop5: detected capacity change from 0 to 5248 [ 1442.144879][T27404] input: syz1 as /devices/virtual/input/input30 [ 1442.275868][T27414] input: syz1 as /devices/virtual/input/input31 [ 1442.305682][T27400] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found [ 1442.315026][T27400] UDF-fs: Scanning with blocksize 512 failed 12:56:56 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1442.502311][T27400] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found [ 1442.510516][T27400] UDF-fs: Scanning with blocksize 1024 failed [ 1442.673073][T27400] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found [ 1442.681463][T27400] UDF-fs: Scanning with blocksize 2048 failed [ 1442.798125][T27400] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found [ 1442.815593][T27400] UDF-fs: Scanning with blocksize 4096 failed [ 1442.822164][T27400] UDF-fs: warning (device loop5): udf_fill_super: No partition found (1) [ 1443.255227][T27430] loop0: detected capacity change from 0 to 264192 [ 1443.301398][T27430] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1443.330365][T27430] EXT4-fs (loop0): get root inode failed [ 1443.336131][T27430] EXT4-fs (loop0): mount failed 12:56:57 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000", 0x1a, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:57 executing program 2: bpf$BPF_RAW_TRACEPOINT_OPEN(0x9, &(0x7f0000001780)={0x0}, 0x10) 12:56:57 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff}) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f00000001c0)) 12:56:57 executing program 1: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) lseek(r0, 0x0, 0x0) 12:56:57 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mlock(&(0x7f00007fd000/0x800000)=nil, 0x800000) 12:56:57 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:57 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_ADD(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x24}}, 0x0) 12:56:57 executing program 1: syz_mount_image$cramfs(&(0x7f0000006c00), &(0x7f0000006c40)='./file0\x00', 0x0, 0x0, 0x0, 0x1000040, &(0x7f0000007d80)) 12:56:58 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:58 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) 12:56:58 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, 0x0, &(0x7f0000000500)) 12:56:58 executing program 4: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_ENCAP(r0, 0x113, 0x1, &(0x7f0000000300), 0x4) [ 1445.088191][T27469] loop0: detected capacity change from 0 to 264192 [ 1445.159852][T27469] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1445.181757][T27469] EXT4-fs (loop0): get root inode failed [ 1445.188016][T27469] EXT4-fs (loop0): mount failed 12:56:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000", 0x1a, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:56:59 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), r1) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x1}, 0x14}}, 0x0) 12:56:59 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:56:59 executing program 2: r0 = socket$unix(0x1, 0x2, 0x0) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000080), &(0x7f0000000040)={'L-'}, 0x16, 0x0) 12:56:59 executing program 5: bpf$BPF_RAW_TRACEPOINT_OPEN(0x2, 0x0, 0x0) 12:56:59 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write$nbd(r0, 0x0, 0x0) 12:56:59 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r0, r0}, 0x0, 0x0, 0x0) 12:56:59 executing program 4: shmat(0x0, &(0x7f0000ffa000/0x2000)=nil, 0x0) 12:56:59 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) write$uinput_user_dev(r0, &(0x7f00000005c0)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) 12:56:59 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4010ae42, &(0x7f00000001c0)={0x0, 0x0, @ioapic}) 12:56:59 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1446.216300][T27495] input: syz1 as /devices/virtual/input/input32 12:57:00 executing program 4: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x311042, 0x0) [ 1446.302012][T27505] input: syz1 as /devices/virtual/input/input33 [ 1446.973081][T27518] loop0: detected capacity change from 0 to 264192 [ 1447.025442][T27518] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1447.048269][T27518] EXT4-fs (loop0): get root inode failed [ 1447.054024][T27518] EXT4-fs (loop0): mount failed 12:57:01 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000", 0x1a, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:01 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:01 executing program 2: mknod(&(0x7f0000003940)='./file0\x00', 0x0, 0x0) 12:57:01 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4010ae42, &(0x7f00000001c0)={0x0, 0x0, @ioapic}) 12:57:01 executing program 1: syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), 0xffffffffffffffff) 12:57:01 executing program 4: syz_open_dev$vcsn(&(0x7f0000000140), 0x0, 0x0) 12:57:01 executing program 2: pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) read$FUSE(r0, 0x0, 0x0) 12:57:01 executing program 4: syz_mount_image$nfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 12:57:01 executing program 1: syz_mount_image$udf(&(0x7f0000000780), &(0x7f00000007c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001c40), 0x0, &(0x7f0000001dc0)={[], [{@smackfstransmute={'smackfstransmute', 0x3d, 'dont_appraise'}}]}) 12:57:01 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4010ae42, &(0x7f00000001c0)={0x0, 0x0, @ioapic}) 12:57:01 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:01 executing program 4: openat$sysfs(0xffffffffffffff9c, &(0x7f0000002680)='/sys/kernel/rcu_normal', 0x0, 0x0) [ 1447.839836][T27545] UDF-fs: bad mount option "smackfstransmute=dont_appraise" or missing value [ 1447.917773][T27545] UDF-fs: bad mount option "smackfstransmute=dont_appraise" or missing value [ 1448.713666][T27568] loop0: detected capacity change from 0 to 264192 [ 1448.755362][T27568] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1448.777215][T27568] EXT4-fs (loop0): get root inode failed [ 1448.782966][T27568] EXT4-fs (loop0): mount failed 12:57:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f0000000000000400", 0x1c, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:03 executing program 2: syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) 12:57:03 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4010ae42, &(0x7f00000001c0)={0x0, 0x0, @ioapic}) 12:57:03 executing program 1: syz_mount_image$nfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x0, 0x0) 12:57:03 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:03 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x14}, 0x14}}, 0x0) 12:57:03 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_STOP_NAN(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000c40), r1) sendmsg$NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x1008008}, 0xc, &(0x7f0000000cc0)={0x0}}, 0x0) 12:57:03 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:03 executing program 4: syz_mount_image$udf(0x0, 0x0, 0x0, 0x0, &(0x7f00000036c0), 0x0, 0x0) 12:57:03 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=""/247, 0x26, 0xf7, 0x1}, 0x20) 12:57:03 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f00000000c0)=""/141) 12:57:04 executing program 5: keyctl$search(0xa, 0x0, &(0x7f0000000080)='id_legacy\x00', 0x0, 0xfffffffffffffffa) [ 1451.126581][T27627] loop0: detected capacity change from 0 to 264192 [ 1451.193611][T27627] EXT4-fs (loop0): corrupt root inode, run e2fsck [ 1451.202111][T27627] EXT4-fs (loop0): mount failed 12:57:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f0000000000000400", 0x1c, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:05 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r0, &(0x7f0000000c40)=[{{&(0x7f00000000c0)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x20004010) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0) syz_emit_ethernet(0x12, &(0x7f0000000000)={@empty, @dev, @val={@void}, {@mpls_uc}}, 0x0) 12:57:05 executing program 4: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001100)={[{@gid={'gid', 0x3d, 0xffffffffffffffff}}]}) 12:57:05 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000400), 0x0, 0x0) ioctl$EVIOCRMFF(r0, 0x40044581, 0x0) 12:57:05 executing program 5: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$clear(0x7, r0) [ 1451.587121][T27641] tmpfs: Bad value for 'gid' [ 1451.602445][T27641] tmpfs: Bad value for 'gid' 12:57:05 executing program 5: syz_mount_image$tmpfs(&(0x7f00000005c0), &(0x7f0000000600)='./file0\x00', 0x0, 0x1, &(0x7f0000000800)=[{&(0x7f0000000640)="7352382fbf602913", 0x8, 0xfffffffffffffff9}], 0x2, &(0x7f0000000840)={[{@nr_inodes={'nr_inodes', 0x3d, [0x0]}}], [{@fsuuid}]}) 12:57:05 executing program 4: openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/loop1', 0x240300, 0x0) 12:57:05 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffc}, 0x40) 12:57:05 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000000040)) 12:57:05 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1451.997624][T27647] loop5: detected capacity change from 0 to 264192 [ 1452.074061][T27647] tmpfs: Bad value for 'nr_inodes' [ 1452.202771][T27647] loop5: detected capacity change from 0 to 264192 12:57:06 executing program 1: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$link(0x8, r0, r0) [ 1452.261330][T27647] tmpfs: Bad value for 'nr_inodes' [ 1453.012179][T27669] loop0: detected capacity change from 0 to 264192 [ 1453.074592][T27669] EXT4-fs (loop0): corrupt root inode, run e2fsck [ 1453.081979][T27669] EXT4-fs (loop0): mount failed 12:57:07 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f0000000000000400", 0x1c, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:07 executing program 4: syz_open_dev$evdev(&(0x7f00000003c0), 0x5, 0x84182) 12:57:07 executing program 2: syz_open_dev$evdev(0x0, 0x0, 0x0) syz_open_dev$evdev(&(0x7f0000000140), 0x1000, 0x0) syz_usb_connect$uac1(0x0, 0xe0, &(0x7f00000005c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xce, 0x3, 0x1, 0xbc, 0x50, 0x57, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x2, 0x9}, [@output_terminal={0x9, 0x24, 0x3, 0x0, 0x185}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x14, 0x3, 0x4, 0x3, "9e", "b0cf"}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x4}, @format_type_i_discrete={0xf, 0x24, 0x2, 0x1, 0x0, 0x0, 0x78, 0x0, "3c56f1eaf78785"}, @format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0x7, 0x4, 0x3, 0x4}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, "18"}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x9, 0x1, 0x0, {0x7, 0x25, 0x1, 0x1, 0x1}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x0, 0x3, 0x2, 0x2, '7', "ef"}, @format_type_i_discrete={0xa, 0x24, 0x2, 0x1, 0xff, 0x0, 0x0, 0x40, "b912"}, @format_type_ii_discrete={0xd, 0x24, 0x2, 0x2, 0x0, 0x3aa, 0x80, "29100d62"}, @as_header={0x7, 0x24, 0x1, 0x0, 0x1f}, @format_type_i_discrete={0xa, 0x24, 0x2, 0x1, 0x6, 0x2, 0x5, 0x0, "41b0"}]}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x0, 0x80, 0x40, {0x7, 0x25, 0x1, 0x80}}}}}}}]}}, &(0x7f0000000980)={0x0, 0x0, 0x53, &(0x7f0000000740)={0x5, 0xf, 0x53, 0x4, [@generic={0x39, 0x10, 0x1, "23b99b8b56ca18d20f1403ad8bfab14d0376ffdc71609f14749e98e163dacbd32bae883eb021806172ea5daa7044f09b421dd2b34526"}, @ptm_cap={0x3}, @ext_cap={0x7}, @wireless={0xb, 0x10, 0x1, 0xc, 0x10, 0x4, 0x0, 0xffff}]}, 0x1, [{0xe3, &(0x7f0000000880)=@string={0xe3, 0x3, "c030d4a6e564b4dd11c792bf056baf1f39cb90cb6b9ae59cee1535286af2c2fef6d2d7a39df39f910dd1a705e824f95991c92c9bd56911c7dc2749dd01fcb1a9afb727db1688d36cc2e39525fe958ac715b49ae303164167db6c3007aa31318c46d1f21eb65f12df6e37e861330908de3b7c1950d44cc607637153125c0509d0335554b8cc2dd0120aee3104469e07d53701d96e5f4d7be8d3a40efa3ed1efc337712446ef867590207254c6ab127ec6dca7a6d301c981e4b31ed908b2488fe016225820d69b9d74bf11bfd1091e1a6f05789a97a7eca9bfe0cc03763a4126106e"}}]}) 12:57:07 executing program 5: fchownat(0xffffffffffffffff, 0x0, 0xee01, 0xee01, 0x400) 12:57:07 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:07 executing program 1: add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) request_key(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0xfffffffffffffffb) 12:57:07 executing program 1: futex(0x0, 0x1, 0x0, &(0x7f0000001b40)={0x0, 0x989680}, 0x0, 0x0) 12:57:07 executing program 4: openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0xc0500, 0x0) 12:57:07 executing program 5: recvmsg(0xffffffffffffffff, 0x0, 0xb7c1d521d77866bc) [ 1453.844841][T22272] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 1454.127922][T22272] usb 3-1: Using ep0 maxpacket: 16 12:57:08 executing program 1: openat$dir(0xffffffffffffff9c, 0x0, 0xe50400, 0x0) [ 1454.357464][T22272] usb 3-1: config 1 has an invalid descriptor of length 207, skipping remainder of the config [ 1454.368409][T22272] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 12:57:08 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1454.539734][T22272] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1454.549172][T22272] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1454.557567][T22272] usb 3-1: Product: syz [ 1454.561857][T22272] usb 3-1: Manufacturer: syz [ 1454.566584][T22272] usb 3-1: SerialNumber: syz 12:57:08 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)={[{@uid={'uid', 0x3d, 0xee00}}]}) [ 1455.124328][T22272] usb 3-1: 0:2 : does not exist [ 1455.211055][T22272] usb 3-1: USB disconnect, device number 20 [ 1455.498433][T27721] loop0: detected capacity change from 0 to 264192 [ 1455.573733][T27721] EXT4-fs (loop0): corrupt root inode, run e2fsck [ 1455.580794][T27721] EXT4-fs (loop0): mount failed 12:57:09 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:09 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000), 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, 0x0) preadv(r0, &(0x7f00000017c0), 0x332, 0x0, 0x0) [ 1455.917817][T22272] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 1456.158630][T22272] usb 3-1: Using ep0 maxpacket: 16 [ 1456.248563][T27737] loop0: detected capacity change from 0 to 264192 [ 1456.280600][T22272] usb 3-1: config 1 has an invalid descriptor of length 207, skipping remainder of the config [ 1456.291142][T22272] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1456.297747][T27737] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1456.332104][T27737] EXT4-fs (loop0): get root inode failed [ 1456.338064][T27737] EXT4-fs (loop0): mount failed [ 1456.459198][T22272] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1456.468668][T22272] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1456.476807][T22272] usb 3-1: Product: syz [ 1456.481546][T22272] usb 3-1: Manufacturer: syz [ 1456.486267][T22272] usb 3-1: SerialNumber: syz 12:57:10 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0xb, 0x0, 0x0, 0x10, 0x0, 0x41c2, 0x1080, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x111, 0xe666, 0x0, 0x0, 0x0, 0x1, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, r0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x14001, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = dup2(r0, 0xffffffffffffffff) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, 0x0) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x3) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8923, 0x0) sendmsg$NLBL_CIPSOV4_C_REMOVE(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x3, 0x80, 0x4, 0x2, 0x8, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000480), 0x4}, 0x0, 0x3, 0x6, 0x0, 0x2, 0x1f, 0x5, 0x0, 0x0, 0x0, 0x4}, r1, 0xf, 0xffffffffffffffff, 0x8) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000440), 0x0) fcntl$setlease(r4, 0x400, 0x0) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000000)={0x0, 0x6, 0x8}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r2, 0x50009417, &(0x7f0000000780)={{}, 0x0, 0x2, @unused, @devid}) ioctl$TCSETSF(r3, 0x5453, 0x0) syz_open_procfs(r1, &(0x7f0000000400)='timers\x00') 12:57:10 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@restrict={0x0, 0x0, 0x0, 0xb, 0x3}]}}, &(0x7f00000000c0)=""/247, 0x26, 0xf7, 0x1}, 0x20) 12:57:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=ANY=[]) faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x5) 12:57:10 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:10 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000), 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, 0x0) preadv(r0, &(0x7f00000017c0), 0x332, 0x0, 0x0) [ 1456.651123][T22272] usb 3-1: can't set config #1, error -71 [ 1456.688192][T22272] usb 3-1: USB disconnect, device number 21 12:57:11 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000), 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, 0x0) preadv(r0, &(0x7f00000017c0), 0x332, 0x0, 0x0) 12:57:11 executing program 5: r0 = memfd_create(&(0x7f00000003c0)='/dev/\"\x00\x00\x00\x00\x00\x00\x00\xe8\x00\xeb\xf5z\x98\x00\xc8\x8d\x93\a\x8a\x8bYd>\x7f\xbek\x7fN\x1e\xdf\xf89_\xad\x8fv\x80\xab!S\xe8\xe1\x05.!N<\x8e\xe2sN@J\xc0\xe7ZX\x8d\xddx\xc6\xb6P\x1d\xfd\x90\xd1l@.{\x1cB\xd5Feb\xd5\xb7V\x8dX\x10_p)\xba|7\xa4\xbb\xfb\xd62(\x92\\\xc3j\x870\xe5\x8c.\x955,`=\xdca\xda\x96)\xb8\x9f\x15\xb7\xfa\x0f\xfeA\x02Y%j\x04n\xe3\xa0\x03\xde\xd5\xfb\xb8\xdc\x18`\xd1S\x81\x88\xf9J~\x9d!\xbcw\xf6\xfb\xe3\xd1T\xd8\x9ft\x00\xd2\xaf\x00[\xbe\x89\n\x14\xa3\x83\x13i\xed\xe2\x92\xa8\x10\x80O\xaaw\xf7[\x7fY\xd4\xde\xd6\xea\x16#\xe4\x9e\x86j\x9c\xa3N\xde\xa3\x15DwY\x8e\xbf\x12\xdc\x19$5zf\x98V\x1aj\xd3\xc42\x06\xab\x98\xe3\x97FF\x1f\xce\xfe\xec\xb2-\xfe\xbd\xc6\xbb\xc6\x85\xd1\x84\x0eD\x7f\x12\xf7\x19\xd0N\xd1\xc4:\xb5\xae\x93\x8f\x8c\xe7H\x8d\xb2\x9c\xd1\x1f\xc6\xce\xb7\xb5(\x8dC$~\t0l\x91p\xba\xe8[\xb7U\a!\x11\x14M\x1f\xe0?X\v\x94\xd8\xfa\xcc\xfe\xe8\xbe\xe4\xc6\xc5(=\xafVD6BR\xfd\x97P\xd7nD\xcf\xba\xc4\x91t\x80\x83\x95\'\xd9\x01\x80\xcd\xb7w\xc1\x17m3\xa7\xeah\xd1\x91\xac\x0e\xfc\xd7{Sw\xac-\x81\xa5\x1e\\\x10\xe2\xde\xb9\xe9j9\xf9\xc6*-/\xa0\x8b\xb8T\x16\xccR\x96i\x05}=2.\xae\xb0\xec\xb3\xc2\xacu\x96/\xe8\xc8\x0eP#\x86\xf3nh\xe7\x9b\xeeI\x06\x9a\x81\xb0\xfam\xbd\xb0u', 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51c1, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000696c0)={0x7a213843, [], 0x0, "943e07ef462d74"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000057740)={{0x0, 0x349b0000000000, 0x2, 0x0, 0x0, 0x27f1, 0x1, 0x7fffffff, 0x28aa, 0xd2, 0x6, 0x0, 0x7c9, 0xb9a, 0xffff}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058740)={0x6, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0x7, "ee09e4c1a93aca"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000059940)={0x0, 0x0, "7a1d6efdfce87013b2b99bc1bca919f7a7d244e90050c00fb254a43d199c6da39c8f2c77261443fdd376a57994ba10f11cd9190d1dd04738955b60e2e95acc5e4ed6c8414dde56d9bc6462ea048f40f6b9c717df197dc6111e67c61bca556205c7f3eeff935c5596dd8d46f673990b9767f88300d83aece39a1942ad971e0b7d15d67462d996aeca0ae2cacc4ad4a62f4c03a57748d6df0da9a55fc3c4b455eade0a878f6e0a5f596a7b6c8c6ee67f9e2b17a043cda3ed4a20916379afab49dfb00cb4273952cdf794545643eef84b5d8161dc2c7a4f72f75bc4974b26da1260683e040ad3ec9e4583a7aad9ace6d6b460e39eba58136d3950259857617a440a", "c2e2046daf75c74ea6beaca3f11ff13fb86aed2782aca19722c122a6dab63cbbe3638d475135018b44e0ea71135cb8c3bd89af14f9f629c16c700a1a92430b33ddb63caceacb1192c22539d381a973907e27d4a8b7f1d7a5df305de88f221db885c3b4431223adccaf199e8b40ffd6eaefe8f11ec324d15dadb4766d6d41b34eda82ad21372d7055a4da5df087b7ac410d502090c542be82ca800eb1d071da27666a52a9ab035fc01dcc32a1d7a999d212f7f39c80881c55b37e90caa40482a5875d2a81815ba5d1a0d70f01fbb80ac8db0376ec7fb18636b0df3fc497f97e8056a13a9c5fc29d947da9b82bdef1159e2b87d42da7c76b15780a736b6e688d61d0a862f82ee38bf005237a270110b4bf9d333a50c3a2d5ddc8524581b5087e704dd7d98c294d5f55352c8e6b781d0ac59cda660021cea6efebae73b6750bd7291a86f9b63c1f66c0169faba1cd73d6a8bc67ff96529a27bcb00751264d9f17708c6798e75b718d996188495490626706b8d683c4f666c8ebe64c864127cf2b4e11042beef13ac94bf268c5678a475bc16baac9e5b6938d533efea6bb3f5e80ed8eeca6f94c29a4a9865ac1046a9888b941e43163c712ca7a8a732f3768ca9799656f4d897a0dcf12c84c8927319d88827dc1490e1b9b9d5268bee28d17d12c6ca272b140f6617c528184856e109a9ef6c82c8147460421605831ffa20ae878a40c36e72d972233f8835f8a12968609d02e7496ad18bf46059fb16d5ad80ec5dbf8ef0032e418f819cbc09da20317e5aaeb9c49d1e7ede4aa7b103eefd3b72214998879ac84c9797f9bd285281658aa91822ef4330762b7bd2291e4b546ac1f998ac1d4ae0b1ae8ce7b5cab43463eded0da7a8f1a94fc09b05a832f240bcc1d4a69461dd5f9f7f10dccd0bd9a9de093e9d7c11925e51afb35bcfd8358ab957a3877a856b4b1c826507878d12865b3eeff1463955eeb23cf84dae443502687510e7cf628438775df7a9428fe6f373fb58781568d11ad4b6a7dc73fb9f768e4eb62042be2813b8cf0412dc6af6a45c3133abdc2027683b5e446d28f3556dfeac205601ad62c4ba5c53f2d8ad2d64ca4bb8a9cffd267b6b477e77613292f17182b902e58f51808bd90e6dcafb26813e2d6a0df6edc7fe36a4fa8f90b85349c81983b4c2539a99384816154333b1ce0e8554e9c6db62073efdef18a0f3df390a4b97a3ae52622169252bde19db9e6c6fb6bbcccc5119850e1f8b120c0de614cc4af2ca7b306b868f3523edce8efa7421592b925d0463ea39fe6ddbc3f8733a67409ae6fd17755444bdb12d5679e51cc823d369f763ea94fd985d657c99e1fc77d237b66ad4bf0d079bd300d2339d3b28d8e0ae400ba1eaa5061c5c71b6a263f628ec78bad457f4b77975de58da6433ec3a6570cce119914c9df2e40d381efc8c5b1a12664bc4ea0275f6aa19393a0ef68a404ea927e9e3f162050b25cc23ba0e43e20fae9894c7486c63f33ff3a5acc9f9ba951786711b3a610f9a5be3dca3a404f791390afd3e15fbdd02d7f7996cf3a776068cd6d7faeb4e5d99253d64605588d6284839b4d42a7e862501422d37a9975e8eed1923fe25d98f26e4ef792f48bd664accdf8f5b049fbc372bd63e178316e9ac9f085eea54c9ecd4f1ad8c35f642a2c429e7dca081c1f82af41679e8c50068cdc64047eb8fc09fea4ba1ce4fdeb1bc8f7742549c437a80033030de45da64dfef5f6c7dfedda2917b43c4844a0d0d8f75002d6b4159c5d2d9685b60706d34c6588a4d22a9a46ad535a69e551d9b8fc1eff6383c2623b1957a612fbe7a2b7c4c505bcc2a8726fab394fe4e4ba28417621fa12d606141f91b478b1cbf97b556bc07787fa3798df038e7eedf7a33fb801a0d434f9a29da4e83dbf5529828d4d7a0c3b15073289c5a68f6063d658809140d87b3ff9b92573f41264652922eac0e3296156eb5202b98e5e767a4439eba529a441e4ea9bfd724374a121b70a74cb2bb6d2894ddb60fff2f5cef7f2ff62106dbac00299187327aef2018b36b8abb4b2c79af8bef0bae70ea992ec35f84246cb417103861a110ab9ea9b5da0e3df69a8e88e090c752bbce9c8c1126459a80dd2f4b2fbae2fd33f190500a3e48a5a338afdc897417954fc79196d1db85c7b1081bb36fffa1776765883baf8bab1d317ef9c953e0cd39ce71171214532c364c6332b7351ac93212fa0b95d88b89748b64b5b22b530805675e458cfe2d70b5c091cf76dbd0745ae2f3ce81b25303566e6100e6ee5cd0e6c7dd229114145f1483eefa170f864a75ae8304823f404c5c125962a6afade39cf45c3a66e26a1ca0728e1dd12eba35fd8c8f9c25eb1d511d8874e7b1ca8f59e420d6ce933deebf24ac4443f46825d2e3b1dd01f74488dc23ada71d5882e8248cd58004146d8d13b113916364b36460098a2495fbeb4c0af91b82eba1304436877a9fc283992ef946eb6cd55b587febcbf26805b8625f3dc8b17a89be537e9547c720d681fd86643ee855fcc9c45624996737f295bd5bb45ad829d5e203a7eb2138074fc3dd7ddb89defdfe710ba88d10b44e845742f2a8f69b1c428213b319a6d4a4754f5a5cd586820ad9c5df869461cb4a27bdd85eadedea86fa59c40e8a18c5c82975201770aee63041071f2a82f4985d5793c0d29e7a90c04f45d33a0d61706227f2d08af2c063847903d4000f25860f93c583a201c2072e958650d223b3fdb5777af555414cada2723af154b93422b4b2c3f5c61793fc5d080544eb5e6f4e2ad31834ba10e547bb2ed1581e7a7bbc26a64a66ffbbcfbf462788d368848b92701bfd903eeac55bb5c709efd9f40dbbb1e9e49f09d64609a6ca0df03625fbcb11c4f53792456edf8d2689e7f505d7b2a640ff3569112f8a04cfac55a361d30a41d111691cdfe8b78c30e62a6558fbdcc6a0f5addbabd2146d76ef01c30b38df40da957d889d39d3ba57624d06b04d9864f48f8d92f288cf21e75339e72bd4396ce109996e266ee5f64a6a496585e17e4df3d8f0cb34b21deff994e7ec545175bf7f7bf6ed08daedc3877460ac6c106b7bf7f08e59ff7e2529369466ec156673db9c91f2f457d263d6a57156c53d16a7cc4739de08bbbfadae896087c24b71015545d6e844ea9b72f664178b9f60fcf242ad12587106234eaa61de7f3bbb7ec7f69d98b483902e4dcd2756330966111b3e95f71ae14c633a3367918939be24d48a5517c35e3e728a5d9b3233c319e7d8dd09097e13b5f305ece5a9720c71db57c6baae7c491a24b0fd798300c5bcebf7903dcc6d6405fb7ba32d613a50fcd39b9f5a3a24a722874ef9b8df5efd9efda0d5093ce4ab514eb45d68aae0e25e776e7ef6f215f1d1eadebbfbabb96e70831c2c029e555db8fe88bbd84e022496bde8ce11c146dc4503a00c50f54d64fd089ffa06b26e9fe393e72055ab277a4340c4e0bb424d53e071890eef162afb4de0a0ab8964f090e242595e20698fe0ddf2dec13167414ea7a1effeb5a88b1ac6d3ce58e916a976bf7b6bc24c47518900d15f1a357d9d4b3179a7b7be35de7e51318e6bbc114ab655974ce353782866bd53d682a99b5c5c3dea15ac6e58f6326de0d9974e4adddae23acf9252e02d82325802bbe54db39f08fdbe24be4dc7fc882df20e1121ae2808d96ae8764ceb95415f6c139dddfb483951a142ad0d4b3e5eb8857573e943faed2c3e18f7a90584e96a0f65ca30df3a1a20dbdae7509fe6ba112dbf6e2c5b27215bffae68414f1b318ac4ed3d6bab3536608ac9a202b36b20638499c3bfacf2ae696126fb52c848addc597a9f744afbd9b75e4e92a2a1d7b7ebb5c97048e54fdcafa3606228fd46df774d81b522c3270fc838a3b869df05c25c40d29a323275f0b591d9839d84ef6c3c833dc4eff3b241ad4ee346ace3cda96c4d470ab3d79cc966a2ee5c1511f3e4d51d2b0dbf15a288b96df254ba4d657d55201dcc8794181beb989f0cf62b31a37f362f6e368fc876652133b9ee7f8e7f349aafce4dbec9b257a810033d79836b50149f96c5b53e5656a6923eb94641a66c8e021ab8cf37bb639518d4364709533332da8d4747727d7789c94b2b7c2f6cc237187f4854853d101dc184596d11c211e7e86dea75754be249692169070c07391b02a9aacfb120b213a82aec53b03ebc02ded3e856cf89ed5329f65a5067464ea152a7842f9c4a8e04c6f97385005f266aaccb863ac72abb6b9f1c1b877dc9eb9350200a707c15888410f1ca9e65c3bb1a52a3e10e7789a0c1e2dec10281f7fc3689f0337fe74638cd948e6e17370e7e5d08995817b81e426591f477005fd49580a68ffe4ff7e4e2178e5bd49b2b585c2651850dc64bca0bda4e379800e20571d82f3617bd4f33d2277d7b0b77705fde4ed02d6b88f0436a0f5645d1bbdac4f9cbd0a0d18c0ad5a34a0a0a571ff3a57cff379d6714fd21c1100361ca78b4ea2cca81156b2229bd4d09dca978adbe777f7e1c5622d76d82eb44cc0f5c45e53fc41ff91a0c128e5eb6cacfa61cfe585b634cb8e094e2f902d1f4b0b5661aa268c42176c827e343fbb7f65ad2fbdf49c155b47b9376ce39bd2668ec17996a4f218ce5c8d926ad6c131a69c3d06b26c8f89ec8d0bbdb4fb6eca0423613b525ced95854ee0240d3acd0eac7cd45a719b05e4166c60e3b2f599ea47760373045df22c437cd418ea7f467b1b2c7baf1cddfd7222735c953254fb02d85cff82aea6d77a92eb093b773c6f15bd55debcc876d1e98bf9d0f39ca0eec72c56e1a6ec910ecad155993f4f85256e6586b6b57d590afd214c98fb68404b443959eb457bc9d58d59abbbf318f20d8ba602d098cfc1c24105c38b7a523988ede70b3bb18f72ce3122f4c6a14fc99b52b0b480988dfb1455453a6cecf4a68e50548f978ec6ea4b4d9755771afdcae6ca7ead8f6fc7f6de59baebece0faa60bb757141764f1b4c0c086e23b3e80c0b59cae7ed4574ab2c51096543b34e9bf94e6c839b3ce7673df21391627b8b8c6068f0587d127765647adc2728d669005d9a2414be17960e500effa41e5a3dc779d7a36b70d3cc40a5058d70f3438c45c2bfc340ced3427f87bb7a72474039df4ad8444e879a9690ae2891fbc2a1922efd67c33eb42eee4e7f695522bfc08f111037aa1753dc31a5d78f39a5beb1bbbd0694bc885ce26bb7aa262088a4c7dfae68e6cbd1e1735f7314e97f271fb9857d492ca2f897c50a7f019dfc3f824064e4677ab64bfbcf329956fb31f24ca7f3154003c4714129b55394bb0134f4884aca100c2f0f535098e00411b40102ce86acfe6f8cab5c936fb1599aa02cc419e03957bdb5522aba240d92cb8a24c4569b458ef6ae96f7398b69eae060f27f4fc5dcfaa0092c29b82"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005a940)={0x8001, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {r2}, {}, {}, {0x0, r3}], 0x5, "e848f426db10de"}) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f0000000100)={0x0, 0x81, 0x1, 'queue1\x00'}) 12:57:11 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000100000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4) sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x104}}, 0x0) 12:57:12 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0xa}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6) ioctl$sock_bt_hci(r0, 0x800448d2, &(0x7f00000000c0)) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socket$nl_sock_diag(0x10, 0x3, 0x4) 12:57:12 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:13 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:13 executing program 1: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x800000000009031, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000012c0)='pagemap\x00') pread64(r0, &(0x7f0000e3e000)=""/8, 0xffd8, 0x103f00) 12:57:13 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000), 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, 0x0) preadv(r0, &(0x7f00000017c0), 0x332, 0x0, 0x0) 12:57:13 executing program 5: poll(&(0x7f00000000c0)=[{}], 0x20000000000000d9, 0x0) 12:57:13 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000004c0)='./file0\x00', 0x0, 0xfa00, 0x0) chdir(&(0x7f0000000040)='./file0\x00') renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141442, 0x0) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xfffffd28) ftruncate(r0, 0x0) lseek(r0, 0x0, 0x4) 12:57:13 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:13 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001380)=ANY=[@ANYBLOB="1c000000070605000000000000000000000000000500010006"], 0x1c}}, 0x0) 12:57:14 executing program 4: syz_emit_ethernet(0x26, &(0x7f0000000000)={@empty, @link_local, @val={@void}, {@arp={0x806, @generic={0x0, 0x0, 0x6, 0x0, 0x0, @empty, "", @link_local}}}}, 0x0) 12:57:14 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:15 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001380)=ANY=[@ANYBLOB="1c000000070605000000000000000000000000000500010006"], 0x1c}}, 0x0) 12:57:15 executing program 4: r0 = socket(0x2, 0xa, 0x0) recvmsg(r0, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x10002) 12:57:15 executing program 2: syz_emit_ethernet(0x4a, &(0x7f0000000100)={@link_local, @remote, @void, {@ipv4={0x800, @tipc={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}, @name_distributor={{0x28, 0x0, 0x0, 0x0, 0x0, 0xa}}}}}}, 0x0) [ 1462.637647][T27821] loop0: detected capacity change from 0 to 264192 [ 1462.679118][T27821] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1463.321499][T27821] EXT4-fs (loop0): get root inode failed [ 1463.327590][T27821] EXT4-fs (loop0): mount failed 12:57:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:17 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001380)=ANY=[@ANYBLOB="1c000000070605000000000000000000000000000500010006"], 0x1c}}, 0x0) 12:57:17 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) connect(r0, &(0x7f0000000440)=@isdn, 0x9) 12:57:17 executing program 2: syz_emit_ethernet(0x7a, &(0x7f0000000080)={@local, @remote, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "3648bb", 0x44, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @loopback}}}}}, 0x0) 12:57:17 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:17 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0) read$FUSE(r0, 0x0, 0x0) 12:57:18 executing program 4: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) io_setup(0x2, &(0x7f00000002c0)=0x0) io_getevents(r2, 0x1, 0x1, &(0x7f0000000200)=[{}], 0x0) write$P9_RXATTRCREATE(r1, &(0x7f00000006c0)={0x7}, 0x7) io_submit(r2, 0x1, &(0x7f00000008c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}]) 12:57:18 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001380)=ANY=[@ANYBLOB="1c000000070605000000000000000000000000000500010006"], 0x1c}}, 0x0) 12:57:18 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSTAT(r0, &(0x7f0000000400)={0x45, 0x7d, 0x0, {0x0, 0x3e, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x5, '}^@^,', 0x1, ':', 0x4, 'Z:,(', 0x1, '\x00'}}, 0x45) write$P9_RREADDIR(r0, 0x0, 0xc5) 12:57:18 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x958543415307af2b}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_to_bridge\x00'}]}, 0x34}}, 0x0) 12:57:19 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:19 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) connect(r0, &(0x7f00000006c0)=@nl=@proc, 0x80) [ 1465.381086][ T26] bridge0: port 1(bridge_slave_0) entered disabled state [ 1466.415002][T27863] loop0: detected capacity change from 0 to 264192 [ 1466.483688][T27863] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1466.505829][T27863] EXT4-fs (loop0): get root inode failed [ 1466.512556][T27863] EXT4-fs (loop0): mount failed 12:57:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:20 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvmmsg(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 12:57:20 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x958543415307af2b}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_to_bridge\x00'}]}, 0x34}}, 0x0) 12:57:20 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x26, 0x0, &(0x7f00000016c0)) 12:57:20 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000780)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1b}, {}, 0x0, 0x6e6bba}, {{@in=@loopback}, 0x0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, 0x8000}}, 0xe8) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x67) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000001840)=""/4096, 0xfe4d}], 0x1}}], 0x270, 0x0, 0x0) sendto$inet(r0, &(0x7f00000006c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ef922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecfa0b1a7511bf746bec66ba76b699d3a483904811c5709efa01fa13e4ddc813f76684d3d1529fea5d78b38267db0082270f62b41b50981b0313b668585ad32e8977c5f7c2dc112136b8f7392223205ad86f4a9de1cddbd119f26acc2f", 0xffffffcd, 0x11, 0x0, 0x170) 12:57:20 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:21 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x958543415307af2b}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_to_bridge\x00'}]}, 0x34}}, 0x0) 12:57:21 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x2, 0x0, &(0x7f00000016c0)) 12:57:21 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)={0x14}, 0x14}}, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000200)={0x14}, 0x14}}, 0x0) 12:57:22 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:22 executing program 1: r0 = socket(0x23, 0x5, 0x0) ioctl$SIOCX25GSUBSCRIP(r0, 0x89e0, &(0x7f0000000040)) 12:57:22 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x958543415307af2b}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_to_bridge\x00'}]}, 0x34}}, 0x0) [ 1469.616579][T27903] loop0: detected capacity change from 0 to 264192 [ 1469.655808][T27903] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1469.666321][T27903] EXT4-fs (loop0): group descriptors corrupted! 12:57:23 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:23 executing program 5: socketpair(0x2, 0xa, 0x300, &(0x7f00000000c0)) 12:57:23 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x10, 0x0, &(0x7f00000016c0)) 12:57:23 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x7, 0x1, 0x3}, 0x14}}, 0x0) 12:57:23 executing program 2: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000140)) r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_dccp_int(r0, 0x21, 0x0, 0x0, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0)) ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f00000007c0)={{}, "52c1026569599fe9993daa3840f16dbeed17986a9d7f8fb63dd9bcd201f4a7313af642e660469dedeb381701dc96025c779daa65b44ff4d4e4e62140e986cddee713d7b8884ab458934e1b5487e42b99706c85e40307fd1e6b49a0331dd1879f75ed1ec682f4f51fa9e23cef87bf931e89a59e5c5fd11a489790dff9bc3d83042d73ff656639449a80d834174138ae2e34156177b5037e890f2d740fe58f67e7c436dd2796d60a72597102fb394fc7f7be81b947e0a33e3d73081dfe57ad011d4667372dd52510168ddb1f63af774534719ba8b72036d540b90b0ecf99ad63cd9b2f2aae184105822ff1a5b58da9578d0fc65b89dfa10e29bef0cb7cfc09adf25cfa8c3408c404c68354a535dab5dd7e0232f9be800e75eaefd8ac91fa479d24e6ade626bb9fde961184619f215e89aa085d07286a9d5e93ca7a74e2202d1dc0504c52a212b91ac9f2a045a1c0bbff81a91ce07ec4df20813afb923c6307932e088dcfddba9db969cfef567d128832de59c2d514879b6162328e4c53ff04ef152ed178c0f96e8ef03a360d2aa02451560a9985d5eb3a85770a52d45b77196e4a3e2d7c75632de3af1bec061f6f931260a8a585e362b51aaf2565f7dd731c12fe5a0675515397c296ed47a5e661cb34cf238f1f9e760c893cc8cab807e9af317666e38b2c594353475f3958a54da05153cfd464fd8044956c6542e56f0f10b353334cd981066422e10e71fda3371725622a818bbe5c6e7a4a1eb81ebddc338d337477ea3d3c837a2ef897b37d0ec6c97d8dd2ccf9fa9d0dfb9e8457d5dbe5c4ee3c65c05c922120ae380d1b9ae195d5763854e3cac54538222f9105f2558fec5142ac8149d863c9babee433d32dd0c58045a1f86c5c4953f7438bc15771baba6cd49ba8365a25894d9b498f28ea026167b3d9362c10ed4272d75b76f6b16e02386ae1520d1fa09319c626a75b3fa2b2dfb6c4127f7c614c4ff9bb1f24f0f632874ec76b08d757d4c49262547f9d063b9ca3f963d4226edf5a26cd416224e5cf614323f486d7bba60a15fce1f94097de658cc85a4130d7cc6375d4483d35b487158aadfcfbd48ab7efdd673d1ebfd60872d4ed94b92544a295e92b70545038356cca61af60e36c8508263d1bcd342168ffcf1c2e0a7411c4343a06664d2a729464acb781e53b001f3cec443ae47f3273d4b597efa0fda14bde9f038917a48e873170c588eb8fca0cbb76d4c6dfa8330eee843b6b02584d4db8926b762d1acbf5ac2e2cc8b40c3bdf647ca52be3b6fb65c3cadbc313d3b9b853c70f2cb05608c3b1b3057c49e62bb735121cfc37b2b0efab544b5f16ed3f21ce1458620a62d3d0bb6c85a1cc1d36ca1b3e4f3931ac22d58c4923dbf3a338ba0752deb654838d1c6a6d1cb95c43b15e199034f7e186763bdafac8f8e0c15d33b15ce9585812aee11c93083dbe6e1487e84f7cf3b7d0471530ba0f905eb0ef39dd55d545b03bd2d46378493fe750e7db8fdd8f12d120840859fbe9ff266c6da94ed3de45047d6598cfe25b48874ec859246d92acb4ed7bc5633810b5012ad16c847fd2b449f53385a6218e19f504208259509ca6c02fc9f1b1b3fc84e55909142b749591a213366682656e79a786d27c465046e884f4e348827ffb26c25119377ee9d37a06c97aeaa1288a385635f467f060e3aa0d462b7efb0697d0428f1e4de6c6170f51c79e023258d6953779b6f9e0b3472b90db2853165d65f2fe15712e0da700a7abec678faa28f25936182d865550e207a057e4f5cf44a448ca4a85233674072aa85088aea6bb4cd618805476f9d8044497fbc58d97e0a588ba1fbb6380a46fa0e4ae03cf63f7261867b685b3cc40aa54e3b7776e785cdb1e61552f42015c1ef237b7efe64c7cf06fd7e21377be4ab4d7869b5bcb24983d9c795f1a2bcff8b6d0e26975914f11340c8a8be2c049ecbcf1731ffea55993b5473e3aa6b66c85c0f0f7f96435bb13625c6751df123a698f62c6c37c35369e9478edb94b07b74cb79312f78948f43a00e061c2715623c224b8fa383c4e9f38182a35f780d306f4eafa4e9ccd5deec18e825f0c9cdac3bb8df7b885d58d866ec3d9ed85c76f8c4b2975465bd0d582422519fe3af5d6aab2d2e35da6512a5986ec062defd0804d657d925da81a96a9d5c0ee2ef501bb3553713edd593f3403f21b62c358a1238a513a0fa76bcc81fa1d8272a5f0e9d6a1d0dda14d07848f1987d219bca0708c05aaf7fed870d3e1dc9416376113b449d235540078adf3c9e01575d0303415c5d4a7a20dea357c785e2dd5fb0b8de6037b4cec6ea1297fa54b5fa193bc79c5bf151f326d2d46f4611da3d29c9726153693fb9792107c01bd31a51389c9d5fa2de519af94e02c5c4b1791e71bc6b61370744af96b808ebdec8105f0010a322ef5d5f6766eae2dbee26f2e520e2f567ada23a29baa2a188d7f10ea4573dc6921c74e584d300aeeec57f3f4e76b60c0020ebfd234ae692aa352547d68e86b187174bf7e2dd9acd790f253e4be423b2156c1e1300f8bd88927169c40a5027d4d42e8824d63c3057c5c718dda8753dc7a5282d6d27dcaead0bee2de60108188161ff77da177898db5962eb70ce10832e926c6dde7b19855bd66a32581dce082e736ebbdd960fd50015c99852ceb8e5085aa0e9dd8ec3a08afc2145904b58f1ac6f066a7eaedd01ca4f9e29c72780949422d9100c0731524a4b46cbef9c234f2c7681792b2edcf4900624d3a2114ea6bdd4cb8789af1352f3cf780e4542e607ae1e1e2682a1adbd5f51f0dfeb6117b8decf378e291e7e98dacd2187625759048d50ce65fe39393a38e4e48937347adc5bb7b5c31ddbb13f4862422f6876dd524acc7b95a776547a5f272988d545dcaaadc6e9536e4372712e826302b6b0ff43abcf45db6cb2b5e27a6e615d72bc2050f192705a310451b48db0ae2df50b474d9a4e9deceff47c426baa5412504790ebb7decc9aa5085d42fdedfefb4a3130ef70269742b5b7a0f416f540f79e56f0bd583a36c3e2f183e5790365f8ba08fafe6f2a83560d7e794a5d431bd32dc765b80049d9236858c3bd7a134136a6e8c34aabacf323cf7be4c86f8859100d5312347a6103a4de7b2667c3cca4262b0f1451e80a220601ba8db6aacb456adb9503aee61e45d2f5598bb05549a6b6d9f49cef553ac099814ff152f820ef0bc49c10db65e0ba0e2f675a40fa54c7feda6fc1182bfe96175e1719b3f50d23cb4dda3348b371c3c0354e3e6d563dff49d7e5568fdd9d2438bac52e554d0cb965e7d793e4ab496180052755576b426f7001d9f9e6e30e1755df1404f0a3432fdd7c7bc1435dcb2a9b002aeb1eeca0df9be8eece4262df1ac47d82a31abc0d133d473e64e304ec44aa43be653996886f04f1fe8ed59186c25baa1f21ebab301c33a13f46b2938747f07dea2d16464b7101d425dfe729ffc1b34ad0e1af06dd0ec204c77be1ed180ac1aee8f1409ec9bab13ddb6b30b7e91ce14aee40367d8d5506f4e3e42cbc98e40f84d55b08b2dc10e5a63496a01dfc88c471c25b55fff3736dde5a9931022e4acc90c2a23b9e4eecce97e7eb4d51e759e52d0c5bfa571f286a0029067eecf7861fc6617a1d837d1b691e33e1e156d1a85671e2fb8dbf470ddaaaef9e355f152b4d57396e09227e942bbd40dc213579bf5fc94e519e3c4fdb96a48ca645aea8c1353180534d62f572985449de0c1fc950d20164953a461629b4d1c5997c194c228907e003c1ad2f1fc9fe367210a25ac7b16d09a0dfa807e5d1c1224f707801d1035ffbd3af9c495e114ee87cd101316437f4ea2c88c09a5dc149751197c5f69a76bb9823ef9d05d8490335b6fc18845ac0795fdd0845dfb159083e98c36aeebd0fd2dec3c939e3861f0fefd243474ffef18e0e1fb85bcebf3ead0bfca6f9e72fe12d457fc579412a2a5691a534ddf5521a48858b01b3f76eea21aa2c65be559c385053642fb70b455369248afe891efd97ca441814d8c8d7f70e11e2c7ffaca49da00d9350d765fdd7df47cee3602fbeac9d488c662a017a58b7de2c4211ef77eec7239f4be2f44ea5f67594d24434b01f4c4b44585a86b0c0629792818dd39996103fc1fb68355ff19a385567193d84ed5e364550de6694f791921b2d6a13daccd8c2510c220777e7abbb09327e9f57a01764ec86f2cc26da9d003bca9c2bcc7462d0090929a03646b017c77466e0cb07f96eb2efeca0331f876828bbe85d3eae7ede896390a4e4b34797042a4a3d4a572f04ca6ef95617274e46a265da9f406cdbab245603ccd093547cf316a6cb9a6ac21ee476a278032ee1d273824ce8c6f0f349d629db7ea89cc58ceae44ecb46e716a089e1bd1c024a375d4137977d1e826d254cdaf0f9be7e2ba4c1f0c47871266ffb6393445ad3dc226878d101bafc4f6f3f742ab506d01240a31b7e396bc4a4eb131de66b1b6e4edf0cf481c9da448680b668c7c565ffdef44478e963263a0b891bcd8132761ffad1287da48c447adc26cc3f67cf728242487db340a71963941b2a509d5bfdae1c6451f0a7db3fc489306ab25f7c65547b246b1c4b93fd0ddde8f81a4f2f5355080c4993d0c09969d2f7fd20600f0c7a2145f988cb06a01e9ba82fbe217b7686a5d597078c2c1b30aa42f2a456b85767661fcb27a3a74ec73556f833f4f0619e2a087614b91d31325602f5fe818c8ac1066498ce8c0697a93050d0521c098cd7b0db5e4045c2fbdb29c5da69b3c5332b122a19a09887866eac907ceda8a9b0285b8a284bcbe7e4699e6bdfc0dcd47e753a6dc7ad56c663c534d4fa41382223f0f1cc7d08c9d3d5a424f85f42c4e1b07ed77359fb7da0c7620ecaa8db4190ad5d0df0d71c789607c3da091c7c94f7304dff32a00bddd43ae11824b332697949db4a2074cfc5301f082ab7aa6643919aa3a492093444dc9b5f10d474b31ce63d25c702b6fc9a2f2d931e0dbae382847f44ef4061b0bd1e5586b8093d4e0ec694040bb36126e2eee17ce75e092be038e35e2260eec9761b83cb481f3f799722df21f4665b95b3df63c32a0550016d9526b85e41dfea7ba9d8492bb4c5d5eb21bf9a487e8d54a6e93546281eda43e2c0fe302f47ef889a831d52fa2e80495319ec6a7958dc8f7b27c7e34a47b4d2e1757a438cc88d4ef287825f3bad50567344e7ad570ce159ea3f8d64b88eab141cb6cac0c68ea75157951abcbac58240ffe0f3fab624b49182fabf49cf341773dc3b4f1b88a2b2d7e0f1073e23d56cbfb0efcb0c7067bb711d88c08a5057a8edf770495c1bed3be2f93104c3e34dd590d16f0fe982a1869afe1f2111dfd73d4c7872d60c2a1b8ba05fc069391c39cb4c25f8a46a2607be064cf19931ad8448a51d7158e64c8976a1ce0c42858801bea687ede70fc284618694b5e00cfbb2c18ef60c875a565f82a729a0dd31ac222faf20b0ea3eb497d5a0bb1503ab4128e525d4e79be0e041f7585b46f7c0ee47dd0bbf6947a415b64f6ba4a5b3b795fcd2e6f1ba71528a34708026b9eefd4a328bb9c35303945bf2dd465c23b9d85221abd1d2fe15ee01ffcb7d5081e8cdb588e0c71da98e8b9c14defd2453704482953f4616330c0614cfd55d1919696bea4c11b01d9c639aa5a0fe8ebfc55aa5aa03a649942f54f57a48050237715e055f5a98d1001b614b1898f605c6dee529bc32909a8281edd75cdcacf43bb5713fdc78b27edd15dfd3fd013804366784334228a66033563693acc6139bda77e2a1565"}) pipe(&(0x7f0000000340)) ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, &(0x7f0000000100)=0xffffffffffffff00) epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff) r2 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80000) getsockopt$sock_timeval(r2, 0x1, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 12:57:23 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:24 executing program 5: r0 = socket(0x23, 0x5, 0x0) sendmsg$BATADV_CMD_TP_METER_CANCEL(r0, &(0x7f0000002000)={0x0, 0x0, &(0x7f0000001fc0)={0x0, 0xf0ff7f}}, 0x0) 12:57:24 executing program 4: r0 = socket(0x25, 0x5, 0x0) sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14}, 0x14}}, 0x0) 12:57:24 executing program 1: r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000680)='westwood\x00', 0x9) 12:57:24 executing program 2: pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f00000020c0), &(0x7f0000002140)={&(0x7f0000002100), 0x8}) 12:57:25 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:25 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x9, 0x5, 0x400, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x40) [ 1472.579512][T27949] loop0: detected capacity change from 0 to 264192 [ 1472.818788][T27949] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1472.829275][T27949] EXT4-fs (loop0): group descriptors corrupted! 12:57:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:27 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockopt$sock_cred(r0, 0x4, 0x11, 0x0, 0x0) 12:57:27 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x9, 0x5, 0x400, 0x2}, 0x40) 12:57:27 executing program 2: r0 = socket(0x23, 0x5, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000440)={'ip_vti0\x00', &(0x7f0000000340)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}}}) 12:57:27 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x2d, 0x0, &(0x7f00000016c0)) 12:57:27 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:27 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$inet6(r0, &(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001980)=ANY=[@ANYBLOB="2000000000000000290000000400000000000000000000000101d9000100000024000000000000002900000032000000fe8000000000000000000000000000bb", @ANYRES32=0x0, @ANYBLOB="00000000140000000000000029000000340000000200000000000000a00000000000000029000000360000003b100000000000000730000000020a4002000700000000000000fd94000000000000080000000000000006000000000000007f0000000000000004011fc910fc0100000000000000000000000000000738000000010c0017d50600000000000000010000800000000007000000000000000300000000000000090000000000000001000000000000000401000000000024"], 0x128}, 0x0) 12:57:27 executing program 5: socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$inet6(r0, &(0x7f0000001ac0)={&(0x7f0000000040)={0xa, 0x4e23, 0x65, @ipv4={'\x00', '\xff\xff', @loopback}, 0x1}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000080)="9d893aff802029fd93b9a743a830653ed1511547902b57c8a914062a6fc4eae17a5f278ebc962073005fb36225d19252684f5b99676bb56d56aaecc59218783dbb5765322ff215c77528da01cb01bd860cff2d7ca457820662d35a7e75d4ac3cd7", 0x61}, {&(0x7f0000000180)="c5c9987505e3ca8c97106ed9e5f170d86b8350b320c7a591bc0cc650b74773", 0x1f}], 0x2, &(0x7f0000001980)=ANY=[@ANYBLOB="2000000000000000290000000400000000000000000000000101d9000100000024000000000000002900000032000000fe8000000000000000000000000000bb", @ANYRES32=0x0, @ANYBLOB="00000000140000000000000029000000340000000200000000000000a00000000000000029000000360000003b100000000000000730000000020a4002000700000000000000fd94000000000000080000000000000006000000000000007f0000000000000004011fc910fc0100000000000000000000000000000738000000010c0017d50600000000000000010000800000000007000000000000000300000000000000090000000000000001000000000000000401000000000024000000", @ANYBLOB='\x00\x00\x00\x00'], 0x128}, 0x0) 12:57:27 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x3}}]}}, &(0x7f0000000080)=""/160, 0x32, 0xa0, 0x1}, 0x20) 12:57:27 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$BTRFS_IOC_SNAP_CREATE(0xffffffffffffffff, 0x50009401, &(0x7f00000007c0)={{}, "52c1026569599fe9993daa3840f16dbeed17986a9d7f8fb63dd9bcd201f4a7313af642e660469dedeb381701dc96025c779daa65b44ff4d4e4e62140e986cddee713d7b8884ab458934e1b5487e42b99706c85e40307fd1e6b49a0331dd1879f75ed1ec682f4f51fa9e23cef87bf931e89a59e5c5fd11a489790dff9bc3d83042d73ff656639449a80d834174138ae2e34156177b5037e890f2d740fe58f67e7c436dd2796d60a72597102fb394fc7f7be81b947e0a33e3d73081dfe57ad011d4667372dd52510168ddb1f63af774534719ba8b72036d540b90b0ecf99ad63cd9b2f2aae184105822ff1a5b58da9578d0fc65b89dfa10e29bef0cb7cfc09adf25cfa8c3408c404c68354a535dab5dd7e0232f9be800e75eaefd8ac91fa479d24e6ade626bb9fde961184619f215e89aa085d07286a9d5e93ca7a74e2202d1dc0504c52a212b91ac9f2a045a1c0bbff81a91ce07ec4df20813afb923c6307932e088dcfddba9db969cfef567d128832de59c2d514879b6162328e4c53ff04ef152ed178c0f96e8ef03a360d2aa02451560a9985d5eb3a85770a52d45b77196e4a3e2d7c75632de3af1bec061f6f931260a8a585e362b51aaf2565f7dd731c12fe5a0675515397c296ed47a5e661cb34cf238f1f9e760c893cc8cab807e9af317666e38b2c594353475f3958a54da05153cfd464fd8044956c6542e56f0f10b353334cd981066422e10e71fda3371725622a818bbe5c6e7a4a1eb81ebddc338d337477ea3d3c837a2ef897b37d0ec6c97d8dd2ccf9fa9d0dfb9e8457d5dbe5c4ee3c65c05c922120ae380d1b9ae195d5763854e3cac54538222f9105f2558fec5142ac8149d863c9babee433d32dd0c58045a1f86c5c4953f7438bc15771baba6cd49ba8365a25894d9b498f28ea026167b3d9362c10ed4272d75b76f6b16e02386ae1520d1fa09319c626a75b3fa2b2dfb6c4127f7c614c4ff9bb1f24f0f632874ec76b08d757d4c49262547f9d063b9ca3f963d4226edf5a26cd416224e5cf614323f486d7bba60a15fce1f94097de658cc85a4130d7cc6375d4483d35b487158aadfcfbd48ab7efdd673d1ebfd60872d4ed94b92544a295e92b70545038356cca61af60e36c8508263d1bcd342168ffcf1c2e0a7411c4343a06664d2a729464acb781e53b001f3cec443ae47f3273d4b597efa0fda14bde9f038917a48e873170c588eb8fca0cbb76d4c6dfa8330eee843b6b02584d4db8926b762d1acbf5ac2e2cc8b40c3bdf647ca52be3b6fb65c3cadbc313d3b9b853c70f2cb05608c3b1b3057c49e62bb735121cfc37b2b0efab544b5f16ed3f21ce1458620a62d3d0bb6c85a1cc1d36ca1b3e4f3931ac22d58c4923dbf3a338ba0752deb654838d1c6a6d1cb95c43b15e199034f7e186763bdafac8f8e0c15d33b15ce9585812aee11c93083dbe6e1487e84f7cf3b7d0471530ba0f905eb0ef39dd55d545b03bd2d46378493fe750e7db8fdd8f12d120840859fbe9ff266c6da94ed3de45047d6598cfe25b48874ec859246d92acb4ed7bc5633810b5012ad16c847fd2b449f53385a6218e19f504208259509ca6c02fc9f1b1b3fc84e55909142b749591a213366682656e79a786d27c465046e884f4e348827ffb26c25119377ee9d37a06c97aeaa1288a385635f467f060e3aa0d462b7efb0697d0428f1e4de6c6170f51c79e023258d6953779b6f9e0b3472b90db2853165d65f2fe15712e0da700a7abec678faa28f25936182d865550e207a057e4f5cf44a448ca4a85233674072aa85088aea6bb4cd618805476f9d8044497fbc58d97e0a588ba1fbb6380a46fa0e4ae03cf63f7261867b685b3cc40aa54e3b7776e785cdb1e61552f42015c1ef237b7efe64c7cf06fd7e21377be4ab4d7869b5bcb24983d9c795f1a2bcff8b6d0e26975914f11340c8a8be2c049ecbcf1731ffea55993b5473e3aa6b66c85c0f0f7f96435bb13625c6751df123a698f62c6c37c35369e9478edb94b07b74cb79312f78948f43a00e061c2715623c224b8fa383c4e9f38182a35f780d306f4eafa4e9ccd5deec18e825f0c9cdac3bb8df7b885d58d866ec3d9ed85c76f8c4b2975465bd0d582422519fe3af5d6aab2d2e35da6512a5986ec062defd0804d657d925da81a96a9d5c0ee2ef501bb3553713edd593f3403f21b62c358a1238a513a0fa76bcc81fa1d8272a5f0e9d6a1d0dda14d07848f1987d219bca0708c05aaf7fed870d3e1dc9416376113b449d235540078adf3c9e01575d0303415c5d4a7a20dea357c785e2dd5fb0b8de6037b4cec6ea1297fa54b5fa193bc79c5bf151f326d2d46f4611da3d29c9726153693fb9792107c01bd31a51389c9d5fa2de519af94e02c5c4b1791e71bc6b61370744af96b808ebdec8105f0010a322ef5d5f6766eae2dbee26f2e520e2f567ada23a29baa2a188d7f10ea4573dc6921c74e584d300aeeec57f3f4e76b60c0020ebfd234ae692aa352547d68e86b187174bf7e2dd9acd790f253e4be423b2156c1e1300f8bd88927169c40a5027d4d42e8824d63c3057c5c718dda8753dc7a5282d6d27dcaead0bee2de60108188161ff77da177898db5962eb70ce10832e926c6dde7b19855bd66a32581dce082e736ebbdd960fd50015c99852ceb8e5085aa0e9dd8ec3a08afc2145904b58f1ac6f066a7eaedd01ca4f9e29c72780949422d9100c0731524a4b46cbef9c234f2c7681792b2edcf4900624d3a2114ea6bdd4cb8789af1352f3cf780e4542e607ae1e1e2682a1adbd5f51f0dfeb6117b8decf378e291e7e98dacd2187625759048d50ce65fe39393a38e4e48937347adc5bb7b5c31ddbb13f4862422f6876dd524acc7b95a776547a5f272988d545dcaaadc6e9536e4372712e826302b6b0ff43abcf45db6cb2b5e27a6e615d72bc2050f192705a310451b48db0ae2df50b474d9a4e9deceff47c426baa5412504790ebb7decc9aa5085d42fdedfefb4a3130ef70269742b5b7a0f416f540f79e56f0bd583a36c3e2f183e5790365f8ba08fafe6f2a83560d7e794a5d431bd32dc765b80049d9236858c3bd7a134136a6e8c34aabacf323cf7be4c86f8859100d5312347a6103a4de7b2667c3cca4262b0f1451e80a220601ba8db6aacb456adb9503aee61e45d2f5598bb05549a6b6d9f49cef553ac099814ff152f820ef0bc49c10db65e0ba0e2f675a40fa54c7feda6fc1182bfe96175e1719b3f50d23cb4dda3348b371c3c0354e3e6d563dff49d7e5568fdd9d2438bac52e554d0cb965e7d793e4ab496180052755576b426f7001d9f9e6e30e1755df1404f0a3432fdd7c7bc1435dcb2a9b002aeb1eeca0df9be8eece4262df1ac47d82a31abc0d133d473e64e304ec44aa43be653996886f04f1fe8ed59186c25baa1f21ebab301c33a13f46b2938747f07dea2d16464b7101d425dfe729ffc1b34ad0e1af06dd0ec204c77be1ed180ac1aee8f1409ec9bab13ddb6b30b7e91ce14aee40367d8d5506f4e3e42cbc98e40f84d55b08b2dc10e5a63496a01dfc88c471c25b55fff3736dde5a9931022e4acc90c2a23b9e4eecce97e7eb4d51e759e52d0c5bfa571f286a0029067eecf7861fc6617a1d837d1b691e33e1e156d1a85671e2fb8dbf470ddaaaef9e355f152b4d57396e09227e942bbd40dc213579bf5fc94e519e3c4fdb96a48ca645aea8c1353180534d62f572985449de0c1fc950d20164953a461629b4d1c5997c194c228907e003c1ad2f1fc9fe367210a25ac7b16d09a0dfa807e5d1c1224f707801d1035ffbd3af9c495e114ee87cd101316437f4ea2c88c09a5dc149751197c5f69a76bb9823ef9d05d8490335b6fc18845ac0795fdd0845dfb159083e98c36aeebd0fd2dec3c939e3861f0fefd243474ffef18e0e1fb85bcebf3ead0bfca6f9e72fe12d457fc579412a2a5691a534ddf5521a48858b01b3f76eea21aa2c65be559c385053642fb70b455369248afe891efd97ca441814d8c8d7f70e11e2c7ffaca49da00d9350d765fdd7df47cee3602fbeac9d488c662a017a58b7de2c4211ef77eec7239f4be2f44ea5f67594d24434b01f4c4b44585a86b0c0629792818dd39996103fc1fb68355ff19a385567193d84ed5e364550de6694f791921b2d6a13daccd8c2510c220777e7abbb09327e9f57a01764ec86f2cc26da9d003bca9c2bcc7462d0090929a03646b017c77466e0cb07f96eb2efeca0331f876828bbe85d3eae7ede896390a4e4b34797042a4a3d4a572f04ca6ef95617274e46a265da9f406cdbab245603ccd093547cf316a6cb9a6ac21ee476a278032ee1d273824ce8c6f0f349d629db7ea89cc58ceae44ecb46e716a089e1bd1c024a375d4137977d1e826d254cdaf0f9be7e2ba4c1f0c47871266ffb6393445ad3dc226878d101bafc4f6f3f742ab506d01240a31b7e396bc4a4eb131de66b1b6e4edf0cf481c9da448680b668c7c565ffdef44478e963263a0b891bcd8132761ffad1287da48c447adc26cc3f67cf728242487db340a71963941b2a509d5bfdae1c6451f0a7db3fc489306ab25f7c65547b246b1c4b93fd0ddde8f81a4f2f5355080c4993d0c09969d2f7fd20600f0c7a2145f988cb06a01e9ba82fbe217b7686a5d597078c2c1b30aa42f2a456b85767661fcb27a3a74ec73556f833f4f0619e2a087614b91d31325602f5fe818c8ac1066498ce8c0697a93050d0521c098cd7b0db5e4045c2fbdb29c5da69b3c5332b122a19a09887866eac907ceda8a9b0285b8a284bcbe7e4699e6bdfc0dcd47e753a6dc7ad56c663c534d4fa41382223f0f1cc7d08c9d3d5a424f85f42c4e1b07ed77359fb7da0c7620ecaa8db4190ad5d0df0d71c789607c3da091c7c94f7304dff32a00bddd43ae11824b332697949db4a2074cfc5301f082ab7aa6643919aa3a492093444dc9b5f10d474b31ce63d25c702b6fc9a2f2d931e0dbae382847f44ef4061b0bd1e5586b8093d4e0ec694040bb36126e2eee17ce75e092be038e35e2260eec9761b83cb481f3f799722df21f4665b95b3df63c32a0550016d9526b85e41dfea7ba9d8492bb4c5d5eb21bf9a487e8d54a6e93546281eda43e2c0fe302f47ef889a831d52fa2e80495319ec6a7958dc8f7b27c7e34a47b4d2e1757a438cc88d4ef287825f3bad50567344e7ad570ce159ea3f8d64b88eab141cb6cac0c68ea75157951abcbac58240ffe0f3fab624b49182fabf49cf341773dc3b4f1b88a2b2d7e0f1073e23d56cbfb0efcb0c7067bb711d88c08a5057a8edf770495c1bed3be2f93104c3e34dd590d16f0fe982a1869afe1f2111dfd73d4c7872d60c2a1b8ba05fc069391c39cb4c25f8a46a2607be064cf19931ad8448a51d7158e64c8976a1ce0c42858801bea687ede70fc284618694b5e00cfbb2c18ef60c875a565f82a729a0dd31ac222faf20b0ea3eb497d5a0bb1503ab4128e525d4e79be0e041f7585b46f7c0ee47dd0bbf6947a415b64f6ba4a5b3b795fcd2e6f1ba71528a34708026b9eefd4a328bb9c35303945bf2dd465c23b9d85221abd1d2fe15ee01ffcb7d5081e8cdb588e0c71da98e8b9c14defd2453704482953f4616330c0614cfd55d1919696bea4c11b01d9c639aa5a0fe8ebfc55aa5aa03a649942f54f57a48050237715e055f5a98d1001b614b1898f605c6dee529bc32909a8281edd75cdcacf43bb5713fdc78b27edd15dfd3fd013804366784334228a66033563693acc6139bda77e2a1565"}) ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, 0x0) 12:57:28 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:28 executing program 2: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) getsockopt$PNPIPE_INITSTATE(r0, 0x113, 0x4, &(0x7f0000000080), &(0x7f00000005c0)=0x4) [ 1475.964769][T27994] loop0: detected capacity change from 0 to 264192 [ 1476.026147][T27994] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1476.036304][T27994] EXT4-fs (loop0): group descriptors corrupted! 12:57:30 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:30 executing program 1: pipe2(0x0, 0x0) socket$l2tp(0x2, 0x2, 0x73) 12:57:30 executing program 5: chown(&(0x7f0000000000)='./file1\x00', 0x0, 0xffffffffffffffff) readlinkat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) 12:57:30 executing program 4: socket$packet(0x11, 0x52c22e6b82ff1cd7, 0x300) 12:57:30 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x14, 0x3, 0x6, 0x201}, 0x14}}, 0x0) 12:57:30 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:30 executing program 1: pipe2(&(0x7f0000000000), 0x0) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) 12:57:30 executing program 4: semget(0x1, 0x2, 0x202) 12:57:30 executing program 2: syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2) 12:57:30 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, 0x0, 0x80000, 0x0) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, 0x0, 0x0) ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000240), 0x54f, 0x8400) ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000280)={0x0, 0xffffffff, 0x0, [0xdc40, 0x2, 0x1, 0xffff, 0x3f], [0x58, 0x9, 0xffffffff7fffffff, 0x415, 0x3, 0x9, 0x8, 0x2, 0x6, 0x6, 0x3, 0x1ff, 0x4, 0x7b9f, 0x8, 0xfffffffffffffffa, 0x9, 0x1000, 0x9, 0x7, 0x0, 0x80000001, 0x2, 0x7, 0x5, 0x6, 0x4, 0x9, 0x4f3, 0x1, 0x80, 0x9, 0xe3b, 0x1000, 0x7, 0x7ff, 0x5, 0xfffffffffffffff7, 0x9, 0x40, 0x400, 0xff, 0xfffffffffffff000, 0xb39, 0x3, 0x0, 0x3, 0x3, 0x5, 0x8001, 0x101, 0x9c, 0x2, 0xff, 0x5, 0x4, 0x100000001, 0x9, 0x4c70, 0x1, 0x9, 0x800, 0x7fff, 0x1, 0x3f11, 0x6, 0x401, 0x9, 0xea, 0x4, 0x0, 0x76, 0x7fffffff, 0x6a57, 0xc74, 0x2, 0xffffffff, 0x4, 0x4, 0x8000, 0x3, 0x3ff0000000000000, 0xc7, 0xecd0, 0x43e, 0x8, 0x5, 0x24, 0x3, 0x44f, 0x151, 0x1, 0x3, 0x8, 0x1ff, 0x4, 0xffffffffffffffff, 0x9, 0x4, 0x3a, 0x0, 0x101, 0x2, 0x8, 0x8, 0x3, 0x401, 0x8001, 0x0, 0xfff8000000000000, 0x6a8, 0x154, 0x0, 0xfffffffffffffff9, 0x80000000, 0xfffffffffffffffb, 0x7, 0xe7a, 0x1, 0x5e38, 0x9]}) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f00000006c0)={0x0, 0x9, {0x1, @usage, 0x0, 0x8, 0x1, 0x8, 0x7fff, 0x7, 0x52, @struct={0x8, 0x4}, 0x296f, 0x4, [0x101, 0x400040000, 0x7, 0x2, 0x7, 0xbe79]}, {0x9, @struct={0xa43, 0xeff7}, r2, 0x0, 0xfffffffffffffffb, 0x0, 0x101, 0x6, 0x480, @struct={0x5, 0x7}, 0x3, 0x7, [0x200, 0x8, 0x9, 0xfff, 0x3ff, 0x8]}, {0x3, @usage=0x10001, 0x0, 0x4, 0x496f, 0x557, 0xf41, 0x4, 0x20, @struct, 0x2, 0x6, [0x5, 0x48, 0x80000001, 0x4, 0x3, 0x9]}, {0x3ff, 0x8}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000ac0), 0x10000, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000b00), 0xffffffffffffffff) syz_genetlink_get_family_id$l2tp(&(0x7f00000012c0), 0xffffffffffffffff) 12:57:31 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000600000000000093000085"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:31 executing program 1: r0 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x102) write$P9_RLOPEN(r0, 0x0, 0x0) [ 1478.893549][T28030] loop0: detected capacity change from 0 to 264192 [ 1478.942803][T28030] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1478.955968][T28030] EXT4-fs (loop0): group descriptors corrupted! 12:57:33 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:33 executing program 4: add_key$fscrypt_v1(&(0x7f0000000100), 0x0, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000300)='dns_resolver\x00', &(0x7f0000000340)={'syz', 0x3}, 0x0, 0xfffffffffffffffb) 12:57:33 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x891b, &(0x7f0000000380)={'tunl0\x00', 0x0}) 12:57:33 executing program 2: request_key(&(0x7f0000000280)='rxrpc_s\x00', &(0x7f0000000000)={'syz', 0x0}, 0x0, 0xfffffffffffffffd) request_key(&(0x7f0000000380)='big_key\x00', &(0x7f00000003c0)={'syz', 0x2}, &(0x7f0000000400)='$\x00', 0xfffffffffffffffb) 12:57:33 executing program 1: setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, 0x0, 0x0) openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) timerfd_create(0x7, 0x80800) 12:57:33 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000600000000000093000085"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:33 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$dsp(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x3e04130c2a3487d8, r0, 0x0) 12:57:33 executing program 5: pipe2(&(0x7f0000001400), 0x0) 12:57:33 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x8934, &(0x7f0000000380)={'tunl0\x00', 0x0}) 12:57:33 executing program 1: pipe2(&(0x7f0000000180), 0x84800) 12:57:34 executing program 5: request_key(&(0x7f0000000280)='rxrpc_s\x00', &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000080)='$%-(\x00', 0xfffffffffffffffd) 12:57:34 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000001ec0)={0x14, 0x0, 0x9, 0x401}, 0x14}}, 0x0) [ 1481.147537][T28065] loop0: detected capacity change from 0 to 264192 [ 1481.189291][T28065] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1481.199363][T28065] EXT4-fs (loop0): group descriptors corrupted! 12:57:35 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:35 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x5460, 0x0) 12:57:35 executing program 2: prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00') preadv(r0, &(0x7f0000000200)=[{&(0x7f0000001440)=""/4096, 0x1000}], 0x1, 0x4, 0x0) 12:57:35 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000600000000000093000085"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:35 executing program 5: r0 = socket$l2tp6(0xa, 0x2, 0x73) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000480)={'batadv_slave_0\x00'}) 12:57:35 executing program 1: socket(0x1d, 0x0, 0x8) 12:57:35 executing program 1: r0 = perf_event_open$cgroup(&(0x7f0000000000)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f0000001100)='#\x9b\\\xd6%[*/a-%\x00') close(r0) 12:57:35 executing program 5: r0 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x0, 0x0, 0x0) 12:57:35 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x8915, &(0x7f0000000380)={'tunl0\x00', 0x0}) 12:57:35 executing program 2: syz_open_dev$usbmon(&(0x7f00000010c0), 0x0, 0x2002) 12:57:36 executing program 4: r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) read$dsp(r0, &(0x7f0000000200)=""/52, 0x34) 12:57:36 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) fremovexattr(r0, &(0x7f00000000c0)=@known='trusted.overlay.metacopy\x00') [ 1483.124747][T28101] loop0: detected capacity change from 0 to 264192 [ 1483.167547][T28101] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1483.178364][T28101] EXT4-fs (loop0): group descriptors corrupted! 12:57:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:37 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000006000000000000930000850000007500000085"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:37 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x8953, 0x0) 12:57:37 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SSUBSCRIP(r0, 0x89e1, &(0x7f0000000040)={'wlan1\x00'}) 12:57:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x7, 0x0, 0x0) 12:57:37 executing program 1: r0 = socket(0x15, 0x5, 0x0) connect$phonet_pipe(r0, &(0x7f0000000000), 0x10) 12:57:37 executing program 4: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000080)={0x0, 0x1, "82"}, &(0x7f0000000100)=0x9) 12:57:37 executing program 2: socketpair(0x26, 0x0, 0x0, &(0x7f0000000ac0)) 12:57:37 executing program 5: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, &(0x7f0000000180)) 12:57:38 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000006000000000000930000850000007500000085"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:38 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000025c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg$unix(r0, &(0x7f0000002a80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000004940)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="d8", 0x1}], 0x1, &(0x7f0000000700)=ANY=[@ANYBLOB="24000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r2], 0x28}}], 0x1, 0x0) 12:57:38 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x13, 0x0, 0x0, 0x0, 0x284}, 0x40) [ 1485.475676][T28136] loop0: detected capacity change from 0 to 264192 [ 1485.792496][T28136] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1485.802773][T28136] EXT4-fs (loop0): group descriptors corrupted! 12:57:40 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:40 executing program 5: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000080)={{0x6, @rose}, [@bcast, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) listen(r0, 0x0) unshare(0x40000000) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000400)=ANY=[], 0x208e24b) write(r0, 0x0, 0x0) 12:57:40 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$netlink(r0, 0x10e, 0x9, 0x0, &(0x7f0000000240)) 12:57:40 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001840)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f00000016c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffff85, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:57:40 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000006000000000000930000850000007500000085"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:40 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000800)=@filter={'filter\x00', 0xe, 0x4, 0x2e0, 0xffffffff, 0x0, 0xd8, 0x0, 0xffffffff, 0xffffffff, 0x248, 0x248, 0x248, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa0, 0xd8, 0x0, {}, [@common=@addrtype={{0x30}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{}, {}, {0x0, 0x0, 0x1}}}}, {{@ip={@remote, @local, 0x0, 0x0, 'veth0_to_bridge\x00', 'syzkaller0\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@addrtype={{0x30}}]}, @REJECT={0x28}}, {{@ip={@private, @multicast1, 0x0, 0x0, 'macsec0\x00'}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{}, {}, {}, 0x0, 0x3000000}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x340) 12:57:40 executing program 2: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000700), &(0x7f0000000740)=0x20) 12:57:40 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f00000002c0)=""/239, 0x1a, 0xef, 0x8}, 0x20) 12:57:41 executing program 4: socket(0xa, 0x0, 0xfffffffc) 12:57:41 executing program 5: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000080)={{0x6, @rose}, [@bcast, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) listen(r0, 0x0) unshare(0x40000000) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000400)=ANY=[], 0x208e24b) write(r0, 0x0, 0x0) 12:57:41 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000600000000000093000085000000750000008500000007"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1487.375545][T28203] BPF:No type found [ 1487.406241][T28203] BPF:No type found 12:57:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x6, 0x1, 0x101}, 0x14}}, 0x0) [ 1489.903107][T28244] loop0: detected capacity change from 0 to 264192 [ 1489.963922][T28244] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1489.974924][T28244] EXT4-fs (loop0): group descriptors corrupted! 12:57:44 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:44 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001840)={0x19, 0x3, &(0x7f00000001c0)=@framed, &(0x7f00000016c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:57:44 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x17, 0x0, 0x0, 0x3, 0x0, 0x1}, 0x40) 12:57:44 executing program 1: socketpair(0x25, 0x1, 0x0, &(0x7f0000000280)) 12:57:44 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000600000000000093000085000000750000008500000007"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:44 executing program 5: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000080)={{0x6, @rose}, [@bcast, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) listen(r0, 0x0) unshare(0x40000000) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000400)=ANY=[], 0x208e24b) write(r0, 0x0, 0x0) 12:57:44 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001840)={0x11, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x200000}}, &(0x7f00000016c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:57:45 executing program 1: clock_gettime(0x0, &(0x7f00000030c0)) 12:57:45 executing program 2: sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, 0x0, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000440)={0x19}, 0x40) 12:57:45 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000600000000000093000085000000750000008500000007"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:45 executing program 5: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000080)={{0x6, @rose}, [@bcast, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) listen(r0, 0x0) unshare(0x40000000) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000400)=ANY=[], 0x208e24b) write(r0, 0x0, 0x0) 12:57:45 executing program 1: r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="05", 0x1}], 0x1, &(0x7f0000000440)=[{0x28, 0x0, 0x0, "46969536e3b390d9052b57442f6df4a3cc"}], 0x28}, 0x40080c0) [ 1493.588136][T28327] loop0: detected capacity change from 0 to 264192 12:57:49 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0800000003", 0x5, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:49 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@struct={0x5}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x2e]}}, &(0x7f0000001e00)=""/4096, 0x2b, 0x1000, 0x1}, 0x20) 12:57:49 executing program 2: syz_genetlink_get_family_id$SEG6(&(0x7f0000000140), 0xffffffffffffffff) 12:57:49 executing program 1: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$vhost_msg(r0, &(0x7f0000001100)={0x1, {0x0, 0x0, 0x0}}, 0x48) 12:57:49 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000006000000000000930000850000007500000085000000070000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:49 executing program 5: r0 = userfaultfd(0x80001) close(r0) 12:57:49 executing program 5: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x0, 0x0, @private1}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000080)={r1}, 0x14) 12:57:50 executing program 2: socketpair$tipc(0x1e, 0x0, 0x0, 0x0) 12:57:50 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x4) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) r2 = dup3(r1, r0, 0x0) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0, 0x0, 0x1}, 0xc) r3 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x40000, 0x0) r4 = openat$cachefiles(0xffffffffffffff9c, 0x0, 0x841, 0x0) sendto$inet6(r4, &(0x7f0000000180)="8470b244a51a53b07ddd658350849aa00864087bd33a00c43bc92307a05c0b1e455521382693ec11159512abf6a1800cd513796db3", 0x35, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc) ftruncate(r3, 0x600004) sendfile(r0, r3, 0x0, 0x80001d00c0d0) sendto$inet6(0xffffffffffffffff, &(0x7f0000f6f000), 0x0, 0x0, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x7, &(0x7f00000012c0)=0x40, 0x4) open(&(0x7f0000000200)='./bus\x00', 0x103000, 0x40) 12:57:50 executing program 4: mmap$snddsp_status(&(0x7f0000ffa000/0x3000)=nil, 0x1000, 0x3fffefffff3, 0x9032, 0xffffffffffffffff, 0x82000000) 12:57:50 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000006000000000000930000850000007500000085000000070000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:51 executing program 4: getgroups(0x2, &(0x7f0000000540)=[0x0, 0x0]) [ 1497.214150][ T24] audit: type=1804 audit(1639141071.281:62): pid=28357 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir061547031/syzkaller.Uoe8Xd/208/bus" dev="sda1" ino=15844 res=1 errno=0 [ 1497.486869][ T24] audit: type=1804 audit(1639141071.461:63): pid=28358 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir061547031/syzkaller.Uoe8Xd/208/bus" dev="sda1" ino=15844 res=1 errno=0 [ 1498.014360][ T1201] ieee802154 phy0 wpan0: encryption failed: -22 [ 1498.021028][ T1201] ieee802154 phy1 wpan1: encryption failed: -22 [ 1501.233835][T28369] loop0: detected capacity change from 0 to 264192 [ 1501.357650][T28369] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1501.367818][T28369] EXT4-fs (loop0): group descriptors corrupted! 12:57:56 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0800000003", 0x5, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:56 executing program 5: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000001940)={0x24, @long}, 0x14) 12:57:56 executing program 2: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, 0x0) 12:57:56 executing program 1: getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000540)='+&+}-\x00') sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$IPSET_CMD_SWAP(0xffffffffffffffff, 0x0, 0x8040) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000840)={0x0}, 0x1, 0x0, 0x0, 0x8080}, 0x80) syz_genetlink_get_family_id$ethtool(&(0x7f0000002580), 0xffffffffffffffff) 12:57:56 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000006000000000000930000850000007500000085000000070000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:56 executing program 4: r0 = socket$unix(0x1, 0x5, 0x0) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) 12:57:57 executing program 5: perf_event_open(&(0x7f00000035c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 12:57:57 executing program 1: shmctl$IPC_SET(0x0, 0x2, 0x0) 12:57:57 executing program 4: r0 = syz_open_dev$sndpcmc(&(0x7f0000004100), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0xc1004110, &(0x7f0000000000)={0x0, [0x9, 0x7, 0xfffffffd], [{}, {}, {}, {0x2}]}) 12:57:57 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000002180)='numa_maps\x00') read$proc_mixer(r0, &(0x7f0000000080)=""/165, 0xa5) 12:57:57 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000600000000000093000085000000750000008500000007000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:57 executing program 5: perf_event_open(&(0x7f00000035c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1505.112334][T28404] loop0: detected capacity change from 0 to 264192 [ 1505.177006][T28404] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1505.187562][T28404] EXT4-fs (loop0): group descriptors corrupted! 12:57:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0800000003", 0x5, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:57:59 executing program 1: r0 = syz_open_dev$sndpcmc(&(0x7f0000004100), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0xc2604110, &(0x7f0000004140)) 12:57:59 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0023"], 0x1c}}, 0x0) 12:57:59 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000004100), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0x80184132, &(0x7f0000004140)) 12:57:59 executing program 5: bind$802154_dgram(0xffffffffffffffff, 0x0, 0x0) 12:57:59 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000600000000000093000085000000750000008500000007000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:57:59 executing program 4: io_uring_setup(0x75e6, &(0x7f0000003640)) 12:57:59 executing program 2: openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/nbd8', 0x200400, 0x0) 12:58:00 executing program 1: r0 = socket$unix(0x1, 0x5, 0x0) connect$unix(r0, 0x0, 0x0) 12:58:00 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000004100), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0xc1004110, &(0x7f0000000000)={0x0, [0x9, 0x7, 0xfffffffd], [], 0x2}) 12:58:00 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000600000000000093000085000000750000008500000007000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:00 executing program 4: r0 = socket$unix(0x1, 0x5, 0x0) connect$unix(r0, &(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e) [ 1507.985893][T28440] loop0: detected capacity change from 0 to 264192 [ 1508.026315][T28440] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1508.039927][T28440] EXT4-fs (loop0): group descriptors corrupted! 12:58:02 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="08000000030000", 0x7, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:02 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000004100), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0x4161, 0x0) 12:58:02 executing program 5: tgkill(0xffffffffffffffff, 0xffffffffffffffff, 0x10) sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000000)) r0 = getpid() ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f0000001980)={0x4}) prctl$PR_SET_PTRACER(0x59616d61, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, &(0x7f00000030c0), 0x1) accept4$unix(0xffffffffffffffff, &(0x7f00000034c0)=@abs, &(0x7f0000003540)=0x6e, 0x80000) socket$inet_udplite(0x2, 0x2, 0x88) io_uring_setup(0x75e6, &(0x7f0000003640)={0x0, 0x0, 0x1, 0x2, 0x380}) 12:58:02 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080), 0x101001, 0x0) write$snddsp(r0, &(0x7f0000000000)='R', 0x1) 12:58:02 executing program 4: connect$caif(0xffffffffffffffff, 0x0, 0x0) 12:58:02 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1508.509977][T28454] nvme_fabrics: unknown parameter or missing value 'R' in ctrl creation request 12:58:02 executing program 4: getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000040)) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080), 0x6e, &(0x7f0000000400)=[{&(0x7f0000000100)=""/116, 0x74}, {&(0x7f0000000180)=""/52, 0x34}, {&(0x7f00000001c0)=""/73, 0x49}, {&(0x7f0000000240)=""/194, 0xc2}, {0x0}, {&(0x7f00000003c0)=""/13, 0xd}], 0x6, &(0x7f0000000480)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x78}, 0x2000) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000540)='+&+}-\x00') sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, 0x6, 0x6, 0x801, 0x0, 0x0, {0x4, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet(0x2, 0x1, 0x1) ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f00000008c0)={{0x2, 0x4e22, @broadcast}, {0x306, @random="80deae35127a"}, 0x6, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'batadv_slave_1\x00'}) recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)=[{0x0}, {0x0}], 0x2}, 0x21) getpeername$unix(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000002400)) ptrace$pokeuser(0x6, 0x0, 0xfffffffffffffff8, 0x2) eventfd2(0x0, 0x40400) openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000002440), 0x4a45c3, 0x0) 12:58:02 executing program 5: r0 = socket$unix(0x1, 0x5, 0x0) sendmsg$unix(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x28}, 0x0) 12:58:02 executing program 1: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080), 0x101001, 0x0) write$snddsp(r0, &(0x7f0000000000)='R', 0x1) 12:58:02 executing program 2: r0 = socket$unix(0x1, 0x1, 0x0) accept4$unix(r0, 0x0, 0x0, 0x40800) 12:58:03 executing program 5: mmap$snddsp_status(&(0x7f0000ffa000/0x3000)=nil, 0x1000, 0x3fffffffffe, 0x1c1030, 0xffffffffffffffff, 0x82000000) 12:58:03 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1509.552945][T28468] nvme_fabrics: unknown parameter or missing value 'R' in ctrl creation request [ 1511.354789][T28484] loop0: detected capacity change from 0 to 264192 [ 1511.392629][T28484] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1511.402870][T28484] EXT4-fs (loop0): group descriptors corrupted! 12:58:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="08000000030000", 0x7, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:05 executing program 2: socketpair(0x2a, 0x0, 0x0, &(0x7f0000001880)) 12:58:05 executing program 1: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0x40485404, 0x0) 12:58:05 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:05 executing program 4: openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000340), 0x26c80) 12:58:05 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) 12:58:05 executing program 2: openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000002440), 0x0, 0x0) 12:58:06 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f00000006c0)=@sg0, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740)='gfs2meta\x00', 0x0, &(0x7f0000000780)='(($/\x00') 12:58:06 executing program 1: r0 = syz_open_dev$sndpcmc(&(0x7f0000004100), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0x4112, 0x0) 12:58:06 executing program 5: shmctl$IPC_SET(0x0, 0x5, 0x0) 12:58:06 executing program 1: mmap$snddsp_status(&(0x7f0000ffa000/0x3000)=nil, 0x1000, 0x7, 0x1c1030, 0xffffffffffffffff, 0x82000000) 12:58:06 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1512.666646][T28510] gfs2meta: Unknown parameter '(($/' [ 1512.735011][T28512] gfs2meta: Unknown parameter '(($/' [ 1515.078477][T28525] loop0: detected capacity change from 0 to 264192 [ 1515.123687][T28525] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1515.133762][T28525] EXT4-fs (loop0): group descriptors corrupted! 12:58:09 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="08000000030000", 0x7, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:09 executing program 2: socketpair(0x0, 0x0, 0x0, &(0x7f0000000cc0)) 12:58:09 executing program 5: sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, 0x0, 0x0) 12:58:09 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:09 executing program 4: clock_gettime(0x2, &(0x7f00000001c0)) 12:58:09 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/rt_cache\x00') read$FUSE(r0, &(0x7f0000000b80)={0x2020}, 0x67e7ce23d8e8dcb5) 12:58:09 executing program 5: prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) shmctl$SHM_STAT(0xffffffffffffffff, 0xd, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000001940)={&(0x7f0000001840), 0xc, &(0x7f0000001900)={&(0x7f0000001880)=ANY=[@ANYBLOB="48000000030305"], 0x48}}, 0x0) 12:58:09 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={0x0, 0x48}}, 0x0) 12:58:09 executing program 1: shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x4000) 12:58:09 executing program 2: perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f00000000c0)='wg2\x00', 0x4) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10) sendmmsg(r0, &(0x7f00000038c0), 0x4000000000000a8, 0x0) 12:58:10 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1516.342175][T28549] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.5'. 12:58:10 executing program 1: syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x400) [ 1517.956897][T28566] loop0: detected capacity change from 0 to 264192 [ 1517.985064][T28566] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1517.995560][T28566] EXT4-fs (loop0): group descriptors corrupted! 12:58:12 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0800000003000000", 0x8, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:12 executing program 4: shmctl$IPC_SET(0x0, 0x3, &(0x7f0000000180)={{0x0, 0xffffffffffffffff, 0x0, 0xee00}}) 12:58:12 executing program 5: socketpair(0x6, 0x0, 0x0, &(0x7f00000012c0)) 12:58:12 executing program 2: pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x0}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000036c0)) 12:58:12 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_targets\x00') read$proc_mixer(r0, &(0x7f0000000080)=""/165, 0xa5) 12:58:12 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:12 executing program 4: r0 = syz_open_dev$sndpcmc(&(0x7f0000004100), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0x40084149, &(0x7f0000004140)={0x0, [0x5cece465]}) 12:58:12 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000004100), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0x40084149, 0x0) 12:58:12 executing program 1: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) read(r0, &(0x7f00000000c0)=""/191, 0xbf) 12:58:13 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:13 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000004100), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0x4122, 0x0) 12:58:13 executing program 1: r0 = shmget(0x2, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) r1 = shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x0) shmdt(r1) [ 1520.546302][T28603] loop0: detected capacity change from 0 to 264192 [ 1520.566299][T28603] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1520.576295][T28603] EXT4-fs (loop0): group descriptors corrupted! 12:58:14 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0800000003000000", 0x8, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:14 executing program 4: r0 = eventfd2(0x0, 0x0) write$FUSE_CREATE_OPEN(r0, 0x0, 0x0) 12:58:14 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 12:58:14 executing program 1: r0 = epoll_create1(0x0) r1 = eventfd2(0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)) 12:58:14 executing program 5: mq_open(&(0x7f0000000000)='.,(\'\x00', 0x800, 0x0, &(0x7f0000000040)) 12:58:14 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r2, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1520.908355][ T24] audit: type=1326 audit(1639141094.971:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=28610 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6e70549 code=0x0 12:58:15 executing program 4: syz_mount_image$fuse(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000009c0)='./file0\x00', 0x321080, 0x4) 12:58:15 executing program 2: signalfd(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000000c0), 0x2, 0x0) r0 = open(&(0x7f0000000100)='./file1\x00', 0x1433c2, 0x0) r1 = dup2(r0, r0) ftruncate(r0, 0x2210204) r2 = epoll_create(0xabcb) sendfile(r2, r0, 0x0, 0xf10000) truncate(&(0x7f0000000040)='./file1\x00', 0x0) futimesat(r1, 0x0, 0x0) 12:58:15 executing program 1: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/user\x00') close(r0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) write$cgroup_pressure(r0, 0x0, 0x0) 12:58:15 executing program 5: r0 = socket(0x2, 0x1, 0x0) setsockopt$inet_tcp_buf(r0, 0x6, 0x1a, &(0x7f0000000240), 0x0) 12:58:15 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, 0x0, 0xfffffffffffffe9a) 12:58:15 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1522.691410][T28642] loop0: detected capacity change from 0 to 264192 [ 1522.817346][T28642] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1522.827737][T28642] EXT4-fs (loop0): group descriptors corrupted! 12:58:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0800000003000000", 0x8, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:17 executing program 5: r0 = socket(0x1, 0x2, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, 0x0, 0x0) 12:58:17 executing program 4: setsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000)="c9a8987ddf0b72612cdeddd428bc841d45af7b94ed0e02de45d6e28a8332c6a5c8c4cc73d6c2775aa89289ef5e21bc92746a6487f5d3070ad5e075695cebab04b7a26cae6ef62abe0bf96ca21f0d0d1e27651a4cb7d1534346443065a052783f6da039b147fbbb3b15cf5b086ee5407046566ed72cc4542a87b97771ca0b5920aa875e2b0412c8503f24b8ae3ab07d8c50efc99befd64ad611dab70ac751c32a3bf84ca3546fbdca2a90a0e0499f4e8ecd384851be6eb57aa0c15386c3a4c5383a617eda9cc4e4888ea76cad75f0195893383a39f73bc560401e54444d7f382362d62e3682a93fe3a59138bd1206a2edee42a56247c7b1f08ef4bcfcdb7ec3cd726a4fad8fc4a3bd5dfd5d", 0x10b) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/power_supply', 0x0, 0x0) 12:58:17 executing program 2: r0 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$unlink(0x1e, r0, 0x0) 12:58:17 executing program 1: r0 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$unlink(0x9, r0, 0xfffffffffffffffc) 12:58:17 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001280), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9) 12:58:17 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newneigh={0x1c, 0x16, 0x1}, 0x1c}}, 0x0) 12:58:17 executing program 4: syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x32c, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9, 0x21, 0xffed}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x0, 0x4}}}}}]}}]}}, 0x0) 12:58:17 executing program 1: r0 = socket(0x11, 0xa, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x8955, &(0x7f0000000080)={'syztnl2\x00', 0x0}) 12:58:17 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:17 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x2}, [@NDA_DST_MAC={0xa, 0x1, @multicast}]}, 0x28}}, 0x0) [ 1524.285682][ T7925] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 1524.532848][T28678] loop0: detected capacity change from 0 to 264192 [ 1524.563093][T28678] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1524.573256][T28678] EXT4-fs (loop0): group descriptors corrupted! [ 1524.687927][ T7925] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 12:58:18 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:18 executing program 5: add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc1}, &(0x7f00000000c0)={0x0, "0bcf2e646a5be338388b162f67938c6126b22c044886912a64361f32e5b7054a1dad7a7532cab62facabfb8bdd76277db1de7c070a35c6d317b3ade4d13515ba"}, 0x48, 0xfffffffffffffffb) 12:58:18 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ifreq(r0, 0x8947, &(0x7f0000000000)={'bond_slave_1\x00', @ifru_mtu}) 12:58:18 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0x4c, 0x0, &(0x7f0000000180)) 12:58:18 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, 0x0, 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1524.858587][ T7925] usb 5-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.40 [ 1524.867948][ T7925] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1524.876084][ T7925] usb 5-1: Product: syz [ 1524.880997][ T7925] usb 5-1: Manufacturer: syz [ 1524.885722][ T7925] usb 5-1: SerialNumber: syz [ 1525.146060][ T7925] usbhid 5-1:1.0: couldn't find an input interrupt endpoint 12:58:19 executing program 5: r0 = fsopen(&(0x7f0000000040)='fuse\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 12:58:19 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x9, 0x3, 0x288, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x208, 0xffffffff, 0xffffffff, 0x208, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2e8) [ 1525.325229][ T7925] usb 5-1: USB disconnect, device number 20 12:58:19 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0xd, 0x4, &(0x7f0000000a80)=@framed={{}, [@alu={0x7, 0x0, 0xb, 0x0, 0xb}]}, &(0x7f0000000040)='GPL\x00', 0x3, 0xd0, &(0x7f0000000280)=""/208, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 1526.148362][ T7925] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 1526.160392][T28711] loop0: detected capacity change from 0 to 264192 [ 1526.222623][T28711] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1526.233094][T28711] EXT4-fs (loop0): group descriptors corrupted! [ 1526.538540][ T7925] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1526.720122][ T7925] usb 5-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.40 [ 1526.729697][ T7925] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1526.738098][ T7925] usb 5-1: Product: syz [ 1526.742389][ T7925] usb 5-1: Manufacturer: syz [ 1526.747115][ T7925] usb 5-1: SerialNumber: syz 12:58:20 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none, 0x8000, 0x1}, 0xe) 12:58:20 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, 0x0, 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:20 executing program 5: r0 = socket(0x11, 0xa, 0x0) bind$tipc(r0, &(0x7f0000000000)=@name, 0x10) 12:58:20 executing program 1: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x3, &(0x7f0000001b00)=[{&(0x7f0000000540), 0x4000}, {0x0}, {0x0}], 0x0, 0x0) 12:58:20 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x6, &(0x7f0000000180), 0x4) 12:58:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) [ 1526.968152][ T7925] usb 5-1: can't set config #1, error -71 [ 1527.029735][ T7925] usb 5-1: USB disconnect, device number 21 [ 1527.164655][T28728] loop1: detected capacity change from 0 to 32 [ 1527.292465][T28728] loop1: detected capacity change from 0 to 32 12:58:21 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newneigh={0x10, 0x1c, 0x0, 0x0, 0x0, {0x1c}, [@NDA_CACHEINFO={0x14}, @NDA_LINK_NETNSID={0x8}]}, 0x38}}, 0x0) 12:58:21 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0xd, 0x4, &(0x7f0000000a80)=@framed={{}, [@alu={0x7, 0x0, 0x0, 0x0, 0x0, 0x8}]}, &(0x7f0000000040)='GPL\x00', 0x3, 0xd0, &(0x7f0000000280)=""/208, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:58:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8946, &(0x7f0000000040)={'veth1_vlan\x00', @ifru_data=0x0}) 12:58:21 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@newneigh={0x1c, 0x1c, 0x1, 0x0, 0x0, {0x7}}, 0x1c}}, 0x0) 12:58:21 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, 0x0, 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:22 executing program 1: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f0000000380), &(0x7f0000000340)={'syz', 0x2}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, r2) keyctl$unlink(0x9, r1, r2) 12:58:22 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bind$bt_l2cap(r0, &(0x7f0000000180)={0x1f, 0x0, @any, 0x8000, 0x1}, 0xe) 12:58:22 executing program 2: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, r0) add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, r1) 12:58:22 executing program 4: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f00000002c0)={0x0, "3833ef3bc17f9f579a81f33b69e70dba8a5f0ccee2a9c95a4bb0a5cfb23151f4dd1bcf500166a65c58a0456954272b8aa26407142a117bf06fcbcd096db7e0fe"}, 0x48, r0) request_key(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, r1) 12:58:22 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1529.098950][T28770] loop0: detected capacity change from 0 to 264192 [ 1529.204565][T28770] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1529.215180][T28770] EXT4-fs (loop0): group descriptors corrupted! 12:58:23 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:23 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newneigh={0x3c, 0x1c, 0x1, 0x0, 0x0, {0x7}, [@NDA_CACHEINFO={0x14}, @NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x3c}}, 0x0) 12:58:23 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0xd, 0x4, &(0x7f0000000a80)=@framed={{}, [@alu={0x7, 0x0, 0x3}]}, &(0x7f0000000040)='GPL\x00', 0x3, 0xd0, &(0x7f0000000280)=""/208, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:58:23 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = epoll_create1(0x0) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip6_tables_targets\x00') epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) 12:58:23 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0xd, 0x4, &(0x7f0000000a80)=@framed={{}, [@alu={0x0, 0x0, 0x5}]}, &(0x7f0000000040)='GPL\x00', 0x3, 0xd0, &(0x7f0000000280)=""/208, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:58:23 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:24 executing program 2: r0 = add_key$fscrypt_v1(&(0x7f0000000240), &(0x7f0000000280), &(0x7f0000000740)={0x0, "2f541f5774f648c7bddeae24e171e8510d5023c1440bc351446ccd2d30e8071fa03ac26b98c5f0af3bfa7c4892b02e7f21095c45949125873a75ebe94c921ce7"}, 0x48, 0xfffffffffffffffb) keyctl$update(0x2, r0, &(0x7f0000000340)="2c217aea5b7783673f2f0f799376e0b3025ae8ff229cd63aa835b5cdf67fdf988d70bbcfed2b889f5dcf6f51043e3a3693bd29c5c6cd6c43c0237c6d149ea8adc55d8f6531fecb7f7f", 0x49) 12:58:24 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5}}]}}, &(0x7f00000000c0)=""/238, 0x32, 0xee, 0x1}, 0x20) 12:58:24 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0xa}, [@NDA_DST_MAC={0xa, 0x1, @multicast}]}, 0x28}}, 0x0) 12:58:24 executing program 1: r0 = socket(0x11, 0xa, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0xc0189436, &(0x7f0000000080)={'syztnl2\x00', &(0x7f0000000000)={'sit0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}) 12:58:24 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:24 executing program 5: syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000300)=[{0x0, 0x0, 0x200}], 0x0, &(0x7f0000000380)) [ 1530.938376][T28803] loop5: detected capacity change from 0 to 2 [ 1530.988199][T28803] EXT4-fs (loop5): unable to read superblock [ 1531.066281][T28803] loop5: detected capacity change from 0 to 2 [ 1531.096852][T28803] EXT4-fs (loop5): unable to read superblock [ 1531.381979][T28815] loop0: detected capacity change from 0 to 264192 [ 1531.416732][T28815] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1531.427021][T28815] EXT4-fs (loop0): group descriptors corrupted! 12:58:25 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:25 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, 0x0, &(0x7f0000000040)) 12:58:25 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x89a3, &(0x7f0000000000)={'dummy0\x00', @ifru_hwaddr}) 12:58:25 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000000)={'tunl0\x00', &(0x7f0000000080)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}) 12:58:25 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:25 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r0, &(0x7f00000072c0)=[{{&(0x7f0000000040)=@pptp={0x18, 0x2, {0x0, @dev}}, 0x80, &(0x7f0000000340)=[{0x0}, {0x0}], 0x2, &(0x7f0000000380)=""/71, 0x47}}], 0x1, 0x0, &(0x7f0000007540)) syz_genetlink_get_family_id$SEG6(&(0x7f0000007740), r0) 12:58:26 executing program 1: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, r1) keyctl$KEYCTL_MOVE(0x14, 0x0, r2, r0, 0x0) 12:58:26 executing program 4: r0 = socket(0x10, 0x3, 0x0) bind$tipc(r0, 0x0, 0xc00) 12:58:26 executing program 2: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "ec796b", 0x8, 0x0, 0x0, @dev, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {[], "af1de1fd2d514ef3"}}}}}, 0x0) 12:58:26 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:26 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newneigh={0x3c, 0x1c, 0x1, 0x0, 0x0, {}, [@NDA_CACHEINFO={0x4}, @NDA_DST_MAC={0xa, 0x1, @multicast}]}, 0x3c}}, 0x0) 12:58:26 executing program 1: request_key(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)='%*#\xff[$/[\'\x00', 0x0) [ 1533.412222][T28852] loop0: detected capacity change from 0 to 264192 [ 1533.445729][T28852] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 12:58:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:27 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000000)=ANY=[@ANYRES16, @ANYRES64, @ANYRES32=r0, @ANYRES16], 0x0) 12:58:27 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$inet6(r0, &(0x7f0000002700)={&(0x7f0000001240)={0xa, 0x0, 0x0, @local, 0x4000}, 0x1c, 0x0}, 0x20040000) 12:58:27 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x9, 0x3, 0x2b0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x208, 0xffffffff, 0xffffffff, 0x208, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310) 12:58:27 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000180)=0x10000000, 0x4) 12:58:27 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:28 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0xd, 0x4, &(0x7f0000000a80)=@framed={{}, [@alu={0x7, 0x0, 0xb, 0x0, 0x0, 0x8}]}, &(0x7f0000000040)='GPL\x00', 0x3, 0xd0, &(0x7f0000000280)=""/208, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 12:58:28 executing program 2: perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f00000001c0)={0x2020}, 0x2020) bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) fsmount(0xffffffffffffffff, 0x0, 0xf8) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) socketpair(0x0, 0x2, 0x9, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$trusted_overlay_upper(r2, &(0x7f0000002200), 0x0, 0x0, 0x0) 12:58:28 executing program 1: perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f00000001c0)={0x2020}, 0x2020) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) bind$inet(r0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0xc63b9e35) socketpair(0x2, 0x2, 0x9, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$trusted_overlay_upper(r2, &(0x7f0000002200), &(0x7f0000002240)={0x0, 0xfb, 0x97, 0x6, 0x7, "ec1063aef0836141c6414dbb31d1a6d4", "e1faf1f50c7dd29a47c2d0ba65caf6ac60e6f2381ee50038f32757d7bcf0c688f92cd1716d6f05188b7f305c4d8299c4ba5b9437d68df8e5f190964145468e0b5f46f94826c52c107e50c1e1f994680b83def6ec7f3785729c0bf47b5b97a39586e352fde09d007f47cd9eda962ee866a6f1c517e31c9679adde778cbb6f7f78fe54"}, 0x97, 0x0) 12:58:28 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, 0x0, 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:28 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x1f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x21bd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000000040)) syz_open_procfs(r0, &(0x7f0000000240)='net/sctp\x00') syz_open_dev$tty20(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000001340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x550, &(0x7f0000000340), &(0x7f0000004000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0) io_uring_enter(r1, 0x4512, 0x0, 0x0, 0x0, 0x0) 12:58:28 executing program 4: perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="6400000000010104000000000000000002000000240001801400018008000100ac1414bb08000200ac1e00010c0002800500010000000000240002801400018008000100ac14140008000200ac1e00010c00028005000100000000000800074000190000"], 0x64}}, 0x0) dup3(0xffffffffffffffff, r0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) read$FUSE(r2, &(0x7f00000001c0)={0x2020}, 0x2020) bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) fsmount(0xffffffffffffffff, 0x0, 0xf8) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) recvmmsg(r1, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000004ac0)=""/102389, 0x18ff5}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) socketpair(0x2, 0x2, 0x9, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$trusted_overlay_upper(r3, 0x0, &(0x7f0000002240)={0x0, 0xfb, 0x6a, 0x6, 0x7, "ec1063aef0836141c6414dbb31d1a6d4", "e1faf1f50c7dd29a47c2d0ba65caf6ac60e6f2381ee50038f32757d7bcf0c688f92cd1716d6f05188b7f305c4d8299c4ba5b9437d68df8e5f190964145468e0b5f46f94826c52c107e50c1e1f994680b83def6ec7f"}, 0x6a, 0x0) [ 1535.820718][T28902] loop0: detected capacity change from 0 to 264192 [ 1535.859238][T28902] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 12:58:30 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:30 executing program 1: perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f00000001c0)={0x2020}, 0x2020) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) bind$inet(r0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0xc63b9e35) socketpair(0x2, 0x2, 0x9, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$trusted_overlay_upper(r2, &(0x7f0000002200), &(0x7f0000002240)={0x0, 0xfb, 0x97, 0x6, 0x7, "ec1063aef0836141c6414dbb31d1a6d4", "e1faf1f50c7dd29a47c2d0ba65caf6ac60e6f2381ee50038f32757d7bcf0c688f92cd1716d6f05188b7f305c4d8299c4ba5b9437d68df8e5f190964145468e0b5f46f94826c52c107e50c1e1f994680b83def6ec7f3785729c0bf47b5b97a39586e352fde09d007f47cd9eda962ee866a6f1c517e31c9679adde778cbb6f7f78fe54"}, 0x97, 0x0) 12:58:30 executing program 2: r0 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000040), &(0x7f0000000080)=0x4) 12:58:30 executing program 5: socket(0x10, 0x3, 0x1) 12:58:30 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, 0x0, 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:30 executing program 4: perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="6400000000010104000000000000000002000000240001801400018008000100ac1414bb08000200ac1e00010c0002800500010000000000240002801400018008000100ac14140008000200ac1e00010c00028005000100000000000800074000190000"], 0x64}}, 0x0) dup3(0xffffffffffffffff, r0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) read$FUSE(r2, &(0x7f00000001c0)={0x2020}, 0x2020) bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) fsmount(0xffffffffffffffff, 0x0, 0xf8) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) recvmmsg(r1, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000004ac0)=""/102389, 0x18ff5}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) socketpair(0x2, 0x2, 0x9, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$trusted_overlay_upper(r3, 0x0, &(0x7f0000002240)={0x0, 0xfb, 0x6a, 0x6, 0x7, "ec1063aef0836141c6414dbb31d1a6d4", "e1faf1f50c7dd29a47c2d0ba65caf6ac60e6f2381ee50038f32757d7bcf0c688f92cd1716d6f05188b7f305c4d8299c4ba5b9437d68df8e5f190964145468e0b5f46f94826c52c107e50c1e1f994680b83def6ec7f"}, 0x6a, 0x0) 12:58:30 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, 0x0, &(0x7f0000000500)) 12:58:31 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000000100)=@buf={0x50, &(0x7f0000000000)="afa711cde001149b536c3eaca8f9a9daf74032e377f52ef2762d38a12c8e74b1c6208edeeca18bda8c295ccf6ecd92df1a9ffbdbaed6f264bd13d7749b67887215234b4fbfda0f775f92fceb64f04dc3"}) 12:58:31 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, 0x0, 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:31 executing program 1: openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/vmcoreinfo', 0x0, 0x0) 12:58:31 executing program 4: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/power', 0x0, 0x0) write$UHID_INPUT(r0, 0x0, 0x0) 12:58:31 executing program 2: shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/174) [ 1538.354907][T28943] loop0: detected capacity change from 0 to 264192 [ 1538.383572][T28943] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 12:58:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:32 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000200), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x0, 0x0, {0x2}, [@NLBL_CIPSOV4_A_DOI={0x8}]}, 0x1c}}, 0x0) 12:58:32 executing program 4: request_key(&(0x7f00000000c0)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0xfffffffffffffffd) add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) 12:58:32 executing program 1: socket$inet(0x2, 0xa, 0x8000) 12:58:32 executing program 2: ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/vmcoreinfo', 0x0, 0x0) 12:58:32 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:32 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8906, 0x0) 12:58:33 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x1f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000001340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x550, &(0x7f0000000340), &(0x7f0000004000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307c, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0) io_uring_enter(r0, 0x4512, 0x0, 0x0, 0x0, 0x0) 12:58:33 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$sock_int(r0, 0x1, 0x2d, 0x0, &(0x7f00000000c0)) 12:58:33 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = getpid() r2 = getpid() sendmsg$unix(r0, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000d40)=[@cred={{0x1c, 0x1, 0x2, {r1, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r2, 0x0, 0xee00}}}], 0x40}, 0x0) 12:58:33 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:33 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x1, 0x0, 0xe, 0x0, 0x0, [{}]}]}}, &(0x7f0000000380)=""/155, 0x32, 0x9b, 0x1}, 0x20) [ 1540.465282][T28981] loop0: detected capacity change from 0 to 264192 [ 1540.511555][T28981] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 12:58:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:34 executing program 4: perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000200)={0x2, &(0x7f0000000100)=[{0x20, 0x0, 0x0, 0xfdfff018}, {0x6}]}) 12:58:34 executing program 5: perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$bpf(0x0, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', &(0x7f0000000140), 0x0, 0x0) 12:58:34 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c00)={&(0x7f0000000a80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@func={0x7, 0x0, 0x0, 0xc, 0x10}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61]}}, &(0x7f0000000b00)=""/239, 0x2d, 0xef, 0x1}, 0x20) 12:58:34 executing program 1: r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xe0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) close(r0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000400)) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a0, &(0x7f0000000000)='&@[\x00') r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x70, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a1, &(0x7f0000000680)='&@[\x00') ioctl$PERF_EVENT_IOC_REFRESH(r1, 0x2402, 0x100000001) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0) 12:58:34 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:35 executing program 2: syz_usb_connect(0x0, 0x36, &(0x7f0000000e00)={{0x12, 0x1, 0x0, 0x42, 0x7d, 0x7a, 0x10, 0x19d2, 0x105, 0x5ad2, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0xff, 0xff, 0xff, 0x0, [], [{{0x9, 0x5, 0x1, 0x1}}, {{0x9, 0x5, 0x8, 0x0, 0x200}}]}}]}}]}}, 0x0) 12:58:35 executing program 1: r0 = syz_open_dev$evdev(&(0x7f00000004c0), 0x0, 0x0) ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000500)={0x0, 0x0, 0x0, {}, {}, @rumble}) 12:58:35 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:35 executing program 5: syz_usb_connect(0x0, 0x3f, &(0x7f0000000e00)={{0x12, 0x1, 0x0, 0x42, 0x7d, 0x7a, 0x10, 0x19d2, 0x105, 0x5ad2, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x0, 0x6d, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0xff, 0xff, 0xff, 0x0, [], [{{0x9, 0x5, 0x1, 0x1}}, {{0x9, 0x5, 0x8, 0x0, 0x200}}, {{0x9, 0x5, 0x4, 0x0, 0x0, 0x5}}]}}]}}]}}, 0x0) 12:58:35 executing program 4: syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x0, 0x7}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x40}}}}}}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) 12:58:35 executing program 1: syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) [ 1542.087990][T21991] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 1542.237839][ T7925] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 1542.318141][T22272] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 1542.331814][T21991] usb 3-1: Using ep0 maxpacket: 16 [ 1542.462990][T21991] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 1542.474276][T21991] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid maxpacket 512, setting to 64 [ 1542.488019][ T7925] usb 5-1: Using ep0 maxpacket: 32 [ 1542.558249][T22272] usb 6-1: Using ep0 maxpacket: 16 [ 1542.608774][ T7925] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1542.618806][ T7925] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64 [ 1542.629020][ T7925] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1542.639047][ T7925] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 1542.639331][T21991] usb 3-1: New USB device found, idVendor=19d2, idProduct=0105, bcdDevice=5a.d2 [ 1542.659846][T21991] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1542.668210][T21991] usb 3-1: Product: syz [ 1542.672504][T21991] usb 3-1: Manufacturer: syz [ 1542.677407][T21991] usb 3-1: SerialNumber: syz [ 1542.707593][T21991] usb 3-1: config 0 descriptor?? [ 1542.726396][T22272] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 1542.737793][T22272] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid maxpacket 512, setting to 64 [ 1542.750252][T22272] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 1542.787082][T21991] option 3-1:0.0: GSM modem (1-port) converter detected [ 1542.908499][ T7925] usb 5-1: string descriptor 0 read error: -22 [ 1542.915209][ T7925] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1542.924685][ T7925] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1542.936654][T22272] usb 6-1: New USB device found, idVendor=19d2, idProduct=0105, bcdDevice=5a.d2 [ 1542.946095][T22272] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1542.956019][T22272] usb 6-1: Product: syz [ 1542.960742][T22272] usb 6-1: Manufacturer: syz [ 1542.965478][T22272] usb 6-1: SerialNumber: syz [ 1542.996143][ T26] usb 3-1: USB disconnect, device number 22 [ 1543.022549][ T26] option 3-1:0.0: device disconnected [ 1543.110059][T22272] usb 6-1: config 0 descriptor?? [ 1543.161527][T22272] option 6-1:0.0: GSM modem (1-port) converter detected [ 1543.255160][T29055] loop0: detected capacity change from 0 to 264192 [ 1543.309095][ T7925] cdc_ncm 5-1:1.0: bind() failure [ 1543.325253][ T7925] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 1543.332424][ T7925] cdc_ncm 5-1:1.1: bind() failure [ 1543.339777][T29055] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 1543.355264][T22272] usb 6-1: USB disconnect, device number 18 [ 1543.371024][ T7925] usb 5-1: USB disconnect, device number 22 [ 1543.425558][T22272] option 6-1:0.0: device disconnected 12:58:37 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) [ 1543.875103][T29030] usb 3-1: new high-speed USB device number 23 using dummy_hcd 12:58:38 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1544.038413][T29083] loop0: detected capacity change from 0 to 264192 [ 1544.087817][T21991] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 1544.129212][T29030] usb 3-1: Using ep0 maxpacket: 16 [ 1544.197812][T22272] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 1544.245866][T29083] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 1544.258257][T29030] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 1544.269343][T29030] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid maxpacket 512, setting to 64 [ 1544.339606][T21991] usb 5-1: Using ep0 maxpacket: 32 [ 1544.439301][T29030] usb 3-1: New USB device found, idVendor=19d2, idProduct=0105, bcdDevice=5a.d2 [ 1544.449087][T29030] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1544.457522][T29030] usb 3-1: Product: syz [ 1544.461813][T29030] usb 3-1: Manufacturer: syz [ 1544.466536][T29030] usb 3-1: SerialNumber: syz [ 1544.472723][T22272] usb 6-1: Using ep0 maxpacket: 16 [ 1544.509689][T21991] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1544.520076][T21991] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64 [ 1544.530684][T21991] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1544.540638][T21991] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 12:58:38 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1544.607805][T29030] usb 3-1: config 0 descriptor?? [ 1544.631685][T22272] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 1544.642929][T22272] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid maxpacket 512, setting to 64 [ 1544.654011][T22272] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 1544.678847][T29030] option 3-1:0.0: GSM modem (1-port) converter detected 12:58:39 executing program 2: syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x60, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x6}, {0x6}, [@acm={0x4}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x0, 0x1}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x6}}}}}}}]}}, &(0x7f0000000480)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x300, 0x0, 0x0, 0x0, 0x8}, 0x11, &(0x7f00000001c0)={0x5, 0xf, 0x11, 0x1, [@ssp_cap={0xc}]}, 0x3, [{0x0, 0x0}, {0x2, &(0x7f00000002c0)=@string={0x2}}, {0x0, 0x0}]}) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, 0x0) [ 1544.874605][ T7925] usb 3-1: USB disconnect, device number 23 [ 1544.885421][ T7925] option 3-1:0.0: device disconnected 12:58:39 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) open$dir(&(0x7f0000000080)='./file0\x00', 0x200, 0x0) getsockopt$sock_cred(r1, 0xffff, 0x1022, &(0x7f0000000100)={0x0, 0x0}, &(0x7f0000000140)=0xc) getsockopt$sock_cred(r0, 0xffff, 0x1022, &(0x7f00000001c0)={0x0, 0x0, 0x0}, &(0x7f0000000340)=0xc) fchownat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', r2, r3, 0x0) [ 1545.008277][T21991] usb 5-1: string descriptor 0 read error: -71 [ 1545.014812][T21991] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1545.024474][T21991] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 12:58:39 executing program 5: open$dir(&(0x7f0000000080)='./file0\x00', 0x200, 0x0) utimensat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x0) [ 1545.157607][T22272] usb 6-1: New USB device found, idVendor=19d2, idProduct=0105, bcdDevice=5a.d2 [ 1545.166856][T22272] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 12:58:39 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r0, r1) getpeername$unix(r2, 0x0, 0x0) [ 1545.228479][T21991] usb 5-1: can't set config #1, error -71 [ 1545.256222][T21991] usb 5-1: USB disconnect, device number 23 [ 1545.301538][T22272] usb 6-1: config 0 descriptor?? [ 1545.340937][T22272] usb 6-1: can't set config #0, error -71 [ 1545.387998][T22272] usb 6-1: USB disconnect, device number 19 12:58:39 executing program 5: setitimer(0x0, &(0x7f0000000080), &(0x7f0000000180)) 12:58:39 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1545.738743][ T7925] usb 3-1: new high-speed USB device number 24 using dummy_hcd 12:58:39 executing program 4: r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x200, 0x0) fcntl$lock(r0, 0x9, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100000001, 0xffffffffffffffff}) 12:58:39 executing program 1: socketpair$unix(0x1, 0x5, 0x0, 0xffffffffffffffff) [ 1545.987599][ T7925] usb 3-1: Using ep0 maxpacket: 32 12:58:40 executing program 5: shmat(0xffffffffffffffff, &(0x7f0000ffd000/0x3000)=nil, 0x0) shmat(0x0, &(0x7f0000ffd000/0x2000)=nil, 0x0) [ 1546.113531][ T7925] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1546.127614][ T7925] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1546.137729][ T7925] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1546.148146][ T7925] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 1546.158181][ T7925] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 12:58:40 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:40 executing program 4: msgget$private(0x0, 0x0) getrusage(0x0, &(0x7f00000001c0)) 12:58:40 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000000280)=[{0x0}, {0x0}, {&(0x7f0000000080)="f0", 0x1}], 0x3}, 0x0) [ 1546.739815][ T7925] usb 3-1: string descriptor 0 read error: -22 [ 1546.746357][ T7925] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1546.755770][ T7925] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1547.097912][ T7925] cdc_ncm 3-1:1.0: bind() failure [ 1547.114135][ T7925] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 1547.121167][ T7925] cdc_ncm 3-1:1.1: bind() failure [ 1547.142086][ T7925] usb 3-1: USB disconnect, device number 24 [ 1547.258161][T29157] loop0: detected capacity change from 0 to 264192 [ 1547.283679][T29157] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 1547.857460][ T7925] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 1548.138416][ T7925] usb 3-1: Using ep0 maxpacket: 32 [ 1548.283869][ T7925] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1548.295151][ T7925] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1548.305627][ T7925] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1548.315714][ T7925] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 1548.325813][ T7925] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 12:58:42 executing program 2: clock_getres(0x0, &(0x7f00000000c0)) getrlimit(0x0, &(0x7f0000000080)) 12:58:42 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:42 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000040)=@file={0x0, './file0\x00'}, 0xa) 12:58:42 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r0, 0x0, r1) sendmsg(r2, &(0x7f0000000780)={&(0x7f0000000080)=@un=@abs={0x0, 0x0, 0x1}, 0x8, &(0x7f00000006c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) 12:58:42 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r0, r1) writev(r2, &(0x7f0000000500)=[{0x0}], 0x1) sendto$unix(r1, 0x0, 0x0, 0x0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0xa) 12:58:42 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) [ 1548.529383][ T7925] usb 3-1: string descriptor 0 read error: -71 [ 1548.535918][ T7925] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1548.545471][ T7925] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1548.722633][ T7925] usb 3-1: can't set config #1, error -71 [ 1548.765931][ T7925] usb 3-1: USB disconnect, device number 25 12:58:42 executing program 4: msync(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4) 12:58:43 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_linger(r0, 0xffff, 0x80, &(0x7f0000000040)={0x0, 0xffffffff}, 0x8) 12:58:43 executing program 5: r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x200, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 12:58:43 executing program 2: setitimer(0x0, &(0x7f0000000040)={{}, {0x3}}, 0x0) setitimer(0x0, &(0x7f00000000c0)={{}, {0x0, 0xe3c}}, 0x0) 12:58:43 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:43 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) fcntl$setstatus(r0, 0x4, 0x0) 12:58:43 executing program 1: r0 = semget$private(0x0, 0x5, 0x0) semctl$GETVAL(r0, 0x4, 0xc, &(0x7f0000000000)=""/104) 12:58:43 executing program 5: r0 = socket$inet_icmp(0x2, 0x2, 0x1) getsockopt$sock_timeval(r0, 0x1, 0x0, 0x0, 0x0) 12:58:44 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x2141, 0x0) write$FUSE_NOTIFY_DELETE(r0, 0x0, 0x0) 12:58:44 executing program 4: fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x5) 12:58:44 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1551.151925][T29217] loop0: detected capacity change from 0 to 264192 [ 1551.176034][T29217] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 12:58:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:45 executing program 1: r0 = semget$private(0x0, 0x7, 0x0) semctl$GETZCNT(r0, 0x2, 0xf, &(0x7f0000000000)=""/85) 12:58:45 executing program 2: semget(0x2, 0x0, 0x111) 12:58:45 executing program 5: syz_mount_image$nfs4(0x0, &(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 12:58:45 executing program 4: syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$tipc2(&(0x7f00000034c0), 0xffffffffffffffff) 12:58:45 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:45 executing program 4: openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000016c0)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) 12:58:45 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x101842) write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0', [{0x20, '#! '}, {0x20, ':%+[/@.-[.\\@#^-}'}], 0xa, "24b3a78bbf3f3c32376d06e8f84b1b7a97abffdf78e18f1216cba62d09d45b68deb600db5c8253bdbd301f487de2c6b37a51f21c6411d770e045693b06c0695f944d0663dead50678a396d5f2de74d922385b5d14c3896"}, 0xffffffc1) 12:58:45 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [], {0x14, 0x10}}, 0x28}}, 0x0) 12:58:45 executing program 2: r0 = socket$l2tp(0x2, 0x2, 0x73) r1 = socket$l2tp(0x2, 0x2, 0x73) bind$l2tp(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) connect$l2tp(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) bind$l2tp(r0, &(0x7f0000000000)={0x2, 0x0, @local, 0x400}, 0x10) 12:58:46 executing program 1: r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x267, 0x68181) ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, &(0x7f0000000040)) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x7c, 0x0, 0xfffd}, 0x8, 0x0, 0x0, 0x74000000, 0x0, 0x0, 0x0}) 12:58:46 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newlink={0x68, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x28, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x2, 0x1b}}, @IFLA_VLAN_EGRESS_QOS={0x10, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xe368, 0x3}}]}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x68}}, 0x0) [ 1553.234401][T29263] loop0: detected capacity change from 0 to 264192 [ 1553.286866][T29263] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 12:58:47 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dc", 0x2d, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:58:47 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000000)={0x1, 0x0, {0x0, 0x0, 0x0, 0xd, 0x0, 0x1000}}) ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1a, 0x0, 0xbd80}) 12:58:47 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:58:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00') 12:58:47 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000010500)}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) [ 1553.640698][T29275] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1553.657066][T29271] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1553.699116][T29275] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1553.710622][T29271] rtc_cmos 00:00: Alarms can be up to one day in the future 12:58:47 executing program 1: syz_mount_image$nfs4(0x0, &(0x7f0000000800)='./file0\x00', 0x0, 0x4, &(0x7f0000002d80)=[{&(0x7f0000000840)="e9a578be8d2b94ebb8e41ea97c9a8b609657ddb4e8ac79c4b4c18e0f9a10641e123a01b2a8792631903413704e55f037b0ab681f531bc0e5d611e988aad99f6bdcf49f8ca5c6358bc04e0fa67c02dbaec08320ea59ccc4b8d9f534452e8db1d9436e799c8bc54ec817f2518102dddc7b34f43ab7847e6a4b75c178abe0c47badbf05b83aed0f74911a558d0a253c6e79f8c708a142aae3e5aff733d8c1e13c3c3b8f43a9adf279d6f1d8ce977e87373d5429e2ffde2fbee75fc883f8c2f3d70557ecd6a84fc0c2c3a2265c63043e09f2908f9866a39ea64532cf57467556671802984b31fb5a5c06b9bfe7c0b537dede878ff24bc36a8de7be36aab0019653e50fd53e89d2d82dc5e99dea9f5643ebc45918968ad9ccb912142f3ad12083c79610ea2243c1d8eef0bfa70993adc8a1ba92a962d290752c658e7b2c5f634aa48a500702205821d183fcd14fe5cbddc3e3528d07cd5282d0e65f74d49d901a93f6d0bf43bc62d4908b891f2ffb336844364c172820939c72e8cece95a4c960b0c4194cb113d34608c90f7cb7bbf08ddc387c70e88631f292c44e80bbea950cc685c8eb74eb117eb01ceaacf4d4ef13fd9f52decd33d9a99a0adc5097d80f9ca12c87f06553d36da09aa612cc42ffd3f43da31f87de14d590e51f65c98d0fee907544ade678876b184e75e9adc19a83ad95dfa55722637bf400837047f4765a5d26034f4c734c65e194824d9d63a02fc8eac4553c3809b9c6d1ded86f81ed0fec213d25977d1bf2ec6ea13979cf175c600b871f06d88356324de821cda349b2f114b826d431aba5f771c49cb01ad8e4099eee9b9cc451ed93a2162d9e32b99635ad89ca4b95f8e76e88cb7d1d50381b7b2a4eae742c69db99454d172ec90b978756704dcad099b9ce021ce23ee4fab9986170826c042e932bdfdaf80561948ff8b92d1bfd8e4d667e52135d2738ed71bb8708e9d6ceb7d6378a121ef12361a0ed410dcc7b59f92772b2fd2ed299b6eb18d620c2a7ead13eb8155c1fbeac077b80b3435b5974ed8966ab3bad70eeca7e67883d4d4f29226a51c845a9c26fa3d7c0e825224f0415dd51e6d95108c67cae97b24fe64f2ba30b4d415c05465f57783420d79bfd8cf8cc7c68f83a3b74bff7017db1d58b3b1bc2381f3df880ee267f7463a3d3500132df5ceb0dd0e182da289179a3aa71989b398cb5a86f4db2b02bc919732c246f9c7eb37d3f01cdf475a45a8fc620552562b2f983b8054e3ed400b18b1571f2350457cc58ec56abdc92ad521900d3205b46c61e5d7e4941a12e9f44e96972a3c426ff1728b02aded03e58734a4635e94f101d4dddc7e7fbb75281688b464ca638a34862c0a94119248ba5d7395936ec0ef66b0f408092d29bf967b03122d2d57b30da07c89213dbae3ae3b4fd242ce28a67804db52cf69705fb91033073b23961a7d3873b743a7db182a07613c7f25628aeb0e72e36702a17631dda1ea3b539229843a6f454284845334bb5d73f5e79126188b29bcec1c84a634f6d462b974e13a63410ae08ebba1a72d3145409faf6b47d26e0e05c55c458dd384e94c9f01ebefd7dcd0f0345d2ede179168e6eb0642e2863509155af82bb0462c597b45e9d70184e209bbd31d5669b350b38aa1c49768c36a5b479b9f9f48e83c10a3fd405cc003d37e3fa2f631985383d32840636f4b1b9a12d564e5c97677406fd1592cbe1367ea6185ae53834d2cdacb639bb780f133c8eafd8d70a25bc12fc4887230786c8c56e2c22be77cc5592c820b48ed6030f5cb9e2c19775703e339ce21822ba2ff1e6d36013532e8476b6180c194980f138de5d995a655dde5270e184df424c504f2062e45c090ae0037cf3fbe04a9f0b615159021313d54fc1b4fff93398d3679bc833ed483fb092c9cad7aa947ac0717df8fc5657cb5a5df133bc397758ff0b91cf0cba32641c400674eb9e7b181bc1c94bbf2a1549a529651599ed296c3d5dfba4cb48cb902341b206df776d4099b833516d5e933d20fbe61099af0cfb1d7b56e822b3855b3cd41d1ffd65b5b16da0058df3df5247e114454f51b15fa975d3736437e12e2343d23bc103cc1d6ab72d9330015f1da9230c348459c2282bf17d66e0957a0684b49cd30e2bfc1ba77f4e4ce622ed766460a66b997b32925753fc032684690d9f68b3c9b27ee3170272ca4d3fc49a480f0a8106de425f58bf8223399a9f07db748ae88429a93bbbcc5042bc5f60e2772fa50447b3ae15cdb5c6d0e56919eb16eec20f3275b1232515233be7e97e5fe4e044ac23ccfb4b5ccedc674505347190d57cddfe6846832cce80adbb79fd432a5c7c7f5de1928e53b43bb4046f3f14525d8fd8741bedd84ca27e9fe6ad409a0a93db8790204d0a0ebc533fed43ff764a4e5893cefa64a2a902b09ba236c97e0849b3190c6cb4c756d3706b1ed39cf6242434c38e5bddc061c4d79d36c3f68c90b0df47340159b82abadbd07cb4ccbe91f310bf4140bc04de71a17db30c940f340079422095196bd120747f8c83ca1d1cda7de6dea9cc0038c94c05b6a553dab76a36cf28cfaf9375e2e3a949f3571f7f8043dd4fb2957c1ad1cf9560c74978dfe59947fa8072305fc35218082a8c82a1eefcfa9610d362a4a4b9d52c9f4cdb838b5f0042cf57ca46df441522ba4a91b21265bb633cd81595ddbf1446a39f8ed7edb3cf4de0ec25c6781ed0cd1d5e5a4d343c7ffb50dc73d9f3c09c065d72522727ac508c7314207120091a67199b89daba26a45268cae285ce2dd138ea9a5741a5ac4ac68a34dcfaa80d426aaff0fbe3248aba8ef80a30e072943ab6ddfdb140ca4e9ad82749062c9e21d242020bc11cb4f2924e1378c7f8c4730e21e91360fcb1eef6cfdaefc900fcedf766d6bf1a6a71d496621eface1d3ec17a0c7f631c64feeec3352f5a2ca9ae9dbf6aed8682fefa3c72912b9cccfe2d1077da4b5375c8a38c7861a874bea80b4e3575f6424ffc93816c56267c8dd8de119fff2a1802e601946894124266baf8a0bcfbb108597aec3f28b2c0b26eccb8aa9154e65592a1bd946b9aa59b30d51701f9aee5aa7a0262d638f9f71ba7f117bbda2f2effd589f2388432a966aa299fc3a6061f498941e937dfc53d973a35955cf103e5797f691e674a704db427b0613672d66c5b2b2cbe82aab20c0e61aa7b56c9bb67f31b575fa4e89b20865de41b2798a9f5f2500fcfa2c2b6c60096a9ab3d0880829d1555f83b82b29b1e86834c04605220605dae5444bdf1347c99cbb097902e2f54c8641e8be10217e551a18da9df4da976884199c17d1e13efbcf0804bd383607a1633de427073ebe4c786dafd8c2ca60ae468d963cdb91eac53304a8802420a05774f75d6a2016f914dae4c5d9d23ca4834dc64e7721160127b3006fd57624f8bc0c3b1bb67f762542851af61f485ac05d512e59ae31d3021b502a4ad62c1f75e895f9ca9d1b86b277a6a4430c305bcb0a0c486eccf94060c0b4ee274f04552facc14a0ea7aae1d08dd1a7aab7eac4d772c92cedaca8649624a056f757c1575fb3219e08ed08b9e32d4dac84b24e61ac2405094df9f3977945f51a5b82df61c471978bb202e36cae772b7b3c5a5211b0b77d07b9c8deb7d7da355b11d3c4aed77a2025a9e0a4826107742d9f3013f1f2a38eceed919d90c47c5c335c75fbd4b5bb75290339aa568191b5b12538ed68f2197ca25709084ebb3dd8bfae91e763f06069656cf32a8a8e7ad4f1d41eed8022570e8240c38c0fc3eaf8b6fc66a1d86e7ac32cb271da26c8cbc29cdc66745e8d28abb00234d93942e535661273b3fd821ce799e5dfb8c92eec9c051da235803475a1de108fff834f800587ce32fee1dbe97a259ee80e1d76cc603ee9f70a14dab75b854c99c3b618cd495c50bff6402df18e92639756f217a386106692462c0f0fd94f01887c7a64624eb95a37b52e6f04c32891812499f21bdfe154bbf4c3fa58903af9be66ccd051d0713a5c88b9b9a759637c50ddb9fa52d048b24f4a9a619a360850551175687bbf298a2af69323b829790d6743a606a2ce1eace7154b09b6a86f452e960a5fec3c7991ad31073a5768f06a8232ca27236298f5a3c3fd69db55bdb13c1672541b25de6ae701e2dca898f73050e50a64ee03c344f1414930e2945f348463091287d3d75a149c7bfff0568fd709638775bb52e54ee53e24abd89a7dc6c171938e51e1349531c2e5e7a96d0f3840a6f8982a74cb61907fa36529afc89cc00e1f4539ccc004601bf2d0e6f2674bcc0ff908add84f7b991ac6ad7f1fd840a57a591d77cdc0f692a1cc04a4f993ec1d0f2ef21b1681b59a9370387b4d21f58ad1856ab6fa072059111470cba2aed2a4a0375ab1f97b292511502c82c4371024c563de9aa9d7a08396aa4d93283ee5590f0492b61843dbc89c92b738b1677300feccebfbbd29a17c58e9cc91426a72389b44718b6768c3e3cee1ceb76f22c9393a0a945c7e846cca52ab7789f10fae65be7789c848b50e8ee904865b677688cdf1b986c121504940d606f4a61b9788dedaf4aad848f900377d8e956c92bd88ef582ec54e7af17736492e85153e0770f15bf01e6353c55382c1f53cf63badc2c4407ae380d171321368de1e2846624a76e6c6eb07d6993688bea91b7c97049c24f552de3e13fab33f969cd3850905b8096ea935a97cdb632c22e631b6731a23eb905ebef7a2d4c4b47c7f69b290ec1a03a84841caf5e40e2a7dfbdbdc50ff38a65ab8f4941e4a3b2f753f41bb2527de6716dd1764bb1069f6afa5aa16e229b761d37366d17f628b80f6fb978a6142f897aaf0e8cbed11d5964043326ccc4c28d9057b9641fc91c54cad7889181aeb73a6e3345d74a530c3a754b435ad925154bfdb26e338e1c2eff5221cbcafd474eddc63f86c54dfce475e9bdfcdad1560c62ee93ae0d741da96414eb7e60e6d0d3fbba97f4227e770a54b23b2f9dac2ef438763a01b3431ceac6565ae9dc5fd6c0eb7ceb558e7542662835ca9c0a2878ae6bd70095ebedf20bdc2f4ae99720c7e0e0fbc7b0e312352efe15432657e02dfd7299cfcfb26ee121d36021a9faeb5ab5adad4387923c314653467e199197b3dbc1822fd821e9afa442a2d4ed2de339cbb489f6366ccd389d345f612be619365cd48b03444d525a1a30bb2b44a93bace46c680d59e7d63250d1f012f66e4ac56ddca1d05b7d2c31d6af6aac11ee50baee0c900502d9fcd25c6d6acc9fb5d5f2b00490ac1cef74c55b46a41a2475dec87ba63c46ddcfb8ccd9b7c97e9456e174775dc995fe4297e714a904858710017979951735ab6484015ce65231d6f4521263679c64ddbc0bc443b07e6ab3cfada715501fefd6853f9404d8569ebfa053c8639f06155767a379d77488a515fdc3a1069c1a21ae1a7b7ef682b519a1b3c2f855d662e71c989329a89291fe947a38573c12329ab505eec4194ef3b3f00cb4c786fab45b7c95a950527de127619ef7bb5a492ef0df558b7d18302c348cb69d2dfc1b09b7d917ac796c979e2c997b7674b6f3bf1f5ddc1b098ddc5f1e46abdbdeea9d7154fcd314227e9798e6ad1f7c0b65a86125ed0adc6d147d8e286ad6fd444454b71f4e43bd9f8553c15fe7520752d92271612268a07b64c640febb92987a3e99de72b4f4c6e085e82682f63a6b11fdf10dd721bd13b54179ae37ab54d4c3060aecd09acb2ea05626bddbc358a20a4cd29ae13b271017ffb9fbc1c48cf5c3f312028d2365a26e9456f92169bde7a1a52adf8cdaa464", 0x1000, 0x8000}, {&(0x7f0000001840), 0x0, 0x5}, {&(0x7f0000002840)='h', 0x1, 0x9}, {&(0x7f0000002940)="e24bcd71", 0x4}], 0x0, 0x0) [ 1553.784852][T29279] loop4: detected capacity change from 0 to 264192 [ 1553.920309][ T7925] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1553.928232][ T7925] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1553.935894][ T7925] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1553.943780][ T7925] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1553.951456][ T7925] rtc rtc0: __rtc_set_alarm: err=-22 [ 1554.016683][T29279] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 12:58:48 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_ifreq(r0, 0x8916, &(0x7f0000000040)={'syzkaller0\x00', @ifru_ivalue}) 12:58:48 executing program 4: r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f00000001c0)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24) 12:58:48 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1554.335547][T29289] loop1: detected capacity change from 0 to 128 [ 1554.538591][T29289] loop1: detected capacity change from 0 to 128 [ 1554.608516][T29285] not chained 1460000 origins [ 1554.613323][T29285] CPU: 1 PID: 29285 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1554.622142][T29285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1554.632227][T29285] Call Trace: [ 1554.635526][T29285] [ 1554.638471][T29285] dump_stack_lvl+0x1ff/0x28e [ 1554.643202][T29285] dump_stack+0x25/0x28 [ 1554.647399][T29285] kmsan_internal_chain_origin+0x7a/0x110 [ 1554.653180][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1554.659312][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1554.664483][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1554.670346][T29285] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1554.675960][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1554.681123][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1554.686995][T29285] ? should_fail+0x75/0x9c0 [ 1554.691562][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1554.696726][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1554.703029][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1554.709157][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1554.714318][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1554.720187][T29285] __msan_chain_origin+0xbf/0x140 [ 1554.725266][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1554.730447][T29285] get_compat_msghdr+0x108/0x2c0 [ 1554.735442][T29285] ? __sys_recvmmsg+0x51c/0x6f0 [ 1554.740331][T29285] do_recvmmsg+0x1063/0x2120 [ 1554.744982][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1554.750158][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1554.756457][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1554.761624][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1554.767926][T29285] ? fput+0x82/0x320 [ 1554.771871][T29285] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1554.778432][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1554.783164][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1554.789564][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1554.794642][T29285] do_fast_syscall_32+0x34/0x70 [ 1554.799536][T29285] do_SYSENTER_32+0x1b/0x20 [ 1554.804081][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1554.810463][T29285] RIP: 0023:0xf6e70549 [ 1554.814555][T29285] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1554.834206][T29285] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1554.842665][T29285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1554.850668][T29285] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1554.858664][T29285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1554.866663][T29285] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1554.874661][T29285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1554.882673][T29285] [ 1554.889392][T29285] Uninit was stored to memory at: [ 1554.894501][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1554.904909][T29285] get_compat_msghdr+0x108/0x2c0 [ 1554.909998][T29285] do_recvmmsg+0x1063/0x2120 [ 1554.914619][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1554.919416][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1554.925800][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1554.930954][T29285] do_fast_syscall_32+0x34/0x70 [ 1554.935848][T29285] do_SYSENTER_32+0x1b/0x20 [ 1554.940485][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1554.946861][T29285] [ 1554.949274][T29285] Uninit was stored to memory at: [ 1554.954365][T29285] __get_compat_msghdr+0x6e1/0x9d0 12:58:49 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0x100, &(0x7f0000000140), &(0x7f00000000c0)=0x7c) [ 1554.959614][T29285] get_compat_msghdr+0x108/0x2c0 [ 1554.964599][T29285] do_recvmmsg+0x1063/0x2120 [ 1554.969307][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1554.974049][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1554.980531][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1554.985601][T29285] do_fast_syscall_32+0x34/0x70 [ 1554.990652][T29285] do_SYSENTER_32+0x1b/0x20 [ 1554.995198][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1555.001711][T29285] [ 1555.004045][T29285] Uninit was stored to memory at: [ 1555.009263][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1555.014423][T29285] get_compat_msghdr+0x108/0x2c0 [ 1555.019560][T29285] do_recvmmsg+0x1063/0x2120 [ 1555.024186][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1555.029047][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1555.035427][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1555.040643][T29285] do_fast_syscall_32+0x34/0x70 [ 1555.045544][T29285] do_SYSENTER_32+0x1b/0x20 [ 1555.050235][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1555.056611][T29285] [ 1555.059085][T29285] Uninit was stored to memory at: [ 1555.064174][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1555.069491][T29285] get_compat_msghdr+0x108/0x2c0 [ 1555.074486][T29285] do_recvmmsg+0x1063/0x2120 [ 1555.079265][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1555.083978][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1555.090507][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1555.095581][T29285] do_fast_syscall_32+0x34/0x70 [ 1555.100609][T29285] do_SYSENTER_32+0x1b/0x20 [ 1555.105153][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1555.111675][T29285] [ 1555.114006][T29285] Uninit was stored to memory at: [ 1555.119238][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1555.124392][T29285] get_compat_msghdr+0x108/0x2c0 [ 1555.129534][T29285] do_recvmmsg+0x1063/0x2120 [ 1555.134165][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1555.139016][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1555.145396][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1555.150609][T29285] do_fast_syscall_32+0x34/0x70 [ 1555.155500][T29285] do_SYSENTER_32+0x1b/0x20 [ 1555.160187][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1555.166570][T29285] [ 1555.169033][T29285] Uninit was stored to memory at: [ 1555.174124][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1555.179421][T29285] get_compat_msghdr+0x108/0x2c0 [ 1555.184402][T29285] do_recvmmsg+0x1063/0x2120 [ 1555.189209][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1555.193921][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1555.200445][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1555.205516][T29285] do_fast_syscall_32+0x34/0x70 [ 1555.210541][T29285] do_SYSENTER_32+0x1b/0x20 [ 1555.215089][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1555.221585][T29285] [ 1555.223920][T29285] Uninit was stored to memory at: [ 1555.229140][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1555.234300][T29285] get_compat_msghdr+0x108/0x2c0 [ 1555.239420][T29285] do_recvmmsg+0x1063/0x2120 [ 1555.244047][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1555.248887][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1555.255269][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1555.260474][T29285] do_fast_syscall_32+0x34/0x70 [ 1555.265367][T29285] do_SYSENTER_32+0x1b/0x20 [ 1555.270049][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1555.276430][T29285] [ 1555.278900][T29285] Local variable msg_sys created at: [ 1555.284195][T29285] do_recvmmsg+0xc1/0x2120 [ 1555.288780][T29285] __sys_recvmmsg+0x51c/0x6f0 12:58:49 executing program 4: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180), 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='bdev\x00', 0x0, 0x0) 12:58:49 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x600000000000000, 0x43408) [ 1555.891286][T29287] not chained 1470000 origins [ 1555.896236][T29287] CPU: 1 PID: 29287 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1555.905036][T29287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1555.915112][T29287] Call Trace: [ 1555.918405][T29287] [ 1555.921344][T29287] dump_stack_lvl+0x1ff/0x28e [ 1555.926068][T29287] dump_stack+0x25/0x28 [ 1555.930253][T29287] kmsan_internal_chain_origin+0x7a/0x110 [ 1555.936021][T29287] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1555.942132][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1555.947294][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1555.953171][T29287] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1555.958771][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1555.963938][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1555.969809][T29287] ? should_fail+0x75/0x9c0 [ 1555.974367][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1555.979538][T29287] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1555.985853][T29287] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1555.991978][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1555.997137][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1556.003006][T29287] __msan_chain_origin+0xbf/0x140 [ 1556.008083][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1556.013262][T29287] get_compat_msghdr+0x108/0x2c0 [ 1556.018259][T29287] ? __sys_recvmmsg+0x51c/0x6f0 [ 1556.023157][T29287] do_recvmmsg+0x1063/0x2120 [ 1556.027810][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1556.033694][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1556.038852][T29287] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1556.045150][T29287] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1556.051708][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1556.056438][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1556.062828][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1556.067914][T29287] do_fast_syscall_32+0x34/0x70 [ 1556.072902][T29287] do_SYSENTER_32+0x1b/0x20 [ 1556.077448][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1556.083834][T29287] RIP: 0023:0xf6e70549 [ 1556.087927][T29287] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1556.107570][T29287] RSP: 002b:00000000f5a285fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1556.116016][T29287] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1556.124015][T29287] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1556.132011][T29287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1556.140005][T29287] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1556.148001][T29287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1556.156012][T29287] [ 1556.162459][T29287] Uninit was stored to memory at: [ 1556.167968][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1556.173131][T29287] get_compat_msghdr+0x108/0x2c0 [ 1556.178198][T29287] do_recvmmsg+0x1063/0x2120 [ 1556.182819][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1556.187631][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1556.194015][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1556.199167][T29287] do_fast_syscall_32+0x34/0x70 [ 1556.204058][T29287] do_SYSENTER_32+0x1b/0x20 [ 1556.208686][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1556.215070][T29287] [ 1556.217486][T29287] Uninit was stored to memory at: [ 1556.222573][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1556.227809][T29287] get_compat_msghdr+0x108/0x2c0 [ 1556.232796][T29287] do_recvmmsg+0x1063/0x2120 [ 1556.237500][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1556.242213][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1556.248759][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1556.253825][T29287] do_fast_syscall_32+0x34/0x70 [ 1556.258863][T29287] do_SYSENTER_32+0x1b/0x20 [ 1556.263431][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1556.269892][T29287] [ 1556.272226][T29287] Uninit was stored to memory at: [ 1556.277454][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1556.282607][T29287] get_compat_msghdr+0x108/0x2c0 [ 1556.287733][T29287] do_recvmmsg+0x1063/0x2120 [ 1556.292358][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1556.297065][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1556.303592][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1556.308792][T29287] do_fast_syscall_32+0x34/0x70 [ 1556.313699][T29287] do_SYSENTER_32+0x1b/0x20 [ 1556.318392][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1556.324770][T29287] [ 1556.327111][T29287] Uninit was stored to memory at: [ 1556.332347][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1556.337640][T29287] get_compat_msghdr+0x108/0x2c0 [ 1556.342623][T29287] do_recvmmsg+0x1063/0x2120 [ 1556.347380][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1556.352096][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1556.358603][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1556.363679][T29287] do_fast_syscall_32+0x34/0x70 [ 1556.368705][T29287] do_SYSENTER_32+0x1b/0x20 [ 1556.373253][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1556.379768][T29287] [ 1556.382098][T29287] Uninit was stored to memory at: [ 1556.387181][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1556.392488][T29287] get_compat_msghdr+0x108/0x2c0 [ 1556.397547][T29287] do_recvmmsg+0x1063/0x2120 [ 1556.402167][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1556.406870][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1556.413393][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1556.418605][T29287] do_fast_syscall_32+0x34/0x70 [ 1556.423495][T29287] do_SYSENTER_32+0x1b/0x20 [ 1556.428186][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1556.434592][T29287] [ 1556.436938][T29287] Uninit was stored to memory at: [ 1556.442166][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1556.447455][T29287] get_compat_msghdr+0x108/0x2c0 [ 1556.452439][T29287] do_recvmmsg+0x1063/0x2120 [ 1556.457060][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1556.461938][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1556.468457][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1556.473523][T29287] do_fast_syscall_32+0x34/0x70 [ 1556.478552][T29287] do_SYSENTER_32+0x1b/0x20 [ 1556.483093][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1556.489605][T29287] [ 1556.491933][T29287] Uninit was stored to memory at: [ 1556.497028][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1556.502331][T29287] get_compat_msghdr+0x108/0x2c0 [ 1556.507436][T29287] do_recvmmsg+0x1063/0x2120 [ 1556.512060][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1556.516767][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1556.523318][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1556.528533][T29287] do_fast_syscall_32+0x34/0x70 [ 1556.533422][T29287] do_SYSENTER_32+0x1b/0x20 [ 1556.538090][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1556.544466][T29287] [ 1556.546798][T29287] Local variable msg_sys created at: [ 1556.552212][T29287] do_recvmmsg+0xc1/0x2120 [ 1556.556659][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1557.219807][T29285] not chained 1480000 origins [ 1557.224527][T29285] CPU: 0 PID: 29285 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1557.233327][T29285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1557.243407][T29285] Call Trace: [ 1557.246699][T29285] [ 1557.249644][T29285] dump_stack_lvl+0x1ff/0x28e [ 1557.254375][T29285] dump_stack+0x25/0x28 [ 1557.258571][T29285] kmsan_internal_chain_origin+0x7a/0x110 [ 1557.264350][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1557.270474][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1557.275635][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1557.281504][T29285] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1557.287106][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1557.292274][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1557.298148][T29285] ? should_fail+0x75/0x9c0 [ 1557.302702][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1557.307865][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1557.314167][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1557.320294][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1557.325481][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1557.331342][T29285] __msan_chain_origin+0xbf/0x140 [ 1557.336424][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1557.341601][T29285] get_compat_msghdr+0x108/0x2c0 [ 1557.346591][T29285] ? __sys_recvmmsg+0x51c/0x6f0 [ 1557.351481][T29285] do_recvmmsg+0x1063/0x2120 [ 1557.356125][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1557.361299][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1557.367598][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1557.372757][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1557.379056][T29285] ? fput+0x82/0x320 [ 1557.382998][T29285] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1557.389558][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1557.394285][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1557.400684][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1557.405759][T29285] do_fast_syscall_32+0x34/0x70 [ 1557.410655][T29285] do_SYSENTER_32+0x1b/0x20 [ 1557.415198][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1557.421573][T29285] RIP: 0023:0xf6e70549 [ 1557.425661][T29285] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1557.445315][T29285] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1557.453767][T29285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1557.461768][T29285] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1557.469763][T29285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1557.477758][T29285] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1557.485749][T29285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1557.493756][T29285] [ 1557.499253][T29285] Uninit was stored to memory at: [ 1557.504359][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1557.509959][T29285] get_compat_msghdr+0x108/0x2c0 [ 1557.514939][T29285] do_recvmmsg+0x1063/0x2120 [ 1557.519676][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1557.524382][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1557.530870][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1557.535941][T29285] do_fast_syscall_32+0x34/0x70 [ 1557.540948][T29285] do_SYSENTER_32+0x1b/0x20 [ 1557.545494][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1557.551983][T29285] [ 1557.554314][T29285] Uninit was stored to memory at: [ 1557.559496][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1557.564653][T29285] get_compat_msghdr+0x108/0x2c0 [ 1557.569824][T29285] do_recvmmsg+0x1063/0x2120 [ 1557.574452][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1557.579335][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1557.585712][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1557.590966][T29285] do_fast_syscall_32+0x34/0x70 [ 1557.595882][T29285] do_SYSENTER_32+0x1b/0x20 [ 1557.600602][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1557.606979][T29285] [ 1557.609462][T29285] Uninit was stored to memory at: [ 1557.614553][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1557.619885][T29285] get_compat_msghdr+0x108/0x2c0 [ 1557.624872][T29285] do_recvmmsg+0x1063/0x2120 [ 1557.629672][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1557.634386][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1557.640945][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1557.646014][T29285] do_fast_syscall_32+0x34/0x70 [ 1557.651088][T29285] do_SYSENTER_32+0x1b/0x20 [ 1557.655632][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1557.662136][T29285] [ 1557.664467][T29285] Uninit was stored to memory at: [ 1557.669710][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1557.674868][T29285] get_compat_msghdr+0x108/0x2c0 [ 1557.680032][T29285] do_recvmmsg+0x1063/0x2120 [ 1557.684659][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1557.689549][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1557.695928][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1557.701170][T29285] do_fast_syscall_32+0x34/0x70 [ 1557.706061][T29285] do_SYSENTER_32+0x1b/0x20 [ 1557.710773][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1557.717150][T29285] [ 1557.719624][T29285] Uninit was stored to memory at: [ 1557.724714][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1557.730049][T29285] get_compat_msghdr+0x108/0x2c0 [ 1557.735030][T29285] do_recvmmsg+0x1063/0x2120 [ 1557.739834][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1557.744550][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1557.751106][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1557.756177][T29285] do_fast_syscall_32+0x34/0x70 [ 1557.761239][T29285] do_SYSENTER_32+0x1b/0x20 [ 1557.765783][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1557.772339][T29285] [ 1557.774668][T29285] Uninit was stored to memory at: [ 1557.779897][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1557.785058][T29285] get_compat_msghdr+0x108/0x2c0 [ 1557.790202][T29285] do_recvmmsg+0x1063/0x2120 [ 1557.794823][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1557.799660][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1557.806049][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1557.811295][T29285] do_fast_syscall_32+0x34/0x70 [ 1557.816190][T29285] do_SYSENTER_32+0x1b/0x20 [ 1557.820907][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1557.827408][T29285] [ 1557.829739][T29285] Uninit was stored to memory at: [ 1557.834824][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1557.840164][T29285] get_compat_msghdr+0x108/0x2c0 [ 1557.845150][T29285] do_recvmmsg+0x1063/0x2120 [ 1557.849930][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1557.854640][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1557.861200][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1557.866274][T29285] do_fast_syscall_32+0x34/0x70 [ 1557.871346][T29285] do_SYSENTER_32+0x1b/0x20 [ 1557.875891][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1557.882441][T29285] [ 1557.884773][T29285] Local variable msg_sys created at: [ 1557.890238][T29285] do_recvmmsg+0xc1/0x2120 [ 1557.894683][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1557.995058][T29287] not chained 1490000 origins [ 1557.999876][T29287] CPU: 1 PID: 29287 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1558.008673][T29287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1558.018753][T29287] Call Trace: [ 1558.022040][T29287] [ 1558.024987][T29287] dump_stack_lvl+0x1ff/0x28e [ 1558.029713][T29287] dump_stack+0x25/0x28 [ 1558.033903][T29287] kmsan_internal_chain_origin+0x7a/0x110 [ 1558.039675][T29287] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1558.045792][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1558.050950][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1558.056813][T29287] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1558.062414][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1558.067574][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1558.073434][T29287] ? should_fail+0x75/0x9c0 [ 1558.077987][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1558.083149][T29287] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1558.089444][T29287] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1558.095568][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1558.100733][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1558.106597][T29287] __msan_chain_origin+0xbf/0x140 [ 1558.111673][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1558.116852][T29287] get_compat_msghdr+0x108/0x2c0 [ 1558.121838][T29287] ? __sys_recvmmsg+0x51c/0x6f0 [ 1558.126725][T29287] do_recvmmsg+0x1063/0x2120 [ 1558.131367][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1558.137247][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1558.142412][T29287] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1558.148713][T29287] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.155269][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1558.159987][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.166379][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1558.171458][T29287] do_fast_syscall_32+0x34/0x70 [ 1558.176353][T29287] do_SYSENTER_32+0x1b/0x20 [ 1558.180902][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1558.187279][T29287] RIP: 0023:0xf6e70549 [ 1558.191368][T29287] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1558.211027][T29287] RSP: 002b:00000000f5a285fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1558.219475][T29287] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1558.227474][T29287] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1558.235472][T29287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1558.243464][T29287] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1558.251458][T29287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1558.259467][T29287] [ 1558.266086][T29287] Uninit was stored to memory at: [ 1558.271989][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1558.277149][T29287] get_compat_msghdr+0x108/0x2c0 [ 1558.282222][T29287] do_recvmmsg+0x1063/0x2120 [ 1558.286842][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1558.291638][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.298094][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1558.303163][T29287] do_fast_syscall_32+0x34/0x70 [ 1558.308203][T29287] do_SYSENTER_32+0x1b/0x20 [ 1558.312766][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1558.319292][T29287] [ 1558.321620][T29287] Uninit was stored to memory at: [ 1558.326704][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1558.332008][T29287] get_compat_msghdr+0x108/0x2c0 [ 1558.336995][T29287] do_recvmmsg+0x1063/0x2120 [ 1558.341756][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1558.346463][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.352988][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1558.358187][T29287] do_fast_syscall_32+0x34/0x70 [ 1558.363078][T29287] do_SYSENTER_32+0x1b/0x20 [ 1558.367743][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1558.374115][T29287] [ 1558.376441][T29287] Uninit was stored to memory at: [ 1558.381675][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1558.386831][T29287] get_compat_msghdr+0x108/0x2c0 [ 1558.391953][T29287] do_recvmmsg+0x1063/0x2120 [ 1558.396579][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1558.401445][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.407964][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1558.413033][T29287] do_fast_syscall_32+0x34/0x70 [ 1558.418073][T29287] do_SYSENTER_32+0x1b/0x20 [ 1558.422617][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1558.429150][T29287] [ 1558.431483][T29287] Uninit was stored to memory at: [ 1558.436568][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1558.441866][T29287] get_compat_msghdr+0x108/0x2c0 [ 1558.446849][T29287] do_recvmmsg+0x1063/0x2120 [ 1558.451624][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1558.456329][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.462856][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1558.468073][T29287] do_fast_syscall_32+0x34/0x70 [ 1558.472962][T29287] do_SYSENTER_32+0x1b/0x20 [ 1558.477673][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1558.484050][T29287] [ 1558.486378][T29287] Uninit was stored to memory at: [ 1558.491606][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1558.496759][T29287] get_compat_msghdr+0x108/0x2c0 [ 1558.501879][T29287] do_recvmmsg+0x1063/0x2120 [ 1558.506505][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1558.511363][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.517888][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1558.522959][T29287] do_fast_syscall_32+0x34/0x70 [ 1558.527988][T29287] do_SYSENTER_32+0x1b/0x20 [ 1558.532539][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1558.539052][T29287] [ 1558.541379][T29287] Uninit was stored to memory at: [ 1558.546462][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1558.546895][T29285] not chained 1500000 origins [ 1558.551749][T29287] get_compat_msghdr+0x108/0x2c0 [ 1558.551803][T29287] do_recvmmsg+0x1063/0x2120 [ 1558.551844][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1558.556498][T29285] CPU: 0 PID: 29285 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1558.561489][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.565987][T29285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1558.570713][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1558.579400][T29285] Call Trace: [ 1558.579421][T29285] [ 1558.579437][T29285] dump_stack_lvl+0x1ff/0x28e [ 1558.579494][T29285] dump_stack+0x25/0x28 [ 1558.585778][T29287] do_fast_syscall_32+0x34/0x70 [ 1558.595818][T29285] kmsan_internal_chain_origin+0x7a/0x110 [ 1558.595885][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1558.600959][T29287] do_SYSENTER_32+0x1b/0x20 [ 1558.604160][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1558.607208][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1558.611742][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1558.615877][T29287] [ 1558.615885][T29287] Uninit was stored to memory at: [ 1558.620716][T29285] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1558.620783][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1558.626541][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1558.632531][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1558.632602][T29285] ? should_fail+0x75/0x9c0 [ 1558.637084][T29287] get_compat_msghdr+0x108/0x2c0 [ 1558.642176][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1558.642239][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1558.648613][T29287] do_recvmmsg+0x1063/0x2120 [ 1558.654340][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1558.656647][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1558.661657][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1558.661721][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1558.667310][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.672342][T29285] __msan_chain_origin+0xbf/0x140 [ 1558.677502][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1558.683227][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1558.687777][T29287] do_fast_syscall_32+0x34/0x70 [ 1558.692647][T29285] get_compat_msghdr+0x108/0x2c0 [ 1558.697785][T29287] do_SYSENTER_32+0x1b/0x20 [ 1558.703945][T29285] ? __sys_recvmmsg+0x51c/0x6f0 [ 1558.708577][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1558.714558][T29285] do_recvmmsg+0x1063/0x2120 [ 1558.719283][T29287] [ 1558.724329][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1558.730166][T29287] Local variable msg_sys created at: [ 1558.736419][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1558.741478][T29287] do_recvmmsg+0xc1/0x2120 [ 1558.746424][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1558.751578][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1558.756344][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1558.820744][T29285] ? fput+0x82/0x320 [ 1558.824695][T29285] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.831267][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1558.836007][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.842408][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1558.847484][T29285] do_fast_syscall_32+0x34/0x70 [ 1558.852380][T29285] do_SYSENTER_32+0x1b/0x20 [ 1558.856929][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1558.863311][T29285] RIP: 0023:0xf6e70549 [ 1558.867409][T29285] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1558.887062][T29285] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1558.895510][T29285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1558.903510][T29285] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1558.911511][T29285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1558.919504][T29285] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1558.927495][T29285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1558.935504][T29285] [ 1558.942103][T29285] Uninit was stored to memory at: [ 1558.947208][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1558.953016][T29285] get_compat_msghdr+0x108/0x2c0 [ 1558.958273][T29285] do_recvmmsg+0x1063/0x2120 [ 1558.962905][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1558.967724][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1558.974103][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1558.979357][T29285] do_fast_syscall_32+0x34/0x70 [ 1558.984254][T29285] do_SYSENTER_32+0x1b/0x20 [ 1558.988976][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1558.995353][T29285] [ 1558.997856][T29285] Uninit was stored to memory at: [ 1559.002960][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1559.008298][T29285] get_compat_msghdr+0x108/0x2c0 [ 1559.013282][T29285] do_recvmmsg+0x1063/0x2120 [ 1559.018085][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.022800][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.029374][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1559.034446][T29285] do_fast_syscall_32+0x34/0x70 [ 1559.039515][T29285] do_SYSENTER_32+0x1b/0x20 [ 1559.044059][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1559.050615][T29285] [ 1559.052949][T29285] Uninit was stored to memory at: [ 1559.058185][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1559.063342][T29285] get_compat_msghdr+0x108/0x2c0 [ 1559.068504][T29285] do_recvmmsg+0x1063/0x2120 [ 1559.073130][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.078008][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.084389][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1559.089638][T29285] do_fast_syscall_32+0x34/0x70 [ 1559.094533][T29285] do_SYSENTER_32+0x1b/0x20 [ 1559.099248][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1559.105630][T29285] [ 1559.108134][T29285] Uninit was stored to memory at: [ 1559.113221][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1559.118547][T29285] get_compat_msghdr+0x108/0x2c0 [ 1559.123525][T29285] do_recvmmsg+0x1063/0x2120 [ 1559.128316][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.133029][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.139589][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1559.144658][T29285] do_fast_syscall_32+0x34/0x70 [ 1559.149720][T29285] do_SYSENTER_32+0x1b/0x20 [ 1559.154264][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1559.160811][T29285] [ 1559.163147][T29285] Uninit was stored to memory at: [ 1559.168386][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1559.173547][T29285] get_compat_msghdr+0x108/0x2c0 [ 1559.178701][T29285] do_recvmmsg+0x1063/0x2120 [ 1559.183324][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.188209][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.194586][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1559.199831][T29285] do_fast_syscall_32+0x34/0x70 [ 1559.204724][T29285] do_SYSENTER_32+0x1b/0x20 [ 1559.209439][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1559.215813][T29285] [ 1559.218317][T29285] Uninit was stored to memory at: [ 1559.223407][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1559.228727][T29285] get_compat_msghdr+0x108/0x2c0 [ 1559.233709][T29285] do_recvmmsg+0x1063/0x2120 [ 1559.238501][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.243209][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.249753][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1559.254823][T29285] do_fast_syscall_32+0x34/0x70 [ 1559.259883][T29285] do_SYSENTER_32+0x1b/0x20 [ 1559.264430][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1559.270978][T29285] [ 1559.273312][T29285] Uninit was stored to memory at: [ 1559.278545][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1559.283701][T29285] get_compat_msghdr+0x108/0x2c0 [ 1559.288852][T29285] do_recvmmsg+0x1063/0x2120 [ 1559.293475][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.298354][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.304740][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1559.309985][T29285] do_fast_syscall_32+0x34/0x70 [ 1559.314880][T29285] do_SYSENTER_32+0x1b/0x20 [ 1559.319599][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1559.325973][T29285] [ 1559.328475][T29285] Local variable msg_sys created at: [ 1559.333762][T29285] do_recvmmsg+0xc1/0x2120 [ 1559.338368][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.454338][ T1201] ieee802154 phy0 wpan0: encryption failed: -22 [ 1559.461021][ T1201] ieee802154 phy1 wpan1: encryption failed: -22 [ 1559.571969][T29285] not chained 1510000 origins [ 1559.576684][T29285] CPU: 0 PID: 29285 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1559.585486][T29285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1559.595564][T29285] Call Trace: [ 1559.598855][T29285] [ 1559.601800][T29285] dump_stack_lvl+0x1ff/0x28e [ 1559.606527][T29285] dump_stack+0x25/0x28 [ 1559.610720][T29285] kmsan_internal_chain_origin+0x7a/0x110 [ 1559.616501][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1559.622624][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1559.627788][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1559.633657][T29285] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1559.639259][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1559.644423][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1559.650299][T29285] ? should_fail+0x75/0x9c0 [ 1559.654856][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1559.660021][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1559.666324][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1559.672450][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1559.677618][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1559.683482][T29285] __msan_chain_origin+0xbf/0x140 [ 1559.688559][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1559.693737][T29285] get_compat_msghdr+0x108/0x2c0 [ 1559.698730][T29285] ? __sys_recvmmsg+0x51c/0x6f0 [ 1559.703619][T29285] do_recvmmsg+0x1063/0x2120 [ 1559.708260][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1559.713434][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1559.719732][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1559.724892][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1559.731194][T29285] ? fput+0x82/0x320 [ 1559.735138][T29285] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.741699][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.746425][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.752821][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1559.757893][T29285] do_fast_syscall_32+0x34/0x70 [ 1559.762791][T29285] do_SYSENTER_32+0x1b/0x20 [ 1559.767332][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1559.773712][T29285] RIP: 0023:0xf6e70549 [ 1559.777803][T29285] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1559.797453][T29285] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1559.805910][T29285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1559.813910][T29285] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1559.821909][T29285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1559.829903][T29285] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1559.837899][T29285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1559.845913][T29285] [ 1559.851093][T29285] Uninit was stored to memory at: [ 1559.856196][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1559.861683][T29285] get_compat_msghdr+0x108/0x2c0 [ 1559.866667][T29285] do_recvmmsg+0x1063/0x2120 [ 1559.871419][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.876135][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.882701][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1559.887864][T29285] do_fast_syscall_32+0x34/0x70 [ 1559.892756][T29285] do_SYSENTER_32+0x1b/0x20 [ 1559.897406][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1559.903781][T29285] [ 1559.906111][T29285] Uninit was stored to memory at: [ 1559.911397][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1559.916562][T29285] get_compat_msghdr+0x108/0x2c0 [ 1559.921727][T29285] do_recvmmsg+0x1063/0x2120 [ 1559.926351][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.931186][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.937660][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1559.942726][T29285] do_fast_syscall_32+0x34/0x70 [ 1559.947779][T29285] do_SYSENTER_32+0x1b/0x20 [ 1559.952322][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1559.958890][T29285] [ 1559.961226][T29285] Uninit was stored to memory at: [ 1559.966312][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1559.971649][T29285] get_compat_msghdr+0x108/0x2c0 [ 1559.976636][T29285] do_recvmmsg+0x1063/0x2120 [ 1559.981449][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1559.986165][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1559.992730][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1559.997949][T29285] do_fast_syscall_32+0x34/0x70 [ 1560.002840][T29285] do_SYSENTER_32+0x1b/0x20 [ 1560.007570][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1560.013949][T29285] [ 1560.016285][T29285] Uninit was stored to memory at: [ 1560.021547][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1560.026698][T29285] get_compat_msghdr+0x108/0x2c0 [ 1560.031867][T29285] do_recvmmsg+0x1063/0x2120 [ 1560.036498][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1560.041380][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1560.047908][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1560.052979][T29285] do_fast_syscall_32+0x34/0x70 [ 1560.058039][T29285] do_SYSENTER_32+0x1b/0x20 [ 1560.062584][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1560.069132][T29285] [ 1560.071466][T29285] Uninit was stored to memory at: [ 1560.076553][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1560.081875][T29285] get_compat_msghdr+0x108/0x2c0 [ 1560.086864][T29285] do_recvmmsg+0x1063/0x2120 [ 1560.091661][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1560.096375][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1560.102951][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1560.108169][T29285] do_fast_syscall_32+0x34/0x70 [ 1560.113059][T29285] do_SYSENTER_32+0x1b/0x20 [ 1560.117763][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1560.124133][T29285] [ 1560.126463][T29285] Uninit was stored to memory at: [ 1560.131725][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1560.136882][T29285] get_compat_msghdr+0x108/0x2c0 [ 1560.142048][T29285] do_recvmmsg+0x1063/0x2120 [ 1560.146672][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1560.151561][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1560.158041][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1560.163110][T29285] do_fast_syscall_32+0x34/0x70 [ 1560.168180][T29285] do_SYSENTER_32+0x1b/0x20 [ 1560.172724][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1560.179264][T29285] [ 1560.181592][T29285] Uninit was stored to memory at: [ 1560.186675][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1560.192007][T29285] get_compat_msghdr+0x108/0x2c0 [ 1560.196990][T29285] do_recvmmsg+0x1063/0x2120 [ 1560.201786][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1560.206495][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1560.213054][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1560.218254][T29285] do_fast_syscall_32+0x34/0x70 [ 1560.223145][T29285] do_SYSENTER_32+0x1b/0x20 [ 1560.227844][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1560.234222][T29285] [ 1560.236553][T29285] Local variable msg_sys created at: [ 1560.242019][T29285] do_recvmmsg+0xc1/0x2120 [ 1560.246471][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1560.549561][T29285] not chained 1520000 origins [ 1560.554271][T29285] CPU: 0 PID: 29285 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1560.563073][T29285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1560.573153][T29285] Call Trace: [ 1560.576444][T29285] [ 1560.579387][T29285] dump_stack_lvl+0x1ff/0x28e [ 1560.584121][T29285] dump_stack+0x25/0x28 [ 1560.588313][T29285] kmsan_internal_chain_origin+0x7a/0x110 [ 1560.594091][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1560.600218][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1560.605383][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1560.611254][T29285] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1560.616856][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1560.622028][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1560.627901][T29285] ? should_fail+0x75/0x9c0 [ 1560.632462][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1560.637631][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1560.643939][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1560.650066][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1560.655229][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1560.661091][T29285] __msan_chain_origin+0xbf/0x140 [ 1560.666167][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1560.671345][T29285] get_compat_msghdr+0x108/0x2c0 [ 1560.676337][T29285] ? __sys_recvmmsg+0x51c/0x6f0 [ 1560.681224][T29285] do_recvmmsg+0x1063/0x2120 [ 1560.685866][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1560.691046][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1560.697347][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1560.702508][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1560.708806][T29285] ? fput+0x82/0x320 [ 1560.712748][T29285] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1560.719310][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1560.724046][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1560.730437][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1560.735507][T29285] do_fast_syscall_32+0x34/0x70 [ 1560.740407][T29285] do_SYSENTER_32+0x1b/0x20 [ 1560.744954][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1560.751329][T29285] RIP: 0023:0xf6e70549 [ 1560.755423][T29285] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1560.775073][T29285] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1560.783527][T29285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1560.791527][T29285] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1560.799524][T29285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1560.807524][T29285] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1560.815524][T29285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1560.823533][T29285] [ 1560.828594][T29285] Uninit was stored to memory at: [ 1560.833695][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1560.839265][T29285] get_compat_msghdr+0x108/0x2c0 [ 1560.844254][T29285] do_recvmmsg+0x1063/0x2120 [ 1560.849004][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1560.853716][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1560.860220][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1560.865292][T29285] do_fast_syscall_32+0x34/0x70 [ 1560.870296][T29285] do_SYSENTER_32+0x1b/0x20 [ 1560.874838][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1560.881395][T29285] [ 1560.883724][T29285] Uninit was stored to memory at: [ 1560.888974][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1560.894129][T29285] get_compat_msghdr+0x108/0x2c0 [ 1560.899289][T29285] do_recvmmsg+0x1063/0x2120 [ 1560.903915][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1560.908800][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1560.915182][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1560.920428][T29285] do_fast_syscall_32+0x34/0x70 [ 1560.925326][T29285] do_SYSENTER_32+0x1b/0x20 [ 1560.930024][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1560.936397][T29285] [ 1560.938910][T29285] Uninit was stored to memory at: [ 1560.944034][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1560.949389][T29285] get_compat_msghdr+0x108/0x2c0 [ 1560.954377][T29285] do_recvmmsg+0x1063/0x2120 [ 1560.959186][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1560.963894][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1560.970446][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1560.975516][T29285] do_fast_syscall_32+0x34/0x70 [ 1560.980585][T29285] do_SYSENTER_32+0x1b/0x20 [ 1560.985131][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1560.991689][T29285] [ 1560.994022][T29285] Uninit was stored to memory at: [ 1560.999257][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1561.004413][T29285] get_compat_msghdr+0x108/0x2c0 [ 1561.009572][T29285] do_recvmmsg+0x1063/0x2120 [ 1561.014202][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1561.019096][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1561.025482][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1561.030736][T29285] do_fast_syscall_32+0x34/0x70 [ 1561.035634][T29285] do_SYSENTER_32+0x1b/0x20 [ 1561.040352][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1561.046729][T29285] [ 1561.049217][T29285] Uninit was stored to memory at: [ 1561.054308][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1561.059618][T29285] get_compat_msghdr+0x108/0x2c0 [ 1561.064602][T29285] do_recvmmsg+0x1063/0x2120 [ 1561.069411][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1561.074128][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1561.080688][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1561.085757][T29285] do_fast_syscall_32+0x34/0x70 [ 1561.090826][T29285] do_SYSENTER_32+0x1b/0x20 [ 1561.095374][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1561.101937][T29285] [ 1561.104273][T29285] Uninit was stored to memory at: [ 1561.109517][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1561.114671][T29285] get_compat_msghdr+0x108/0x2c0 [ 1561.119829][T29285] do_recvmmsg+0x1063/0x2120 [ 1561.124457][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1561.129346][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1561.135727][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1561.140989][T29285] do_fast_syscall_32+0x34/0x70 [ 1561.145884][T29285] do_SYSENTER_32+0x1b/0x20 [ 1561.150610][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1561.156990][T29285] [ 1561.159459][T29285] Uninit was stored to memory at: [ 1561.164545][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1561.169878][T29285] get_compat_msghdr+0x108/0x2c0 [ 1561.174866][T29285] do_recvmmsg+0x1063/0x2120 [ 1561.179658][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1561.184368][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1561.190934][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1561.196004][T29285] do_fast_syscall_32+0x34/0x70 [ 1561.201085][T29285] do_SYSENTER_32+0x1b/0x20 [ 1561.205629][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1561.212182][T29285] [ 1561.214519][T29285] Local variable msg_sys created at: [ 1561.219963][T29285] do_recvmmsg+0xc1/0x2120 [ 1561.224412][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1562.459625][T29287] not chained 1530000 origins [ 1562.464345][T29287] CPU: 0 PID: 29287 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1562.473144][T29287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1562.483221][T29287] Call Trace: [ 1562.486515][T29287] [ 1562.489459][T29287] dump_stack_lvl+0x1ff/0x28e [ 1562.494183][T29287] dump_stack+0x25/0x28 [ 1562.498368][T29287] kmsan_internal_chain_origin+0x7a/0x110 [ 1562.504141][T29287] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1562.510260][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1562.515422][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1562.521288][T29287] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1562.526887][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1562.532051][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1562.537911][T29287] ? should_fail+0x75/0x9c0 [ 1562.542471][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1562.547630][T29287] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1562.553929][T29287] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1562.560051][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1562.565213][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1562.571073][T29287] __msan_chain_origin+0xbf/0x140 [ 1562.576145][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1562.581318][T29287] get_compat_msghdr+0x108/0x2c0 [ 1562.586303][T29287] ? __sys_recvmmsg+0x51c/0x6f0 [ 1562.591189][T29287] do_recvmmsg+0x1063/0x2120 [ 1562.595832][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1562.601709][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1562.606870][T29287] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1562.613178][T29287] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1562.619742][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1562.624466][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1562.630853][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1562.635931][T29287] do_fast_syscall_32+0x34/0x70 [ 1562.640821][T29287] do_SYSENTER_32+0x1b/0x20 [ 1562.645363][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1562.650507][T29285] not chained 1540000 origins [ 1562.651728][T29287] RIP: 0023:0xf6e70549 [ 1562.660441][T29287] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1562.680075][T29287] RSP: 002b:00000000f5a285fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1562.688513][T29287] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1562.696498][T29287] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1562.704477][T29287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1562.712460][T29287] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1562.720445][T29287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1562.728443][T29287] [ 1562.731464][T29285] CPU: 1 PID: 29285 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1562.733467][T29287] Uninit was stored to memory at: [ 1562.740259][T29285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1562.740287][T29285] Call Trace: [ 1562.740301][T29285] [ 1562.740317][T29285] dump_stack_lvl+0x1ff/0x28e [ 1562.740377][T29285] dump_stack+0x25/0x28 [ 1562.740427][T29285] kmsan_internal_chain_origin+0x7a/0x110 [ 1562.740493][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1562.740556][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1562.745611][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1562.755595][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1562.755666][T29285] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1562.759036][T29287] get_compat_msghdr+0x108/0x2c0 [ 1562.761888][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1562.766543][T29287] do_recvmmsg+0x1063/0x2120 [ 1562.770681][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1562.770753][T29285] ? should_fail+0x75/0x9c0 [ 1562.776472][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1562.782523][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1562.782585][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1562.787769][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1562.792802][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1562.798717][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1562.804131][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1562.809143][T29287] do_fast_syscall_32+0x34/0x70 [ 1562.814135][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1562.818801][T29287] do_SYSENTER_32+0x1b/0x20 [ 1562.824499][T29285] __msan_chain_origin+0xbf/0x140 [ 1562.829111][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1562.833647][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1562.838837][T29287] [ 1562.844974][T29285] get_compat_msghdr+0x108/0x2c0 [ 1562.851362][T29287] Uninit was stored to memory at: [ 1562.857316][T29285] ? __sys_recvmmsg+0x51c/0x6f0 [ 1562.857368][T29285] do_recvmmsg+0x1063/0x2120 [ 1562.862456][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1562.867512][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1562.867585][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1562.872424][T29287] get_compat_msghdr+0x108/0x2c0 [ 1562.878216][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1562.878279][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1562.882789][T29287] do_recvmmsg+0x1063/0x2120 [ 1562.887797][T29285] ? fput+0x82/0x320 [ 1562.887855][T29285] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1562.894200][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1562.899299][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1562.899359][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1562.901703][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1562.906632][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1562.911725][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1562.916465][T29285] do_fast_syscall_32+0x34/0x70 [ 1562.921132][T29287] do_fast_syscall_32+0x34/0x70 [ 1562.926129][T29285] do_SYSENTER_32+0x1b/0x20 [ 1562.931316][T29287] do_SYSENTER_32+0x1b/0x20 [ 1562.937446][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1562.937507][T29285] RIP: 0023:0xf6e70549 [ 1562.937539][T29285] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1562.942438][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1562.947528][T29285] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1562.947576][T29285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1562.947610][T29285] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1562.947640][T29285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1562.953851][T29287] [ 1562.953860][T29287] Uninit was stored to memory at: [ 1562.958425][T29285] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1562.958455][T29285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1562.958498][T29285] [ 1562.958608][T29285] Uninit was stored to memory at: [ 1562.962460][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1562.969017][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1562.973647][T29287] get_compat_msghdr+0x108/0x2c0 [ 1562.978378][T29285] get_compat_msghdr+0x108/0x2c0 [ 1562.984702][T29287] do_recvmmsg+0x1063/0x2120 [ 1562.991087][T29285] do_recvmmsg+0x1063/0x2120 [ 1562.996115][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1563.001194][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1563.006046][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.010947][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.015459][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1563.020012][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1563.026323][T29287] do_fast_syscall_32+0x34/0x70 [ 1563.030448][T29285] do_fast_syscall_32+0x34/0x70 [ 1563.050148][T29287] do_SYSENTER_32+0x1b/0x20 [ 1563.056445][T29285] do_SYSENTER_32+0x1b/0x20 [ 1563.064935][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.072935][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.081012][T29287] [ 1563.089027][T29285] [ 1563.089035][T29285] Uninit was stored to memory at: [ 1563.089107][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1563.091347][T29287] Uninit was stored to memory at: [ 1563.091416][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1563.096349][T29285] get_compat_msghdr+0x108/0x2c0 [ 1563.104396][T29287] get_compat_msghdr+0x108/0x2c0 [ 1563.112401][T29285] do_recvmmsg+0x1063/0x2120 [ 1563.115437][T29287] do_recvmmsg+0x1063/0x2120 [ 1563.120515][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1563.125629][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1563.130791][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.135730][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.140717][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1563.145308][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1563.149953][T29285] do_fast_syscall_32+0x34/0x70 [ 1563.154620][T29287] do_fast_syscall_32+0x34/0x70 [ 1563.159347][T29285] do_SYSENTER_32+0x1b/0x20 [ 1563.165672][T29287] do_SYSENTER_32+0x1b/0x20 [ 1563.172050][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.177079][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.182153][T29285] [ 1563.182162][T29285] Uninit was stored to memory at: [ 1563.182233][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1563.187008][T29287] [ 1563.187017][T29287] Uninit was stored to memory at: [ 1563.191910][T29285] get_compat_msghdr+0x108/0x2c0 [ 1563.196472][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1563.200972][T29285] do_recvmmsg+0x1063/0x2120 [ 1563.201014][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1563.207375][T29287] get_compat_msghdr+0x108/0x2c0 [ 1563.213684][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.215995][T29287] do_recvmmsg+0x1063/0x2120 [ 1563.218382][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1563.223409][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1563.228575][T29285] do_fast_syscall_32+0x34/0x70 [ 1563.233599][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.238761][T29285] do_SYSENTER_32+0x1b/0x20 [ 1563.243698][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1563.248686][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.253276][T29287] do_fast_syscall_32+0x34/0x70 [ 1563.257914][T29285] [ 1563.257923][T29285] Uninit was stored to memory at: [ 1563.257992][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1563.262595][T29287] do_SYSENTER_32+0x1b/0x20 [ 1563.267327][T29285] get_compat_msghdr+0x108/0x2c0 [ 1563.273654][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.280036][T29285] do_recvmmsg+0x1063/0x2120 [ 1563.285063][T29287] [ 1563.285072][T29287] Uninit was stored to memory at: [ 1563.290140][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1563.295055][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1563.299896][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.304384][T29287] get_compat_msghdr+0x108/0x2c0 [ 1563.308942][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1563.315276][T29287] do_recvmmsg+0x1063/0x2120 [ 1563.321653][T29285] do_fast_syscall_32+0x34/0x70 [ 1563.323983][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1563.329060][T29285] do_SYSENTER_32+0x1b/0x20 [ 1563.334154][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.336466][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.341565][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1563.346459][T29285] [ 1563.346468][T29285] Uninit was stored to memory at: [ 1563.351645][T29287] do_fast_syscall_32+0x34/0x70 [ 1563.356257][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1563.360952][T29287] do_SYSENTER_32+0x1b/0x20 [ 1563.365846][T29285] get_compat_msghdr+0x108/0x2c0 [ 1563.372248][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.376797][T29285] do_recvmmsg+0x1063/0x2120 [ 1563.381899][T29287] [ 1563.386530][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1563.391456][T29287] Uninit was stored to memory at: [ 1563.397809][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.402359][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1563.407385][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1563.413711][T29287] get_compat_msghdr+0x108/0x2c0 [ 1563.418611][T29285] do_fast_syscall_32+0x34/0x70 [ 1563.420949][T29287] do_recvmmsg+0x1063/0x2120 [ 1563.425956][T29285] do_SYSENTER_32+0x1b/0x20 [ 1563.431140][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1563.435601][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.440612][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.446896][T29285] [ 1563.446904][T29285] Uninit was stored to memory at: [ 1563.451562][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1563.453912][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1563.458936][T29287] do_fast_syscall_32+0x34/0x70 [ 1563.463586][T29285] get_compat_msghdr+0x108/0x2c0 [ 1563.468769][T29287] do_SYSENTER_32+0x1b/0x20 [ 1563.475058][T29285] do_recvmmsg+0x1063/0x2120 [ 1563.480071][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.485052][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1563.489698][T29287] [ 1563.489708][T29287] Local variable msg_sys created at: [ 1563.494523][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.499325][T29287] do_recvmmsg+0xc1/0x2120 [ 1563.503788][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1563.510188][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1563.516474][T29285] do_fast_syscall_32+0x34/0x70 [ 1563.705184][T29285] do_SYSENTER_32+0x1b/0x20 [ 1563.709893][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.716268][T29285] [ 1563.718686][T29285] Uninit was stored to memory at: [ 1563.723780][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1563.729023][T29285] get_compat_msghdr+0x108/0x2c0 [ 1563.734006][T29285] do_recvmmsg+0x1063/0x2120 [ 1563.738709][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1563.743421][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1563.749887][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1563.754965][T29285] do_fast_syscall_32+0x34/0x70 [ 1563.759943][T29285] do_SYSENTER_32+0x1b/0x20 [ 1563.764487][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1563.770946][T29285] [ 1563.773276][T29285] Local variable msg_sys created at: [ 1563.778648][T29285] do_recvmmsg+0xc1/0x2120 [ 1563.783100][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1565.443835][T29285] not chained 1550000 origins [ 1565.448655][T29285] CPU: 1 PID: 29285 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1565.457458][T29285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1565.467539][T29285] Call Trace: [ 1565.470832][T29285] [ 1565.473778][T29285] dump_stack_lvl+0x1ff/0x28e [ 1565.478515][T29285] dump_stack+0x25/0x28 [ 1565.482709][T29285] kmsan_internal_chain_origin+0x7a/0x110 [ 1565.488490][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1565.494617][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1565.499787][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1565.505655][T29285] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1565.511257][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1565.516421][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1565.522285][T29285] ? should_fail+0x75/0x9c0 [ 1565.526840][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1565.532007][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1565.538307][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1565.544431][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1565.549596][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1565.555461][T29285] __msan_chain_origin+0xbf/0x140 [ 1565.560543][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1565.565722][T29285] get_compat_msghdr+0x108/0x2c0 [ 1565.570710][T29285] ? __sys_recvmmsg+0x51c/0x6f0 [ 1565.575600][T29285] do_recvmmsg+0x1063/0x2120 [ 1565.580240][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1565.585412][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1565.591714][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1565.596882][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1565.603189][T29285] ? fput+0x82/0x320 [ 1565.607131][T29285] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1565.613693][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1565.618421][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1565.624818][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1565.629891][T29285] do_fast_syscall_32+0x34/0x70 [ 1565.634787][T29285] do_SYSENTER_32+0x1b/0x20 [ 1565.639334][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1565.645715][T29285] RIP: 0023:0xf6e70549 [ 1565.649807][T29285] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1565.669457][T29285] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1565.677910][T29285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1565.685910][T29285] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1565.693910][T29285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1565.701915][T29285] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1565.709917][T29285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1565.717936][T29285] [ 1565.724370][T29285] Uninit was stored to memory at: [ 1565.730313][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1565.735472][T29285] get_compat_msghdr+0x108/0x2c0 [ 1565.740544][T29285] do_recvmmsg+0x1063/0x2120 [ 1565.745168][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1565.749967][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1565.756349][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1565.761496][T29285] do_fast_syscall_32+0x34/0x70 [ 1565.766385][T29285] do_SYSENTER_32+0x1b/0x20 [ 1565.771033][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1565.777488][T29285] [ 1565.779817][T29285] Uninit was stored to memory at: [ 1565.784926][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1565.790174][T29285] get_compat_msghdr+0x108/0x2c0 [ 1565.795158][T29285] do_recvmmsg+0x1063/0x2120 [ 1565.799861][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1565.804573][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1565.811095][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1565.816161][T29285] do_fast_syscall_32+0x34/0x70 [ 1565.821203][T29285] do_SYSENTER_32+0x1b/0x20 [ 1565.825749][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1565.832277][T29285] [ 1565.834607][T29285] Uninit was stored to memory at: [ 1565.839844][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1565.845008][T29285] get_compat_msghdr+0x108/0x2c0 [ 1565.850146][T29285] do_recvmmsg+0x1063/0x2120 [ 1565.854770][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1565.859628][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1565.866007][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1565.871243][T29285] do_fast_syscall_32+0x34/0x70 [ 1565.876145][T29285] do_SYSENTER_32+0x1b/0x20 [ 1565.880837][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1565.887213][T29285] [ 1565.889685][T29285] Uninit was stored to memory at: [ 1565.894776][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1565.900077][T29285] get_compat_msghdr+0x108/0x2c0 [ 1565.905071][T29285] do_recvmmsg+0x1063/0x2120 [ 1565.909852][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1565.914564][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1565.921090][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1565.926161][T29285] do_fast_syscall_32+0x34/0x70 [ 1565.931211][T29285] do_SYSENTER_32+0x1b/0x20 [ 1565.935760][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1565.942302][T29285] [ 1565.944639][T29285] Uninit was stored to memory at: [ 1565.949886][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1565.955053][T29285] get_compat_msghdr+0x108/0x2c0 [ 1565.960217][T29285] do_recvmmsg+0x1063/0x2120 [ 1565.964838][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1565.969705][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1565.976085][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1565.981305][T29285] do_fast_syscall_32+0x34/0x70 [ 1565.986202][T29285] do_SYSENTER_32+0x1b/0x20 [ 1565.990997][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1565.997529][T29285] [ 1565.999862][T29285] Uninit was stored to memory at: [ 1566.004954][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1566.010273][T29285] get_compat_msghdr+0x108/0x2c0 [ 1566.015264][T29285] do_recvmmsg+0x1063/0x2120 [ 1566.020050][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1566.024769][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1566.031312][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1566.036385][T29285] do_fast_syscall_32+0x34/0x70 [ 1566.041431][T29285] do_SYSENTER_32+0x1b/0x20 [ 1566.045978][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1566.052520][T29285] [ 1566.054850][T29285] Uninit was stored to memory at: [ 1566.060085][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1566.065247][T29285] get_compat_msghdr+0x108/0x2c0 [ 1566.070388][T29285] do_recvmmsg+0x1063/0x2120 [ 1566.075019][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1566.079879][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1566.086260][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1566.091474][T29285] do_fast_syscall_32+0x34/0x70 [ 1566.096367][T29285] do_SYSENTER_32+0x1b/0x20 [ 1566.101053][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1566.107605][T29285] [ 1566.109943][T29285] Local variable msg_sys created at: [ 1566.115230][T29285] do_recvmmsg+0xc1/0x2120 [ 1566.119823][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1566.760478][T29339] loop0: detected capacity change from 0 to 264192 [ 1566.812654][T29287] not chained 1560000 origins [ 1566.818143][T29287] CPU: 1 PID: 29287 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1566.826949][T29287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1566.837030][T29287] Call Trace: [ 1566.840321][T29287] [ 1566.843264][T29287] dump_stack_lvl+0x1ff/0x28e [ 1566.847994][T29287] dump_stack+0x25/0x28 [ 1566.852191][T29287] kmsan_internal_chain_origin+0x7a/0x110 [ 1566.857976][T29287] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1566.864097][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1566.869262][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1566.875130][T29287] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1566.880737][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1566.885901][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1566.891765][T29287] ? should_fail+0x75/0x9c0 [ 1566.896314][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1566.901472][T29287] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1566.907772][T29287] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1566.913896][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1566.919056][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1566.924918][T29287] __msan_chain_origin+0xbf/0x140 [ 1566.929996][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1566.935174][T29287] get_compat_msghdr+0x108/0x2c0 [ 1566.940161][T29287] ? __sys_recvmmsg+0x51c/0x6f0 [ 1566.945048][T29287] do_recvmmsg+0x1063/0x2120 [ 1566.949686][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1566.955579][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1566.960747][T29287] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1566.967049][T29287] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1566.973607][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1566.978336][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1566.984735][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1566.989812][T29287] do_fast_syscall_32+0x34/0x70 [ 1566.994709][T29287] do_SYSENTER_32+0x1b/0x20 [ 1566.999253][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1567.005627][T29287] RIP: 0023:0xf6e70549 [ 1567.009715][T29287] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1567.029366][T29287] RSP: 002b:00000000f5a285fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1567.037816][T29287] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1567.045820][T29287] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1567.053814][T29287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1567.061811][T29287] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1567.069814][T29287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1567.077827][T29287] [ 1567.084410][T29287] Uninit was stored to memory at: [ 1567.090169][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1567.095335][T29287] get_compat_msghdr+0x108/0x2c0 [ 1567.100421][T29287] do_recvmmsg+0x1063/0x2120 [ 1567.105049][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1567.109856][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1567.116266][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1567.121479][T29287] do_fast_syscall_32+0x34/0x70 [ 1567.126376][T29287] do_SYSENTER_32+0x1b/0x20 [ 1567.131014][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1567.137474][T29287] [ 1567.139813][T29287] Uninit was stored to memory at: [ 1567.144907][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1567.150219][T29287] get_compat_msghdr+0x108/0x2c0 [ 1567.155201][T29287] do_recvmmsg+0x1063/0x2120 [ 1567.159906][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1567.164623][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1567.171097][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1567.176170][T29287] do_fast_syscall_32+0x34/0x70 [ 1567.181147][T29287] do_SYSENTER_32+0x1b/0x20 [ 1567.185692][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1567.192155][T29287] [ 1567.194486][T29287] Uninit was stored to memory at: [ 1567.199660][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1567.204823][T29287] get_compat_msghdr+0x108/0x2c0 [ 1567.209901][T29287] do_recvmmsg+0x1063/0x2120 [ 1567.214533][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1567.219340][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1567.225725][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1567.230885][T29287] do_fast_syscall_32+0x34/0x70 [ 1567.235787][T29287] do_SYSENTER_32+0x1b/0x20 [ 1567.240413][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1567.246790][T29287] [ 1567.249208][T29287] Uninit was stored to memory at: [ 1567.254294][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1567.259528][T29287] get_compat_msghdr+0x108/0x2c0 [ 1567.264512][T29287] do_recvmmsg+0x1063/0x2120 [ 1567.269218][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1567.273937][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1567.280481][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1567.285553][T29287] do_fast_syscall_32+0x34/0x70 [ 1567.290533][T29287] do_SYSENTER_32+0x1b/0x20 [ 1567.295080][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1567.301544][T29287] [ 1567.303879][T29287] Uninit was stored to memory at: [ 1567.309053][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1567.314211][T29287] get_compat_msghdr+0x108/0x2c0 [ 1567.319290][T29287] do_recvmmsg+0x1063/0x2120 [ 1567.323918][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1567.328724][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1567.335107][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1567.340265][T29287] do_fast_syscall_32+0x34/0x70 [ 1567.345160][T29287] do_SYSENTER_32+0x1b/0x20 [ 1567.349789][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1567.356187][T29287] [ 1567.358595][T29287] Uninit was stored to memory at: [ 1567.363682][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1567.368927][T29287] get_compat_msghdr+0x108/0x2c0 [ 1567.373911][T29287] do_recvmmsg+0x1063/0x2120 [ 1567.378628][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1567.383339][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1567.389800][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1567.394873][T29287] do_fast_syscall_32+0x34/0x70 [ 1567.399864][T29287] do_SYSENTER_32+0x1b/0x20 [ 1567.404418][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1567.410879][T29287] [ 1567.413217][T29287] Uninit was stored to memory at: [ 1567.418378][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1567.423533][T29287] get_compat_msghdr+0x108/0x2c0 [ 1567.428603][T29287] do_recvmmsg+0x1063/0x2120 [ 1567.433229][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1567.438030][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1567.444414][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1567.449558][T29287] do_fast_syscall_32+0x34/0x70 [ 1567.454451][T29287] do_SYSENTER_32+0x1b/0x20 [ 1567.459072][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1567.465452][T29287] [ 1567.467864][T29287] Local variable msg_sys created at: [ 1567.473151][T29287] do_recvmmsg+0xc1/0x2120 [ 1567.477672][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1567.764374][T29285] not chained 1570000 origins [ 1567.769497][T29285] CPU: 1 PID: 29285 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1567.778300][T29285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1567.788384][T29285] Call Trace: [ 1567.791780][T29285] [ 1567.794738][T29285] dump_stack_lvl+0x1ff/0x28e [ 1567.799475][T29285] dump_stack+0x25/0x28 [ 1567.803681][T29285] kmsan_internal_chain_origin+0x7a/0x110 12:59:01 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dc", 0x2d, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:59:01 executing program 5: timer_create(0x2, 0x0, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0xe4c}}, 0x0) timer_gettime(0x0, &(0x7f0000000280)) 12:59:01 executing program 4: syz_mount_image$fuse(&(0x7f0000006780), &(0x7f00000067c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000007a80)) [ 1567.809470][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1567.815601][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1567.820771][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1567.826643][T29285] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1567.832249][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1567.837418][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1567.843298][T29285] ? should_fail+0x75/0x9c0 [ 1567.847863][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1567.853036][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1567.859338][T29285] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1567.865471][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1567.870638][T29285] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1567.876509][T29285] __msan_chain_origin+0xbf/0x140 [ 1567.881590][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1567.886771][T29285] get_compat_msghdr+0x108/0x2c0 [ 1567.891761][T29285] ? __sys_recvmmsg+0x51c/0x6f0 [ 1567.896651][T29285] do_recvmmsg+0x1063/0x2120 [ 1567.901303][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1567.906483][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1567.912783][T29285] ? kmsan_get_metadata+0xa4/0x120 [ 1567.917955][T29285] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1567.924259][T29285] ? fput+0x82/0x320 [ 1567.928206][T29285] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1567.934776][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1567.939510][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1567.945908][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1567.950988][T29285] do_fast_syscall_32+0x34/0x70 [ 1567.955888][T29285] do_SYSENTER_32+0x1b/0x20 [ 1567.960438][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1567.966826][T29285] RIP: 0023:0xf6e70549 [ 1567.970919][T29285] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1567.990781][T29285] RSP: 002b:00000000f5a495fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1567.999241][T29285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1568.007244][T29285] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1568.015246][T29285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1568.023249][T29285] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1568.031255][T29285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1568.039707][T29285] [ 1568.046067][T29285] Uninit was stored to memory at: [ 1568.051740][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1568.056903][T29285] get_compat_msghdr+0x108/0x2c0 [ 1568.061987][T29285] do_recvmmsg+0x1063/0x2120 [ 1568.066623][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1568.071476][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1568.078043][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1568.083118][T29285] do_fast_syscall_32+0x34/0x70 [ 1568.088164][T29285] do_SYSENTER_32+0x1b/0x20 [ 1568.092711][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1568.099240][T29285] [ 1568.101576][T29285] Uninit was stored to memory at: [ 1568.106664][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1568.111909][T29285] get_compat_msghdr+0x108/0x2c0 [ 1568.116892][T29285] do_recvmmsg+0x1063/0x2120 [ 1568.121654][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1568.126369][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1568.132901][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1568.138115][T29285] do_fast_syscall_32+0x34/0x70 [ 1568.143047][T29285] do_SYSENTER_32+0x1b/0x20 [ 1568.147718][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1568.154098][T29285] [ 1568.156432][T29285] Uninit was stored to memory at: [ 1568.161658][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1568.166814][T29285] get_compat_msghdr+0x108/0x2c0 [ 1568.171936][T29285] do_recvmmsg+0x1063/0x2120 [ 1568.176560][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1568.181411][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1568.187939][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1568.193017][T29285] do_fast_syscall_32+0x34/0x70 [ 1568.198063][T29285] do_SYSENTER_32+0x1b/0x20 [ 1568.202613][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1568.209155][T29285] [ 1568.211487][T29285] Uninit was stored to memory at: [ 1568.216580][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1568.221885][T29285] get_compat_msghdr+0x108/0x2c0 [ 1568.226869][T29285] do_recvmmsg+0x1063/0x2120 [ 1568.231642][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1568.236354][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1568.242875][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1568.248053][T29285] do_fast_syscall_32+0x34/0x70 [ 1568.252951][T29285] do_SYSENTER_32+0x1b/0x20 [ 1568.257628][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1568.264011][T29285] [ 1568.266353][T29285] Uninit was stored to memory at: [ 1568.271589][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1568.276752][T29285] get_compat_msghdr+0x108/0x2c0 [ 1568.281887][T29285] do_recvmmsg+0x1063/0x2120 [ 1568.286524][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1568.291382][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1568.297916][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1568.302992][T29285] do_fast_syscall_32+0x34/0x70 [ 1568.308057][T29285] do_SYSENTER_32+0x1b/0x20 [ 1568.312607][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1568.319141][T29285] [ 1568.321473][T29285] Uninit was stored to memory at: [ 1568.326565][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1568.331805][T29285] get_compat_msghdr+0x108/0x2c0 [ 1568.336793][T29285] do_recvmmsg+0x1063/0x2120 [ 1568.341503][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1568.346222][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1568.352696][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1568.357853][T29285] do_fast_syscall_32+0x34/0x70 [ 1568.362752][T29285] do_SYSENTER_32+0x1b/0x20 [ 1568.367432][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1568.373811][T29285] [ 1568.376142][T29285] Uninit was stored to memory at: [ 1568.381371][T29285] __get_compat_msghdr+0x6e1/0x9d0 [ 1568.386530][T29285] get_compat_msghdr+0x108/0x2c0 [ 1568.391650][T29285] do_recvmmsg+0x1063/0x2120 [ 1568.396278][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1568.401150][T29285] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1568.407663][T29285] __do_fast_syscall_32+0x96/0xf0 [ 1568.412735][T29285] do_fast_syscall_32+0x34/0x70 [ 1568.414315][T29346] fuse: Bad value for 'fd' [ 1568.417765][T29285] do_SYSENTER_32+0x1b/0x20 [ 1568.417817][T29285] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1568.417872][T29285] [ 1568.417881][T29285] Local variable msg_sys created at: [ 1568.417896][T29285] do_recvmmsg+0xc1/0x2120 [ 1568.417935][T29285] __sys_recvmmsg+0x51c/0x6f0 [ 1568.458484][T29346] fuse: Bad value for 'fd' [ 1569.004917][T29287] not chained 1580000 origins [ 1569.009859][T29287] CPU: 1 PID: 29287 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1569.018665][T29287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1569.028752][T29287] Call Trace: [ 1569.032053][T29287] [ 1569.035004][T29287] dump_stack_lvl+0x1ff/0x28e [ 1569.039737][T29287] dump_stack+0x25/0x28 [ 1569.043929][T29287] kmsan_internal_chain_origin+0x7a/0x110 [ 1569.049711][T29287] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1569.055834][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1569.061005][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1569.066869][T29287] ? __unix_dgram_recvmsg+0x1a18/0x1c30 [ 1569.072483][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1569.077654][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1569.083525][T29287] ? should_fail+0x75/0x9c0 [ 1569.088082][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1569.093248][T29287] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1569.099546][T29287] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 1569.105672][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1569.110833][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1569.116694][T29287] __msan_chain_origin+0xbf/0x140 [ 1569.121769][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1569.126941][T29287] get_compat_msghdr+0x108/0x2c0 [ 1569.131936][T29287] ? __sys_recvmmsg+0x51c/0x6f0 [ 1569.136828][T29287] do_recvmmsg+0x1063/0x2120 [ 1569.141467][T29287] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1569.147340][T29287] ? kmsan_get_metadata+0xa4/0x120 [ 1569.152503][T29287] ? kmsan_internal_set_shadow_origin+0x63/0xc0 [ 1569.158802][T29287] ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1569.165364][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1569.170087][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1569.176474][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1569.181542][T29287] do_fast_syscall_32+0x34/0x70 [ 1569.186433][T29287] do_SYSENTER_32+0x1b/0x20 [ 1569.190985][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1569.197359][T29287] RIP: 0023:0xf6e70549 [ 1569.201450][T29287] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1569.221096][T29287] RSP: 002b:00000000f5a285fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1569.229547][T29287] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1569.237544][T29287] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1569.245539][T29287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1569.253531][T29287] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1569.261525][T29287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1569.269535][T29287] [ 1569.275842][T29287] Uninit was stored to memory at: [ 1569.281337][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1569.286498][T29287] get_compat_msghdr+0x108/0x2c0 [ 1569.291579][T29287] do_recvmmsg+0x1063/0x2120 [ 1569.296214][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1569.301024][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1569.307494][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1569.312602][T29287] do_fast_syscall_32+0x34/0x70 [ 1569.317609][T29287] do_SYSENTER_32+0x1b/0x20 [ 1569.322200][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1569.328695][T29287] [ 1569.331039][T29287] Uninit was stored to memory at: [ 1569.336151][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1569.341395][T29287] get_compat_msghdr+0x108/0x2c0 [ 1569.346383][T29287] do_recvmmsg+0x1063/0x2120 [ 1569.351090][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1569.355804][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1569.362332][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1569.367526][T29287] do_fast_syscall_32+0x34/0x70 [ 1569.372445][T29287] do_SYSENTER_32+0x1b/0x20 [ 1569.376992][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1569.383511][T29287] [ 1569.385848][T29287] Uninit was stored to memory at: [ 1569.391085][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1569.396242][T29287] get_compat_msghdr+0x108/0x2c0 [ 1569.401375][T29287] do_recvmmsg+0x1063/0x2120 [ 1569.406007][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1569.410866][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1569.417256][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1569.422463][T29287] do_fast_syscall_32+0x34/0x70 [ 1569.427486][T29287] do_SYSENTER_32+0x1b/0x20 [ 1569.432033][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1569.438551][T29287] [ 1569.440885][T29287] Uninit was stored to memory at: [ 1569.445979][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1569.451290][T29287] get_compat_msghdr+0x108/0x2c0 [ 1569.456281][T29287] do_recvmmsg+0x1063/0x2120 [ 1569.461067][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1569.465783][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1569.472301][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1569.477499][T29287] do_fast_syscall_32+0x34/0x70 [ 1569.482394][T29287] do_SYSENTER_32+0x1b/0x20 [ 1569.486942][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1569.493482][T29287] [ 1569.495814][T29287] Uninit was stored to memory at: [ 1569.501058][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1569.506223][T29287] get_compat_msghdr+0x108/0x2c0 [ 1569.511359][T29287] do_recvmmsg+0x1063/0x2120 [ 1569.515986][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1569.520780][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1569.527165][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1569.532322][T29287] do_fast_syscall_32+0x34/0x70 [ 1569.537215][T29287] do_SYSENTER_32+0x1b/0x20 [ 1569.541844][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1569.548304][T29287] [ 1569.550637][T29287] Uninit was stored to memory at: [ 1569.555724][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1569.560971][T29287] get_compat_msghdr+0x108/0x2c0 [ 1569.565960][T29287] do_recvmmsg+0x1063/0x2120 [ 1569.570673][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1569.575390][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1569.581858][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1569.586933][T29287] do_fast_syscall_32+0x34/0x70 [ 1569.591912][T29287] do_SYSENTER_32+0x1b/0x20 [ 1569.596461][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1569.602948][T29287] [ 1569.605286][T29287] Uninit was stored to memory at: [ 1569.610456][T29287] __get_compat_msghdr+0x6e1/0x9d0 [ 1569.615619][T29287] get_compat_msghdr+0x108/0x2c0 [ 1569.620691][T29287] do_recvmmsg+0x1063/0x2120 [ 1569.625319][T29287] __sys_recvmmsg+0x51c/0x6f0 [ 1569.630114][T29287] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 [ 1569.636500][T29287] __do_fast_syscall_32+0x96/0xf0 [ 1569.641661][T29287] do_fast_syscall_32+0x34/0x70 [ 1569.646557][T29287] do_SYSENTER_32+0x1b/0x20 [ 1569.651189][T29287] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1569.657647][T29287] [ 1569.659984][T29287] Local variable msg_sys created at: [ 1569.665280][T29287] do_recvmmsg+0xc1/0x2120 [ 1569.669817][T29287] __sys_recvmmsg+0x51c/0x6f0 12:59:04 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)={0x18, r1, 0xb08b61a79bebc409, 0x0, 0x0, {}, [@NL802154_ATTR_SEC_KEY={0x4}]}, 0x18}}, 0x0) 12:59:04 executing program 5: timer_create(0x2, 0x0, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0xe4c}}, 0x0) timer_gettime(0x0, &(0x7f0000000280)) 12:59:04 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:59:04 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000040)={0x0, 0x0, "9319d7", 0x9}) 12:59:04 executing program 1: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={0x0, @default, @bpq0, 0x0, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x0, 0x0, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) 12:59:04 executing program 5: timer_create(0x2, 0x0, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0xe4c}}, 0x0) timer_gettime(0x0, &(0x7f0000000280)) 12:59:04 executing program 1: r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000000)=@gcm_256={{}, "6409b54af15bca3c", "cb157d2bec6f9d5920632a09cfb023107d77a68b87509aa4a4907efd9577f22a", "c0a04120", "7775d64f9b1407da"}, 0x38) 12:59:04 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:59:05 executing program 5: timer_create(0x2, 0x0, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0xe4c}}, 0x0) timer_gettime(0x0, &(0x7f0000000280)) [ 1572.487789][T21991] Bluetooth: hci0: command 0x0401 tx timeout [ 1572.970842][T29379] loop0: detected capacity change from 0 to 264192 [ 1573.005671][T29379] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 12:59:07 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dc", 0x2d, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:59:07 executing program 2: socket(0x25, 0x805, 0x0) 12:59:07 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 12:59:07 executing program 4: futex(0x0, 0x5, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) recvmmsg(r0, &(0x7f0000004d80), 0x493, 0xa, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="03070480000000000000010000000400018026e2"], 0x18}}, 0x0) 12:59:07 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)=0x600000000000000, 0x43408) 12:59:07 executing program 5: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x200480, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, 0x0, 0x0) 12:59:07 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002740)='/proc/mdstat\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000002780)={0x2020}, 0x2020) 12:59:07 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000002c0)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000000200)={0x2c, 0x0, 0x8, 0x3, 0x0, 0x0, {}, [@CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @fccp}, @CTA_TIMEOUT_L4PROTO={0x5}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}}, 0x0) 12:59:07 executing program 5: r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1c, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(0xffffffffffffffff, 0xc1004111, &(0x7f0000000380)={0x0, [0x0, 0x3], [{0x5, 0x401, 0x0, 0x0, 0x1, 0x1}, {0x1000, 0x101}, {0x7dff, 0x1e2d, 0x0, 0x1}, {0x3f, 0x7, 0x0, 0x1, 0x1}, {0x7, 0x2, 0x1, 0x1, 0x1}, {0x7, 0x3, 0x1, 0x0, 0x0, 0x1}, {0x7, 0x995, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x10001, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x0, 0x1}, {0x5, 0x2, 0x1, 0x0, 0x0, 0x1}, {0x6f1d7ff2, 0x2, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x1, 0x1, 0x1}], 0x9}) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="200a2bbd7000ffdbdf2504000000e7f9388001000000252909effc7bcba3c369734ccccc8b61be7b6068029de9436957fc15c8a89c968bb724be40fd9820ebd91fec995afe25a83c8a14856088b96ff93cfb522c08b03063cea04cf823f89d6bbcf71ceedcd434fcf3fbbec5172fd7f1dab1fd28d974c6552f15d172c0d0007f052865bdbd6beb666252c55bf725973c6800358f53382426f0fe3af1c4822b6640e1244941ad0497b33b6d319d90a20fea7c6b31a66c09ee9f3274e61f00"], 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x48045) sendmsg$rds(0xffffffffffffffff, 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x40000, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) 12:59:07 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, 0x0, 0x0) 12:59:07 executing program 4: futex(0x0, 0x5, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) recvmmsg(r0, &(0x7f0000004d80), 0x493, 0xa, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="03070480000000000000010000000400018026e2"], 0x18}}, 0x0) 12:59:08 executing program 1: futex(&(0x7f0000000100), 0x8, 0x0, 0x0, 0x0, 0x0) [ 1574.820054][T29421] loop0: detected capacity change from 0 to 264192 [ 1574.864581][T29421] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 12:59:09 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f", 0x44, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:59:09 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) socketpair(0x1d, 0x0, 0x0, &(0x7f0000000280)) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, 0x0, 0x2, 0x70bd2b, 0x25dfdbfd, {}, [@L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e20}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040050}, 0x40001) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)={0x30, 0x0, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x5}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @broadcast}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xa3}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) 12:59:09 executing program 5: r0 = fsopen(&(0x7f0000000340)='cramfs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000000)='dirsync\x00', 0x0, 0x0) 12:59:09 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, 0x0, 0x0) 12:59:09 executing program 4: r0 = socket$l2tp(0x2, 0x2, 0x73) recvfrom$l2tp(r0, 0x0, 0x0, 0xe06db001d6b5db68, 0x0, 0x0) 12:59:09 executing program 1: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040)={{0x0, 0x80000000}}, 0x10) 12:59:09 executing program 1: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0) preadv2(r0, &(0x7f00000008c0)=[{&(0x7f0000000380)=""/73, 0x49}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0, 0x0, 0x0) [ 1575.315669][T29432] can: request_module (can-proto-0) failed. 12:59:09 executing program 5: r0 = syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x6, 0x0, 0x0, 0x0) 12:59:09 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x0, 0x0, 0x0) [ 1575.396890][T29438] can: request_module (can-proto-0) failed. 12:59:09 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, 0x0, 0x0) 12:59:09 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000000)='wg0\x00', 0x4) 12:59:09 executing program 1: openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/power_supply', 0x20000, 0x4) [ 1576.569087][T29458] loop0: detected capacity change from 0 to 264192 [ 1576.608427][T29458] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1576.630360][T29458] EXT4-fs (loop0): get root inode failed [ 1576.636126][T29458] EXT4-fs (loop0): mount failed 12:59:10 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f", 0x44, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:59:10 executing program 5: madvise(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4) 12:59:10 executing program 4: openat$full(0xffffffffffffff9c, &(0x7f00000043c0), 0x0, 0x0) 12:59:10 executing program 2: io_setup(0x0, &(0x7f0000000040)=0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) io_submit(r0, 0x1, &(0x7f00000001c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 12:59:10 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200), 0x43408) 12:59:10 executing program 1: memfd_create(&(0x7f0000004ec0)='\x00', 0x1) 12:59:11 executing program 5: syz_open_procfs(0x0, &(0x7f0000000380)='net/if_inet6\x00') 12:59:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x3, 0x4) 12:59:11 executing program 1: openat$procfs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/cgroups\x00', 0x0, 0x0) 12:59:11 executing program 2: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x6, 0x4, 0x4, 0x4}, 0x18) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r0, &(0x7f0000000000), &(0x7f0000000140)=@tcp6, 0x4}, 0x20) write$binfmt_misc(r0, &(0x7f0000002400)=ANY=[@ANYBLOB="73797e30faad9b8b299d544128cbe29c030000000000000073027641db64b177d76074bc78f5de1108f0d174e816327ba2221d2dd6885daa345dfeffffffa7948200a157b9f8e99007eb1a67c1f7570a8d470858b3307c5aa37daa9f8b6cd3109e1e71049361b4b7f3d2afd12d281e447b3b6ac64582d641cb50c44895623c2ce3b76a77c35be191ff24b3889e97b1ee90bba2a531000000000000"], 0x1f) close(0xffffffffffffffff) r1 = socket$inet6(0xa, 0x3, 0x6) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000004c0)='net/ip6_flowlabel\x00') sendfile(r1, r2, &(0x7f0000000240)=0x202, 0x4000000000dc) 12:59:11 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000060000000000009300008500000075000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r3, &(0x7f0000000200), 0x43408) 12:59:12 executing program 4: mq_open(&(0x7f00000002c0)='.)[*\x00', 0x0, 0x0, 0x0) [ 1579.184454][T29496] loop0: detected capacity change from 0 to 264192 [ 1579.272455][T29496] EXT4-fs error (device loop0): ext4_fill_super:4822: inode #2: comm syz-executor.0: iget: root inode unallocated [ 1579.285994][T29496] EXT4-fs (loop0): get root inode failed [ 1579.292203][T29496] EXT4-fs (loop0): mount failed 12:59:13 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xff7ffffffffff000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f", 0x44, 0x400}, {&(0x7f0000010400)="080000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[]) 12:59:13 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x4, &(0x7f0000000300), 0x4) 12:59:13 executing program 2: mq_open(&(0x7f0000000000)='\xdf\xab\xd5\x17@\xac\xe2\r\xf1\x9b\x90nU(|\x1c\x9eG\xea4\xd2\x1a\x1e\\A\x86!4iZ\xde?\xcb?\xb7\x14\nb\x15\xd5\xb3\xd1\x86B\x9f\x96\x16\xad>zA\xe9\xfe\xff\xcb\xda\x83=\xf7\xfc\x11\xf4\x1a\x11\x10\x97I\xde\xd2\b-\x95\xcf]\xedc\xd4w\x9d\xb2\x8a\xa9\xae\xd3\xee\xab\xaeP\x1e\x96\x1a97\x91k\xe1h\x18\xddU\xb8\xbb\x81\n\x80\xb4w|\xf4\a\a\xc7\xe5\xc0y\xd3\xe15uM4h\x10\xfa\xe0E0xffffffffffffffff}) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(r1, &(0x7f0000000140)={&(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, 0x0}, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) write$cgroup_int(r2, &(0x7f0000000000), 0x29b000) 12:59:15 executing program 1: r0 = msgget$private(0x0, 0x0) msgrcv(r0, &(0x7f0000000000)={0x0, ""/206}, 0xd6, 0x0, 0x2000) msgrcv(r0, &(0x7f0000000100)={0x0, ""/50}, 0x3a, 0x1, 0x2000) r1 = msgget(0x2, 0x20) msgrcv(r1, &(0x7f0000000140)={0x0, ""/220}, 0xe4, 0x3, 0x800) r2 = msgget$private(0x0, 0x100) msgrcv(r2, &(0x7f0000000240)={0x0, ""/4096}, 0x1008, 0x1, 0x800) msgsnd(r1, &(0x7f0000001280)={0x1, "9c55b147f4861f43f7910000b018921f3f406067a9893ee5f9c2cb67907cddd13827b98ee7183ef1c81e7c00ffb3a49049e3e52fec77357c86a42b374f58f4aaef39edccf910cb9c6d92b5f0717ec7c6773daea908eaea8a4810f98be36a33c8a34981cdc5f358d00e8c1b029b879891366f1451e8c8413d7652087b34d9a784e7a69b714aec66c999a66965dda874c88316a19d5201372c530508fabf69af46d763fe445eb8b7ed902b78d2d30ace0fe0282b5ef5f5397be6b05033f228ad603ab5"}, 0xca, 0x0) msgsnd(r2, &(0x7f0000001380)={0x3, "16fd088d2429d88d9a223075f930d180a4e20b8a0d6b053ceb8bbb2dc3398e4bad1449549d320bc3dc09873bac8f44f4fac229e04450661a252b3662435ed5e6864dce55f5c00e14817ab611ba8105b1319c31de53df1cee30cc16f00780c4a5170a44de86bcccda60c413a892af3e4389adeb96e4b37f146f0156d9a6500adc1f7a8cdc00cc828c32f8273a8e1da913682a0c07580f0faf2f0b7f18a2756bfaaeda228f149f157d8d43f270b592680f8f46c5373eced47fa7933e74c519ac36e6c657f42e86"}, 0xce, 0x800) msgget$private(0x0, 0x80) semctl$IPC_STAT(r2, 0x0, 0x2, &(0x7f0000001480)=""/77) r3 = msgget(0x3, 0x100) semctl$GETPID(0x0, 0x3, 0xb, &(0x7f0000001500)=""/63) msgrcv(r3, &(0x7f0000001540)={0x0, ""/167}, 0xaf, 0x1, 0x2000) msgget$private(0x0, 0x92) msgget$private(0x0, 0x401) [ 1582.069943][T29548] ===================================================== [ 1582.077056][T29548] BUG: KMSAN: uninit-value in br_dev_xmit+0x8f6/0x1f30 [ 1582.083962][T29548] br_dev_xmit+0x8f6/0x1f30 [ 1582.088512][T29548] xmit_one+0x2f4/0x840 [ 1582.092746][T29548] dev_hard_start_xmit+0x18f/0x440 [ 1582.097901][T29548] __dev_queue_xmit+0x213d/0x32a0 [ 1582.102990][T29548] dev_queue_xmit+0x4b/0x60 [ 1582.107535][T29548] __bpf_redirect+0x15f2/0x1840 [ 1582.112473][T29548] bpf_clone_redirect+0x4a5/0x660 [ 1582.117545][T29548] ___bpf_prog_run+0x92e/0xb410 [ 1582.122501][T29548] __bpf_prog_run512+0x121/0x180 [ 1582.127479][T29548] bpf_test_run+0x782/0x1070 [ 1582.132185][T29548] bpf_prog_test_run_skb+0x15c9/0x2100 [ 1582.137700][T29548] bpf_prog_test_run+0x784/0x820 [ 1582.142693][T29548] __sys_bpf+0xada/0x1230 [ 1582.147068][T29548] __ia32_sys_bpf+0xe1/0x130 [ 1582.151708][T29548] __do_fast_syscall_32+0x96/0xf0 [ 1582.156783][T29548] do_fast_syscall_32+0x34/0x70 [ 1582.161680][T29548] do_SYSENTER_32+0x1b/0x20 [ 1582.166232][T29548] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1582.172608][T29548] [ 1582.174938][T29548] Uninit was created at: [ 1582.179252][T29548] __kmalloc_node_track_caller+0xe0c/0x1510 [ 1582.185193][T29548] pskb_expand_head+0x266/0x1db0 [ 1582.190189][T29548] skb_ensure_writable+0x501/0x5b0 [ 1582.195344][T29548] bpf_clone_redirect+0x25d/0x660 [ 1582.200402][T29548] ___bpf_prog_run+0x92e/0xb410 [ 1582.205287][T29548] __bpf_prog_run512+0x121/0x180 [ 1582.210252][T29548] bpf_test_run+0x782/0x1070 [ 1582.214885][T29548] bpf_prog_test_run_skb+0x15c9/0x2100 [ 1582.220393][T29548] bpf_prog_test_run+0x784/0x820 [ 1582.225374][T29548] __sys_bpf+0xada/0x1230 [ 1582.229736][T29548] __ia32_sys_bpf+0xe1/0x130 [ 1582.234364][T29548] __do_fast_syscall_32+0x96/0xf0 [ 1582.239423][T29548] do_fast_syscall_32+0x34/0x70 [ 1582.244313][T29548] do_SYSENTER_32+0x1b/0x20 [ 1582.248852][T29548] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1582.255218][T29548] [ 1582.257544][T29548] CPU: 0 PID: 29548 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0 [ 1582.266338][T29548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1582.276413][T29548] ===================================================== [ 1582.283348][T29548] Disabling lock debugging due to kernel taint [ 1582.290070][T29548] Kernel panic - not syncing: kmsan.panic set ... [ 1582.296504][T29548] CPU: 0 PID: 29548 Comm: syz-executor.2 Tainted: G B 5.16.0-rc3-syzkaller #0 [ 1582.306701][T29548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1582.316781][T29548] Call Trace: [ 1582.320077][T29548] [ 1582.323017][T29548] dump_stack_lvl+0x1ff/0x28e [ 1582.327738][T29548] dump_stack+0x25/0x28 [ 1582.331930][T29548] panic+0x467/0xe03 [ 1582.335949][T29548] ? add_taint+0x187/0x210 [ 1582.340406][T29548] ? _raw_spin_unlock_irqrestore+0x78/0xb0 [ 1582.346274][T29548] kmsan_report+0x306/0x310 [ 1582.350837][T29548] ? __msan_warning+0xb8/0x130 [ 1582.355645][T29548] ? br_dev_xmit+0x8f6/0x1f30 [ 1582.360357][T29548] ? xmit_one+0x2f4/0x840 [ 1582.364716][T29548] ? dev_hard_start_xmit+0x18f/0x440 [ 1582.370037][T29548] ? __dev_queue_xmit+0x213d/0x32a0 [ 1582.375271][T29548] ? dev_queue_xmit+0x4b/0x60 [ 1582.379982][T29548] ? __bpf_redirect+0x15f2/0x1840 [ 1582.385043][T29548] ? bpf_clone_redirect+0x4a5/0x660 [ 1582.390276][T29548] ? ___bpf_prog_run+0x92e/0xb410 [ 1582.395332][T29548] ? __bpf_prog_run512+0x121/0x180 [ 1582.400476][T29548] ? bpf_test_run+0x782/0x1070 [ 1582.405291][T29548] ? bpf_prog_test_run_skb+0x15c9/0x2100 [ 1582.410977][T29548] ? bpf_prog_test_run+0x784/0x820 [ 1582.416133][T29548] ? __sys_bpf+0xada/0x1230 [ 1582.420674][T29548] ? __ia32_sys_bpf+0xe1/0x130 [ 1582.425475][T29548] ? __do_fast_syscall_32+0x96/0xf0 [ 1582.430823][T29548] ? do_fast_syscall_32+0x34/0x70 [ 1582.435897][T29548] ? do_SYSENTER_32+0x1b/0x20 [ 1582.440704][T29548] ? entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1582.447257][T29548] ? entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1582.453818][T29548] ? kmsan_get_metadata+0xa4/0x120 [ 1582.458997][T29548] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1582.464880][T29548] ? br_allowed_ingress+0x19c/0x1b50 [ 1582.470294][T29548] ? kmsan_get_metadata+0xa4/0x120 [ 1582.475472][T29548] ? kmsan_get_metadata+0xa4/0x120 [ 1582.480644][T29548] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1582.486550][T29548] __msan_warning+0xb8/0x130 [ 1582.491201][T29548] br_dev_xmit+0x8f6/0x1f30 [ 1582.495746][T29548] ? validate_xmit_xfrm+0xde/0x1c40 [ 1582.500994][T29548] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1582.506862][T29548] ? br_net_exit+0x260/0x260 [ 1582.511515][T29548] xmit_one+0x2f4/0x840 [ 1582.515734][T29548] dev_hard_start_xmit+0x18f/0x440 [ 1582.520907][T29548] __dev_queue_xmit+0x213d/0x32a0 [ 1582.525996][T29548] ? kmsan_get_metadata+0xa4/0x120 [ 1582.531168][T29548] ? kmsan_get_metadata+0xa4/0x120 [ 1582.536332][T29548] dev_queue_xmit+0x4b/0x60 [ 1582.540870][T29548] __bpf_redirect+0x15f2/0x1840 [ 1582.545760][T29548] ? kmsan_get_metadata+0xa4/0x120 [ 1582.550920][T29548] bpf_clone_redirect+0x4a5/0x660 [ 1582.556001][T29548] ___bpf_prog_run+0x92e/0xb410 [ 1582.560889][T29548] ? bpf_csum_level+0x7b0/0x7b0 [ 1582.565780][T29548] __bpf_prog_run512+0x121/0x180 [ 1582.570755][T29548] ? kmsan_get_metadata+0xa4/0x120 [ 1582.575913][T29548] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1582.581784][T29548] ? finish_task_switch+0x435/0xad0 [ 1582.587023][T29548] ? kmsan_get_metadata+0xa4/0x120 [ 1582.592186][T29548] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1582.598060][T29548] ? ktime_get+0x382/0x470 [ 1582.602616][T29548] ? kmsan_get_metadata+0xa4/0x120 [ 1582.607772][T29548] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 1582.613632][T29548] ? bpf_test_timer_continue+0x7c0/0x830 [ 1582.619313][T29548] ? kmsan_get_metadata+0x52/0x120 [ 1582.624469][T29548] ? __bpf_prog_run480+0x180/0x180 [ 1582.629615][T29548] bpf_test_run+0x782/0x1070 [ 1582.634262][T29548] ? eth_type_trans+0x45c/0x9c0 [ 1582.639211][T29548] bpf_prog_test_run_skb+0x15c9/0x2100 [ 1582.644748][T29548] ? __bpf_prog_test_run_raw_tp+0x3a0/0x3a0 [ 1582.650693][T29548] bpf_prog_test_run+0x784/0x820 [ 1582.655680][T29548] __sys_bpf+0xada/0x1230 [ 1582.660059][T29548] ? kmsan_get_metadata+0xa4/0x120 [ 1582.665227][T29548] __ia32_sys_bpf+0xe1/0x130 [ 1582.669860][T29548] __do_fast_syscall_32+0x96/0xf0 [ 1582.674927][T29548] do_fast_syscall_32+0x34/0x70 [ 1582.679813][T29548] do_SYSENTER_32+0x1b/0x20 [ 1582.684354][T29548] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1582.690722][T29548] RIP: 0023:0xf6e70549 [ 1582.694810][T29548] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 [ 1582.714456][T29548] RSP: 002b:00000000f5a6a5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 1582.722903][T29548] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200000c0 [ 1582.730904][T29548] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 1582.738890][T29548] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1582.746881][T29548] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1582.754869][T29548] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1582.762873][T29548] [ 1582.766108][T29548] Kernel Offset: disabled [ 1582.770445][T29548] Rebooting in 86400 seconds..